PMI CMOM MODULE 4 EXAM
HIPPA Privacy Regulation - ANSWER 1. Use and disclosure of protected
health information/individually identifiable health information (PHI/IIHI)
2. Patient rights regarding their PHI and IIHI
4. Security, both administrative and physical, of PHI and IIHI
American Recovery and Reinvestment Act (ARRA) - ANSWER "The
stimulus." Significant enhancement of the privacy and security standards for
health information
1. Changes in HIPPA statute and privacy and security regulations
2. Changes in HIPPA enforcement
3. Provisions address health info held by entities not covered by HIPPA
4. Miscellaneous: Admin, studies, report, and education initiatives
Business Associates - ANSWER BA's bound by contract to use appropriate
security safeguards to protect health info they receive from covered entities
Any organization or entity that provides a service that will invoice disclosure of
PHI. Any third party you are associated with and share PHI with
Required to enter a chain of trust, agree to protect PHI
, Breach Notification - ANSWER Must provide notification to individuals if
their health info has been breached. Unauthorized acquisition, access, use or
disclosure of PHI
No later than 60 days after discovery
Notice is required to be provided to media outlets if more that 500 individuals
involved
Right to Restrict - ANSWER ARRA require covered entities and BA's honor
an individuals request to restrict disclosure of PHI to a health plan for purpose
of payment or health care operations if the info pertains solely to a health care
item or service that the individual has pain in full out-of-pocket
Accounting for Disclosures - ANSWER ARRA states covered entities using
EHR may not exempt disclosures for treatment, payment and healthcare
operations, although the accounting need only cover the previous three years
Prohibition on "Sale" of PHI - ANSWER ARRA prohibits the direct or
indirect receipt of remuneration in exchange for an individuals PHI without an
authorization from that individual
Right of Electronic Access - ANSWER ARRA states covered entities using
EHR must provide individual with an electronic copy of PHI in the record,
which must be transmitted directly to an entity or person specified by the
individual. Any fee charges cannot be greater than entity's labor cost in
responding to the request
Marketing Communications - ANSWER ARRA states covered entity is paid
by and outside entity to send a communicating to a pt, the communication is
HIPPA Privacy Regulation - ANSWER 1. Use and disclosure of protected
health information/individually identifiable health information (PHI/IIHI)
2. Patient rights regarding their PHI and IIHI
4. Security, both administrative and physical, of PHI and IIHI
American Recovery and Reinvestment Act (ARRA) - ANSWER "The
stimulus." Significant enhancement of the privacy and security standards for
health information
1. Changes in HIPPA statute and privacy and security regulations
2. Changes in HIPPA enforcement
3. Provisions address health info held by entities not covered by HIPPA
4. Miscellaneous: Admin, studies, report, and education initiatives
Business Associates - ANSWER BA's bound by contract to use appropriate
security safeguards to protect health info they receive from covered entities
Any organization or entity that provides a service that will invoice disclosure of
PHI. Any third party you are associated with and share PHI with
Required to enter a chain of trust, agree to protect PHI
, Breach Notification - ANSWER Must provide notification to individuals if
their health info has been breached. Unauthorized acquisition, access, use or
disclosure of PHI
No later than 60 days after discovery
Notice is required to be provided to media outlets if more that 500 individuals
involved
Right to Restrict - ANSWER ARRA require covered entities and BA's honor
an individuals request to restrict disclosure of PHI to a health plan for purpose
of payment or health care operations if the info pertains solely to a health care
item or service that the individual has pain in full out-of-pocket
Accounting for Disclosures - ANSWER ARRA states covered entities using
EHR may not exempt disclosures for treatment, payment and healthcare
operations, although the accounting need only cover the previous three years
Prohibition on "Sale" of PHI - ANSWER ARRA prohibits the direct or
indirect receipt of remuneration in exchange for an individuals PHI without an
authorization from that individual
Right of Electronic Access - ANSWER ARRA states covered entities using
EHR must provide individual with an electronic copy of PHI in the record,
which must be transmitted directly to an entity or person specified by the
individual. Any fee charges cannot be greater than entity's labor cost in
responding to the request
Marketing Communications - ANSWER ARRA states covered entity is paid
by and outside entity to send a communicating to a pt, the communication is
