RHIT EXAM PREP DOMAIN III PRACTICE QUESTIONS (Compliance) – Flashcards
Unlock all answers in this set
Unlock answersquestion
(214) OASIS data are used to assess the _____ of home health services A) Outcome B) Financial performance C) Utilization D) Core measure
answer
A)Outcome
question
(215) A statement or guideline that directs decision making or behavior is called a: A) Directive B) Procedure C) Policy D) Process
answer
C) Policy
question
(216) Examples of high-risk billing practices that create compliance risks for healthcare organizations include all EXCEPT which of the following? A) Altered claim forms B) Returned overpayments C) Duplicate billings D) Unbundled procedures
answer
B) Returned overpayments
question
(217) Healthcare fraud is all EXCEPT which of the following? A) Unnecessary costs to a program B) False representation of fact C) Failure to disclose a material fact D) Damage to another party that reasonably relied on misrepresentation
answer
A) Unnecessary costs to a program
question
(218) Corporate compliance programs became common after adoption of which of the following? A) False Claims Act B) Federal Sentencing Guidelines C) Office of the Inspector General for HHS D) Federal Physician Self-Referral Statute
answer
B) Federal Sentencing Guidelines
question
(219) Which of the following is a legal concern regarding the EHR? A) Ability to subpoena audit trails B) Template design C) ANSI standards D) Data sets
answer
A) Ability to subpoena audit trails
question
(220) The act of granting approval to a healthcare organization based on whether the organization has met a set of voluntary standards is called: A) Accreditation B) Licensure C) Acceptance D) Approval
answer
A) Accreditation
question
(221) A group practice has hired an HIT as its chief compliance officer. The current compliance program includes written standards of conduct and policies and procedures that address specific areas of potential fraud. It also has audits in place to monitor compliance. Which of the following should the compliance officer also ensure are in place? A) Compliance program education and training programs for all employees in the organization B) A hotline to receive complaints and adoption of procedures to protect whistleblowers from retaliation C) Procedures to adequately identify individuals who make complaints so that appropriate follow-up can be conducted D) A corporate compliance committee that reports directly to the CFO
answer
B) A hotline to receive complaints and adoption of procedures to protect whistleblowers from retaliation
question
(222) In developing a coding compliance program, which of the following would NOT be ordinarily included as participants in coding compliance education? A) Current coding professional B) Medical Staff C) Newly hired coding personnel D) Nursing staff
answer
D) Nursing Staff
question
(223) Which of the following organizations within the federal government is responsible for looking at the issues related to the efficiency and effectiveness of the healthcare delivery system, disease protocols, and guidelines for improved disease outcomes? A) Agency for Healthcare Research and Quality B) Food and Drug Administration C) National Center for Health Statistics D) Centers for Medicare and Medicaid Services
answer
A) Agency for Healthcare Research and Quality
question
(224) Which of the following issues compliance program guidance? A) AHIMA B) CMS C) Federal Register D) HHS Office of Inspector General
answer
D) HHS Office of Inspector General
question
(225) Which of the following is an example of data security? A) Automatic logoff after inactivity B) Fire protection C) Contingency planning D) Card key for access to data center
answer
A) Automatic logoff after inactivity
question
(226) A patient has been discharged prior to an administrative utilization review being conducted . Which of the following should be performed? A) Continued stay utilization review B) Discharge plan C) Retrospective utilization review D) Case management
answer
C) Retrospective utilization review
question
(227) The function used to provide access controls, authentication, and audit logging in an HIE is: A) Patient Identification B) Record location service C) Identity management D) Consent management
answer
C) Identity Management
question
(228) Community Hospital wants to provide transcription services for office notes of the private patients of physicians. All of these physicians have medical staff privileges at the hospital. This will provide an essential service to the physicians as well as provide additional revenue for the hospital. In preparing to launch this service, the HIM director is asked whether a business associate agreement is necessary. Which of the following should the hospital HIM director advise in order to comply with HIPAA regulations? A) Each physician practice should obtain a business associate agreement with the hospital B) The hospital should obtain a business associate agreement with each physician practice C) Because the physicians all have medical staff privileges, no business associate agreement is necessary D) Because the physicians are part of an Organized Health Care Arrangement with the hospital, no business associate agreement is necessary
answer
A) Each physician practice should obtain a business associate agreement with the hospital
question
(229) Which accrediting organization has instituted continuous improvement and sentinel event monitoring and uses tracer methodology during survey visits? A) Accreditation Association for Ambulatory Healthcare B) Commission on Accreditation of Rehabilitation Facilities C) American Osteopathic Association D) The Joint Commission
answer
D) The Joint Commission
question
