CERTIFIED HEALTHCARE CONSTRUCTOR (CHC)
2024 PRACTICE EXAM QUESTIONS AND CORRECT
DETAILED ANSWERS (VERIFIED ANSWERS)
|ALREADY GRADED A+
A compliance professional has been working with a department director to implement a new
policy regarding timely completion of medical records. Which of the following should be
completed by the department manager to promote compliance with the new policy?
a. Statistically valid sampling audit
b. Monitoring
c. Discovery Audit
d. Retrospective Audit - CORRECT ANSWER>>b. Monitoring
For monitoring activities, OIG uses the term regularly to describe the frequency of review.
Which factors should an organization consider when establishing a frequency schedule for
monitoring:
a. Timing of staff job performance evaluations, how often compliance training is provided,
whenever computer upgrades occur, and how many new employees were hired in the target
department.
b. Size of organization, frequency of the activity being monitored, past incidences of
misconduct, and current/future investigations.
c. Whether organization used internal or external counsel, timing of the annual financial audit,
and number of hotline calls received. - CORRECT ANSWER>>b. Size of organization, frequency
of the activity being monitored, past incidences of misconduct, and current/future
investigations.
Ref. Healthcare Compliance Professional's Manual
What is an important first step in creating a compliance team or improving the effectiveness of
an existing one?
a) Making sure senior management has the time and other resources necessary to promote and
carry out compliance improvements
b) Give the CCO the authority to reconcile, standardize, and modify policies where appropriate.
c) Place the organization's CCO on the senior management team
d) None of the above - CORRECT ANSWER>>c) Place the organization's CCO on the senior
management team.
,Explanation: This comes straight form Chapter 1 of the Auditing and Monitoring book 2nd ed.
Without being placed on the senior management team, the CCO is unable to effectively carry
out the duties and responsibilities of the office.
An employee has violated the non-retaliation policy, he has spread rumors about employee who
reported him. The compliance professional's first action is to:
a. Create formal hearing for the violator
b. Pursue legal consequence against violator before pursuing work consequences
c. Recommend disciplinary actions against the violator of the non-retaliation policy
d. Dismiss both employees from work - CORRECT ANSWER>>c. Recommend disciplinary actions
against the violator of the non-retaliation policy
There is no established template for documenting compliance risks. Each organization should
develop a Risk Assessment that fits its risk profile. The components that are commonly used
throughout the industry are as follows EXCEPT:
a. Risk Assessment
b. Measuring key risk indicators
c. Identifying key performance indicators
d. Training the leadership of compliance regulation program - CORRECT ANSWER>>d. Training
the leadership of compliance regulation program
Ref. ABA CRCM (certified regulatory compliance manager)
After a compliance officer develops a base of knowledge, he/she must begin the art of applying
regulations in a risk management environment. Which of the following is NOT out of a few
things to be kept in mind when determining what to do FIRST?
a. think practically about your role as an advisor, involve all department units in the decision
process rather than making decisions from them
b. calculate the organization's consolidated risk profile
c. make sure you understand the level of risk that the organization will tolerate, so decisions do
not exceed this limit
d. add value by analyzing regulatory requirements for the department units before you present
proposed/final rules or solutions - CORRECT ANSWER>>b. calculate the organization's
consolidated risk profile (determine risk tolerance)
Ref. ABA CRCM (certified regulatory compliance manager)
,To be effective, compliance risk management professionals must design a framework to ensure
that management understands the risks and steps to take to mitigate them. The many roles
compliance professionals fill incorporate risk management aspects including:
a. overseeing compliance training targeting higher risk areas
b. tracking regulatory proposals or final rules to understand new risks
c. both a and b - CORRECT ANSWER>>c. both a and b
Ref. ABA CRCM (certified regulatory compliance manager)
After an investigation, it was discovered that the organization's reputation is at stake. What
should a Compliance Professional do next?
A. Report the findings to the board
B. Contact legal counsel
C. Advise the CEO and recommend next steps
D. Self-disclose to the OIG - CORRECT ANSWER>>B. Contact legal counsel
The compliance officer has completed the non-retaliation policy and it's been officially
implemented. The next steps should be:
a. Investigate all reports of violations
b. Post the information publicly in the internet
c. Make the information available to hospital employees
d. Revise it annually - CORRECT ANSWER>>c. Make the information available to hospital
employees
If during the course of an internal investigation, the compliance officer believes the integrity of
the investigation might be compromised by the continued presence of work force members
who are the subject of the investigation. In the best interest of the attorney-client privilege,
which action would you take?
a. Conduct employee background checks
b. Counsel obtains employee's depositions
c. Destroy documents and other evidence
d. Re-assign employees to other responsibilities until the investigation is completed
e. All of the above - CORRECT ANSWER>>d. Re-assign employees to other responsibilities until
the investigation is completed.
