AAPC CPB FINAL EXAM REAL EXAM 170 QUESTIONS AND
ANSWERS (VERIFIED ANSWERS)|ARGADE
A private practice hires a consultant to come in and audit some medical
records. Under the Privacy Rule, what is this consultant considered?
A. A business associate
B. An employee
C. A covered entity
D. A clearinghouse - ANSWER: A. A business associate
Business associates perform certain functions or activities, which involve the use or
disclosure of individually identifiable health information, on behalf of another person
or organization. These services include claims processing or administration, data
analysis, utilization review, billing, benefit management, and re-pricing. Because the
consultant will be auditing medical records, PHI will need to be shared from the
practice. The practice would be the covered entity
A practice agrees to pay $250,000 to settle a lawsuit alleging that the practice used
X-rays of one patient to justify services on multiple other patients' claims. The
manager of the office brought the civil suit. What type of case is this?
A. HIPAA
B. Qui Tam
C. Anti-Kickback
D. Stark case - ANSWER: B. Qui Tam
A Qui Tam case is also known as a whistleblower case. If an individual knows of a
violation of the FCA, he or she may bring a civil action on behalf of him or herself and
on behalf of the U.S. government (such an individual is called a relator)
A patient is seen in your clinic. Her husband calls later in the day to ask for
information about the visit. The practice pulls the patient's privacy authorization to
see if they can speak to the husband. What act does this action fall under?
A. Health Information Act
B. Social Security Act
C. HIPAA
D. ADA - ANSWER: C. HIPAA
The Privacy Act is under HIPAA and protects the health information of the patient.
According to HIPAA, for the practice to release information to the husband, the
patient would have to have signed an authorization.
Which of the following situations allows the release of PHI without authorization
from the patient?
A. Request for life insurance
B. Request from family member
,C. Physician's office to release to a family member
D. Workers' compensation - ANSWER: D. Workers' compensation
Workers' compensation is listed as one of the exceptions permitted by the Privacy
rule for use and disclosure of information.
Billing for a lower level of care than is supported in documentation, making false
statements to obtain undeserved benefits or payment from a federal healthcare
program, or billing for services that were not performed is defined as what by CMS?
A. an Anti-kickback
B. abuse
C. a Stark violation
D. fraud - ANSWER: D. fraud
All of these actions are considered Fraud by CMS. CMS defines fraud as making false
statements or misrepresenting facts to obtain an undeserved benefit or payment
from a federal healthcare program. CMS defines abuse as an action that results in
unnecessary costs to a federal healthcare program, either directly or indirectly
Medicare overpayments should be returned within what time frame after the
overpayment has been identified?
A. 60 days
B. 1 year
C. 120 days
D. 30 days - ANSWER: A. 60 days
A provider must report and return an overpayment to the Secretary of HHS, the
state, an intermediary, a carrier, or a contractor, as appropriate, by the later of 60
days from the date when the overpayment was "identified" or the date "any
corresponding cost report is due."
What do the government agencies OIG, CMS, and Department of Justice enforce?
A. Qui tam violations
B. Medical malpractice
C. HIPAA violations
D. Federal fraud and abuse laws - ANSWER: D. Federal fraud and abuse laws
The Department of Justice (DOJ), the Department of Health & Human Services Office
of Inspector General (OIG), and the Centers for Medicare and Medicaid are the
government agencies that enforce the federal fraud and abuse laws.
What standard transactions is NOT included in EDI and adopted under HIPAA?
A. Healthcare claim status
B. Waiver of liability
C. Referrals and Authorizations
D. Eligibility in the health plan - ANSWER: B. Waiver of liability
,There are 8 standard transactions for EDI - waiver of liability is not included. The
eight standard transactions for Electronic Data Interchange (EDI) adopted under
HIPAA are: - Claims and encounter information; - Healthcare payment and
remittance advice; - Healthcare claims status; - Eligibility for a health plan; -
Enrollment and disenrollment in a health plan; - Referrals and authorizations; -
Coordination of benefits; and - Health plan premium payments
If a provider is excluded from federal health plans, what does that mean?
I. They may not participate in Medicare, but may participate in Medicaid to help the
needy.
II. They may not participate in Medicare, Medicaid, VA programs or TRICARE.
III. They cannot bill for services, provide services, order services, or prescribe
medication to any beneficiary of a federal plan.
IV. They cannot bill for services or provide services, but may give Medicare patients
referrals to receive services somewhere else
A. II, III
B. I, III
C. II, IV
D. I, III, IV - ANSWER: A. II, III
One of the most severe penalties associated with the Social Security Act is the ability
of the Office of Inspector General (OIG) to exclude an entity or an individual from
participation in any and all federal healthcare programs. This includes Medicare,
Medicaid, VA programs, and TRICARE. An excluded individual cannot bill for services,
provide referrals, prescribe medications or order services for any beneficiary of a
federally administered health plan.
What types of entities do conditions of participation (CoP) apply to for health plans?
