CMAA CHAPTER 4 Compliance UPDATED
ACTUAL Exam Questions and CORRECT
Answers
Non- covered entities do not have to comply with the Privacy Rule. - CORRECT
ANSWER - do not have to comply with the Privacy Rule.
Most providers require that patients request access to their PHI and to act on their request within
- CORRECT ANSWER - 30 days
Appeals process - CORRECT ANSWER - should be in place for instances when the
provider does not grant the restriction.
HIPAA - CORRECT ANSWER - Restricts access to psychotherapy notes, information
gathered for legal proceedings, and information exempted from disclosure by the Clinical
Laboratory Improvement Amendment (CLIA).
How does HIPAA ensure the confidentiality of electronic PHI? - CORRECT ANSWER -
Administrative safeguards-Physical safeguards-Technical safeguards
Audit trail - CORRECT ANSWER - A report that traces who has accessed electronic
information
OSHA form 300A - CORRECT ANSWER - Which OSHA form is a summary of work-
related injuries and illnesses?
Exposure control plan - CORRECT ANSWER - A plan that describes tasks employees
must perform if there is a risk for exposure to blood or other potentially infectious materials, and
what procedures are in place to track employee exposure
, OSHA form 301 - CORRECT ANSWER - If required, what form should be used to report
an incident to OSHA?
Administrative Simplification Compliance Act (ASCA) - CORRECT ANSWER - requires
claims to Medicare be transmitted electronically.
Medigap - CORRECT ANSWER - A private health insurance that pays for most of the
charges that's not covered by Parts A and B.
Why is Block 11 important? - CORRECT ANSWER - To indicate that a good faith effort
has been made to determine which is the primary insurance and which is secondary
What is OSHAs mission? - CORRECT ANSWER - To ensure a healthy working
environment
The Health Insurance Portability and Accountability Act was enacted in what year? - CORRECT
ANSWER - 1996
All healthcare facilities insurance companies and all covered entities had to be in compliance by
what date? - CORRECT ANSWER - April 14, 2003
Non-covered entities - CORRECT ANSWER - Organizations that use, collect, access, and
disclose individually identifiable health information, but do not transmit electronic data. These
do not have to comply with the Privacy Rule.
According to the Privacy Rule - CORRECT ANSWER - Covered entities are allowed to
share information relevant to the patient's care with a spouse, family members, friends, or other
individuals identified by the patient.
Covered entities
ACTUAL Exam Questions and CORRECT
Answers
Non- covered entities do not have to comply with the Privacy Rule. - CORRECT
ANSWER - do not have to comply with the Privacy Rule.
Most providers require that patients request access to their PHI and to act on their request within
- CORRECT ANSWER - 30 days
Appeals process - CORRECT ANSWER - should be in place for instances when the
provider does not grant the restriction.
HIPAA - CORRECT ANSWER - Restricts access to psychotherapy notes, information
gathered for legal proceedings, and information exempted from disclosure by the Clinical
Laboratory Improvement Amendment (CLIA).
How does HIPAA ensure the confidentiality of electronic PHI? - CORRECT ANSWER -
Administrative safeguards-Physical safeguards-Technical safeguards
Audit trail - CORRECT ANSWER - A report that traces who has accessed electronic
information
OSHA form 300A - CORRECT ANSWER - Which OSHA form is a summary of work-
related injuries and illnesses?
Exposure control plan - CORRECT ANSWER - A plan that describes tasks employees
must perform if there is a risk for exposure to blood or other potentially infectious materials, and
what procedures are in place to track employee exposure
, OSHA form 301 - CORRECT ANSWER - If required, what form should be used to report
an incident to OSHA?
Administrative Simplification Compliance Act (ASCA) - CORRECT ANSWER - requires
claims to Medicare be transmitted electronically.
Medigap - CORRECT ANSWER - A private health insurance that pays for most of the
charges that's not covered by Parts A and B.
Why is Block 11 important? - CORRECT ANSWER - To indicate that a good faith effort
has been made to determine which is the primary insurance and which is secondary
What is OSHAs mission? - CORRECT ANSWER - To ensure a healthy working
environment
The Health Insurance Portability and Accountability Act was enacted in what year? - CORRECT
ANSWER - 1996
All healthcare facilities insurance companies and all covered entities had to be in compliance by
what date? - CORRECT ANSWER - April 14, 2003
Non-covered entities - CORRECT ANSWER - Organizations that use, collect, access, and
disclose individually identifiable health information, but do not transmit electronic data. These
do not have to comply with the Privacy Rule.
According to the Privacy Rule - CORRECT ANSWER - Covered entities are allowed to
share information relevant to the patient's care with a spouse, family members, friends, or other
individuals identified by the patient.
Covered entities
