EMR Chapter 7 Assessment

Which of the following is not included in a Notice of Privacy Practices?

the name of the individual to whom a record was released

HIPAA defines a patient's name, social security number, employer, or medical record/account numbers that tie information to a particular person as

protected health information.

The law that strengthened HIPAA privacy and security regulations was

Health Information Technology for Economic and Clinical Health Act (HITECH).

Keeping health information to oneself is known as protecting

confidentiality.

Emails or faxes that are sent and arrive at the wrong location constitute a privacy

breach

Which of the following passwords would be considered most secure?

Record**58

CPT, which is used to code procedures in an office, is an example of a/an _________blank.

code set

Nancy Jackson is the office manager of a medical practice. Each month she reviews a report that shows which staff members viewed, edited, or deleted data on a random selection of patient's records, and whether or not the access or the actions taken were justified. Nancy is performing which function?

auditing

Which of the following is an independent, nonprofit organization with the mission "To lead healthcare transformation through the effective use of health information technology"?

Healthcare Information and Management Systems Society

Each person who has the ability to access a computer software system, for instance, EHRclinic, is set up within the software and assigned a/an _________blank, which is typically based on the person’s name.

user ID

James Philips has asked that certain personnel within the office be prohibited from seeing his health information. How will this record be flagged in EHRclinic?

restricted access

When correcting written documentation in a paper record, it is necessary to

cross out the incorrect information with one line, enter the correct information, and date and initial the correction.

How is a correction made to an electronic health record?

The incorrect entry is corrected and the original entry is hidden from view but is still retrievable.

Lisa Haver is a patient of Dr. Randolph's. You have just opened today's mail and opened a letter from Ms. Haver's attorney because she is involved in a lawsuit regarding an auto accident. What will you do?

look for a signed authorization in the envelope that authorizes the office to release Lisa Haver's records to the attorney

An employee at Memorial Medical Practice released the diagnosis of a patient to the patient's spouse without an authorization. This is known as a/an _________

breach of confidentiality

You are the office manager of Summit Bay Health Center. You have received a letter from one of your patients, Ida Jenkins, asking to know the names of all employees and care providers who have accessed her EHR within the last year, since she believes someone has been spreading information about her in the community. You will provide Ms. Jenkins with this information, which is known as

accounting of information disclosures.

Some states have a Health Information _________blank, funded through the ONC, which allows the sharing of health information for continuity of care purposes.

Exchange

A staff member who monitors existing and new regulations and is the "go-to" person should an incident occur is known as the _________

compliance officer

In order for the healthcare facility to know what to do in case of a situation that interrupts access to the EHR, a written _________blank should be in place.

disaster recovery plan

Which of the following may result in the need to deploy the disaster recovery plan?

A computer hacker has gained access to the database and corrupt files have been found.