Privacy Act of 1974 correct answer: requires federal agencies holding personal identifiable records to safeguard that information and provide individuals
... [Show More] with certain privacy rights.
HIPAA Privacy Rule correct answer: Effective April 2003
Administrative Rule correct answer: Is administrative law, provides greater detail from the statute in which it was created.
HIPAA Security Rule correct answer: Effective April 2005
ARRA (American Recovery and Reinvestment Act) correct answer: Changes to HIPAA are in HITECH, compliance date was Feb 17th 2010, one year after the law was signed.
Preemption correct answer: Legal doctrine- preempt the stricter law on State vs. Federal
CAPTA correct answer: Child Abuse Prevention and Treatment Act. 1996 If a medical professional suspects abuse or neglect they are mandated to report.
AOA correct answer: American Osteopathic Association - Since 1945
HFAP correct answer: Healthcare Facilities Accreditation Program- regulate compliance with the CoP for CMS
AAAHC correct answer: Accreditation Association for Ambulatory Health Care formed in 1979
CARF correct answer: Commission of Accreditation of Rehab Facilities
NCQA correct answer: National Committee for Quality Assurance
Administrative Simplification correct answer: HIPAA's effort to standardize the healthcare industry's nonuniform and inefficient business practices (exp, BILLING) many that involve electronic data transmission (Transactions, identifiers, security, privacy and enforcement)
Affiliated Covered Entity correct answer: legally separate covered entities affiliated by common ownership or control
BA/BAA and Covered Entity correct answer: CE- Healthcare provider, plan or clearinghouse 45 CFR 160.103
BA- person or organization, not part of the CE that performs task and function on behalf of or affecting the CE that involves the use and disclosure of PHI
BAA- under HIPAA HITECH this is mandatory and under the Ominous RULE they are responsible Elements of Contract/Agreement on Page 28 Introduction to Health Information Privacy and Security.
Data Use Agreement correct answer: document that sets the parameters for permitted uses and disclosures by the recipient of the limited data set.
Deidentified Information correct answer: Removal of the 18 Identifiers. OR use an expert to apply general accepted statistical and scientific principals and methods to determine the risk of the information might be used to identify an individual is minimal
DRS- Designated Record Set correct answer: consists of records maintained by or for a covered entity including medical records, billing records, and enrollment, payment, claims adjudication, and case or medical management records. Documents not used is the DRS found on page 34 of the Introduction to Health Information Privacy and Security.
Disclosure correct answer: is the dissemination of PHI from a CE or BA
Healthcare Clearinghouse correct answer: a public or private entity that either processes or facilitates the processing of health information received from one entity in a non standard format or containing non standard data.
Hybrid Entity correct answer: performs both covered and non-covered functions under HIPAA. Such as a university with a student health center.
In Loco Parentis correct answer: In Place o [Show Less]