HCCA CHC - Risk Assessment & Internal
Controls
Three steps of risk assessment - Answer-1) identify risk 2) measure risk 3) criteria for prioritization.
U.S. Sentencing Guidelines state... - Answer-The organization shall... (A) Assess periodically the risk that
criminal conduct will occur, including assessing the following: 1) Nature and seriousness of criminal
conduct 2) likelihood that criminal conduct will occur due to the nature of the organization's business 3)
the prior history of the organization.
Management is responsible for... - Answer-1) identifying risk & 2) implementing controls
The highest compliance risk issue is billing for services not provided (T/F) - Answer-True
It is important to monitor a provider's monthly billing and number of claims (T/F) - Answer-True
Three types of Internal Controls - Answer-1) Preventive 2) Detective (retrospective) 3) Directive (P&Ps)
What type of control would you put in place to determine if someone inappropriately accessed PHI in
EMR? - Answer-Detective
Controls
Three steps of risk assessment - Answer-1) identify risk 2) measure risk 3) criteria for prioritization.
U.S. Sentencing Guidelines state... - Answer-The organization shall... (A) Assess periodically the risk that
criminal conduct will occur, including assessing the following: 1) Nature and seriousness of criminal
conduct 2) likelihood that criminal conduct will occur due to the nature of the organization's business 3)
the prior history of the organization.
Management is responsible for... - Answer-1) identifying risk & 2) implementing controls
The highest compliance risk issue is billing for services not provided (T/F) - Answer-True
It is important to monitor a provider's monthly billing and number of claims (T/F) - Answer-True
Three types of Internal Controls - Answer-1) Preventive 2) Detective (retrospective) 3) Directive (P&Ps)
What type of control would you put in place to determine if someone inappropriately accessed PHI in
EMR? - Answer-Detective
