Escrito por estudiantes que aprobaron Inmediatamente disponible después del pago Leer en línea o como PDF ¿Documento equivocado? Cámbialo gratis 4,6 TrustPilot
logo-home
Examen

HCCA - CHPC Study Questions (MASTER FLASHCARDS) (Answered) 302 Questions and Correct Answers, Updated 2025/2026. (Actual Exam Questions Included)

Puntuación
-
Vendido
-
Páginas
52
Grado
A+
Subido en
25-02-2025
Escrito en
2024/2025

HCCA - CHPC Study Questions (MASTER FLASHCARDS) (Answered) 302 Questions and Correct Answers, Updated 2025/2026. What is the purpose of HIPAA? • Protect PHI from unauthorized disclosure/use; • Prevent fraud, waste and abuse (via Administrative Simplification); • Make health insurance portable under ERISA; • Move health care onto a nationally standardized electronic billing platform Ref. More on HIPAA: HIPAA resides in which CFR section? 45 CFR sections 164.102 through 164.534

Mostrar más Leer menos
Institución
HCCA - CHPC
Grado
HCCA - CHPC

Vista previa del contenido

HCCA - CHPC Study Questions (MASTER
FLASHCARDS) (Answered) 302 Questions and
Correct Answers, Updated 2025/2026.
What is the purpose of HIPAA?

• Protect PHI from unauthorized disclosure/use;
• Prevent fraud, waste and abuse (via Administrative Simplification);
• Make health insurance portable under ERISA;
• Move health care onto a nationally standardized electronic billing platform

Ref. https://quizlet.com/6202453/hcca-chpc-overview-flash-cards/
More on HIPAA: https://www.hhs.gov/hipaa/index.html

HIPAA resides in which CFR section?

45 CFR sections 164.102 through 164.534

https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164

What are the subparts of HIPAA part 164?

HIPAA - 45 CFR 164, subparts:
Subpart A - General rules
Subpart C - Security
Subpart D - Breach notification
Subpart E - Privacy

https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164

How do you determine if an organization is a "Covered Entity"?

1. compare if the organization meets one of the 3 types of CE (provider, health plan, clearinghouse)
and
2. determine if the organization electronically transmits one of the 9 defined transactions:
• Health claims or equivalent encounter information
• Health claims attachments
• Enrollment and disenrollment in a health plan
• Eligibility for a health plan
• Health care payment and remittance advice
• Health plan premium payments
• First report of injury
• Health claim status
• Referral certification and authorization

In addition, business associates of covered entities must follow parts of the HIPAA regulations.
https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html

,This Act established in 1974 was created for government agencies placing restrictions on how the
government can share the information maintained in Federal systems of records that might infringe
on an individual's privacy rights with other individuals and agencies.

The Privacy Act of 1974

Which of the following is not considered a HIPAA Entity Designation:
1. Affiliated covered entity
2. Entity that performs healthcare and non-healthcare component activities including both covered
and non-covered functions
3. A group health plan
4. Contract arrangement with FEDEX carrier

4. Contract arrangement with FEDEX carrier

What is Gramm-Leach-Bliley Act (GLBA)?

Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999,
includes The Financial Privacy Rule and The Safeguards Rule requires all financial institutions to
protect customer's personal financial information.

What is an OHCA?

OHCA (Organized Health Care Arrangement) it's a clinically integrated care setting where individuals
receive health care from more than one provider.
These are joint arrangements/activities and have an Integrated Delivery System for easy exchange of
PHI data. See 45 CFR 160.103. OHCAs can also utilize a joint NPP. See 45 CFR § 164.520(d).

ACE (Affiliated Covered Entity) do not have an Integrated Delivery System because these are legally
separate covered entities that are associated in business, or affiliated as a result of some common
control or ownership.

Both the OHCA and the ACE would allow sharing of PHI across participating entity lines for
treatment, payment, operations purposes (TPO).

What's an ACE?

ACE (Affiliated Covered Entity)
Legally separate covered entities that share common control/ownership and designate themselves
as a single CE for the purpose of complying with the HIPAA Privacy standards.
ACEs do not have an Integrated Delivery System, while OHCA do, and can share a single NPP. See 45
CFR § 164.520(d)

ACE example: a health system composed on several affiliated hospitals.

Both the OHCA and the ACE would allow sharing of PHI across participating entity lines for
treatment, payment, operations purposes (TPO).

What's a Hybrid Entity?

Entity that conducts both covered functions (or healthcare-functions) and non-covered functions
(other biz/non-healthcare functions) to elect to be a "hybrid entity."

,For instance, a University System that has a research laboratory or academic medical center.
The post-secondary functions (non-healthcare components) do NOT need to comply with HIPAA.
The research lab/med center functions (healthcare component) needs to comply with HIPAA
provisions to protect the use/disclosure of PHI involved.

https://www.hhs.gov/hipaa/for-professionals/faq/315/when-does-a-covered-entity-have-discretion-
to-determine-covered-functions/index.html#:~:text=For%20example%2C%20a%20hybrid
%20entity,hybrid%20entity's%20health%20care%20component.

https://privacyruleandresearch.nih.gov/pr_06.asp

The transmission of information between two parties to carry out financial or administrative
activities related to health care is called:

Transaction (healthcare transaction).

