CAHIMS UNIT 7 QUESTIONS WITH CORRECT ANSWERS 100% VERIFIED
1. True or false? Administrative activities, fraud and abuse investigations, and health insurance policy underwriting
are not covered by the HIPAA Privacy Rule.: false
In general, patient authorization is not required in order to disclose personal health information for
the purposes of treatment, payment, and healthcare operations (TPO). Healthcare operations are all
activities that support the treatment and pay- ment activities of healthcare. Administrative activities,
fraud and abuse investiga- tions, and health insurance policy underwriting are just a few examples of
healthcare operations.
2. The National Research Council (NRC) recommends that all organizations that handle protected health
information (PHI) should have --authentica- tion/access/audit-- controls in place to ensure that users can access only
the information they need to perform their job.: access
3. True or false? Under the HIPAA compliance audit program, entities that the Office for Civil Rights (OCR) finds not
to be in good faith compliance with HIPAA could face large penalties.: true
4. True or false? Although it is resource intensive, humans must directly verify the accuracy of data stored in
databases to ensure their integrity.: false
5. --Nonrepudiation/Integrity/Availability-- provides proof that a certain action has taken place or that something
or someone is what or who they claim to be.: Nonrepudiation
Nonrepudiation requires that those who access protected health information are allowed to do so and