New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

HCISPP HealthCare Information Security and Privacy Practitioner Questions and Answers

Questions 4

Each healthcare provider MUST have a document that describes how information about the client is used by the agency and when the agency will disclose/release it without the client's authorization.

Options:

A.

True

B.

False

Buy Now
Questions 5

Which of the following is a potential risk when a program runs in privileged mode?

Options:

A.

It may serve to create unnecessary code complexity

B.

It may not enforce job separation duties

C.

It may create unnecessary application hardening

D.

It may allow malicious code to be inserted

Buy Now
Questions 6

If you suspect someone is violating the facility's privacy policy, you should:

Options:

A.

Say nothing. It's none of your business.

B.

Watch the individual until you have gathered solid evidence against them.

C.

Report your suspicions to your clinical supervisor for further follow-up.

Buy Now
Questions 7

Provides assistance, advice and information to the patient.

Options:

A.

Coder

B.

Consultant

C.

Medical Transcriptionist

Buy Now
Questions 8

Do the same requirements apply to both medical records and mental health records?

Options:

A.

No, a client is not allowed to have access to any part of a mental health record, with or without psychotherapy notes

B.

Generally, including conditioning enrollment in a plan on the client granting authorization for disclosure of psychotherapy notes

C.

Yes, and client is entitled to all of the same information in both settings

D.

Generally, psychotherapy notes are not included in the provision that allows clients to see and copy their health information

Buy Now
Questions 9

What is the primary purpose of the National Health Service Corps?

Options:

A.

To recruit physicians to provide services in physician shortage areas in the U.S.

B.

To recruit physicians from abroad to work in the United States

C.

To send U.S. physicians to developing countries to provide services to the indigent

D.

To recruit physicians into the military

Buy Now
Questions 10

The intent of patient cost sharing at the point of receiving health care services is to.

Options:

A.

Discourage the overuse of services among patients.

B.

Discourage physicians from overcharging patients.

C.

Encourage patients to utilize more health care services.

D.

Encourage physicians to provide more effective health care services.

Buy Now
Questions 11

Each state has the same laws, rules, and/or regulations governing confidentiality of health care information.

Options:

A.

True

B.

False

Buy Now
Questions 12

As of 2010, what is different with regard to business associates and HIPAA protections?

Options:

A.

Business associates now must notify clients directly of privacy breaches, as if they were a covered entity

B.

There are no significant changes in business associate practices

C.

Covered entities have increase responsibilities to ensure the practice of business associates

D.

Business associates are no longer required to notify clients directly of privacy breaches

Buy Now
Questions 13

What is a credential for Cancer Registrar?

Options:

A.

AAPC

B.

ACMCS

C.

AHIMA

D.

NCRA

Buy Now
Questions 14

You work in the billing department of your agency and while processing claims, you notice the name of someone you know. Since you are curious, you decide to investigate and you pull their medical record and read it. Is this appropriate?

Options:

A.

Yes

B.

No

Buy Now
Questions 15

Which of the following trust services principles refers to the accessibility of information used by the systems, products, or services offered to a third-party provider’s customers?

Options:

A.

Security

B.

Privacy

C.

Access

D.

Availability

Buy Now
Questions 16

Which of the following are some common features designed to protect confidentiality of health information contained in patient medical records?

Options:

A.

Locks on medical records rooms

B.

Passwords to access computerized records

C.

Rules that prohibit employees from looking at records unless they have a need to know

D.

All of the above

Buy Now
Questions 17

Drag the following Security Engineering terms on the left to the BEST definition on the right.

Options:

Buy Now
Questions 18

A multiple payer system is more cumbersome than a single payer system for all of the following reasons except:

Options:

A.

There are numerous health plans, which is difficult for providers to handle

B.

Payments are not standardized across health plans

C.

Some healthcare services are covered for people in the north, but not in the south

D.

Government programs required extensive documentation proving services were provided before paying providers

Buy Now
Questions 19

Which racial/ethnic group is least likely to use mammography?