(230) Developing, implementing, and revising the organization's policies is the role of: A) Senior managers B) The board of directors C) Supervisory managers D) Middle managers
answer
D) Middle managers
question
(231) Position descriptions, policies and procedures, training checklists, and performance standards are all examples of: A) Staffing Tools B) Organizational Policies C) Strategic plans D) Items on a training checklist
answer
A) Staffing tools
question
(232) Which of the following has been responsible for accrediting healthcare organizations since the mid-1950s and determines whether the organization is continually monitoring and improving the quality of care provided? A) Commission on Accreditation of Rehabilitation Facilities B) American Osteopathic Association C) National Committee for Quality Assurance D) The Joint Commission
answer
D) The Joint Commission
question
(233) Which of the following is a written description of an organization's formal position? A) Hierarchy chart B) Organizational Chart C) Policy D) Procedure
answer
C) Policy
question
(234) The Deficit Reduction Act of 2005: A) Encourage voluntary compliance programs B) Did not address healthcare fraud and abuse C) Made compliance programs mandatory D) Affects entities that make or receive at least $9 million in Medicaid payments
answer
C) Made compliance programs mandatory
question
(235) Which of the following statements best defines utilization management? A) It is the process of determining whether the medical care provided to a patient is necessary B) It is a set of processes used to determine the appropriateness of medical services provided during specific episodes of care C) It is a process that determines whether a planned service or a patient 's condition warrants care in an inpatient setting D) It is an ongoing infection surveillance program
answer
B) It is a set of processes used to determine the appropriateness of medical services provided during specific episodes of care
question
(236) Which of the following is NOT a type of utilization review? A) Preadmission review B) Continued-stay review C) Discharge review D) Peer review
answer
D) Peer Review
question
(237) Which of the following is NOT one of the basic functions of the utilization review process? A) Case management B) Discharge planning C) Claims management D) Utilization review
answer
C) Claims management
question
(238) The Medical Record Committee wants to determine if the hospital is in compliance with Joint Commission standards for medical delinquency rates. The HIM director has compiled a report that shows that records are delinquent for an average of 29 days after discharge. Given the information, what can the committee conclude? A) Delinquency rate is within Joint Commission standards B) All physicians are performing at optimal levels C) The client deficiency process is working well D) Data are insufficient to determine whether the hospital is in compliance
answer
D) Data are insufficient to determine whether the hospital is in compliance.
question
(239) Which of the following is the largest healthcare standards-setting body in the world? A) Agency for Healthcare Research and Quality B) National Guideline Clearinghouse C) National Committee for Quality Assurance D) The Joint Commission
answer
D) The Joint Commission
question
(240) Community Hospital wants to offer information technology services to City Hospital, another smaller hospital in the area. This arrangement will financially help both institutions. In reviewing the process to establish this arrangement, the CEO asks the HIM director if there are any barriers to establishing this relationship with regard to HIPAA. In this situation, which of the following should the HIM director advise? A) There are no barriers prescribed by HIPAA for this arrangement B) Community Hospital needs to expand their organizational healthcare arrangement to include the other hospital C) City Hospital should obtain a business associate agreement with Community Hospital D) Community Hospital should obtain a business associate agreement with City Hospital
answer
C) City Hospital should obtain a business associate agreement with Community Hospital
question
(241) Which of the following facilities do NOT have to meet the standards in the Conditions of Participation? A) Hospitals B) Physician offices C) Home health agencies D) Hospices
answer
B) Physician offices
question
(242) An audit trail may be used to detect which of the following? A) Unauthorized access to a system B) Loss of data C) Presence of a virus D) Successful completion of a backup
answer
A) Unauthorized access to a system
question
(243) Specific performance expectations and/or structures and processes that provide detailed information for each of the Joint Commission standards are called: A) Elements of performance B) Fact sheets C) Ad hoc reports D) Registers
answer
A) Elements of performance
question
(244) The creation of the National Practitioner Database was mandated by the: A) Social Security Act B) Privacy Act C) Health Insurance Portability and Accountability Act D) Health Care Quality Improvement Act
answer
D) Health Care Quality Improvement Act
question
(245) Which of the following dictates how a medical staff operates? A) Classification B) Bylaws C) Credentialing D) Committees
answer
B) Bylaws
question
(246) Who is primarily responsible for implementing the policies and strategic direction of the hospital or healthcare organization and for building an effective executive management team? A) Board of directors B) Chief executive officer C) Chief information officer D) Chief of staff
answer
B) Chief executive officer
question
