All About Approved HIO-201 Practice

NEW QUESTION 1
Physical access to workstations such as, whether or not patients can easily see a screen with PHI on it, is addressed by:

• A. Workstation Use
• B. Workstation Security
• C. Sanction Policy
• D. Termination Procedures
• E. Facility Security Plan

Answer: B

NEW QUESTION 2
This transaction supports multiple functions. These functions include: telling a bank to move money OR telling a bank to move money while sending remittance information:

• A. 277.
• B. 278.
• C. 271.
• D. 82.
• E. 270.

Answer: D

NEW QUESTION 3
This transaction is typically used in two modes: update and full replacement:

• A. Premium Payment.
• B. Health Care Claim.
• C. First Report of Injury.
• D. Health Plan Enrollment and Dis-enrollment.
• E. Coordination of Benefits.

Answer: D

NEW QUESTION 4
The Privacy Rule interacts with Federal and State laws by:

• A. Establishing an orderly hierarchy where HIPAA applies, then other Federal law, then State law.
• B. Defining privacy to be a national interest that is best protected by Federal law
• C. Allowing State privacy laws to provide a cumulative effect lower than HIPAA.
• D. Mandating that Federal laws preempt State laws regarding privacy.
• E. Establishing a "floor" for privacy protection.

Answer: E

NEW QUESTION 5
When using the Health Care Eligibility Request/Response (270/271), if a provider submits certain minimum information and the patent/subscriber is in their database, the payer must generate a response. Which of the following is one of the minimum information fields?

• A. Patient's country of birth
• B. Patient's pet name
• C. Patient's weight
• D. Patient's address
• E. Patient's date of birth

Answer: E

NEW QUESTION 6
The Privacy Rule's penalties for unauthorized disclosure:

• A. Imposes fines and imprisonment as civil penalties for violations.
• B. Limits penalties to covered entities and their business associates.
• C. Imposes criminal penalties for noncompliance with standards.
• D. Limits imprisonment to a maximum often years.
• E. Is $1000 per event of disclosure.

Answer: D

NEW QUESTION 7
Encryption is included as an addressable implementation specification under which security rule standard?

• A. Information Access Management
• B. Security Management Process
• C. Evaluation
• D. Transmission Security
• E. Device and Media Controls

Answer: D

NEW QUESTION 8
Which one of the following security standards is part of Technical Safeguards?

• A. Access Control
• B. Security Management Process
• C. Facility Access Controls
• D. Workstation Use
• E. Device and Media Controls

Answer: A

NEW QUESTION 9
One mandatory requirement for the Notice of Privacy Practices set by HIPAA regulations is:

• A. If the notice must state that the covered entity reserves the right to disclose PHI without obtaining the individuals authorization.
• B. The notice must prominently include an expiration date.
• C. The notice must describe every potential use of PHI
• D. The notice must describe an individual's rights under the rule such as to inspect, copy and amend PHI and to obtain an accounting of disclosures of PHI
• E. The notice must clearly identify that the covered entity is in compliance with HIPAA regulations as of April 16,2003

Answer: D

NEW QUESTION 10
Select the correct statement about the 820-Payment Order/Remittance advice transaction.

• A. It can be used for the payment of provider claims.
• B. It can be used to pay for insurance products (either individual or group premiums).
• C. It can function solely as a remittance advice.
• D. Electronic Funds Transfer is fully supported.
• E. This transaction can carry either summary or detailed remittance information.

Answer: A

NEW QUESTION 11
The transaction number assigned to the Health Care Eligibility Request transaction is:

• A. 270
• B. 276
• C. 278
• D. 271
• E. 834

Answer: A

NEW QUESTION 12
Maintenance personnel that normally have no access to PHI are called in to investigate water that is leaking from the ceiling of the room where a large amount of PHI is stored. The room is normally secured but the file cabinets have no doors or locks. Situations this are addressed by which Workforce Security implementation specification?

• A. Risk Management
• B. Written Contract or Other Arrangement
• C. Accountability
• D. Authorization and/or Supervision
• E. Integrity Controls

Answer: D

NEW QUESTION 13
The Health Care Claim Status Response (277) can be used in a number of ways. Select the correct usage.

• A. As a response to a health care claim status request
• B. As a health care claim payment advice
• C. Electronic funds transfer
• D. As a request for health care claims status
• E. Request for the psychotherapy notes of a patient

Answer: A

NEW QUESTION 14
Health information is protected by the Privacy Rule as long as:

• A. The authorization has been revoked by the physician.
• B. The patient remains a citizen of the United States.
• C. The information is under the control of HHS.
• D. The information is in the possession of a covered entity.
• E. The information is not also available on paper forms.

Answer: D

NEW QUESTION 15
Title 1 of the HIPAA legislation in the United States is about:

• A. PKI requirements for hospitals and health care providers.
• B. Encryption algorithms that must be supported by hospitals and health care providers.
• C. Fraud and abuse in the health care system and ways to eliminate the same.
• D. Guaranteed health insurance coverage to workers and their families when they change employers.
• E. The use of strong authentication technology that must be supported by hospitals and health care providers.

Answer: D

NEW QUESTION 16
Which one of the following implementation specifications is associated with the Facility Access Control standard?

• A. Integrity Controls
• B. Emergency Access Procedure
• C. Access Control and Validation Procedures
• D. Security Reminders
• E. Security Policy

Answer: C

NEW QUESTION 17
Assigning a name and/or number for identifying and tracking users is required by which security rule implementation specification?

• A. Access Authentication
• B. Integrity Controls
• C. Authorization and/or Supervision
• D. Data Authentication
• E. Unique User Identification

Answer: E

NEW QUESTION 18
Select the best statement regarding the definition of a business associate of a covered entity. A business associate is:

• A. A person who acts on behalf of a non-covered entity.
• B. A person who's function may involve claims processing, administration, data analysis or practice management with access to PHI.
• C. A person who is a member of the covered entity's workforce.
• D. A clearinghouse.
• E. A person that performs or assists in the performance of a function or activity that involves the use or disclosure of de-identified health information.

Answer: B

NEW QUESTION 19
......