HIPAA Lesson 2

Question 1

CE is an acronym for?

Answer 1

Covered Entity

Question 2

Name the three types of CE.

Answer 2

1. Healthcare Providers
2. Health Plans
3. Healthcare Clearinghouses

Question 3

A _________ is any person or organization that diagnoses or treats a patient.

Answer 3

Healthcare Provider

Question 4

A ________ is the covered entity that pays the cost of medical care.

Answer 4

Health Plan

Question 5

A company that owns, administers, and maintains a health plan for fewer than _____ employees isn’t a CE.

Answer 5

50

Question 6

An entity that translates nonstandard information into a standard format.

Answer 6

Healthcare Clearinghouses

Question 7

List two other names used for clearinghouses.

Answer 7

1. Value-added Networks

2. Switches - Works like a bus station.

Question 8

What questions should be asked to figure out if an organization is a CE?

Answer 8

1. Does the person, business, or agency furnish, bill for, or receive payment for healthcare in the normal course of business? If Yes, then go to the next question.
2. Is it possible to transmit the information electronically? If Yes, go to the next question.
3. Then the organization is a CE.

Question 9

Name the six agreements and relationships available for healthcare entities.

Answer 9

1. Affiliated Covered Entity (ACE)
2. Business Associate Contract/Agreement (BAA)
3. Chain of Trust Agreement
4. Data Use Agreement
5. Organized Healthcare Arrangement (OHCA)
6. Trading Partner Agreement

Question 10

What two forms of organization relationships does the Administrative Simplification allow to help reduce costs to organizations.

Answer 10

1. ACE

2. OHCA

Question 11

Legally separate entities that are under common ownership or control may designate themselves an __________.

Answer 11

Affiliated Covered Entity (ACE)

Question 12

An ACE has two responsibilities.

Answer 12

1. It must state that it will operate as an ACE.

2. It must comply with all HIPAA rqmts when it creates, receive, maintains, or transmits PHI.

Question 13

Affiliated entities may have ___________in charge of HIPAA compliance.

Answer 13

One person or team

Question 14

Multiple healthcare providers (like a hospital and a group of physicians) that typically provide healthcare to a common set of patients may designate themselves as a ____________.

Answer 14

Organized Healthcare Arrangement (OHCA)

Question 15

In an OHCA, there’s a relationship between legally _______ organizations.

Answer 15

Separate

Question 16

The difference between an OHCA and an ACE is that OHCA doesn’t have _________ owership.

Answer 16

Common

Question 17

OHCA’s can disclose PHI among themselves as needed, and allows _________ of compliance activities.

Answer 17

Centralization and Sharing

Question 18

Members of OHCA must _________ develop privacy policies, procedures, and practices.

Answer 18

Jointly

Question 19

For a CE to be a ________ entity, one part of the organization must provide healthcare, pay for healthcare, or act as a healthcare clearinghouse, while the rest of the organization must not provide any of these services.

Answer 19

Hybrid

Question 20

_______ are people or entities who aren’t employees of a CE, and perform certain activities on the CE’s behalf that use PHI.

Answer 20

Business Associates (BA)

Question 21

One CE can be a ____________ of another CE.

Answer 21

BA

Question 22

BA’s can use ____________ only to help providers and health plans carry out their healthcare functions.

Answer 22

PHI

Question 23

Disclosures to BA’s must be the ____________ to perform the services required.

Answer 23

Minimum Necessary

Question 24

List eight types of services that BA’s perform.

Answer 24

1. Legal
2. Actuarial
3. Accounting
4. Consulting
5. Data Aggregation
6. Management
7. Administrative
8. Accreditation

Question 25

Entities that pass along or transport PHI, but usually don't have access to it. They don't require PHI to perform their work.

Answer 25

Conduits

Question 26

Give examples of conduits.

Answer 26

USPS, FedEx, UPS, Internet Service Providers, AT&T, Comcast

Question 27

_________ are firms that process consumer-related financial transactions and not a BA.

Answer 27

Financial Institutions

Question 28

What are the clues that you could be a BA?

Answer 28

1. You perform services on behalf of a CE (health plan, health provider, healthcare clearinghouse. 2. You are not a member of the CE's workforce. 3. The services you proved involve the use of IIHI (PHI). 4. You aren't a bank. 5. You aren't a conduit, such as UPS/Internet Provider.

Question 29

___________ perform clinical, medical, and health services and exchange electronic transactions with each other rather than going through a clearinghouse.

Answer 29

Trading Partners

Question 30

An organization that performs financial transactions (billing, claims processing, or audits) for a covered entity.

Answer 30

BA

Question 31

USPS is considered what type of organization.

Answer 31

Conduit

Question 32

A provider, health plan, or clearinghouse

Answer 32

Covered Entity

Question 33

A financial institution that performs collection activities for a covered entity.

Answer 33

Possible BA

Question 34

A hospital billing company that sends claims directly to a health plan.

Answer 34

Trading Partner

Question 35

An organization made up of legally separate entities that are under common ownership or control.

Answer 35

ACE

Question 36

A clinical integrated care setting in which individuals typically receive care from more than one

Answer 36

OHCA

Question 37

A business that conducts covered and non-covered activities.

