1
HCCA - CHPC Exam Prep Questions with Answers (100%
Correct Answers)
What date did HIPAA became law —ANS: 1996
What is the purpose of HIPAA? —ANS: 1. Protect individuals' PHI
2. Promote high quality healthcare
3. Protect the public's health and well being
HIPAA resides in what CFR section —ANS: 45 CFR sections 164.102 through 164.534
Identify the four sections in the CFR by location and topic —ANS: Section One:
164.102 - 164.318 and 164.530 - 164-534 Organizational Requirements
Section Two: 164.500 - 164.514 Use and Disclosure of Information
Section Three: 164.520 - 164.528 Individual's Rights and Penalties
© 2025 All rights reserved
,2
Section Four: Interaction with the HIPAA Security Rule
How do you determine if organization is a CE —ANS: compare the functions of the
entity to the three principal types of "covered entities" (CE)
What are the different types of CEs —ANS: - Provider
- Health Plan
- Clearing House
- Other Types
How is a Provider defined —ANS: Supports medical or health services such as SNFs,
home health, hospitals, physician clinics, etc that transmit in electronic form
Does a provider need a standing facility to be considered a CE —ANS: No, a provider
does not need a standing facility to be considered a CE
What is a Health Plan —ANS: (1) A healthcare organization that provides or pays the
cost of medical care
(2) Includes Medicaid, Medicare, and self funded plans
What is a Clearinghouse —ANS: (1) processes health information from a nonstandard
data elements of health information into standard data
© 2025 All rights reserved
,3
elements
(2) includes billing services, health information systems, etc
(3) does NOT include Third Party Administrations ( TPAs)
What are the three Organizational Arrangements —ANS: Organized Health Care
Arrangement (OHCA)
Affiliated Covered Entities (ACE)
Hybrid Covered Entity (HCE)
What is a Hybrid Covered Entity (HCE) —ANS: single covered entity with non-health
care components
What is an Organized Health Care Arrangement (OHCA)? —ANS: clinically
integrated care setting where individuals receive health care from more than one
covered entity
What is an Affiliated Covered Entity (ACE)? —ANS: (1) legally separate covered
entities that share common control or common ownership
(2) choose to designate themselves as one affiliated CE for the purposes of complying
with the HIPAA Privacy standard
© 2025 All rights reserved
, 4
What must a Affiliated Entity agree to? —ANS: Be treated as a single CE. Must agree
to follow a standard policy and procedure
What is a Business Associate? —ANS: (1) Separate entity working on behalf of the CE
providing Treatment, Payment, and Healthcare Operations (TPO) and/or associated
activities requiring access and/or will create, receive, maintain, and/or transmit PHI
(2) Must have a business associate agreement
Who is allowed to access PHI? —ANS: (1) Workforce: employees, volunteers, trainees,
and others under control of the CE
(2) Business Associates: Separate entity working on behalf of the CE providing
Treatment, Payment, and Healthcare Operations (TPO) and/or associated activities
requiring access and/or use of PHI
What is an example of a BA? —ANS: claims processing
data analysis
billing
benefit management
quality assurance
© 2025 All rights reserved
HCCA - CHPC Exam Prep Questions with Answers (100%
Correct Answers)
What date did HIPAA became law —ANS: 1996
What is the purpose of HIPAA? —ANS: 1. Protect individuals' PHI
2. Promote high quality healthcare
3. Protect the public's health and well being
HIPAA resides in what CFR section —ANS: 45 CFR sections 164.102 through 164.534
Identify the four sections in the CFR by location and topic —ANS: Section One:
164.102 - 164.318 and 164.530 - 164-534 Organizational Requirements
Section Two: 164.500 - 164.514 Use and Disclosure of Information
Section Three: 164.520 - 164.528 Individual's Rights and Penalties
© 2025 All rights reserved
,2
Section Four: Interaction with the HIPAA Security Rule
How do you determine if organization is a CE —ANS: compare the functions of the
entity to the three principal types of "covered entities" (CE)
What are the different types of CEs —ANS: - Provider
- Health Plan
- Clearing House
- Other Types
How is a Provider defined —ANS: Supports medical or health services such as SNFs,
home health, hospitals, physician clinics, etc that transmit in electronic form
Does a provider need a standing facility to be considered a CE —ANS: No, a provider
does not need a standing facility to be considered a CE
What is a Health Plan —ANS: (1) A healthcare organization that provides or pays the
cost of medical care
(2) Includes Medicaid, Medicare, and self funded plans
What is a Clearinghouse —ANS: (1) processes health information from a nonstandard
data elements of health information into standard data
© 2025 All rights reserved
,3
elements
(2) includes billing services, health information systems, etc
(3) does NOT include Third Party Administrations ( TPAs)
What are the three Organizational Arrangements —ANS: Organized Health Care
Arrangement (OHCA)
Affiliated Covered Entities (ACE)
Hybrid Covered Entity (HCE)
What is a Hybrid Covered Entity (HCE) —ANS: single covered entity with non-health
care components
What is an Organized Health Care Arrangement (OHCA)? —ANS: clinically
integrated care setting where individuals receive health care from more than one
covered entity
What is an Affiliated Covered Entity (ACE)? —ANS: (1) legally separate covered
entities that share common control or common ownership
(2) choose to designate themselves as one affiliated CE for the purposes of complying
with the HIPAA Privacy standard
© 2025 All rights reserved
, 4
What must a Affiliated Entity agree to? —ANS: Be treated as a single CE. Must agree
to follow a standard policy and procedure
What is a Business Associate? —ANS: (1) Separate entity working on behalf of the CE
providing Treatment, Payment, and Healthcare Operations (TPO) and/or associated
activities requiring access and/or will create, receive, maintain, and/or transmit PHI
(2) Must have a business associate agreement
Who is allowed to access PHI? —ANS: (1) Workforce: employees, volunteers, trainees,
and others under control of the CE
(2) Business Associates: Separate entity working on behalf of the CE providing
Treatment, Payment, and Healthcare Operations (TPO) and/or associated activities
requiring access and/or use of PHI
What is an example of a BA? —ANS: claims processing
data analysis
billing
benefit management
quality assurance
© 2025 All rights reserved