Few examples of healthcare transactions:
healthcare claims;
coordination of benefits;
health plan premium payments;
remittance advice (or ETF, electronic fund transfer);
referral certification and authorization

What are examples of a BA?

BA (Business Associate) - performs functions or activities on behalf of a covered entity that involve
access by the business associate to protected health information.
Examples:
claims processing
data analysis
billing
benefit management
quality assurance
quality improvement
practice management
legal
actuarial
accounting
accreditation
other administrative services
https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/business-associates/index.html

True or False:
A hospital is not required to have a business associate contract with the specialist to whom it refers
a patient and transmits the patient's medical chart for treatment purposes.

TRUE

Remember, use and disclosure of PHI for purposes of TPO requires no specific authorization

, True or False:
Business Associates After HITECH:
HITECH made business associates directly responsible for HIPAA compliance within their individual
businesses that would not otherwise be subject to HIPAA regulations and penalties

TRUE

Even if no written contract exists between the covered entity and a contracted company performing
services related to handling PHI in some form, the company is deemed a business associate by law.
This deemed status essentially classifies contracted vendors or individuals as business associates
solely by the nature of the services they provide to a covered entity, regardless of whether they
intended to be classified as business associates or were aware of their status as such. HIPAA and
HITECH may hold these vendors to business associate obligations as long as they act as business
associates.

Likewise, a subcontractor that creates, receives, maintains, or transmits PHI on behalf of a business
associate is a business associate. A subcontractor of a subcontractor is a business associate as well,
and so on down the line.

Ref. 2023 HCCA Complete Healthcare Compliance Manual
Ref. HITECH Act and OCR's 2013 final rule

True or False:
Under HIPAA and HITECH, individuals or entities who have been identified as business associates are
obligated to enter into a business associate agreement with their contracted covered entities.

TRUE

Business associate agreement mandate under the HIPAA Privacy Rule. There are some exceptions
such:
- for purposes of TPO, including payment for health plan premiums
- for determining health plan eligibility and enrollment
- when there is no involvement of use/disclosure of PHI (e.g., building maintenance)

True or False:
Under HIPAA and HITECH, individuals or entities who have been identified as business associates are
obligated to enter into a business associate agreement with their contracted covered entities.

Except for TPO, list two examples where a CE requires an authorization to use/disclose PHI

1. Sales and marketing
2. Psychotherapy notes

How do you determine if an entity is subject to HIPAA?

By understanding the applicability (healthcare component), entities that transmit health information
and fall under the 3 types of CE (health plans, clearinghouses, and providers)

HIPAA provide standards for the access, disclosure, transmission, and retention of PHI, and created a
national baseline for health information Privacy and Security. At the state level, they can also
develop health information statutes but only adding higher or more restrictive standards than the
Federal HIPAA rules. This is referred as:

Escuela, estudio y materia

Institución
HCCA - CHPC
Grado
HCCA - CHPC

Información del documento

Subido en
25 de febrero de 2025
Número de páginas
52
Escrito en
2024/2025
Tipo
Examen
Contiene
Preguntas y respuestas

Temas

$15.99
Accede al documento completo:

¿Documento equivocado? Cámbialo gratis Dentro de los 14 días posteriores a la compra y antes de descargarlo, puedes elegir otro documento. Puedes gastar el importe de nuevo.
Escrito por estudiantes que aprobaron
Inmediatamente disponible después del pago
Leer en línea o como PDF

Conoce al vendedor

Seller avatar
Los indicadores de reputación están sujetos a la cantidad de artículos vendidos por una tarifa y las reseñas que ha recibido por esos documentos. Hay tres niveles: Bronce, Plata y Oro. Cuanto mayor reputación, más podrás confiar en la calidad del trabajo del vendedor.
StudyHubSolutions Chamberlain College Of Nursing
Seguir Necesitas iniciar sesión para seguir a otros usuarios o asignaturas
Vendido
438
Miembro desde
4 año
Número de seguidores
309
Documentos
8656
Última venta
2 semanas hace
UPGRADENURSE

Welcome to UPGRADENURSE store! We specialize in reliable test banks, exam questions with verified answers, practice exams, study guides, and complete exam review materials to help students pass on the first try. Our uploads support Nursing programs, professional certifications, business courses, accounting classes, and college-level exams. All documents are well-organized, accurate, exam-focused, and easy to follow, making them ideal for quizzes, midterms, finals, ATI & HESI prep, NCLEX-style practice, certification exams, and last-minute reviews. If you’re looking for trusted test banks, comprehensive exam prep, and time-saving study resources, you’re in the right place.

Lee mas Leer menos
4.2

89 reseñas

5
58
4
12
3
10
2
1
1
8

Por qué los estudiantes eligen Stuvia

Creado por compañeros estudiantes, verificado por reseñas

Calidad en la que puedes confiar: escrito por estudiantes que aprobaron y evaluado por otros que han usado estos resúmenes.

¿No estás satisfecho? Elige otro documento

¡No te preocupes! Puedes elegir directamente otro documento que se ajuste mejor a lo que buscas.

Paga como quieras, empieza a estudiar al instante

Sin suscripción, sin compromisos. Paga como estés acostumbrado con tarjeta de crédito y descarga tu documento PDF inmediatamente.

Student with book image

“Comprado, descargado y aprobado. Así de fácil puede ser.”

Alisha Student

Preguntas frecuentes