Answer 37

Hybrid

Question 38

Name the three Government HIPAA organizations

Answer 38

1. HHS 2. CMS 3. OCR

Question 39

HHS named six organizations to maintain the Administrative Simplification standards. They develop, maintain, and modify HIPAA transactions, code sets, and EDI standards.

Answer 39

Designated Standard Maintenance Organizations (DSMOs)

Question 40

List the six DSMOs.

Answer 40

1. The American National Standards Institute's Accredited Standards Committee X12 2. Health Level Seven (HL7) 3. National Council for Prescription Drug Programs 4. Dental Content Committee of the American Dental Association 5. National Uniform Billing Committee 6. National Uniform Claim Committee

Question 41

This committee developed the transaction standards for EDI.

Answer 41

Accredited Standards Committee X12 (ASC)

Question 42

Allows organizations to standardize systems and improve communication between systems. It cannot transmit images, graphics, or the special reports that sometimes accompany insurance claims.

Answer 42

Health Level Seven (HL7)

Question 43

The ________ develops standards for prescription drug program. It works with pharmacy chains like CVS and Walgreens, pharmaceutical manufacturers, wholesale drug distributors, and pharmacy insurance plans.

Answer 43

National Council for Prescription Drug Programs (NCPDP)

Question 44

This association sets the standards required for electronic transmission of transactions for dental treatment and diagnosing.

Answer 44

Dental Content Committee of the American Dental Association

Question 45

This association sets the standards required for electronic transmission of transactions for billing transactions.

Answer 45

National Uniform Billing Committee

Question 46

This association sets the standards required for electronic transmission of insurance claim transactions.

Answer 46

National Uniform Claims Committee

Question 47

________ specializes in managing and distributing EDI information and produces documentation for organizations that develop, maintain, and implement EDI standards.

Answer 47

Washington Publishing Company

Question 48

Congress established this committee to advise HHS on health data, statistics, and national health information policy.

Answer 48

National Committee on Vital and Health Statistics

Question 49

______ is an advisory group to HHS. Its original mission was to address administrative costs in the nation's healthcare system. It streamlines healthcare administration by standardizing electronic communication. It's members solve some of the issues that prevent organizations from easily exchanging information. In addition, it publishes educational papers that help organizations understand how to comply with HIPAA.

Answer 49

Workgroup for Electronic Data Interchange (WEDI)

Question 50

Can my organization be both a hybrid covered entity (HCE) and an affiliated covered entity (ACE)?

Answer 50

Yes. In fact, a hybrid covered entity can also be an organized healthcare arrangement (OHCA). Essentially, an HCE performs covered and non-covered HIPAA functions in the same building. The part of the HCE that performs HIPAA-covered functions (and therefore must comply with HIPAA) can be a simple covered entity, an ACE, or an OHCA.

Question 51

In order for an organization to be a covered entity, it must send healthcare data electronically. What if a provider doesn't perform transactions like charting and insurance billing electronically?

Answer 51

Before 2003, healthcare providers used paper charts, and they printed and mailed paper copies of insurance claims. Many of these providers considered themselves exempt from HIPAA.

Question 52

Which type of covered entity receives data, standardizes that data, and sends it on to other organizations, such as health plans and government agencies?

Answer 52

Clearinghouse

Question 53

What's the name of the group of six organizations that the federal Department of Health and Human Services put in charge of developing HIPAA standards?

Answer 53

Designated Standard Maintenance Organizations (DSMO).

Question 54

What's the correct name for an organization that treats and diagnoses patients, submits electronic bills for healthcare services, and receives payment?

Answer 54

Covered entity (CE).

Question 55

What is the Accredited Standards Committee X12's role in HIPAA

Answer 55

That group developed the transaction standards that organizations use for electronic data interchange.

Question 56

What's the correct name for an organization that handles protected health information and performs services on behalf of a health plan, provider, or clearinghouse, but isn't a member of that entity's workforce?

Answer 56

Business associate (BA)

Question 57

CMS

Answer 57

Centers for Medicare and Medicaid Services

Question 58

OCR

Answer 58

Office for Civil Rights

Question 59

ANSI

Answer 59

American National Standards Institute, 5010 Transaction standard

Question 60

WPC

Answer 60

Washington Publishing Company

Question 61

ACE

Answer 61

Affiliated Covered Entity

Question 62

OHCA

Answer 62

Organized Healthcare Arrangement

Question 63

BAC

Answer 63

Business Associate Contract

Question 64

HHS

Answer 64

Department of Health and Human Services

Question 65

DSMO

Answer 65

Designated Standard Maintenance Organizations

Question 66

ASC

Answer 66

American Standards Committee

Question 67

HL7

Answer 67

Health Level 7

Question 68

NCPDP

Answer 68

National Council for Prescription Drug Programs

Question 69

EDI

Answer 69

Electronic Data Interchange

Question 70

WEDI

Answer 70

Workgroup for Electronic Data Interchange

Question 71

HCE

Answer 71

Hybrid Covered Entity

Question 72

TCS

Answer 72

Transactions and Code Sets

Question 73

NCVHS

Answer 73

National Committee on Vital and Health Statistics