(247) Medical school graduates must pass a test before they can obtain a ______ to practice medicine. A) Degree B) Residency C) Specialty D) License
answer
D) License
question
(248) Under HIPAA rules, when an individual asks to see his or her own health information, a covered entity: A) Must always provide access B) Can deny access to psychotherapy notes C) Can demand that the individual pay to see his or her record D) Can always deny access
answer
B) Can deny access to psychotherapy notes
question
(249) In which of the following situations must a covered entity provide an appeals process for denials to requests from individuals to see their own health information? A) Any time access is requested B) When the covered entity is a correctional institute C) When a licensed healthcare professional has determined that access to PHI would likely endanger the life or safety of the individual D) When the covered entity is unable to produce the health reocrd
answer
C) When a licensed healthcare professional has determined that access to PHI would like endanger the life or safety of the individual
question
(250) Which of the following statements is true in regard to responding to requests from individuals for access to their protected health information (PHI)? A) A cost-based fee may be charged for retrieval of the PHI B) A cost-based fee may be charged for making a copy of the PHI C) No fees of any type may be charged D) A minimal fee may be charged for retrieval and copying of PHI
answer
B) A cost-based fee may be charged for making a copy of the PHI
question
(251) Which of the following is NOT an automatic control that helps preserve data confidentiality and integrity in an electronic system? A) Edit Checks B) Audit Trails C) Password management D) Security awareness program
answer
D) Security awareness program
question
(252) Within the context of electronic health records, protecting data privacy means defending or safeguarding: A) Access to information B) Data availability C) Health record quality D) System implementation
answer
A) Access to information
question
(253) The protection measures and tools for safeguarding information and information systems is a definition of: A) Confidentiality B) Data security C) Informational privacy D) Informational access control
answer
B) Data security
question
(254) To date the HIM department has not charged for copies of records requested by the patient. However, the policy is currently under review for revision. One HIM committee member suggests using the copying fee established by the state. Another committee member thinks that HIPAA will not allow for copying fees. What input should the HIM director provide? A) HIPAA does not allow charges for copying of medical records B) Use the state formula because HIPAA allows hospital to use the state formula C) Base charges on the cost of labor and supplies for copying and postage if copies are mailed D) Because HIPAA allows for reasonable and customary charges , charge only for the paper used for copying the medical record
answer
C) Base charges on the cost of labor and supplies for copying and postage if copies are mailed
question
(255) An electronic health record risk analysis is useful to: A) Identify security threats B) Identify which employees should have access to data C) Establish password controls D) Establish audit controls
answer
A) Identify security threats
question
(256) Which of the following is required by HIPAA law? A) A written contingency plan B) Review of audit trails every 24 hours C) Use of passwords for all transactions D) Permanent bolting of workstations in public areas
answer
A) A written contingency plan
question
(257) Which of the following are policies and procedures required by HIPAA that address the management of computer resources and security? A) Access controls B) Administrative safeguards C) Audit safeguards D) Role-based controls
answer
B) Administrative safeguards
question
(258) What is the biggest threat to the security of healthcare data? A) Natural disasters B) Fires C) Employees D) Equipment malfunctions
answer
C) Employees
question
(259) To ensure relevancy, an organization's security policies and procedures should be reviewed at least: A) Once every six months B) Once a year C) Every two years D) Every five years
answer
B) Once a year
question
(260) Which of the following is NOT true of good electronic forms design? A) Minimize keystrokes by using pop-up menus B) Perform completeness check for all required data C) Use radio buttons to select multiple items from a set of options D) Use text boxes to enter text
answer
C) Use radio buttons to select multiple items from a set of options
question
(261) What committee usually oversees the development and approval of new forms for the health record? A) Quality review committee B) Medical staff committee C) Executive committee D) Clinical forms committee
answer
Clinical forms committee
question
(262) The process of determining whether the medical care provided to a specific patient is necessary according to pre-established objective screening criteria is: A) Activities of daily living assessment B) Case management C) Patient advocacy D) Utilization review
answer
D) Utilization Review
question
(263) Placing locks on computer room doors is considered what type of security control? A) Access control B) Workstation control C) Physical control D) Security breach
answer
C) Physical control
question
(264) Which of the following is recommended for design of forms for an EDMS? A) Twenty-four pound paper for double-sided forms B) Twelve-pound paper for double-sided forms C) Color-coded paper to make identification easy D) Ten-digit bar code for identification of each document
answer
A) Twenty-four pound paper for double-sided forms
question
