RHIA Domain 2 Exam with 100%
Correct Answers
Legal Health Record - correct Answer-Formal business record to be utilized during legal
procedings
If privacy issues emerge... - correct Answer-Determine source of problem and issue
HIPAA training
If patient is unable to sign... - correct Answer-Implied Consent
Psychiatric patients may view records if physician determines... - correct Answer-Seeing
record is not harmful to their condition or treatment
Facility Directory - correct Answer-General Condition
Acknowledgement of admission
HIPAA's Expert Determination and Safe Harbor - correct Answer-Deidentification
Log-in with standard ID and password - correct Answer-Access Control Standard
Legal Hold - correct Answer-Special tracking of patient records involved in litigation to
ensure no changes are made
Security Risk Analysis First Consideration - correct Answer-Consider entity's
characteristics and environment
Audit Trail - correct Answer-Reconstructing electronic events
Entity Authentication - correct Answer-Reads pre-determined criteria to ensure a user is
who they claim to be
Password systems
Inherent Weakness of a Safeguard - correct Answer-Vulnerability
Informed Consent - correct Answer-Risks and benefits of procedure
Alternatives
Description of procedure
Done by phyisician
, Ensuring employees understand security measures - correct Answer-Workforce
Security Awareness Training
Provides entities with structural framework to build a HIPAA security plan - correct
Answer-Security Risk Analysis
Pre-Employment Physicals - correct Answer-Not protected by HIPAA bc part of
personnel record
HIPAA identifier that has not been implemented - correct Answer-Individual
Preventing theft of PHI - correct Answer-Facility Access Controls
Improved security of EHR - correct Answer-Access Controls
Audit Trails
Authentication Systems
Designated Record Set - correct Answer-Includes records from other hospitals that
were involved in episode of care decisions
HIPAA Record Retention - correct Answer-6 years
Rendering PHI unreadable and unusable to unauthorized individuals - correct Answer-
Encryption and Destruction
Goal of HIPAA Administrative Simplification - correct Answer-Standardizing electronic
transmission of health data
Technology policies, protocols, and access controls - correct Answer-Technical
Safeguards
Patient Accounting of Disclosures - correct Answer-Must include disclosure requires
patient authorization
HIPAA Training - correct Answer-Privacy and security training should not be seperated
Darling vs. Charleston Community Memorial Hospital - correct Answer-Hospital is
responsible for the quality of care given by its physicians
Not a Business Associate Under HITECH - correct Answer-Housekeeping
Fundraising solicitations may not - correct Answer-Target a specific group or diagnosis
Most Constant Threat to Health Information Integrity - correct Answer-Humans
Correct Answers
Legal Health Record - correct Answer-Formal business record to be utilized during legal
procedings
If privacy issues emerge... - correct Answer-Determine source of problem and issue
HIPAA training
If patient is unable to sign... - correct Answer-Implied Consent
Psychiatric patients may view records if physician determines... - correct Answer-Seeing
record is not harmful to their condition or treatment
Facility Directory - correct Answer-General Condition
Acknowledgement of admission
HIPAA's Expert Determination and Safe Harbor - correct Answer-Deidentification
Log-in with standard ID and password - correct Answer-Access Control Standard
Legal Hold - correct Answer-Special tracking of patient records involved in litigation to
ensure no changes are made
Security Risk Analysis First Consideration - correct Answer-Consider entity's
characteristics and environment
Audit Trail - correct Answer-Reconstructing electronic events
Entity Authentication - correct Answer-Reads pre-determined criteria to ensure a user is
who they claim to be
Password systems
Inherent Weakness of a Safeguard - correct Answer-Vulnerability
Informed Consent - correct Answer-Risks and benefits of procedure
Alternatives
Description of procedure
Done by phyisician
, Ensuring employees understand security measures - correct Answer-Workforce
Security Awareness Training
Provides entities with structural framework to build a HIPAA security plan - correct
Answer-Security Risk Analysis
Pre-Employment Physicals - correct Answer-Not protected by HIPAA bc part of
personnel record
HIPAA identifier that has not been implemented - correct Answer-Individual
Preventing theft of PHI - correct Answer-Facility Access Controls
Improved security of EHR - correct Answer-Access Controls
Audit Trails
Authentication Systems
Designated Record Set - correct Answer-Includes records from other hospitals that
were involved in episode of care decisions
HIPAA Record Retention - correct Answer-6 years
Rendering PHI unreadable and unusable to unauthorized individuals - correct Answer-
Encryption and Destruction
Goal of HIPAA Administrative Simplification - correct Answer-Standardizing electronic
transmission of health data
Technology policies, protocols, and access controls - correct Answer-Technical
Safeguards
Patient Accounting of Disclosures - correct Answer-Must include disclosure requires
patient authorization
HIPAA Training - correct Answer-Privacy and security training should not be seperated
Darling vs. Charleston Community Memorial Hospital - correct Answer-Hospital is
responsible for the quality of care given by its physicians
Not a Business Associate Under HITECH - correct Answer-Housekeeping
Fundraising solicitations may not - correct Answer-Target a specific group or diagnosis
Most Constant Threat to Health Information Integrity - correct Answer-Humans