Options:

A.

White

B.

Black or African American

C.

Asian or Pacific Islander

D.

Hispanic

Buy Now
Questions 20

HIPPA does not call for:

Options:

A.

Standardization of electronic patient health, administrative and financial data

B.

Unique health identifiers for individuals, employers, health plans, and health care providers.

C.

Common health identifiers for individuals, employers, health plans and health care providers.

D.

Security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future.

Buy Now
Questions 21

A health plan may conduct its covered transactions through a clearinghouse, and may require a provider to conduct covered transactions with it through a clearinghouse. The incremental cost of doing so must be borne

Options:

A.

by the HIPPA authorities

B.

by the health plan

C.

by any other entity but the health plan

D.

by insurance companies

Buy Now
Questions 22

Who enforces HIPPA?

Options:

A.

The Office of Civil Rights of the Department of Confidentiality Services is responsible for enforcement of these rules

B.

The Office of Civil Rights of the Department of Health and Human Services is responsible for enforcement of these rules

C.

The Office of Health Workers Rights of the Department of Health and Human Services in responsible for enforcement of these rules

D.

The Department of Civil Rights of the Office of Health and Human Services is responsible for enforcement of these rules

Buy Now
Questions 23

Which racial/ethnic group is growing the fastest?

Options:

A.

White

B.

Black or African American

C.

Asian or Pacific Islander

D.

Hispanic

Buy Now
Questions 24

Data collected without identifiers, never coded, that was never tied to an individual, thereby fully protecting health information is considered what form of data?

Options:

A.

Data aggregation

B.

Anonymous

C.

Non-disclosed

D.

Anonymized

Buy Now
Questions 25

Excessive health care is a concern because it is.

Options:

A.

Wasteful

B.

Costly

C.

Potentially harmful

D.

All of the above

Buy Now
Questions 26

This type of care is a extension of Tertiary and is usually very costly.

Options:

A.

Primary

B.

Secondary

C.

Quaternary

Buy Now
Questions 27

All of the following items should be included in a Business Impact Analysis (BIA) QUESTION NO:naire EXCEPT QUESTION NO:s that

Options:

A.

determine the risk of a business interruption occurring

B.

determine the technological dependence of the business processes

C.

Identify the operational impacts of a business interruption

D.

Identify the financial impacts of a business interruption

Buy Now
Questions 28

Health Information Rights although your health record is the physical property of the healthcare practitioner or facility that compiled it, the information belongs to you. You do not have the right to:

Options:

A.

obtain a paper copy of the notice of information practices upon request inspect and obtain a copy of your health record as provided for in 45 CFR 164.524

B.

request a restriction on certain uses and disclosures of your information outside the terms as provided by 45 CFR 164.522

C.

amend your health record as provided in 45 CFR 164.528 obtain an accounting of disclosures of your health information as provided in 45 CFR 164.528

D.

revoke your authorization to use or disclose health information except to the extent that action has already been taken

Buy Now
Questions 29

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

Options:

A.

Development, testing, and deployment

B.

Prevention, detection, and remediation

C.

People, technology, and operations

D.

Certification, accreditation, and monitoring

Buy Now
Questions 30

A covered healthcare provider which a direct treatment relationship with an individual need not:

Options:

A.

provide the notice no later than the date of the first service delivery, including service

delivered electronically

B.

have the notice available at the service delivery site for individuals to request and keep

C.

get a acknowledgement of the notice from each individual on stamped paper

D.

post the notice in a clear and prominent location where it is reasonable to expect individuals

seeking service from the covered healthcare provider to be able to read it

Buy Now
Questions 31

This type of hospital is privately owned.

Options:

A.

For Profit

B.

Not for Profit

Buy Now
Questions 32

Which is NOT consistent with Personnel Clearance Procedures needed to comply with HIPAA Administrative Safeguards?

Options:

A.

