EMT Practice Test

1. Question Content...


Question List

Question1: This security standard requires that the covered entity establishes agreements with each organization with which it exchanges data electronically, protecting the security of all such data:

Question2: This transaction type is a "response" transaction that may include information such as accepted/rejected claim, approved claim(s) pre-payment, or approved claim(s) post-payment:

Question3: In terms of Security, the best definition of "Access Control" is:

Question4: A grouping of functional groups, delimited by a header/trailer pair, is called a:

Question5: Select the correct statement regarding code sets and identifiers.

Question6: A key date in the transaction rule timeline is:

Question7: The code set that must be used to describe or identify dentist's services and procedures is:

Question8: Which of the following is example of "Payment" as defined in the HIPAA regulations?

Question9: Select the FALSE statement regarding the administrative requirements of the HIPAA privacy rule.

Question10: The implementation specifications for this HIPAA security standard (within Technical Safeguards) must support emergency access and unique user identification.

Question11: Which HIPAA Title is fueling initiatives within organizations to address health care priorities in the areas of transactions, privacy, and security'?

Question12: One mandatory requirement for the Notice of Privacy Practices set by HIPAA regulations is:

Question13: A pharmacist is approached by an individual and asked a question about an over-the-counter medication.
The pharmacist needs some protected health information (PHI) from the individual to answer the question.
The pharmacist will not be creating a record of this interaction. The Privacy Rule requires the pharmacist to:

Question14: Signed authorization forms must be retained:

Question15: The Security Incident Procedures standard requires just one implementation specification. That implementation specification is:

Question16: A business associate:

Question17: The Security Rule requires that the covered entity identifies a security official who is responsible for the development and implementation of the policies and procedures. This is addressed under which security standard?

Question18: Select the correct statement regarding the requirements for oral communication in the HIPAA regulations.

Question19: Select the FALSE statement regarding the responsibilities of providers with direct treatment relationships under HIPAA's privacy rule.

Question20: Select the FALSE statement regarding code sets and identifiers.

Question21: Select the FALSE statement regarding violations of the HIPAA Privacy rule.

Question22: This code set describes drugs:

Question23: As part of their HIPAA compliance process, a small doctor's office formally puts the office manager in charge of security related issues. This complies with which security rule standard?

Question24: To comply with the Final Privacy Rule, a valid Notice of Privacy Practices:

Question25: Select the correct statement regarding the Notice of Privacy Practices.

Question26: Within the context of a transaction set, the fields that comprise a hierarchical level are referred to as a(n):

Question27: Select the correct statement regarding the requirements of HIPAA regulations.

Question28: The office manager of a small doctor's office wants to donate several of their older workstations to the local elementary school. Which Security Rule Standard addresses this situation?

Question29: The Health Care Claim Status Response (277) can be used in a number of ways. Select the correct usage.

Question30: Which of the following is a required implementation specification associated with the Contingency Plan Standard?

Question31: The Final Privacy Rule requires a covered entity to obtain an individual's prior written authorization to use his or her PHI for marketing purposes except for:

Question32: The security standard that has the objective of implementing mechanisms to record and examine system activity is:

Question33: HIPAA establishes a civil monetary penalty for violation of the Administrative Simplification provisions. The penalty may not be more than:

Question34: Select the correct statement regarding the administrative requirements of the HIPAA privacy rule

Question35: Formal, documented instructions for reporting security breaches are referred to as:

Question36: The National Provider Identifier (NPI) will eventually replace the:

Question37: A business associate must agree to:

Question38: A covered entity that fails to implement the HIPAA Privacy Rule would risk:

Question39: Some of the information that an authorization must include is:

Question40: Which of the following is NOT a correct statement regarding HIPAA requirements?

Question41: Which of the following is NOT a HIPAA national health care identifier?

Question42: The Data Backup Plan is part of which Security Standard?

Question43: Within the context of a transaction set, the fields that comprise a hierarchical level are referred to as a(n):

Question44: The National Provider Identifier (NPI) will eventually replace the:

Question45: Select the correct statement regarding the definition of the term "disclosure" as used in the HIPAA regulations.

Question46: An Electronic Medical Record (EMR):

Question47: Security reminders, using an anti-virus program on workstations, keeping track of when users log-in and out, and password management are all part of:

Question48: This transaction is typically used in two modes: update and full replacement:

Question49: Select the best statement regarding the definition of protected health information (PHI).