I. Hospitals
II. Clinics
III. Transplant centers
IV. Psychiatric hospitals
A. I, II, III
B. I, II, III, IV
C. II, III, IV
D. I, III, IV - ANSWER: B. I, II, III, IV
CMS and other health plans have conditions that healthcare organizations must
meet to participate with the plan or program. CoPs are designed to protect patient
health and safety, and to ensure quality of care. These apply to entities such as:
ambulatory surgical centers, hospitals, hospices, clinics, psychiatric hospitals, long
term care facilities, and transplant centers.
A hospital records transporter is moving medical records from the hospital to an off-
site building. During the transport, a chart falls from the box on to the street. It is
discovered when the transporter arrives at the off-site building and the number of
charts is not correct. What type of violation is this?
, A. A breach
B. Fraud
C. A minimum necessary violation
D. A disclosure violation - ANSWER: A. A breach
A breach occurs when an impermissible release or disclosure of information is
discovered.
A practice allows patients to pay large balances over a six-month time period with a
finance charge applied. The patient receives a statement every month that only
shows the unpaid balance. What does this violate?
A. The Truth in Lending Act
B. HIPAA
C. Federal Fraud Statute
D. The Fair Debt Collection Act - ANSWER: A. The Truth in Lending Act
If the practice assesses finance charges on statements, the amount of the finance
charge must be disclosed as an annual percentage rate. If the practice sets up
payment plans with patients that extend past four installments, the following
information must be disclosed to the patient (as applicable): · The "cash price" of the
service · The amount of any down payment · The resulting unpaid balance · The total
amount financed · The amount of the finance charge · The annual percentage rate of
the finance charge · The total price to be paid under the credit plan · The schedule of
payments, including number, amount, and due dates of payments · The sum of such
scheduled payments, or total of payments, and · The amount or method of
computing the amount of any late payment charges
A records request is received from a health plan for three dates of service in a chart
months apart. What should the biller do?
A. Copy each date of service individually and send to the health plan
B. Copy each date of service and black out all identifying information in the copies
before sending to the health plan.
C. Copy the entire chart and send it to make sure that the health plan has everything
they need and will not request more records
D. Copy everything from the first date through the third date, even if it is not
included to cover the timeframe the health plan is looking at for the request -
ANSWER: A. Copy each date of service individually and send to the health plan
The minimum necessary standard requires covered entities to take reasonable steps
to limit the disclosure of PHI. Only the dates of service requested should be sent. The
PHI would not need to be redacted
Patient questions and concerns regarding the Privacy Practices in the clinic should be
addressed by what party?
A. The physician
B. The billing staff
C. Any employee
ANSWERS (VERIFIED ANSWERS)|ARGADE
A private practice hires a consultant to come in and audit some medical
records. Under the Privacy Rule, what is this consultant considered?
A. A business associate
B. An employee
C. A covered entity
D. A clearinghouse - ANSWER: A. A business associate
Business associates perform certain functions or activities, which involve the use or
disclosure of individually identifiable health information, on behalf of another person
or organization. These services include claims processing or administration, data
analysis, utilization review, billing, benefit management, and re-pricing. Because the
consultant will be auditing medical records, PHI will need to be shared from the
practice. The practice would be the covered entity
A practice agrees to pay $250,000 to settle a lawsuit alleging that the practice used
X-rays of one patient to justify services on multiple other patients' claims. The
manager of the office brought the civil suit. What type of case is this?
A. HIPAA
B. Qui Tam
C. Anti-Kickback
D. Stark case - ANSWER: B. Qui Tam
A Qui Tam case is also known as a whistleblower case. If an individual knows of a
violation of the FCA, he or she may bring a civil action on behalf of him or herself and
on behalf of the U.S. government (such an individual is called a relator)
A patient is seen in your clinic. Her husband calls later in the day to ask for
information about the visit. The practice pulls the patient's privacy authorization to
see if they can speak to the husband. What act does this action fall under?
A. Health Information Act
B. Social Security Act
C. HIPAA
D. ADA - ANSWER: C. HIPAA
The Privacy Act is under HIPAA and protects the health information of the patient.
According to HIPAA, for the practice to release information to the husband, the
patient would have to have signed an authorization.
Which of the following situations allows the release of PHI without authorization
from the patient?
A. Request for life insurance
B. Request from family member
,C. Physician's office to release to a family member
D. Workers' compensation - ANSWER: D. Workers' compensation
Workers' compensation is listed as one of the exceptions permitted by the Privacy
rule for use and disclosure of information.
Billing for a lower level of care than is supported in documentation, making false
statements to obtain undeserved benefits or payment from a federal healthcare
program, or billing for services that were not performed is defined as what by CMS?
A. an Anti-kickback
B. abuse
C. a Stark violation
D. fraud - ANSWER: D. fraud
All of these actions are considered Fraud by CMS. CMS defines fraud as making false
statements or misrepresenting facts to obtain an undeserved benefit or payment
from a federal healthcare program. CMS defines abuse as an action that results in
unnecessary costs to a federal healthcare program, either directly or indirectly
Medicare overpayments should be returned within what time frame after the
overpayment has been identified?
