CMAA CHAPTER 4 Compliance Exam
Questions and Answers 100% Pass
Non- covered entities do not have to comply with the Privacy Rule. - ✔✔do not have to
comply with the Privacy Rule.
Most providers require that patients request access to their PHI and to act on their
request within - ✔✔30 days
Appeals process - ✔✔should be in place for instances when the provider does not grant
the restriction.
HIPAA - ✔✔Restricts access to psychotherapy notes, information gathered for legal
proceedings, and information exempted from disclosure by the Clinical Laboratory
Improvement Amendment (CLIA).
How does HIPAA ensure the confidentiality of electronic PHI? - ✔✔Administrative
safeguards-Physical safeguards-Technical safeguards
Audit trail - ✔✔A report that traces who has accessed electronic information
OSHA form 300A - ✔✔Which OSHA form is a summary of work-related injuries and
illnesses?
100% Pass Guarantee Olivia West, All Rights Reserved © 2025 1
, Exposure control plan - ✔✔A plan that describes tasks employees must perform if there
is a risk for exposure to blood or other potentially infectious materials, and what
procedures are in place to track employee exposure
OSHA form 301 - ✔✔If required, what form should be used to report an incident to
OSHA?
Administrative Simplification Compliance Act (ASCA) - ✔✔requires claims to Medicare
be transmitted electronically.
Medigap - ✔✔A private health insurance that pays for most of the charges that's not
covered by Parts A and B.
Why is Block 11 important? - ✔✔To indicate that a good faith effort has been made to
determine which is the primary insurance and which is secondary
What is OSHAs mission? - ✔✔To ensure a healthy working environment
The Health Insurance Portability and Accountability Act was enacted in what year? -
✔✔1996
All healthcare facilities insurance companies and all covered entities had to be in
compliance by what date? - ✔✔April 14, 2003
100% Pass Guarantee Olivia West, All Rights Reserved © 2025 2
Questions and Answers 100% Pass
Non- covered entities do not have to comply with the Privacy Rule. - ✔✔do not have to
comply with the Privacy Rule.
Most providers require that patients request access to their PHI and to act on their
request within - ✔✔30 days
Appeals process - ✔✔should be in place for instances when the provider does not grant
the restriction.
HIPAA - ✔✔Restricts access to psychotherapy notes, information gathered for legal
proceedings, and information exempted from disclosure by the Clinical Laboratory
Improvement Amendment (CLIA).
How does HIPAA ensure the confidentiality of electronic PHI? - ✔✔Administrative
safeguards-Physical safeguards-Technical safeguards
Audit trail - ✔✔A report that traces who has accessed electronic information
OSHA form 300A - ✔✔Which OSHA form is a summary of work-related injuries and
illnesses?
100% Pass Guarantee Olivia West, All Rights Reserved © 2025 1
, Exposure control plan - ✔✔A plan that describes tasks employees must perform if there
is a risk for exposure to blood or other potentially infectious materials, and what
procedures are in place to track employee exposure
OSHA form 301 - ✔✔If required, what form should be used to report an incident to
OSHA?
Administrative Simplification Compliance Act (ASCA) - ✔✔requires claims to Medicare
be transmitted electronically.
Medigap - ✔✔A private health insurance that pays for most of the charges that's not
covered by Parts A and B.
Why is Block 11 important? - ✔✔To indicate that a good faith effort has been made to
determine which is the primary insurance and which is secondary
What is OSHAs mission? - ✔✔To ensure a healthy working environment
The Health Insurance Portability and Accountability Act was enacted in what year? -
✔✔1996
All healthcare facilities insurance companies and all covered entities had to be in
compliance by what date? - ✔✔April 14, 2003
100% Pass Guarantee Olivia West, All Rights Reserved © 2025 2