(265) The HIM supervisor suspects that a departmental employee is accessing the EHR for personal reasons but has no specific data to support this suspicion. In this case, what should the supervisor do? A) Confront the employee B) Send out a memorandum to all department employees reminding them of the hospital policy on Internet use C) Ask the security officer for audit trail data to confirm or disprove the suspicion D) Transfer the employee to another job that does not require computer usage
answer
C) Ask the security officer for audit trail data to confirm or disprove the suspicion
question
(266) Coding policies should include which of the following elements? A) Lunch/break schedule B) How to access the computer system C) AHIMA Standards of Ethical Coding D) Nonofficial coding guidelines
answer
C) AHIMA Standards of Ethical Coding
question
(267) The Medicare Integrity Program was established under Public Law 113-36 to battle fraud and abuse is charged with which of the following responsibilities? A) Audit of expense reports and notifying beneficiaries of their rights B) Payment determinations and audit of cost reports C) Publishing of new coding guidelines and code changes D) Monitoring of physician credentials and payment determinations
answer
B) Payment determinations and audit of cost reports
question
(268) An individual designated as an inpatient coder may have access to an electronic health record to code the record. Under what access security mechanism is the coder allowed access to the system? A) Role based B) User based C) Context based D) Situation base
answer
A) Role based
question
(269) A secretary in the Nursing Office was recently hospitalized with ketoacidosis. She comes to the HIM department and requests to review her health record. Of the options here, what is the best course of action? A) Allow her to review her record after obtaining authorization from her B) Refer the patient to her physician for the information C) Tell her to go through her supervisor for the information D) Tell her that hospital employees cannot access their own medical records
answer
A) Allow her to review her record after obtaining authorization from her
question
(270) St. Joseph's Hospital has a psychiatric service on the sixth floor of the hospital. A 31-year-old male has come to the HIM department and requested to see a copy of his medical record. He indicated he was a patient of Dr. Schmidt, a psychiatrist, and the he was on the sixth floor of St. Joseph's for the last two months. These records are not psychotherapy notes. Of the options here, what is the best course of action. A) Prohibit the patient from accessing his record, as it contains psychiatric diagnoses that may greatly upset him B) Allow the patient to access his record C) Allow the patient to access his record if, after contacting his physician, his physician does not think it will be harmful to the patient D) Deny access because HIPAA prevents from reviewing their psychiatric records
answer
C) Allow the patient to access his record if, after contacting his physician, his physician does not think it will be harmful to the patient
question
(271) What resource should be consulted in terms of who may authorize access, use, or disclose the health records of minors? A) HIPAA because it has strict rules regarding minors B) Hospital attorneys because they know the rules of the hospital C) State law because HIPAA defers to state laws on matters related to minors D) Federal law because HIPAA overrides state laws on matters related to minors
answer
C) State law because HIPAA defers to state laws on matters related to minors
question
(272) If an HIM department acts in deliberate ignorance or in disregard of official coding guidelines, it may be committing: A) Abuse B) Fraud C) Malpractice D) Kickbacks
answer
B) Fraud
question
(273) What is the general name for Medicare rules affecting healthcare organizations? A) Conditions of participation B) Regulations for licensure C) Requirements for service D) Terms of accreditation
answer
A) Conditions of participation
question
(274) The permanent RAC program was completely implemented in the United States by: A) January 2010 B) March 2011 C) December 2009 D) October 2012
answer
A) January 2010
question
(275) During user acceptance testing of a new EHR system, physicians are complaining that they have to use multiple log-on screens to access all the system modules. For example, they have to use one log-on for CPOE and another log-on to view laboratory results> one physician suggests having a single sign-on that would provide access to all EHR system components. However, the hospital administrator thinks that one log-on would be a security issue. What information should the HIM director provide? A) Single sign-on is not supported by HIPAA security measures B) Single sign-on is discouraged by the Joint Commission C) Single sign-on is less frustrating for the end user and can provide better security D) Single sign-on is possible given today's technology
answer
C) Single sign-on is less frustrating for the end user and can provide better security
question
(276) Which of the following are security safeguards that protect equipment, media and facilities? A) Administrative controls B) Audit controls C) Physical access controls D) Role based controls
answer
C) Physical access controls
question
(277) What does the term ACCESS CONTROL mean? A) Identifying the greatest security risks B) Identifying which data employees should have a right to use C) Implementing safeguards that protect physical media D) Restricting access to computer rooms an facilities
answer
B) Identifying which data employees should have a right to use
question