Question50: Title 1 of the HIPAA legislation in the United States is about:

Question51: Information in this transaction is generated by the payer's adjudication system:

Question52: This code set is used to describe or identity radiological procedures and clinical laboratory tests:

Question53: An Electronic Medical Record (EMR):

Question54: This is a documented and routinely updated plan to create and maintain, for a specific period of time, retrievable copies of information:

Question55: The code set that must be used to describe or identify outpatient physician services and procedures is:

Question56: Select the best statement regarding de-identified information (DII).

Question57: Select the correct statement regarding the responsibilities of providers and payers under HIPAA's privacy rule.

Question58: The objective of this HIPAA security standard is to implement policies and procedures to prevent, detect, contain, and correct security Violations.

Question59: This security rule standard requires policies and procedures for authorizing access to electronic protected health information that are consistent with its required implementation specifications- which are Isolating Health Care Clearinghouse Function, Access Authorization, and Access Establishment and Modification

Question60: The key objective of a contingency plan is that the entity must establish and implement policies and procedures to ensure The:

Question61: The National Provider File (NPF) includes information such as:

Question62: Individually identifiable health information (IIHI) includes information that is:

Question63: Patient identifiable information may include:

Question64: In an emergency treatment situation, a health care provider:

Question65: When submitting a Health Care Claim Status Request, it is important to provide the proper tracking information to exactly identify the previously submitted claim Select the information that would be most important to the claim inquiry/ process.

Question66: Select the best statement regarding the definition of a business associate of a covered entity. A business associate is:

Question67: Select the best statement regarding organized health care arrangements (OHCA).

Question68: This transaction is the response to a Health Care Claim (837):

Question69: A covered entity' that fails to implement the HIPAA Privacy Rule would risk:

Question70: Which one of the following is a required implementation specification of the Security Management Process?

Question71: When PHI is sent or received over an electronic network there must be measures to guard against unauthorized access. This is covered under which security rule standard?

Question72: The transaction number assigned to the Payment Order/Remittance Advice transaction is:

Question73: HIPAA Security standards are designed to be:

Question74: The objective of this document is to safeguard the premises and building from unauthorized physical access and to safeguard the equipment therein from unauthorized physical access, tampering and theft:

Question75: Use or disclosure of Protected Health Information (PHI) for Treatment, Payment, and Health care Operations (TPO) is:

Question76: Select the FALSE statement regarding the X12N Implementation Guides.

Question77: Physical access to workstations such as, whether or not patients can easily see a screen with PHI on it, is addressed by:

Question78: This transaction, which is not a HIPAA standard, may be used as the first response when receiving a Health Care Claim (837):

Question79: Which one of the following security standards is part of Technical Safeguards?

Question80: The State of Nebraska's Medicaid Program has decided to implement an EDI solution to comply with the HIPAA transaction rule. Select the transaction or code set that would not apply to them.

Question81: A provider is in compliance with the Privacy Rule. She has a signed Notice of Privacy Practices from her patient. To provide treatment, the doctor needs to consult with an independent provider who has no relationship with the patient to comp with the Privacy Rule the doctor MUST:

Question82: Select the best statement regarding the definition of the term "use" as used by the HIPAA regulations.

Question83: This rule covers the policies and procedures that must be in place to ensure that the patients' health information is respected and their rights upheld:

Question84: ANSI X12 specifies the use of a (an):

Question85: Dr. Jones, a practicing dentist, has decided to directly implement an EDI solution to comply with the HIPAA transaction rule. Dr. Jones employs a small staff of 4 persons for whom he has sponsored a health care plan. Dr. Jones has revenues of less than $1 million. Select the code set that Dr. Jones should consider supporting for his EDI system.

Question86: Policies requiring workforce members to constantly run an updated anti-virus program on their workstation might satisfy which implementation specification?

Question87: Which of the following is example of "Payment" as defined in the HIPAA regulations?

Question88: A doctor sends patient records to another company for data entry services. A bonded delivery service is used for the transfer. The records are returned to the doctor after entry is complete, using the same delivery service. The entry facility and the network they use are secure. The doctor is named as his own Privacy Officer in written policies. The doctor has written procedures for this process and all involved parties are documented as having been trained in them The doctor does not have written authorizations to disclose Protected Health Information (PHI). Is the doctor in violation of the Privacy Rule?

Question89: Workstation Use falls under which Security Rule area?

Question90: Select the best example of a business associate (if they had access to PHI).