AHIMA (RHIT) Domain 2 - Test Solution Manual Already Passed
A hospital HIM department receives a subpoena duces tecum for records of a former patient. When the
health record technician goes to retrieve the patient's health records, it is discovered that the records
being subpoenaed have been purged in accordance with the state retention laws. In this situation, how
should the HIM department respond to the subpoena? - Answers Submit a certification of destruction in
response to the subpoena
Which of the following definitions best describes the concept of confidentiality? - Answers The
expectation that personal information shared by an individual with a healthcare provider during the
course of care will be used only for its intended purpose
Which of the following is not an identifier under the Privacy Rule? - Answers Age 75
Mrs. Bolton is an angry patient who resents her physicians "bossing her around." She refuses to take a
portion of the medications the nurses bring to her pursuant to physician orders and is verbally abusive
to the patient care assistants. Of the following options, the most appropriate way to document Mrs.
Bolton's behavior in the patient medical record is: - Answers Noncompliant and hostile toward staff
Which of the following is a core ethical obligation of health information professionals? - Answers
Protecting patients' privacy and confidential communications
An employee accesses PHI on a computer system that does not relate to her job functions. What
security mechanism should have been implemented to minimize this security breach? - Answers Access
controls
The HIM supervisor suspects that a departmental employee is accessing the EHR for personal reasons,
but has no specific data to support this suspicion. In this case, what should the supervisor do? - Answers
Ask the security officer for audit trail data to confirm or disprove the suspicion.
A hospital is planning on allowing coding professionals to work at home. The hospital is in the process of
identifying strategies to minimize the security risks associated with this practice. Which of the following
would be best to ensure that data breaches are minimized when the home computer is unattended? -
Answers Automatic session terminations
Which of the following statements is true regarding HIPAA security? - Answers Institutions are allowed
flexibility in the way they implement HIPAA standards.
Community Hospital is discussing restricting the access that physicians have to electronic health records.
The medical record committee is divided on how to approach this issue. Some committee members
maintain that all information should be available, whereas others maintain that HIPAA restricts access.
The HIM director is part of the committee. Which of the following should the director advise the
committee? - Answers The "minimum necessary" concept does not apply to disclosures made for
treatment purposes, but the organization must define what physicians need as part of their treatment
role.
A hospital HIM department receives a subpoena duces tecum for records of a former patient. When the
health record technician goes to retrieve the patient's health records, it is discovered that the records
being subpoenaed have been purged in accordance with the state retention laws. In this situation, how
should the HIM department respond to the subpoena? - Answers Submit a certification of destruction in
response to the subpoena
Which of the following definitions best describes the concept of confidentiality? - Answers The
expectation that personal information shared by an individual with a healthcare provider during the
course of care will be used only for its intended purpose
Which of the following is not an identifier under the Privacy Rule? - Answers Age 75
Mrs. Bolton is an angry patient who resents her physicians "bossing her around." She refuses to take a
portion of the medications the nurses bring to her pursuant to physician orders and is verbally abusive
to the patient care assistants. Of the following options, the most appropriate way to document Mrs.
Bolton's behavior in the patient medical record is: - Answers Noncompliant and hostile toward staff
Which of the following is a core ethical obligation of health information professionals? - Answers
Protecting patients' privacy and confidential communications
An employee accesses PHI on a computer system that does not relate to her job functions. What
security mechanism should have been implemented to minimize this security breach? - Answers Access
controls
The HIM supervisor suspects that a departmental employee is accessing the EHR for personal reasons,
but has no specific data to support this suspicion. In this case, what should the supervisor do? - Answers
Ask the security officer for audit trail data to confirm or disprove the suspicion.
A hospital is planning on allowing coding professionals to work at home. The hospital is in the process of
identifying strategies to minimize the security risks associated with this practice. Which of the following
would be best to ensure that data breaches are minimized when the home computer is unattended? -
Answers Automatic session terminations
Which of the following statements is true regarding HIPAA security? - Answers Institutions are allowed
flexibility in the way they implement HIPAA standards.
Community Hospital is discussing restricting the access that physicians have to electronic health records.
The medical record committee is divided on how to approach this issue. Some committee members
maintain that all information should be available, whereas others maintain that HIPAA restricts access.
The HIM director is part of the committee. Which of the following should the director advise the
committee? - Answers The "minimum necessary" concept does not apply to disclosures made for
treatment purposes, but the organization must define what physicians need as part of their treatment
role.
