HCCA -HCCA
CHPC STUDY
- CHPC Study GUIDE QUESTIONS
Questions AND CORRECT ANSWERS
(MASTER FLASHCARDS)
ALREADY A+at https://quizlet.com/_befek8
Study online GRADED|NEW!
1. What is the purpose of HIPAA? • Protect PHI from unauthorized disclosure/use;
• Prevent fraud, waste and abuse (via Administrative Simplifi-
cation);
• Make health insurance portable under ERISA;
• Move health care onto a nationally standardized electronic
billing platform
Ref.
https://qui-
zlet.com/6202453/hcca-chpc-overview-flash-cards/
More on HIPAA: https://www.hhs.gov/hipaa/index.html
2. HIPAA resides in which CFR 45 CFR sections 164.102 through 164.534
section?
https://www.ecfr.gov/current/title-45/subtitle-A/subchap-
ter-C/part-164
3. What are the subparts of HIPAA - 45 CFR 164, subparts:
HIPAA part 164? Subpart A - General rules
Subpart C - Security
Subpart D - Breach notification
Subpart E - Privacy
https://www.ecfr.gov/current/title-45/subtitle-A/subchap-
ter-C/part-164
4. How do you determine if an 1. compare if the organization meets one of the 3 types of CE
organization is a "Covered En- (provider, health plan, clearinghouse)
tity"? and
2. determine if the organization electronically transmits one of
the 9 defined transactions:
• Health claims or equivalent encounter information
• Health claims attachments
, HCCA - CHPC Study Questions (MASTER FLASHCARDS)
Study online at https://quizlet.com/_befek8
• Enrollment and disenrollment in a health plan
• Eligibility for a health plan
• Health care payment and remittance advice
• Health plan premium payments
• First report of injury
• Health claim status
• Referral certification and authorization
In addition, business associates of covered entities must follow
parts of the HIPAA regulations.
https://www.hhs.gov/hipaa/for-individuals/guidance-materi-
als-for-consumers/index.html
5. This Act established in 1974 The Privacy Act of 1974
was created for government
agencies placing restrictions
on how the government can
share the information main-
tained in Federal systems of
records that might infringe on
an individual's privacy rights
with other individuals and
agencies.
6. Which of the following is not 4. Contract arrangement with FEDEX carrier
considered a HIPAA Entity
Designation:
1. Affiliated covered entity
2. Entity that performs health-
care and non-healthcare com-
ponent activities including
both covered and non-cov-
, HCCA - CHPC Study Questions (MASTER FLASHCARDS)
Study online at https://quizlet.com/_befek8
ered functions
3. A group health plan
4. Contract arrangement with
FEDEX carrier
7. What is Gramm-Leach-Bliley Gramm-Leach-Bliley Act (GLBA), also known as the Financial
Act (GLBA)? Services Modernization Act of 1999, includes The Financial
Privacy Rule and The Safeguards Rule requires all financial in-
stitutions to protect customer's personal financial information.
8. What is an OHCA? OHCA (Organized Health Care Arrangement) it's a clinically
integrated care setting where individuals receive health care
from more than one provider.
These are joint arrangements/activities and have an Integrated
Delivery System for easy exchange of PHI data. See 45 CFR
160.103. OHCAs can also utilize a joint NPP. See 45 CFR §
164.520(d).
ACE (Affiliated Covered Entity) do not have an Integrated Deliv-
ery System because these are legally separate covered entities
that are associated in business, or affiliated as a result of some
common control or ownership.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations
purposes (TPO).
9. What's an ACE? ACE (Affiliated Covered Entity)
Legally separate covered entities that share common con-
trol/ownership and designate themselves as a single CE for the
purpose of complying with the HIPAA Privacy standards.
ACEs do not have an Integrated Delivery System, while OHCA
do, and can share a single NPP. See 45 CFR § 164.520(d)
, HCCA - CHPC Study Questions (MASTER FLASHCARDS)
Study online at https://quizlet.com/_befek8
ACE example: a health system composed on several affiliated
hospitals.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations
purposes (TPO).
10. What's a Hybrid Entity? Entity that conducts both covered functions (or
healthcare-functions) and non-covered functions (other
biz/non-healthcare functions) to elect to be a "hybrid entity."
For instance, a University System that has a research laboratory
or academic medical center.
The post-secondary functions (non-healthcare components)
do NOT need to comply with HIPAA.
The research lab/med center functions (healthcare compo-
nent) needs to comply with HIPAA provisions to protect the
use/disclosure of PHI involved.
https://www.hhs.gov/hipaa/for-profession-
als/faq/315/when-does-a-covered-entity-have-discre-
tion-to-determine-covered-functions/in-
dex.html#:~:text=For%20example%2C%20a%20hybrid%20en-
tity,hybrid%20entity's%20health%20care%20component.
https://privacyruleandresearch.nih.gov/pr_06.asp
11. The transmission of informa- Transaction (healthcare transaction).
tion between two parties to
carry out financial or admin- Few examples of healthcare transactions:
istrative activities related to healthcare claims;
health care is called: coordination of benefits;
CHPC STUDY
- CHPC Study GUIDE QUESTIONS
Questions AND CORRECT ANSWERS
(MASTER FLASHCARDS)
ALREADY A+at https://quizlet.com/_befek8
Study online GRADED|NEW!
