1. Home
  2. HIPAA
  3. CHP
  4. HIO-201
  5. Certified HIPAA Professional Questions and Answers

Pass the HIPAA CHP HIO-201 Questions and answers with CertsForce

 HIPAA Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 5 pages
Viewing questions 1-10 out of questions
Questions # 1:

Formal, documented instructions for reporting security breaches are referred to as:

Options:
A.

Business Associate Contract

B.

Response and Reporting

C.

Emergency Access Procedure

D.

Sanction policy

E.

Risk Management

Questions # 2:

The Final Privacy Rule requires a covered entity to obtain an individual's prior written authorization to use his or her PHI for marketing purposes except for:

Options:
A.

Situations where the marketing is for a drug or treatment could improve the health of that individual.

B.

Situations where the patient has already signed the covered entity's Notice of Privacy Practices.

C.

A face-to-face encounter with the sales person of a company that provides drug samples

D.

A communication involving a promotional gift of nominal value.

E.

The situation where the patient has signed the Notice of Privacy Practices of the marketer.

Questions # 3:

Which one of the following is a required implementation specification of the Security Management Process?

Options:
A.

Risk Analysis

B.

Access Control and Validation Procedures

C.

Integrity Controls

D.

Access Authorization

E.

Termination Procedures

Questions # 4:

The implementation specifications for this HIPAA security standard (within Technical Safeguards) must support emergency access and unique user identification:

Options:
A.

Audit Control

B.

Integrity

C.

Access Control

D.

Person or Entity Authentication

E.

Transmission Security

Questions # 5:

As defined in the HIPAA regulations, a group of logically related data in units is called a:

Options:
A.

Data group

B.

Segment

C.

Transaction set

D.

Functional group

E.

Interchange envelope

Questions # 6:

To comply with the Final Privacy Rule, a valid Notice of Privacy Practices:

Options:
A.

Is required for all Business Associate Contracts.

B.

Must always be associated with a valid authorization.

C.

Must be signed before providing treatment to a patient.

D.

Must be associated with a valid Business Associate Contract.

E.

Must describe the individual's rights under the Privacy Rule.

Questions # 7:

HL7 is particularly involved with:

Options:
A.

NCPDP-based pharmacy standards

B.

The standard for pharmacy-health plan communication.

C.

Administering Medicare and Medicaid programs.

D.

Claims attachments.

E.

Publishing HIPAA Transactions-related Implementation Guides.

Questions # 8:

Once a year, a team at ABC Hospital reviews environmental and operational changes that may have had an impact on the security of electronic PHI. This is an example of:

Options:
A.

Transmission Security

B.

Evaluation

C.

Audit Controls

D.

Integrity

E.

Security Management Process

Questions # 9:

The Security Incident Procedures standard requires just one implementation specification. That implementation specification is:

Options:
A.

Termination Procedures

B.

Automatic Logoff

C.

Emergency Access Procedure

D.

Contingency Operations

E.

Response and Reporting

Questions # 10:

A pharmacist is approached by an individual and asked a question about an over-the-counter medication. The pharmacist needs some protected health information (PHI) from the individual to answer the question. The pharmacist will not be creating a record of this interaction. The Privacy Rule requires the pharmacist to:

Options:
A.

Verbally request 3 consent and offer a copy of the Notice of Privacy Practices.

B.

Verbally request specific authorization for the PHI.

C.

Do nothing more.

D.

Obtain the signature of the patient on their Notice of Privacy Practices.

E.

Not respond to the request without an authorization from the primary physician.

Viewing page 1 out of 5 pages
Viewing questions 1-10 out of questions