Explanation: he/she should recommend that such individuals be temporarily removed from
their current responsibilities until the investigation is completed.
Ref. Healthcare Compliance Professional's Manual
, The privacy officer for a hospital has updated the Notice of Privacy Practices to reflect a material
change because the previous notice did not have a description that individuals have the right to
amend their Protected Health Information. The third party review team identified that the
notice did not have the required information to let individuals know of their right to amend PHI.
What's the BEST course of action to correct deficiency?
A. Make arrangements to have copies of the new NPP mailed to all patients seen within the last
year at the hospital
B. Make arrangements to have the new notice distributed to new patients that come to the
hospital
C. Post a copy of the new notice on the hospital's internal intranet so that all employees can see
the updated version of the notice
D. Meet with legal to discuss how to best self-disclose to the OCR that the hospital was in
violation of the NPP requirements and has since c - CORRECT ANSWER>>B. Make arrangements
to have the new notice distributed to new patients that come to the hospital
The NPP must describe the following individual rights:
https://www.law.cornell.edu/cfr/text/45/164.520
• The right to request restrictions on uses or disclosures of PHI for treatment, payment or
healthcare operations; for use in a facility directory (if applicable); or to family members and
others involved in the patient's care; however, the provider is not required to agree to the
restriction except in the case of a disclosure to a health insurer if the individual has paid for the
care as required by
§164.522(a)(1)(vi). This is a change necessitated by the Omnibus Rule.
• The right to receive confidential communications by alternative means or at alternative
locations per §164.522(b).
• The right to inspect and copy PHI per § 164.524. The provider may want to include a
statement that the provider may charge a reasonable cost-based fee for copies.
• The right to amend PHI per § 164.526.
• The right to receive an accounting of disclosures of PHI as provided by § 164.528.
• The right to receive a paper copy of the NPP upon request.
• A brief description of how the individual may exercise the foregoing rights, e.g., by submitting
a written request to the provider's privacy officer.
The billing manager was conducting a contemporaneous review and found what could be a
significant error. The billing manager contacts you and you then subsequently contact your in-
house legal counsel. Which of the following statements are False?
2024 PRACTICE EXAM QUESTIONS AND CORRECT
DETAILED ANSWERS (VERIFIED ANSWERS)
|ALREADY GRADED A+
A compliance professional has been working with a department director to implement a new
policy regarding timely completion of medical records. Which of the following should be
completed by the department manager to promote compliance with the new policy?
a. Statistically valid sampling audit
b. Monitoring
c. Discovery Audit
d. Retrospective Audit - CORRECT ANSWER>>b. Monitoring
For monitoring activities, OIG uses the term regularly to describe the frequency of review.
Which factors should an organization consider when establishing a frequency schedule for
monitoring:
a. Timing of staff job performance evaluations, how often compliance training is provided,
whenever computer upgrades occur, and how many new employees were hired in the target
department.
b. Size of organization, frequency of the activity being monitored, past incidences of
misconduct, and current/future investigations.
c. Whether organization used internal or external counsel, timing of the annual financial audit,
and number of hotline calls received. - CORRECT ANSWER>>b. Size of organization, frequency
of the activity being monitored, past incidences of misconduct, and current/future
investigations.
Ref. Healthcare Compliance Professional's Manual
What is an important first step in creating a compliance team or improving the effectiveness of
an existing one?
a) Making sure senior management has the time and other resources necessary to promote and
carry out compliance improvements
b) Give the CCO the authority to reconcile, standardize, and modify policies where appropriate.
c) Place the organization's CCO on the senior management team
d) None of the above - CORRECT ANSWER>>c) Place the organization's CCO on the senior
management team.
,Explanation: This comes straight form Chapter 1 of the Auditing and Monitoring book 2nd ed.
Without being placed on the senior management team, the CCO is unable to effectively carry
out the duties and responsibilities of the office.
