March Sale Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

ISC HCISPP HealthCare Information Security and Privacy Practitioner Exam Practice Test

Page: 1 / 31
Total 305 questions

HealthCare Information Security and Privacy Practitioner Questions and Answers

Question 1

Believed that germs caused death and founded aseptic surgery.

Options:

A.

Lister

B.

Koch

C.

Flemming

Question 2

Assembly and analysis of a discharged patients record chart.

Options:

A.

Record Circulation

B.

Incomplete Record Porcessing

Question 3

When responding to a client's request for information about the disclosure of his/her protected health information, which is NOT required?

Options:

A.

The purpose of the disclosure

B.

A description of what information was sent

C.

Disclosures for treatment, payment, or health care operations

D.

The dates of disclosure and to whom the information was sent

Question 4

Privacy and security includes which of the following best practices?

Options:

A.

Talking about consumers in public areas or where you can be overheard

B.

Sharing your computer password with a new staff that does not have their own

C.

Including PHI in an unecypted email via a public system

D.

Keeping computer screens out of sight of others

E.

None of the above

Question 5

This type of hospital makes up 25% of hospitals in the United States and his a not for profit hospital.

Options:

A.

Government

B.

Proprietary

C.

Teaching

D.

Volunteer

Question 6

The Physician Assistant (PA) profession was developed in order to.

Options:

A.

Function alongside a physician without having to complete the many years of medical education and residency

B.

Replace the overly-paid physician role

C.

Perform the few roles broadly skilled physicians are not licensed to perform

D.

All of the above

Question 7

Would medical waste disposal be an example of contract services?

Options:

A.

True

B.

False

Question 8

Gap analysis does not apply to

Options:

A.

Transactions

B.

availability

C.

Privacy

D.

Security

Question 9

A health care provider is considering Internet access for their employees and patients. Which of the following is the organization's MOST secure solution for protection of data?

Options:

A.

Public Key Infrastructure (PKI) and digital signatures

B.

Trusted server certificates and passphrases

C.

User ID and password

D.

Asymmetric encryption and User ID

Question 10

Results of tests/procedures can be made available to the clients family if the client is unable to communicate well.

Options:

A.

True

B.

False

Question 11

Which of the following trust services principles refers to the accessibility of information used by the systems, products, or services offered to a third-party provider’s customers?

Options:

A.

Security

B.

Privacy

C.

Access

D.

Availability

Question 12

If you suspect someone is violating the facility's privacy policy, you should:

Options:

A.

Say nothing. It's none of your business.

B.

Watch the individual until you have gathered solid evidence against them.

C.

Report your suspicions to your clinical supervisor for further follow-up.

Question 13

You work in the billing department of your agency and while processing claims, you notice the name of someone you know. Since you are curious, you decide to investigate and you pull their medical record and read it. Is this appropriate?

Options:

A.

Yes

B.

No

Question 14

___________________ is a physician who has completed their internship in a program of training designed to increase their knowledge of clinical or special fields.

Options:

A.

Resident

B.

Chief Resident

C.

Intern

Question 15

It is NOT important to read and understand your agency's Notice of Privacy Practices.

Options:

A.

True

B.

False

Question 16

A gap analysis for the Transactions set refer to the practice of identifying the data content you currently have available

Options:

A.

through your medical software

B.

through your accounting software

C.

through competing unit medical software

D.

based on the statutory authorities report

Question 17

Medicaid is primarily for people who meet the following eligibility requirement:

Options:

A.

Elderly

B.

Low-income

C.

Children

D.

Disabled

Question 18

During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.

What is the best approach for the CISO?

During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.

What is the best approach for the CISO?

Options:

A.

Document the system as high risk

B.

Perform a vulnerability assessment

C.

Perform a quantitative threat assessment

D.

Notate the information and move on

Question 19

Title II of HIPPA includes a section, Administrative Simplification, not requiring:

Options:

A.

Improved efficiency in healthcare delivery by standardizing electronic data interchange

B.

Protection of confidentiality of health data through setting and enforcing standards

C.

Protection of security of health data through setting and enforcing standards

D.

Protection of availability of health data through setting and enforcing standards

Question 20

The traditional dispersed model of independent private physicians working as solo practitioners or in small groups is in competition with.

Options:

A.

Neighborhood health centers

B.

Multispecialty group practices

C.

Large "corporate" group practice organizations and networks

D.

None of the above

Question 21

Group Health Plans sponsored or maintained by employers, however,

Options:

A.

ARE SOMETIMES covered entities.

B.

ARE NOT covered entities.

C.

ARE covered entities

D.

ARE called uncovered entities

Question 22

Which of the following information is generally considered confidential?

Options:

A.

Demographics

B.

Diagnosis

C.

Billing Information

D.

Dates of Service

E.

All of the Above

Question 23

The dramatic increase in the number of physicians since the 1970s is largely due to.

Options:

A.

The decrease in strenuous licensing requirements

B.

The shortage of Physician Assistants

C.

The increase of non-primary care specialists

D.

None of the above

Question 24

As a result of the Dispersed Model of health care used in the U.S., the hospital structure resembles a diamond, with.

Options:

A.

The bulk of the hospitals in the middle, providing a wide range of secondary and tertiary services.

B.

A small number of hospitals at the top, which lack specialized units.

C.