(278) Which of the following is a software program that tracks every access to data in the computer system? A) Access control B) Audit trail C) Edit check D) Risk assessment
answer
B) Audit trail
question
(279) All of the following are steps in medical necessity and utilization review, EXCEPT: A) Initial clinical review B) Peer clinical review C) Access consideration D) Appeals consideration
answer
C) Access consideration
question
(280) Which of the following can be used to discover current hot areas of compliance? A) The OIG workplan B) AHA newsletter C) HIPAA privacy rule D) Local medical review policy
answer
A) The OIG workplan
question
(281) In Medicare, the most common forms of fraud and abuse include all EXCEPT which of the following? A) Billing for services not furnished B) Misrepresenting the diagnosis to justify payment C) Unbundling or exploding charges D) Implementing a clinical documentation improvement program
answer
D) Implementing a clinical documentation improvement program
question
(282) The one aspect of managed care that has had the greatest impact on healthcare organizations is: A) Infection control B) Cost control C) Risk management D) Utilization management
answer
B) Cost control
question
(283) The policies and procedures section of a coding compliance plan should include all EXCEPT which of the following? A) Physician query process B) Unbundling C) Assignment of discharge destination codes D) Utilization review
answer
D) Utilization review
question
(284) What is the term for an explicit statement that directs clinical decision making? A) Cookbook medicine B) Preauthorization C) Evidence-based practice guideline D) Withhold pool
answer
C) Evidence-based practice guideline
question
(285) Gatekeepers determine the appropriateness of all EXCEPT which of the following components? A) Rate of capitation or reimbursement B) Healthcare service itself C) Level of healthcare personnel D) Setting in the continuum of care
answer
A) Rate of capitation or reimbursement
question
(286) Exceptions to the Federal Anti-Kickback Statute that allow legitimate business arrangements and are not subject to prosecution are: A) Qui tam practices B) Safe practices C) Safe harbors D) Exclusions
answer
C) Safe harbors
question
(287) How many times each year are healthcare facilities required to practice emergency preparedness? A) Once B) Twice C) Three times D) Never
answer
B) Twice
question
(288) This private, not-for-profit organization is committed to developing and maintaining practical, customer-focused standards to help organizations measure and improve the quality, value, and outcomes of behavioral health and medical rehabilitation programs. A) Commission on Accreditation of Rehabilitation Facilities B) American Osteopathic Association C) National Committee for Quality Assurance D) The Joint Commission
answer
A) Commission on Accreditation of Rehabilitation Facilities
question
(289) What is it called when accrediting bodies, such as the Joint Commission, rather than the government can survey facilities for compliance with the Medicare Conditions of Participation for Hospitals? A) Deemed status B) Judicial decision C) Subpoena D) Credentialing
answer
A) Deemed status
question
(290) Which Joint Commission survey methodology involves an evaluation that follows the hospital experiences of past or current patients? A) Priority focus process review B) Periodic performance review C) Tracer methodology D) Performance improvement
answer
C) Tracer methodology
question
(291) Which of the following services is most likely to be considered medically necessary? A) Caregivers' convenience or relief B) Cosmetic improvement C) Investigational cancer prevention D) Standard of care for health condition
answer
D) Standard of care for health condition
question
(292) Case management coordinates an individual's care, especially in complex and high cost cases. Goals of case management include all EXCEPT which of the following? A) Continuity of care B) Quality C) Information security D) Appropriate utilization
answer
C) Information security
question
(293) When a service is not considered medically necessary based on the reason for encounter, the patient should be provided with a(n) ________inidcating that Medicare might not pay and that the patient might be responsible for the entire charge. A) OIG B) ABN C) LOS D) EOB
answer
B) ABN (Advance Beneficiary Notice)
question
(294) A patient was admitted to the hospital for treatment of a myocardial infarction (heart attack) and the MS-DRG assigned was 236 Coronary bypass w/o cardiac cath w/o MCC. During the patient's admission, a bypass procedure was performed on day 2; on day 4, the patient was diagnosed with sepsis, which was not present on admission. Sepsis is a major complication. This case was identified as coded incorrectly in a recent audit by the coding manager. What was the error that was made by the coder? A) The sepsis was not coded, and so an MCC (major complications and comorbidities) was missed B) The coronary bypass procedure was coded incorrectly C) The claim was coded correctly; no error was made D) THe cardiac catheterization procedure was not coded
answer
A) The sepsis was not coded, and so an MCC (major complications and comorbidities) was missed
question
(295) When the Medicare Recovery Audit Contractor has determined that incorrect payment has been made to an organization., which document is sent to the provider notifying them of this determination? A) Appeal request B) Claims denial C) Demand letter D) Medicare Summary Notice
answer
C) Demand letter
question
(296) Which type of identity theft occurs when a patient uses another person's name and insurance information to receive healthcare benefits? A) Medical B) Financial C) Criminal D) Health
answer
A) Medical