HCCA - CHPC Study Questions 2026 Exam
comprehensive questions | FREQUENTLY MOST
TESTED QUESTIONS AND VERIFIED SOLUTIONS
Which of the following is not considered a HIPAA Entity Designation:
1. Affiliated covered entity
2. Entity that performs healthcare and non-healthcare component
activities including both covered and non-covered functions
3. A group health plan
4. Contract arrangement with FEDEX carrier
4. Contract arrangement with FEDEX carrier
What is Gramm-Leach-Bliley Act (GLBA)?
Gramm-Leach-Bliley Act (GLBA), also known as the Financial
Services Modernization Act of 1999, includes The Financial Privacy
Rule and The Safeguards Rule requires all financial institutions to
protect customer's personal financial information.
,What is an OHCA?
OHCA (Organized Health Care Arrangement) it's a clinically
integrated care setting where individuals receive health care from
more than one provider. These are joint arrangements/activities
and have an Integrated Delivery System for easy exchange of PHI
data. See 45 CFR 160.103. OHCAs can also utilize a joint NPP. See 45
CFR § 164.520(d).
ACE (Affiliated Covered Entity) do not have an Integrated
Delivery System because these are legally separate covered
entities that are associated in business, or affiliated as a result of
some common control or ownership.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations purposes
(TPO).
,What's an ACE?
ACE (Affiliated Covered Entity)
Legally separate covered entities that share common
control/ownership
and designate themselves as a single CE for the purpose of
complying with the HIPAA Privacy standards.
ACEs do not have an Integrated Delivery System, while OHCA do, and
can share a single NPP. See 45 CFR § 164.520(d)
ACE example: a health system composed on several affiliated
hospitals.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations purposes
(TPO).
, What's a Hybrid Entity?
Entity that conducts both covered functions (or healthcare-functions) and
non-co functions) to elect to be a "hybrid entity."
For instance, a University System that has a research laboratory or
academic med The post-secondary functions (non-healthcare
components) do NOT need to co The research lab/med center
functions (healthcare component) needs to comply use/disclosure of
PHI involved.
https://www.hhs.gov/hipaa/for-professionals/faq/315/when-does-a-
covered-ent
functions/index.html#:~:text=For%20example%2C%20a%20hybrid%20entity,
hybrid
https://privacyruleandresearch.nih.gov/pr_06.asp
The transmission of information between two parties to carry out financial
or administrative activities related to health care is called:
Transaction (healthcare transaction).
Few examples of healthcare transactions:
healthcare claims;
coordination of benefits;
health plan premium payments;
remittance advice (or ETF, electronic fund
transfer); referral certification and
authorization
comprehensive questions | FREQUENTLY MOST
TESTED QUESTIONS AND VERIFIED SOLUTIONS
Which of the following is not considered a HIPAA Entity Designation:
1. Affiliated covered entity
2. Entity that performs healthcare and non-healthcare component
activities including both covered and non-covered functions
3. A group health plan
4. Contract arrangement with FEDEX carrier
4. Contract arrangement with FEDEX carrier
What is Gramm-Leach-Bliley Act (GLBA)?
Gramm-Leach-Bliley Act (GLBA), also known as the Financial
Services Modernization Act of 1999, includes The Financial Privacy
Rule and The Safeguards Rule requires all financial institutions to
protect customer's personal financial information.
,What is an OHCA?
OHCA (Organized Health Care Arrangement) it's a clinically
integrated care setting where individuals receive health care from
more than one provider. These are joint arrangements/activities
and have an Integrated Delivery System for easy exchange of PHI
data. See 45 CFR 160.103. OHCAs can also utilize a joint NPP. See 45
CFR § 164.520(d).
ACE (Affiliated Covered Entity) do not have an Integrated
Delivery System because these are legally separate covered
entities that are associated in business, or affiliated as a result of
some common control or ownership.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations purposes
(TPO).
,What's an ACE?
ACE (Affiliated Covered Entity)
Legally separate covered entities that share common
control/ownership
and designate themselves as a single CE for the purpose of
complying with the HIPAA Privacy standards.
ACEs do not have an Integrated Delivery System, while OHCA do, and
can share a single NPP. See 45 CFR § 164.520(d)
ACE example: a health system composed on several affiliated
hospitals.
Both the OHCA and the ACE would allow sharing of PHI across
participating entity lines for treatment, payment, operations purposes
(TPO).
, What's a Hybrid Entity?
Entity that conducts both covered functions (or healthcare-functions) and
non-co functions) to elect to be a "hybrid entity."
For instance, a University System that has a research laboratory or
academic med The post-secondary functions (non-healthcare
components) do NOT need to co The research lab/med center
functions (healthcare component) needs to comply use/disclosure of
PHI involved.
https://www.hhs.gov/hipaa/for-professionals/faq/315/when-does-a-
covered-ent
functions/index.html#:~:text=For%20example%2C%20a%20hybrid%20entity,
hybrid
https://privacyruleandresearch.nih.gov/pr_06.asp
The transmission of information between two parties to carry out financial
or administrative activities related to health care is called:
Transaction (healthcare transaction).
Few examples of healthcare transactions:
healthcare claims;
coordination of benefits;
health plan premium payments;
remittance advice (or ETF, electronic fund
transfer); referral certification and
authorization