Current database of what personnel has access to buildings, offices, filing cabinets, computers, and databases

B.

New employees, contractors, and unpaid staff have references checked

C.

Appropriate exit interviews for outgoing personnel

D.

Discretion given to who does and does not have access to secure office spaces or keys/door codes

Buy Now
Questions 33

Copies of patient information may be disposed of in any garbage can in the facility.

Options:

A.

True

B.

False

Buy Now
Questions 34

Who was the first to identity syphilis?

Options:

A.

Flemming

B.

Koch

C.

Fracastoro

D.

Bill

Buy Now
Questions 35

Vertical integration refers to an organization model that under one ownership.

Options:

A.

Contains all levels of care, from primary to tertiary

B.

Provides the necessary staff for this full spectrum of care

C.

Provides the necessary facility for all levels of care

D.

All of the above.

Buy Now
Questions 36

Max, who has worked all his life for Ford motors, is now 65 years old. He has not yet retired. Max is eligible for:

Options:

A.

Medicare Part A

B.

Medicare Part B

C.

Both A and B

D.

None of the above

Buy Now
Questions 37

Medicare and Medicaid programs were created for population groups regarded as.

Options:

A.

Elderly

B.

Vulnerable

C.

Underinsured

D.

Politically above

Buy Now
Questions 38

Community rating is able to redistribute funds from the healthy to the sick by.

Options:

A.

Providing benefits in excess of premiums to those who become ill.

B.

Setting premiums based on community experience, rather than that of subgroups.

C.

Charging the same premium for high-risk and low-risk populations.

D.

All of the above

Buy Now
Questions 39

An international medical organization with headquarters in the United States (US) and branches in France

wants to test a drug in both countries. What is the organization allowed to do with the test subject’s data?

Options:

A.

Aggregate it into one database in the US

B.

Process it in the US, but store the information in France

C.

Share it with a third party

D.

Anonymize it and process it in the US

Buy Now
Questions 40

What is the MOST important consideration from a data security perspective when an organization plans to relocate?

Options:

A.

Ensure the fire prevention and detection systems are sufficient to protect personnel

B.

Review the architectural plans to determine how many emergency exits are present

C.

Conduct a gap analysis of a new facilities against existing security requirements

D.

Revise the Disaster Recovery and Business Continuity (DR/BC) plan

Buy Now
Questions 41

The major form(s) of managed care organizations are:

Options:

A.

Fee-for-service with utilization review

B.

Preferred provide organizations (PPOs)

C.

Health maintenance organizations (HMOs)

D.

All of the above.

Buy Now
Questions 42

Which of the following is considered the last line defense in regard to a Governance, Risk managements, and compliance (GRC) program?

Options:

A.

Internal audit

B.

Internal controls

C.

Board review

D.

Risk management

Buy Now
Questions 43

When responding to a client's request for information about the disclosure of his/her protected health information, which is NOT required?

Options:

A.

The purpose of the disclosure

B.

A description of what information was sent

C.

Disclosures for treatment, payment, or health care operations

D.

The dates of disclosure and to whom the information was sent

Buy Now
Questions 44

Learned that microbes are living and caused disease. Also learned that killing the microbes helped to stop that disease.

Options:

A.

Robert Koch

B.

Edward Jenner

C.

Louis Pasteur

Buy Now
Questions 45

Who discovered that ether gas could safely be used to put patients to sleep for surgery?

Options:

A.

Ben Franklin and Edward Jenner

B.

Rob and Jackson

C.

Flemming and Koch

D.

Crawford Long and William T.G Morton

Buy Now
Exam Code: HCISPP
Exam Name: HealthCare Information Security and Privacy Practitioner
Last Update: Dec 26, 2024
Questions: 305
HCISPP pdf

HCISPP PDF

$59.7  $199
HCISPP Engine

HCISPP Testing Engine

$67.5  $225
HCISPP PDF + Engine

HCISPP PDF + Testing Engine

$74.7  $249