The bulk of the hospitals in the middle, which lack specialized units.

D.

A small number of hospitals at the base, which provide highly super specialized referral services.

Question 25

___________ is one of the main objectives of HIPAA.

Options:

A.

Secrecy

B.

Accountability

C.

Anonymity

D.

Complexity

Correct answer: Accountability

Question 26

When assessing an organization’s security policy according to standards established by the International Organization for Standardization (ISO) 27001 and 27002, when can management responsibilities be defined?

Options:

A.

Only when assets are clearly defined

B.

Only when standards are defined

C.

Only when controls are put in place

D.

Only procedures are defined

Question 27

They create and vote on bylaws

Options:

A.

Medical Staff

B.

Administration

C.

Governing Board

Question 28

Avicenna was known for what?

Options:

A.

Penicillin

B.

Bacteria

C.

Cannon of Medicine

Question 29

You always abide by the HIPAA privacy rule.

Options:

A.

True

B.

False

Question 30

What is impact of the HITECH Act in relation to HIPAA requirements and maintaining client records electronically?

Options:

A.

There is a push toward paper records to prevent the hacking and electronic violation of electronic records, which is easily done without detection

B.

Providers must now maintain client records electronically, but may continue to provide clients a paper copy when access is requested

C.

There is no requirement to maintain client records electronically, but clients have the right to insist on electronic access to an electronic health record, if it exists

D.

Electronic records now face intensified scrutiny, requiring practitioners to implement more sophisticated software and detailed accounting of records

Your answer: Electronic records now face intensified scrutiny, requiring practitioners to implement more sophisticated software and detailed accounting of records

Question 31

Assigning numeric and alphanumeric codes to diagnoses, procedures and services.

Options:

A.

Coding and Abstracting

B.

Incomplete Record Processing

C.

Redcord Circulatoin

Question 32

The inception of _____ was used as a trial balloon for the idea of government-sponsored universal health insurance.

Options:

A.

workers' compensation

B.

trade unions

C.

public health

D.

health care for the veterans

Question 33

All of the following were a result of the Flexner Report in 1910 EXCEPT.

Options:

A.

Academic standards of medical schools became much more rigorous

B.

Many medical schools closed

C.

Homeopathic schools sanctioned homeopaths as "physicians"

D.

Only schools meeting the standards of LCME were able to award MD degrees

Question 34

If you see other staff violating privacy policies you should?

Options:

A.

Ignore it.

B.

Give them a helpful, gentle reminder

C.

Report problems and violations

D.

Both answer B & C

Question 35

Surgeons usually receive a single payment for the surgery and postoperative care. This bundling, or payment per episode, gives surgeons an economic incentive to.

Options:

A.

Limit both the number of surgeries they perform and the number of post operative visits they make.

B.

Increase both the number of surgeries and the number of post operative visits.

C.

Limit the number of surgeries and increase the number of post operative visits.

D.

Increase the number of surgeries and limit the number of post operative visits.

Question 36

Under HIPAA, what is the entity that processes healthcare claims and performs related functions for a health plan?

Options:

A.

Policy Advisory Group

B.

Third Party Administrator

C.

Joint Commission on Accreditation of Healthcare Organizations

D.

Plan Sponsor

Question 37

Which of the following is considered the last line defense in regard to a Governance, Risk managements, and compliance (GRC) program?

Options:

A.

Internal audit

B.

Internal controls

C.

Board review

D.

Risk management

Question 38

__________ Collects cancer Data.

Options:

A.

Health Information Manager

B.

Cancer Registrar

C.

Coder

Question 39

If a medical entity is in compliance with the Division of Medical Assistance's (DMA's) Health Data Marketing Guidelines, is the entity in compliance with HIPAA guidelines?

Options:

A.

No. HIPAA is law while DMA guidelines are not law, and require less than HIPAA

B.

Yes. HIPAA is federal law and DMA is state law, which is usually more restrictive, and the more restrictive standard should be met.

C.

No. HIPAA law is federal and DMA law is state, so HIPAA supersedes DMA law.

D.

Yes. DMA's guidelines are stricter and will supersede those minimum standards of HIPAA.

Question 40

An international medical organization with headquarters in the United States (US) and branches in France

wants to test a drug in both countries. What is the organization allowed to do with the test subject’s data?

Options:

A.

Aggregate it into one database in the US

B.

Process it in the US, but store the information in France

C.

Share it with a third party

D.

Anonymize it and process it in the US

Question 41

He discovered Penicillin.

Options:

A.

Flemming

B.

Koch

C.

Your Mother

Question 42

Which of the following best describes the incentives associated with capitation?

Options:

A.

Physicians have a higher incentive to sign up only healthy patients.

B.

Physicians have more flexibility to deliver effective and efficient services to patients.

C.

It only pays for an in-person visit with a physician.

D.

A and B only

Question 43

For most privately insured Americans, health insurance is:

Options:

A.

Employer-based

B.

Financed by the government

C.

Privately purchased

D.

None of the above

Question 44

This is for people 65 years or older with disabilities or people with End Stage Renal Disease.

Options:

A.

Medicare

B.

Medicaid

Question 45

Helps people with low incomes get the necessary medical help or need. Varies from state to state.

Options:

A.

Medicare

B.

Medicaid

C.

Chips

Page: 1 / 31
Total 305 questions