HCCA CHC New Exam Prep Questions And
Correct Answers
Stark or Physician Self-Referral Law - ANSWER The Omnibus Budget Reconciliation Act
prohibits physicians from referring patients to receive "designated health services" to
any entity with which the physician has a financial relationship. Designated health
services include lab testing, imaging services, physical or occupational therapy, etc.
(civil only, medicare/medicaid only, strict liability)
Anti-Kickback Statute (AKS) - ANSWER Prohibits soliciting, receiving, offering, or
paying any remuneration directly or indirectly in cash or in kind in exchange for
referrals. Essentially prohibits the exchange of anything of value in exchange for or in an
attempt at gaining the referral of business reimbursable by federal health care
programs. (intent, any federal program, civil or criminal)
Physician Payments Sunshine Act (PPSA)-ANSWER Detailed information on payments or
other "transfers of value" by manufacturers of drugs, medical devices and biologics to
physicians and teaching hospitals valued at over $10 are to be made available to the
public. Open payment data).
Deficit Reduction Act- ANSWER A Federal law that allows states to waive their Medicaid
programs. This allows individual states to have the power to update their Medicaid
programs to today's current health care while still maintaining the federal requirements.
False Claims Act - ANSWER Originally adopted byt U.S. Congress to discourage
suppliers from overcharging the government, it is now legislation that prohibits anyone
from knowingly submitting or causing to be submitted a false or fraudulent claim. DOJ.
Qui Tam Action - ANSWER Allows individuals and organizations with knowledge of fraud
against United States programs or contracts to file suit against the perpetrator on
behalf of the United States Government - under private information.
, 7 Elements of an Effective Compliance Program - ANSWER 1. Policies and Procedures
2. Compliance Oversight
3. Effective Lines of Communication
4. Training / Education
5. Internal Monitoring and Auditing
6. Disciplinary policies for standards enforcement
7. Promptly addressing detracted offenses.
HIPAA Privacy Rule - ANSWER A covered entity may not use of disclose protected
health information except for when it is required or permitted.
HIPAA Security Rule - ANSWER Basically, how to safeguard PHI in an electronic format,
(applies only to ePHI). 3 major safeguards: Administrative, Technical and Physical.
Reportable Breach- ANSWER 1. breach of the privacy rule
2. unsecured PHI
3. more than "low probability of compromise"
Breach Notification - ANSWER 1. Written notification to individual
-less than 10 undeliverable, alternative notification method, such as email may be used
-more than 10 undeliverable, post contact information on a web page.
2. Notification to OCR within 60 days of the end of the calendar year
-if 500+ individuals involved, notification to OCR immediately
3. Org. must notify media if 501+ individuals in same jurisdiction/state are involved in
breach.
Patient Rights Under HIPAA - ANSWER o Request for restriction of PHI Use - as long as
it is reasonable i.e. can restrict that information is not given to insurance company,
given that the pt. requests in writing, self-pays, and the info would be typically given to
the insurance company.
Correct Answers
Stark or Physician Self-Referral Law - ANSWER The Omnibus Budget Reconciliation Act
prohibits physicians from referring patients to receive "designated health services" to
any entity with which the physician has a financial relationship. Designated health
services include lab testing, imaging services, physical or occupational therapy, etc.
(civil only, medicare/medicaid only, strict liability)
Anti-Kickback Statute (AKS) - ANSWER Prohibits soliciting, receiving, offering, or
paying any remuneration directly or indirectly in cash or in kind in exchange for
referrals. Essentially prohibits the exchange of anything of value in exchange for or in an
attempt at gaining the referral of business reimbursable by federal health care
programs. (intent, any federal program, civil or criminal)
Physician Payments Sunshine Act (PPSA)-ANSWER Detailed information on payments or
other "transfers of value" by manufacturers of drugs, medical devices and biologics to
physicians and teaching hospitals valued at over $10 are to be made available to the
public. Open payment data).
Deficit Reduction Act- ANSWER A Federal law that allows states to waive their Medicaid
programs. This allows individual states to have the power to update their Medicaid
programs to today's current health care while still maintaining the federal requirements.
False Claims Act - ANSWER Originally adopted byt U.S. Congress to discourage
suppliers from overcharging the government, it is now legislation that prohibits anyone
from knowingly submitting or causing to be submitted a false or fraudulent claim. DOJ.
Qui Tam Action - ANSWER Allows individuals and organizations with knowledge of fraud
against United States programs or contracts to file suit against the perpetrator on
behalf of the United States Government - under private information.
, 7 Elements of an Effective Compliance Program - ANSWER 1. Policies and Procedures
2. Compliance Oversight
3. Effective Lines of Communication
4. Training / Education
5. Internal Monitoring and Auditing
6. Disciplinary policies for standards enforcement
7. Promptly addressing detracted offenses.
HIPAA Privacy Rule - ANSWER A covered entity may not use of disclose protected
health information except for when it is required or permitted.
HIPAA Security Rule - ANSWER Basically, how to safeguard PHI in an electronic format,
(applies only to ePHI). 3 major safeguards: Administrative, Technical and Physical.
Reportable Breach- ANSWER 1. breach of the privacy rule
2. unsecured PHI
3. more than "low probability of compromise"
Breach Notification - ANSWER 1. Written notification to individual
-less than 10 undeliverable, alternative notification method, such as email may be used
-more than 10 undeliverable, post contact information on a web page.
2. Notification to OCR within 60 days of the end of the calendar year
-if 500+ individuals involved, notification to OCR immediately
3. Org. must notify media if 501+ individuals in same jurisdiction/state are involved in
breach.
Patient Rights Under HIPAA - ANSWER o Request for restriction of PHI Use - as long as
it is reasonable i.e. can restrict that information is not given to insurance company,
given that the pt. requests in writing, self-pays, and the info would be typically given to
the insurance company.
