©THESTAR 2024/2025 ALL RIGHTS RESERVED 11:04PM.
RHIA Domain 2 Exam Questions And
Answers 2025 Update.
Legal Health Record - Answer✔Formal business record to be utilized during legal procedings
If privacy issues emerge... - Answer✔Determine source of problem and issue HIPAA training
If patient is unable to sign... - Answer✔Implied Consent
Psychiatric patients may view records if physician determines... - Answer✔Seeing record is not
harmful to their condition or treatment
Facility Directory - Answer✔General Condition
Acknowledgement of admission
HIPAA's Expert Determination and Safe Harbor - Answer✔Deidentification
Log-in with standard ID and password - Answer✔Access Control Standard
Legal Hold - Answer✔Special tracking of patient records involved in litigation to ensure no
changes are made
Security Risk Analysis First Consideration - Answer✔Consider entity's characteristics and
environment
Audit Trail - Answer✔Reconstructing electronic events
Entity Authentication - Answer✔Reads pre-determined criteria to ensure a user is who they
claim to be
Password systems
Inherent Weakness of a Safeguard - Answer✔Vulnerability
Informed Consent - Answer✔Risks and benefits of procedure
Alternatives
Description of procedure
1
, ©THESTAR 2024/2025 ALL RIGHTS RESERVED 11:04PM.
Done by phyisician
Ensuring employees understand security measures - Answer✔Workforce Security Awareness
Training
Provides entities with structural framework to build a HIPAA security plan - Answer✔Security
Risk Analysis
Pre-Employment Physicals - Answer✔Not protected by HIPAA bc part of personnel record
HIPAA identifier that has not been implemented - Answer✔Individual
Preventing theft of PHI - Answer✔Facility Access Controls
Improved security of EHR - Answer✔Access Controls
Audit Trails
Authentication Systems
Designated Record Set - Answer✔Includes records from other hospitals that were involved in
episode of care decisions
HIPAA Record Retention - Answer✔6 years
Rendering PHI unreadable and unusable to unauthorized individuals - Answer✔Encryption and
Destruction
Goal of HIPAA Administrative Simplification - Answer✔Standardizing electronic transmission of
health data
Technology policies, protocols, and access controls - Answer✔Technical Safeguards
Patient Accounting of Disclosures - Answer✔Must include disclosure requires patient
authorization
HIPAA Training - Answer✔Privacy and security training should not be seperated
Darling vs. Charleston Community Memorial Hospital - Answer✔Hospital is responsible for the
quality of care given by its physicians
Not a Business Associate Under HITECH - Answer✔Housekeeping
Fundraising solicitations may not - Answer✔Target a specific group or diagnosis
Most Constant Threat to Health Information Integrity - Answer✔Humans
Device and Media Controls - Answer✔Security breaches from lack of wiping data from devices
Employee Physical - Answer✔Should report family history unless specifically excluded
2
RHIA Domain 2 Exam Questions And
Answers 2025 Update.
Legal Health Record - Answer✔Formal business record to be utilized during legal procedings
If privacy issues emerge... - Answer✔Determine source of problem and issue HIPAA training
If patient is unable to sign... - Answer✔Implied Consent
Psychiatric patients may view records if physician determines... - Answer✔Seeing record is not
harmful to their condition or treatment
Facility Directory - Answer✔General Condition
Acknowledgement of admission
HIPAA's Expert Determination and Safe Harbor - Answer✔Deidentification
Log-in with standard ID and password - Answer✔Access Control Standard
Legal Hold - Answer✔Special tracking of patient records involved in litigation to ensure no
changes are made
Security Risk Analysis First Consideration - Answer✔Consider entity's characteristics and
environment
Audit Trail - Answer✔Reconstructing electronic events
Entity Authentication - Answer✔Reads pre-determined criteria to ensure a user is who they
claim to be
Password systems
Inherent Weakness of a Safeguard - Answer✔Vulnerability
Informed Consent - Answer✔Risks and benefits of procedure
Alternatives
Description of procedure
1
, ©THESTAR 2024/2025 ALL RIGHTS RESERVED 11:04PM.
Done by phyisician
Ensuring employees understand security measures - Answer✔Workforce Security Awareness
Training
Provides entities with structural framework to build a HIPAA security plan - Answer✔Security
Risk Analysis
Pre-Employment Physicals - Answer✔Not protected by HIPAA bc part of personnel record
HIPAA identifier that has not been implemented - Answer✔Individual
Preventing theft of PHI - Answer✔Facility Access Controls
Improved security of EHR - Answer✔Access Controls
Audit Trails
Authentication Systems
Designated Record Set - Answer✔Includes records from other hospitals that were involved in
episode of care decisions
HIPAA Record Retention - Answer✔6 years
Rendering PHI unreadable and unusable to unauthorized individuals - Answer✔Encryption and
Destruction
Goal of HIPAA Administrative Simplification - Answer✔Standardizing electronic transmission of
health data
Technology policies, protocols, and access controls - Answer✔Technical Safeguards
Patient Accounting of Disclosures - Answer✔Must include disclosure requires patient
authorization
HIPAA Training - Answer✔Privacy and security training should not be seperated
Darling vs. Charleston Community Memorial Hospital - Answer✔Hospital is responsible for the
quality of care given by its physicians
Not a Business Associate Under HITECH - Answer✔Housekeeping
Fundraising solicitations may not - Answer✔Target a specific group or diagnosis
Most Constant Threat to Health Information Integrity - Answer✔Humans
Device and Media Controls - Answer✔Security breaches from lack of wiping data from devices
Employee Physical - Answer✔Should report family history unless specifically excluded
2
