CCA EXAM DOMAIN 6 CONFIDENTIALITY AND PRIVACY
1. According to the HIPAA privacy rule, protected health information includes-
: individually identifiable health
2. The patient has the right to agree or object to disclosure of protected health information when: disclosing information to a family ...
1. According to the HIPAA privacy rule, protected health information includes-
: individually identifiable health information in any format stored by a health care provider or business
associate.
Individually identifiable health information in any format stored by a health care provider or business
associate. PHI includes all individually identified health infor- mation, regardless of format. ePHI,
however, includes only electronic PHI. Incorrect answers:
1) non-individually identifiable health information in any format stored by a health care provider. 2)
Only electronic individually identifiable health information. 3) Only paper individually identifiable
health information.
2. The patient has the right to agree or object to disclosure of protected health information when:
disclosing information to a family member who is directly involved in the patient's care.
There are two circumstances when patients have the right to agree or object
to disclosure of protected health information. This includes facility directory and disclosing information
to family member who is directly involved in care.
3. Which of the following would be deleted in the process of de-identification of protected patient
information?: Date of birth
Patient identifiers include patient's full name, date of birth, social security number, contact information
such as address and phone numbers, name and contact in- formation of the next of kin, emergency
contact information, and other personal information deemed necessary for health care delivery
operations (e.g., employer information and insurance information).
The facility NPI number—National Provider Identifier Number—is a 10-digit numer- ical identifier
that identifies an individual provider or a health care entity.
Principal diagnosis code establishes medical necessity for procedures provided to the patient.
Place of service codes are two-digit codes placed on health care professional claims to indicate the
setting in which a service was provided
4. John is a 45-year-old male who is mentally disabled. Identify who can authorize release
, CCA EXAM DOMAIN 6 CONFIDENTIALITY AND PRIVACY
of his health record.: legal guardian
Even though John is of age, he is mentally incompetent and therefore requires a guardian to sign the
release. John's sister could only sign the authorization if she was his legal guardian. The executive of
his will only applies if John is deceased.
5. A document requirement of health organizations pursuant to HIPAA legis- lation, that
informs patient how a covered entity intends to use and disclose protected health information is
called: Notice of Privacy Practices (NPP) Notice of Privacy Practices is a requirement of HIPAA's
Privacy Rule. None of the other documents are related to HIPAA.
, CCA EXAM DOMAIN 6 CONFIDENTIALITY AND PRIVACY
6. A covered entity must adopt reasonable and appropriate policies and pro- cedures to comply
with the provisions of the Security Rule. A covered entity must maintain, until years after
the later of the date of their creation or last effective date, written security policies and
procedures and written records of required actions, activities or assessments.: 6
HIPAA Policies and Procedures and Documentation Requirements
A covered entity must adopt reasonable and appropriate policies and procedures to comply with the
provisions of the Security Rule. A covered entity must maintain, until six years after the later of the
date of their creation or last effective date, written security policies and procedures and written records
of required actions, activities or assessments.
Updates. A covered entity must periodically review and update its documentation in response to
environmental or organizational changes that affect the security of electronic protected health
information (e-PHI).
7. Which of the following is an example of a physical safeguard?: Locking offices and file
cabinets containing PHI
Physical Safeguards are physical measures, policies, and procedures to protect a covered entity's
electronic information systems and related buildings and equipment from natural and environmental
hazards, and unauthorized intrusion.
Some examples of physical safeguards are the following:
Controlling building access with a photo-identification/swipe card system. Locking offices
and file cabinets containing PHI.
Turning computer screens displaying PHI away from public view. Minimizing the amount of
PHI on desktops.
Shredding unneeded documents containing PHI.
Audit controls and effective security safeguards are part of normal operational management processes
to mitigate, control, and minimize risks that can negatively impact business operations and expose
sensitive data.
Dual authentication is a security safeguard—combination would be a username and password
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur smartchoices. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour $11.49. Vous n'êtes lié à rien après votre achat.
