Free HIO-201 Exam Dumps

Question 11

The Privacy Rule has broad administrative requirements. Which one of the following requirements is defined under the Privacy Rule?

A. Designate a security officer.
B. Document termination procedures.
C. Use biometrics to authenticate transactions.
D. Deploy tokens and smart cards to all medical personnel.
E. Verify that business associates treat patient information respectfully.

Correct Answer:E

Question 12

A doctor sends patient records to another company for data entry services. A bonded delivery service is used for the transfer. The records are returned to the doctor after entry is complete, using the same delivery service. The entry facility and the network they use are secure. The doctor is named as his own Privacy Officer in written policies. The doctor has written procedures for this process and all involved parties are documented as having been trained in them. The doctor does not have written authorizations to disclose Protected Health Information (PHI). Is the doctor in violation of the Privacy Rule?

A. No - This would be considered an allowed "routine disclosure" between the doctor and his business partner
B. Yes - There is no exception to the requirement for an authorization prior to disclosure, no matter how well intentioned or documented.
C. Yes - a delivery service is not considered a covered entity
D. Yes - to be a ??routine disclosure?? all the parties must have their own Privacy Officer as mandated by HIPAA
E. Yes - this is not considered a part of "treatment", which is one of the valid exceptions to the Privacy Rule

Correct Answer:A

Question 13

A key date in the transaction rule timeline is:

A. October 16, 2003 - small health plans to begin testing without ASCA extension
B. October 16, 2004 - full compliance deadline for small health plans
C. April 16, 2004 - small health plans to begin testing with ASCA extension
D. April 16, 2003 - deadline to begin testing with ASCA extension
E. April 14, 2003; deadline to begin testing with the ASCA extension.

Correct Answer:D

Question 14

Maintenance personnel that normally have no access to PHI are called in to investigate water that is leaking from the ceiling of the room where a large amount of PHI is stored. The room is normally secured but the file cabinets have no doors or locks. Situations this are addressed by which Workforce Security implementation specification?

A. Risk Management
B. Written Contract or Other Arrangement
C. Accountability
D. Authorization and/or Supervision
E. Integrity Controls

Correct Answer:D

Question 15

One implementation specification of the Security Management Process is:

A. Risk Analysis
B. Authorization and/or Supervision
C. Termination Procedures
D. Contingency Operations
E. Encryption and Decryption

Correct Answer:A