1. What is the purpose of HIPAA? • Protect PHI from unauthorized disclosure/use;
• Prevent fraud, waste and abuse (via Administrative Simplifi-
cation);
• Make health insurance portable under ERISA;
• Move health care onto a nationally standardized electronic
billing platform
Ref.
https://qui-
zlet.com/6202453/hcca-chpc-overview-flash-cards/
More on HIPAA: https://www.hhs.gov/hipaa/index.html
2. HIPAA resides in which CFR 45 CFR sections 164.102 through 164.534
section?
https://www.ecfr.gov/current/title-45/subtitle-A/subchap-
ter-C/part-164
3. What are the subparts of HIPAA - 45 CFR 164, subparts:
HIPAA part 164? Subpart A - General rules
Subpart C - Security
Subpart D - Breach notification
Subpart E - Privacy
https://www.ecfr.gov/current/title-45/subtitle-A/subchap-
ter-C/part-164
4. How do you determine if an 1. compare if the organization meets one of the 3 types of CE
organization is a "Covered En- (provider, health plan, clearinghouse)
tity"? and
2. determine if the organization electronically transmits one of
the 9 defined transactions:
• Health claims or equivalent encounter information
• Health claims attachments
, HCCA - CHPC Study Questions (MASTER FLASHCARDS)
Study online at https://quizlet.com/_befek8
• Enrollment and disenrollment in a health plan
• Eligibility for a health plan
• Health care payment and remittance advice
• Health plan premium payments
• First report of injury
• Health claim status
• Referral certification and authorization
In addition, business associates of covered entities must follow
parts of the HIPAA regulations.
https://www.hhs.gov/hipaa/for-individuals/guidance-materi-
als-for-consumers/index.html
5. This Act established in 1974 The Privacy Act of 1974
was created for government
agencies placing restrictions
on how the government can
share the information main-
tained in Federal systems of
records that might infringe on
an individual's privacy rights
with other individuals and
agencies.
6. Which of the following is not 4. Contract arrangement with FEDEX carrier
considered a HIPAA Entity
Designation:
1. Affiliated covered entity
2. Entity that performs health-
care and non-healthcare com-
ponent activities including
both covered and non-cov-
, HCCA - CHPC Study Questions (MASTER FLASHCARDS)
Study online at https://quizlet.com/_befek8
ered functions
3. A group health plan
4. Contract arrangement with
FEDEX carrier
7. What is Gramm-Leach-Bliley Gramm-Leach-Bliley Act (GLBA), also known as the Financial
Act (GLBA)? Services Modernization Act of 1999, includes The Financial
Privacy Rule and The Safeguards Rule requires all financial in-
stitutions to protect customer's personal financial information.
8. What is an OHCA? OHCA (Organized Health Care Arrangement) it's a clinically
integrated care setting where individuals receive health care
from more than one provider.
These are joint arrangements/activities and have an Integrated
Delivery System for easy exchange of PHI data. See 45 CFR
160.103. OHCAs can also utilize a joint NPP. See 45 CFR §
164.520(d).
ACE (Affiliated Covered Entity) do not have an Integrated Deliv-
ery System because these are legally separate covered entities
that are associated in business, or affiliated as a result of some
common control or ownership.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations
purposes (TPO).
9. What's an ACE? ACE (Affiliated Covered Entity)
Legally separate covered entities that share common con-
trol/ownership and designate themselves as a single CE for the
purpose of complying with the HIPAA Privacy standards.
ACEs do not have an Integrated Delivery System, while OHCA
do, and can share a single NPP. See 45 CFR § 164.520(d)
, HCCA - CHPC Study Questions (MASTER FLASHCARDS)
Study online at https://quizlet.com/_befek8
ACE example: a health system composed on several affiliated
hospitals.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations
purposes (TPO).
10. What's a Hybrid Entity? Entity that conducts both covered functions (or
healthcare-functions) and non-covered functions (other
biz/non-healthcare functions) to elect to be a "hybrid entity."
For instance, a University System that has a research laboratory
or academic medical center.
The post-secondary functions (non-healthcare components)
do NOT need to comply with HIPAA.
The research lab/med center functions (healthcare compo-
nent) needs to comply with HIPAA provisions to protect the
use/disclosure of PHI involved.
https://www.hhs.gov/hipaa/for-profession-
als/faq/315/when-does-a-covered-entity-have-discre-
tion-to-determine-covered-functions/in-
dex.html#:~:text=For%20example%2C%20a%20hybrid%20en-
tity,hybrid%20entity's%20health%20care%20component.
https://privacyruleandresearch.nih.gov/pr_06.asp
11. The transmission of informa- Transaction (healthcare transaction).
tion between two parties to
carry out financial or admin- Few examples of healthcare transactions:
istrative activities related to healthcare claims;
health care is called: coordination of benefits;