hipaa hio-201 practice test

The Privacy Rule’s penalties for unauthorized disclosure:

• A. Imposes fines and imprisonment as civil penalties for violations.
• B. Limits penalties to covered entities and their business associates.
• C. Imposes criminal penalties for noncompliance with standards.
• D. Limits imprisonment to a maximum often years.
• E. Is $1000 per event of disclosure.

ABC Hospital implements policies and procedures to ensure that all members of its workforce have
appropriate access to electronic protected health information. These policies and procedures satisfy
which HIPAA security standard?

• A. Security Management Process
• B. Facility Access Control
• C. Security Awareness and Training
• D. Workforce Security
• E. B Security Management Process

Performing a periodic review in response to environmental or operational changes affecting the
security of electronic protected health information is called:

• A. Transmission Security
• B. Evaluation
• C. Audit Control
• D. Integrity
• E. Security Management Process

Which transaction covers information specific to accidents?

• A. Accident Report.
• B. First Report of Injury.
• C. Health Care Claim.
• D. Health Care Claim Payment/Advice.
• E. Premium Payment.

An Electronic Medical Record (EMR):

• A. Is another name for the Security Ruling
• B. Requires the use of biometrics for access to records.
• C. Is electronically stored information about an individual’s health status and health care.
• D. Identifies all hospitals and health care organizations.
• E. Requires a P1<1 for the provider and the patient.

Ensuring that physical access to electronic information systems and the facilities in which they are
housed is limited, is addressed under which security rule standard?

• A. Security Management Process
• B. Transmission Security
• C. Person or Entity Authentication
• D. Facility Access Controls
• E. information Access Management

This Administrative Safeguard standard implements policies and procedures to ensure that all
members of its workforce have appropriate access to electronic information.

• A. Security Awareness Training
• B. Workforce Security
• C. Facility Access Controls
• D. Workstation Use
• E. Workstation Security

The National Provider Identifier (NPI) will eventually replace the:

• A. NPF.
• B. NPS.
• C. CDT.
• D. ICD-9-CM, Volume 3.
• E. UPIN.

A health care clearinghouse is an entity that:

• A. Requires P1<1 for the provider and the patient.
• B. Is exempt from HIPAA regulations.
• C. Is a not-for-profit operation.
• D. Identifies all hospitals and health care organizations.
• E. Performs the functions of format translation and data conversion.

Which one of the following implementation specifications is associated with the Facility Access
Control standard?

• A. Integrity Controls
• B. Emergency Access Procedure
• C. Access Control and Validation Procedures
• D. Security Reminders
• E. Security Policy