A. 60 days
B. 1 year
C. 120 days
D. 30 days - ANSWER: A. 60 days
A provider must report and return an overpayment to the Secretary of HHS, the
state, an intermediary, a carrier, or a contractor, as appropriate, by the later of 60
days from the date when the overpayment was "identified" or the date "any
corresponding cost report is due."
What do the government agencies OIG, CMS, and Department of Justice enforce?
A. Qui tam violations
B. Medical malpractice
C. HIPAA violations
D. Federal fraud and abuse laws - ANSWER: D. Federal fraud and abuse laws
The Department of Justice (DOJ), the Department of Health & Human Services Office
of Inspector General (OIG), and the Centers for Medicare and Medicaid are the
government agencies that enforce the federal fraud and abuse laws.
What standard transactions is NOT included in EDI and adopted under HIPAA?
A. Healthcare claim status
B. Waiver of liability
C. Referrals and Authorizations
D. Eligibility in the health plan - ANSWER: B. Waiver of liability
,There are 8 standard transactions for EDI - waiver of liability is not included. The
eight standard transactions for Electronic Data Interchange (EDI) adopted under
HIPAA are: - Claims and encounter information; - Healthcare payment and
remittance advice; - Healthcare claims status; - Eligibility for a health plan; -
Enrollment and disenrollment in a health plan; - Referrals and authorizations; -
Coordination of benefits; and - Health plan premium payments
If a provider is excluded from federal health plans, what does that mean?
I. They may not participate in Medicare, but may participate in Medicaid to help the
needy.
II. They may not participate in Medicare, Medicaid, VA programs or TRICARE.
III. They cannot bill for services, provide services, order services, or prescribe
medication to any beneficiary of a federal plan.
IV. They cannot bill for services or provide services, but may give Medicare patients
referrals to receive services somewhere else
A. II, III
B. I, III
C. II, IV
D. I, III, IV - ANSWER: A. II, III
One of the most severe penalties associated with the Social Security Act is the ability
of the Office of Inspector General (OIG) to exclude an entity or an individual from
participation in any and all federal healthcare programs. This includes Medicare,
Medicaid, VA programs, and TRICARE. An excluded individual cannot bill for services,
provide referrals, prescribe medications or order services for any beneficiary of a
federally administered health plan.
What types of entities do conditions of participation (CoP) apply to for health plans?
I. Hospitals
II. Clinics
III. Transplant centers
IV. Psychiatric hospitals
A. I, II, III
B. I, II, III, IV
C. II, III, IV
D. I, III, IV - ANSWER: B. I, II, III, IV
CMS and other health plans have conditions that healthcare organizations must
meet to participate with the plan or program. CoPs are designed to protect patient
health and safety, and to ensure quality of care. These apply to entities such as:
ambulatory surgical centers, hospitals, hospices, clinics, psychiatric hospitals, long
term care facilities, and transplant centers.
A hospital records transporter is moving medical records from the hospital to an off-
site building. During the transport, a chart falls from the box on to the street. It is
discovered when the transporter arrives at the off-site building and the number of
charts is not correct. What type of violation is this?
, A. A breach
B. Fraud
C. A minimum necessary violation
D. A disclosure violation - ANSWER: A. A breach
A breach occurs when an impermissible release or disclosure of information is
discovered.
A practice allows patients to pay large balances over a six-month time period with a
finance charge applied. The patient receives a statement every month that only
shows the unpaid balance. What does this violate?
A. The Truth in Lending Act
B. HIPAA
C. Federal Fraud Statute
D. The Fair Debt Collection Act - ANSWER: A. The Truth in Lending Act
If the practice assesses finance charges on statements, the amount of the finance
charge must be disclosed as an annual percentage rate. If the practice sets up
payment plans with patients that extend past four installments, the following
information must be disclosed to the patient (as applicable): · The "cash price" of the
service · The amount of any down payment · The resulting unpaid balance · The total
amount financed · The amount of the finance charge · The annual percentage rate of
the finance charge · The total price to be paid under the credit plan · The schedule of
payments, including number, amount, and due dates of payments · The sum of such
scheduled payments, or total of payments, and · The amount or method of
computing the amount of any late payment charges
A records request is received from a health plan for three dates of service in a chart
months apart. What should the biller do?
A. Copy each date of service individually and send to the health plan
B. Copy each date of service and black out all identifying information in the copies
before sending to the health plan.
C. Copy the entire chart and send it to make sure that the health plan has everything
they need and will not request more records
D. Copy everything from the first date through the third date, even if it is not
included to cover the timeframe the health plan is looking at for the request -
ANSWER: A. Copy each date of service individually and send to the health plan
The minimum necessary standard requires covered entities to take reasonable steps
to limit the disclosure of PHI. Only the dates of service requested should be sent. The
PHI would not need to be redacted
Patient questions and concerns regarding the Privacy Practices in the clinic should be
addressed by what party?
A. The physician
B. The billing staff
C. Any employee
