CMOM-Practice Management Institute Exam
Questions And 100% Outlined Answers
\Q\.HIPPA REGULATION: Privacy Overview - ANSWER-✔There are three major areas addressed
in the Privacy Regulation: 1. Use and disclosure of PHI, 2. Patient rights 3. Security
administrative and physical
\Q\.Business Associates - ANSWER-✔can be held directly accountable by federal or state
authority for failure to comply with HIPAA statutory or regulations. ex. IT techs, Janitors,
Cleaning Services, Vendors, Collection agencies, Consultants and Billing Services.
\Q\.Entities - ANSWER-✔ex. doctors, hospitals, pharmacy
\Q\.Breach - ANSWER-✔unauthorized acquisition access, use or disclosure of protected health
information, ex. ALGH issue on breach where health info was spread with no consents from
patients.
\Q\.What is NOT considered a breach? - ANSWER-✔1. Where an authorized person who
received the health info. cannot reasonably have been able to retain it.
2. If an unintentional acquisition, access, or use occurs within the scope of employ. and info
doesn't go any further.
3. If it is an inadvertent disclosure that occurs within a facility, and the information does not go
any further.
\Q\.Tiered Increase in Civil Monetary Penalties - ANSWER-✔HIPPA violation at $50,000 per
violation and an annual maximum of $1.5million.
,\Q\.What are examples that could not result in HIPPA violation by DHHS? - ANSWER-✔-
Overheard phone or nursing station conversation
-Joint treatment areas
-Sign-in sheets
-Calling names in reception areas
-Hospital rounds
Solutions would be to speak quietly, cubicles, curtains, dividers, asking patients to step back, or
closing doors.
\Q\.Health Information (PHI) - ANSWER-✔Any info. whether oral or recorded in any form or
medium that is created or received by a health care provider, health, plan public health
authority, employer, life insurer, school or university, or health care clearinghouse, and related
to the past, present or future physical or mental health or condition.
\Q\.Individual Identifiable Health Information (IIHI) - ANSWER-✔Information that is a subset of
health information, including demographic, information collected from an individual.
\Q\.Identifiers - ANSWER-✔-Email address
-Social Security number
-Medical record number
-Vehicle identifier
-Full face photograph
\Q\.The Notice of Privacy Practices should be... - ANSWER-✔In a written language, tape, or
video that the patient understands, be clearly posted in the practice or facility, and if applicable,
on the practice website.
, \Q\.Fraud - ANSWER-✔the intentional deception or misrepresentation that an individual knows
to be false or does not believe to be true and makes, knowingly that the deception could result
in some unauthorized benefit to himself/herself or some other person.
ex. Billing for services that were not furnished and or supplies that were not provided
-Billing for services as if performed by a particular entity when they were, in fact, performed by
another entity not eligible to be paid by Medicare
-Using in incorrect or inappropriate provider number ni order to be paid (using a deceased
provider number to defraud Medicare).
\Q\.Abuse - ANSWER-✔describes practices that either directly or indirectly result in
unnecessary costs to the Medicare Program. Acts committed knowingly, willfully and
intentionally.
ex. Charging in excess for services or supplies
Providing medical unnecessary services
\Q\.Whistleblower - ANSWER-✔or the "qui tam" provision as it is formally called allows a
person that has knowledge of a false claim against the government to bring an action against
the suspected wrongdoer on behalf of the U.S. government.
\Q\.Relator - ANSWER-✔a person that files a qui tam suit on behalf of the government and may
share a percentage of the recovery realized from a successful action ex. patient, disgruntled
former employee or other business contact.
\Q\.OIG Compliance Plan - ANSWER-✔There are seven steps
\Q\.Primary goal of OSHA - ANSWER-✔To reduce injuries, illnesses and death, and to provide
leadership and encouragement to employees and workers to help recognize and realize the
value of safety and health on the job.
Questions And 100% Outlined Answers
\Q\.HIPPA REGULATION: Privacy Overview - ANSWER-✔There are three major areas addressed
in the Privacy Regulation: 1. Use and disclosure of PHI, 2. Patient rights 3. Security
administrative and physical
\Q\.Business Associates - ANSWER-✔can be held directly accountable by federal or state
authority for failure to comply with HIPAA statutory or regulations. ex. IT techs, Janitors,
Cleaning Services, Vendors, Collection agencies, Consultants and Billing Services.
\Q\.Entities - ANSWER-✔ex. doctors, hospitals, pharmacy
\Q\.Breach - ANSWER-✔unauthorized acquisition access, use or disclosure of protected health
information, ex. ALGH issue on breach where health info was spread with no consents from
patients.
\Q\.What is NOT considered a breach? - ANSWER-✔1. Where an authorized person who
received the health info. cannot reasonably have been able to retain it.
2. If an unintentional acquisition, access, or use occurs within the scope of employ. and info
doesn't go any further.
3. If it is an inadvertent disclosure that occurs within a facility, and the information does not go
any further.
\Q\.Tiered Increase in Civil Monetary Penalties - ANSWER-✔HIPPA violation at $50,000 per
violation and an annual maximum of $1.5million.
,\Q\.What are examples that could not result in HIPPA violation by DHHS? - ANSWER-✔-
Overheard phone or nursing station conversation
-Joint treatment areas
-Sign-in sheets
-Calling names in reception areas
-Hospital rounds
Solutions would be to speak quietly, cubicles, curtains, dividers, asking patients to step back, or
closing doors.
\Q\.Health Information (PHI) - ANSWER-✔Any info. whether oral or recorded in any form or
medium that is created or received by a health care provider, health, plan public health
authority, employer, life insurer, school or university, or health care clearinghouse, and related
to the past, present or future physical or mental health or condition.
\Q\.Individual Identifiable Health Information (IIHI) - ANSWER-✔Information that is a subset of
health information, including demographic, information collected from an individual.
\Q\.Identifiers - ANSWER-✔-Email address
-Social Security number
-Medical record number
-Vehicle identifier
-Full face photograph
\Q\.The Notice of Privacy Practices should be... - ANSWER-✔In a written language, tape, or
video that the patient understands, be clearly posted in the practice or facility, and if applicable,
on the practice website.
, \Q\.Fraud - ANSWER-✔the intentional deception or misrepresentation that an individual knows
to be false or does not believe to be true and makes, knowingly that the deception could result
in some unauthorized benefit to himself/herself or some other person.
ex. Billing for services that were not furnished and or supplies that were not provided
-Billing for services as if performed by a particular entity when they were, in fact, performed by
another entity not eligible to be paid by Medicare
-Using in incorrect or inappropriate provider number ni order to be paid (using a deceased
provider number to defraud Medicare).
\Q\.Abuse - ANSWER-✔describes practices that either directly or indirectly result in
unnecessary costs to the Medicare Program. Acts committed knowingly, willfully and
intentionally.
ex. Charging in excess for services or supplies
Providing medical unnecessary services
\Q\.Whistleblower - ANSWER-✔or the "qui tam" provision as it is formally called allows a
person that has knowledge of a false claim against the government to bring an action against
the suspected wrongdoer on behalf of the U.S. government.
\Q\.Relator - ANSWER-✔a person that files a qui tam suit on behalf of the government and may
share a percentage of the recovery realized from a successful action ex. patient, disgruntled
former employee or other business contact.
\Q\.OIG Compliance Plan - ANSWER-✔There are seven steps
\Q\.Primary goal of OSHA - ANSWER-✔To reduce injuries, illnesses and death, and to provide
leadership and encouragement to employees and workers to help recognize and realize the
value of safety and health on the job.