An employee has violated the non-retaliation policy, he has spread rumors about employee who
reported him. The compliance professional's first action is to:
a. Create formal hearing for the violator
b. Pursue legal consequence against violator before pursuing work consequences
c. Recommend disciplinary actions against the violator of the non-retaliation policy
d. Dismiss both employees from work - CORRECT ANSWER>>c. Recommend disciplinary actions
against the violator of the non-retaliation policy
There is no established template for documenting compliance risks. Each organization should
develop a Risk Assessment that fits its risk profile. The components that are commonly used
throughout the industry are as follows EXCEPT:
a. Risk Assessment
b. Measuring key risk indicators
c. Identifying key performance indicators
d. Training the leadership of compliance regulation program - CORRECT ANSWER>>d. Training
the leadership of compliance regulation program
Ref. ABA CRCM (certified regulatory compliance manager)
After a compliance officer develops a base of knowledge, he/she must begin the art of applying
regulations in a risk management environment. Which of the following is NOT out of a few
things to be kept in mind when determining what to do FIRST?
a. think practically about your role as an advisor, involve all department units in the decision
process rather than making decisions from them
b. calculate the organization's consolidated risk profile
c. make sure you understand the level of risk that the organization will tolerate, so decisions do
not exceed this limit
d. add value by analyzing regulatory requirements for the department units before you present
proposed/final rules or solutions - CORRECT ANSWER>>b. calculate the organization's
consolidated risk profile (determine risk tolerance)
Ref. ABA CRCM (certified regulatory compliance manager)
,To be effective, compliance risk management professionals must design a framework to ensure
that management understands the risks and steps to take to mitigate them. The many roles
compliance professionals fill incorporate risk management aspects including:
a. overseeing compliance training targeting higher risk areas
b. tracking regulatory proposals or final rules to understand new risks
c. both a and b - CORRECT ANSWER>>c. both a and b
Ref. ABA CRCM (certified regulatory compliance manager)
After an investigation, it was discovered that the organization's reputation is at stake. What
should a Compliance Professional do next?
A. Report the findings to the board
B. Contact legal counsel
C. Advise the CEO and recommend next steps
D. Self-disclose to the OIG - CORRECT ANSWER>>B. Contact legal counsel
The compliance officer has completed the non-retaliation policy and it's been officially
implemented. The next steps should be:
a. Investigate all reports of violations
b. Post the information publicly in the internet
c. Make the information available to hospital employees
d. Revise it annually - CORRECT ANSWER>>c. Make the information available to hospital
employees
If during the course of an internal investigation, the compliance officer believes the integrity of
the investigation might be compromised by the continued presence of work force members
who are the subject of the investigation. In the best interest of the attorney-client privilege,
which action would you take?
a. Conduct employee background checks
b. Counsel obtains employee's depositions
c. Destroy documents and other evidence
d. Re-assign employees to other responsibilities until the investigation is completed
e. All of the above - CORRECT ANSWER>>d. Re-assign employees to other responsibilities until
the investigation is completed.
Explanation: he/she should recommend that such individuals be temporarily removed from
their current responsibilities until the investigation is completed.
Ref. Healthcare Compliance Professional's Manual
, The privacy officer for a hospital has updated the Notice of Privacy Practices to reflect a material
change because the previous notice did not have a description that individuals have the right to
amend their Protected Health Information. The third party review team identified that the
notice did not have the required information to let individuals know of their right to amend PHI.
What's the BEST course of action to correct deficiency?
A. Make arrangements to have copies of the new NPP mailed to all patients seen within the last
year at the hospital
B. Make arrangements to have the new notice distributed to new patients that come to the
hospital
C. Post a copy of the new notice on the hospital's internal intranet so that all employees can see
the updated version of the notice
D. Meet with legal to discuss how to best self-disclose to the OCR that the hospital was in
violation of the NPP requirements and has since c - CORRECT ANSWER>>B. Make arrangements
to have the new notice distributed to new patients that come to the hospital
The NPP must describe the following individual rights:
https://www.law.cornell.edu/cfr/text/45/164.520
• The right to request restrictions on uses or disclosures of PHI for treatment, payment or
healthcare operations; for use in a facility directory (if applicable); or to family members and
others involved in the patient's care; however, the provider is not required to agree to the
restriction except in the case of a disclosure to a health insurer if the individual has paid for the
care as required by
§164.522(a)(1)(vi). This is a change necessitated by the Omnibus Rule.
• The right to receive confidential communications by alternative means or at alternative
locations per §164.522(b).
• The right to inspect and copy PHI per § 164.524. The provider may want to include a
statement that the provider may charge a reasonable cost-based fee for copies.
• The right to amend PHI per § 164.526.
• The right to receive an accounting of disclosures of PHI as provided by § 164.528.
• The right to receive a paper copy of the NPP upon request.
• A brief description of how the individual may exercise the foregoing rights, e.g., by submitting
a written request to the provider's privacy officer.
The billing manager was conducting a contemporaneous review and found what could be a
significant error. The billing manager contacts you and you then subsequently contact your in-
house legal counsel. Which of the following statements are False?
