HIO-201 Online Practice Questions and Answers

Which one of the following implementation specifications is associated with the Facility Access Control standard?

A. Integrity Controls

B. Emergency Access Procedure

C. Access Control and Validation Procedures

D. Security Reminders

E. Security Policy

Which one of the following is a required implementation specification of the Security Management Process?

A. Risk Analysis

B. Access Control and Validation Procedures

C. Integrity Controls

D. Access Authorization

E. Termination Procedures

Which of the following was not established under the Administrative Simplification title?

A. National P1<1 Identifier.

B. National Standard Health Care Provider Identifier.

C. National Standard Employer Identifier.

D. Standards for Electronic Transactions and Code Sets.

E. Security Rule.

To comply with the Final Privacy Rule, a valid Notice of Privacy Practices:

A. Is required for all Business Associate Contracts

B. Must always be associated with a valid authorization

C. Must be signed before providing treatment to a patient.

D. Must be associated with a valid Business Associate Contract

E. Must describe the individual's rights under the Privacy Rule.

Conducting an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic PHI is:

A. Risk Analysis

B. Risk Management

C. Access Establishment and Modification

D. Isolating Health care Clearinghouse Function

E. Information System Activity Review

ANSI ASO X12 is the standard for

A. Security requirements.

B. Privacy requirements.

C. Is another name for the Security Rule.

D. Representation of all health care claims.

E. Encrypting all information for use over a P1<1.

Establishing policies and procedures for responding to an emergency or other occurrence that damages systems is an example of

A. Security Awareness and Training

B. Security Incident Procedure

C. Information Access Management

D. Security Management Process

E. Contingency Plan

A key date in the transaction rule timeline is:

A. October 16, 2003 -- small health plans to begin testing without ASCA extension

B. October 16, 2004 -- full compliance deadline for small health plans

C. April 16, 2004 -- small health plans to begin testing with ASCA extension

D. April 16, 2003 - deadline to begin testing with ASCA extension

E. April 14, 2003; deadline to begin testing with the ASCA extension.

The National Provider Identifier (NPI) will eventually replace the:

A. NPF .

B. NPS .

C. CDT .

D. ICD-9-CM, Volume 3 .

E. UPIN .

Health information is protected by the Privacy Rule as long as:

A. The authorization has been revoked by the physician

B. The patient remains a citizen of the United States.

C. The information is under the control of HHS.

D. The information is in the possession of a covered entity.

E. The information is not also available on paper forms.