HCISPP Online Practice Questions and Answers

During the risk assessment phase of the project the CISO discovered that a college within the University is collecting Protected Health Information (PHI) data via an application that was developed in-house. The college collecting this data is

fully aware of the regulations for Health Insurance Portability and Accountability Act (HIPAA) and is fully compliant.

What is the best approach for the CISO?

A. Document the system as high risk

B. Perform a vulnerability assessment

C. Perform a quantitative threat assessment

D. Notate the information and move on

Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?

A. poor governance over security processes and procedures

B. immature security controls and procedures

C. variances against regulatory requirements

D. unanticipated increases in security incidents and threats

An international medical organization with headquarters in the United States (US) and branches in France wants to test a drug in both countries. What is the organization allowed to do with the test subject's data?

A. Aggregate it into one database in the US

B. Process it in the US, but store the information in France

C. Share it with a third party

D. Anonymize it and process it in the US

The inception of _____ was used as a trial balloon for the idea of government-sponsored universal health insurance.

A. workers' compensation

B. trade unions

C. public health

D. health care for the veterans

What does the federal Ryan White CARE Act fund?

A. Care for underserved rural and urban populations

B. Skin cancer screening programs

C. School-based health services in predominantly minority neighborhoods

D. Development of treatment and care options for persons with HIV and AIDS

The intent of patient cost sharing at the point of receiving health care services is to.

A. Discourage the overuse of services among patients.

B. Discourage physicians from overcharging patients.

C. Encourage patients to utilize more health care services.

D. Encourage physicians to provide more effective health care services.

Which of the following is a true statement about both the amount and quality of medical services available:

A. an increase in medical services also increases the quality of care because it provides greater access to care

B. minimal medical services is needed for increasing quality of care because it reduces misdiagnoses

C. medical services can be overused or underused which can both be detrimental to the quality of care

D. the quantity and quality of care are not related

Sammy applied for and received her National Provider Identifier online. What may she now do?

A. Have guaranteed payment by a health plan

B. Receive credentialing or licensing as a therapist provider

C. Be guaranteed enrollment as a provider in a health plan

D. Be identified as a unique health care provider during HIPAA transactions

What grants a "deemed status", has conditions of participation and makes sure hospitals meet certain requirements to get reimburse for medicare/medicaid?

A. HIPPA

B. JCAH

C. Food and Drug Act

If a person has the ability to access facility of company systems or applications, they have a right to view any information contained in that system or application.

A. True

B. False