1 | Page
RHIT Exam Questions and Answers
Which of the following is a characteristic of breach notification?
Ans: It applies when one person's PHI is breached
A PI Team is concerned with the time it is taking for patients to get
through the registration process. To better understand the causes
or reasons for the delay in this process the PI Team would like to
gather observational data. What data collection tool would be
appropriate for this team to develop for their observation data?
Ans: Check sheet
The process that is followed to mitigate and fix issues that arise
during a review of systems that contain PHI to reduce
vulnerabilities is called: Ans: Risk management
City Hospital has implemented a procedure that allows inpatients
to decide whether they want to be listed in the hospital's directory.
The directory information includes the patient's name, location in
© 2025 All rights reserved
, 2 | Page
the hospital, and general condition. If a patient elects to be in the
directory, this information is used to inform callers who know the
patient's name. Some patients have requested that they be listed in
the directory but information is to be released to only a list of
specific people the patient provides. A hospital committee is
considering changing the policy to accommodate these types of
patients. In this case, what type of advice should the HIM director
provide? Ans: Deny these requests because screening of calls is
difficult to manage and if information is given in error, this would
be considered a violation of HIPAA
A(n) _________ is imposed on providers by the OIG when fraud and
abuse is discovered through an investigation. Ans: Corporate
Integrity Agreement
A hospital's EHR defines the expected values of the gender data
element as female, male, and unknown. This type of specificity is
known as: Ans: Data precision-the term used to describe
expected data values.
Which of the following is an institutional user of the health
record? Ans: A third-party payer-an institution that needs access
to the health record to complete their mission
© 2025 All rights reserved
, 3 | Page
Which of the following should be considered first when
establishing health record retention policies? Ans: State retention
requirements
Managing an organization's data and those who enter it is an
ongoing challenge requiring active administration and oversight.
This can be accomplished by the organization through
management of which of the following? Ans: Data dictionary-
descriptive list of the data elements to be collected in an
information system or database to ensure consistency of
terminology
In this experimental study, blood pressure is taken before and
after an experimental medication is used as the intervention in a
sample of participants that were previously unable to control their
blood pressure with other medications. In this example, the
independent variable is the __________ and the dependent variable
is the ____________. Ans: Experimental medication: Blood pressure
Which of the following is true about information assets?
A. Information considered to add value to an organization
B. Data entered into a patient's health record by a provider
© 2025 All rights reserved
, 4 | Page
C. Clearly defined elements required to be documented in the
health record
D. A list of all data elements added within a record Ans:
Information considered to add value to an organization
Cancer registries are maintained by hospitals: Ans: voluntarily or
by state law
Spoliation can be defined as? Ans: destroying, changing, or
hiding evidence intentionally
to prevent spoliation, a court order called a legal hold is issued to
preserve the integrity of the record and prevent routine
destruction procedures to take place
Community Hospital wants to provide voice recognition services
for office notes of the private patients of physicians. All these
physicians have medical staff privileges at the hospital. This will
provide an essential service to the physicians as well as provide
additional revenue for the hospital. In preparing to launch this
service, the HIM director is asked whether a business associate
agreement is necessary. Which of the following should the hospital
HIM director advise in order to comply with HIPAA regulations?
© 2025 All rights reserved
RHIT Exam Questions and Answers
Which of the following is a characteristic of breach notification?
Ans: It applies when one person's PHI is breached
A PI Team is concerned with the time it is taking for patients to get
through the registration process. To better understand the causes
or reasons for the delay in this process the PI Team would like to
gather observational data. What data collection tool would be
appropriate for this team to develop for their observation data?
Ans: Check sheet
The process that is followed to mitigate and fix issues that arise
during a review of systems that contain PHI to reduce
vulnerabilities is called: Ans: Risk management
City Hospital has implemented a procedure that allows inpatients
to decide whether they want to be listed in the hospital's directory.
The directory information includes the patient's name, location in
© 2025 All rights reserved
, 2 | Page
the hospital, and general condition. If a patient elects to be in the
directory, this information is used to inform callers who know the
patient's name. Some patients have requested that they be listed in
the directory but information is to be released to only a list of
specific people the patient provides. A hospital committee is
considering changing the policy to accommodate these types of
patients. In this case, what type of advice should the HIM director
provide? Ans: Deny these requests because screening of calls is
difficult to manage and if information is given in error, this would
be considered a violation of HIPAA
A(n) _________ is imposed on providers by the OIG when fraud and
abuse is discovered through an investigation. Ans: Corporate
Integrity Agreement
A hospital's EHR defines the expected values of the gender data
element as female, male, and unknown. This type of specificity is
known as: Ans: Data precision-the term used to describe
expected data values.
Which of the following is an institutional user of the health
record? Ans: A third-party payer-an institution that needs access
to the health record to complete their mission
© 2025 All rights reserved
, 3 | Page
Which of the following should be considered first when
establishing health record retention policies? Ans: State retention
requirements
Managing an organization's data and those who enter it is an
ongoing challenge requiring active administration and oversight.
This can be accomplished by the organization through
management of which of the following? Ans: Data dictionary-
descriptive list of the data elements to be collected in an
information system or database to ensure consistency of
terminology
In this experimental study, blood pressure is taken before and
after an experimental medication is used as the intervention in a
sample of participants that were previously unable to control their
blood pressure with other medications. In this example, the
independent variable is the __________ and the dependent variable
is the ____________. Ans: Experimental medication: Blood pressure
Which of the following is true about information assets?
A. Information considered to add value to an organization
B. Data entered into a patient's health record by a provider
© 2025 All rights reserved
, 4 | Page
C. Clearly defined elements required to be documented in the
health record
D. A list of all data elements added within a record Ans:
Information considered to add value to an organization
Cancer registries are maintained by hospitals: Ans: voluntarily or
by state law
Spoliation can be defined as? Ans: destroying, changing, or
hiding evidence intentionally
to prevent spoliation, a court order called a legal hold is issued to
preserve the integrity of the record and prevent routine
destruction procedures to take place
Community Hospital wants to provide voice recognition services
for office notes of the private patients of physicians. All these
physicians have medical staff privileges at the hospital. This will
provide an essential service to the physicians as well as provide
additional revenue for the hospital. In preparing to launch this
service, the HIM director is asked whether a business associate
agreement is necessary. Which of the following should the hospital
HIM director advise in order to comply with HIPAA regulations?
© 2025 All rights reserved
