- A health information department is mapping which electronic source systems feed the legal health record after an EHR upgrade. Which document is the appropriate tool for recording each source system and whether its output is part of the legal health record?
- A legal health record matrix
- A do-not-use abbreviation list
- An accounting of disclosures
- A bed occupancy report
Correct answer: A legal health record matrix
The legal health record matrix is the appropriate tool because it lists each document type and source system and states whether each belongs to the legal health record, which is essential after a system change. An accounting of disclosures tracks PHI releases, a do-not-use abbreviation list governs documentation safety, and a bed occupancy report is a statistic.
- A patient brings a flash drive of self-recorded blood pressure readings and asks the clinic to make it the official record. Why would this generally NOT become part of the legal health record?
- Because patient-generated data can never be clinically useful
- Because it was not generated and maintained by the provider organization in the course of treatment
- Because it lacks an ICD-10-CM code
- Because the master patient index forbids it
Correct answer: Because it was not generated and maintained by the provider organization in the course of treatment
The legal health record consists of documentation generated and maintained by the provider organization as its business and legal record of care, so patient-supplied home readings are not automatically part of it. Patient-generated data can be clinically useful, the absence of a code does not determine record status, and the master patient index links identities rather than defining record contents.
- When an organization defines its legal health record, what is the chief reason to specify the output format that will be produced for legal requests rather than the underlying database?
- Raw databases are always part of the designated record set
- The database cannot store dates
- The legal health record is the human-readable rendering of the documentation, not the raw database structure
- Formatting changes the retention period
Correct answer: The legal health record is the human-readable rendering of the documentation, not the raw database structure
The legal health record is defined as the human-readable output that documents care, not the underlying raw database tables, so organizations specify the rendered format produced for legal requests. Databases can store dates, raw tables are not automatically the designated record set, and formatting choices do not change how long records must be kept.
- A facility receives a subpoena for a patient's complete legal health record. Which prior step makes responding defensible and consistent?
- Recalculating the case-mix index
- Raising the copying fee
- Deleting the shadow records first
- Having a predefined legal health record definition that specifies exactly what is produced
Correct answer: Having a predefined legal health record definition that specifies exactly what is produced
A predefined legal health record definition makes the response defensible and consistent because the organization can produce the same identified set of documents every time. Adjusting fees, recalculating case-mix, and the existence of shadow records do not establish what the producible record contains.
- Which of the following items is most clearly a derived or administrative artifact that is typically excluded from the legal health record?
- The system access audit log
- The consultation report
- The anesthesia record
- The pathology report
Correct answer: The system access audit log
A system access audit log is derived administrative data about who viewed the record rather than direct clinical documentation of care, so it is typically excluded from the legal health record though it may be separately discoverable. The consultation report, anesthesia record, and pathology report are all primary clinical documents that belong in the legal health record.
- The master patient index serves as the authoritative source of patient identity. Which of the following is the single most important function it performs?
- Calculating reimbursement for each encounter
- Linking a patient to every medical record number and encounter associated with that individual
- Storing the chargemaster line items
- Determining the discharge disposition code
Correct answer: Linking a patient to every medical record number and encounter associated with that individual
The most important function of the master patient index is linking a patient to all of their medical record numbers and encounters so the longitudinal record can be assembled. It does not calculate reimbursement, store chargemaster items, or assign discharge disposition codes.
- Which combination of data elements is most appropriate as core identifiers in the master patient index?
- Bed occupancy, census, and length of stay
- Principal diagnosis, MS-DRG, and reimbursement amount
- Name, date of birth, gender, and medical record number
- Retention date, destruction method, and legal hold status
Correct answer: Name, date of birth, gender, and medical record number
Name, date of birth, gender, and medical record number are core identifying elements in the master patient index because they distinguish one patient from another and link records. Diagnosis and reimbursement data are encounter-specific, statistics are aggregate measures, and retention attributes belong to records management rather than patient identity.
- An MPI integrity report shows one patient with three separate medical record numbers at a single hospital. The most accurate label for this condition is which of the following?
- A purge
- An overlay
- An overlap
- Duplicates
Correct answer: Duplicates
One patient holding more than one medical record number within a single facility is a duplicate condition, here three duplicates of the same patient. An overlay mixes two different patients under one number, an overlap is one patient with different numbers across facilities, and a purge is the removal of inactive records.
- During a registration audit, a clerk created a new record for an established patient because the search returned no results due to a misspelled last name. What MPI problem did this most likely produce?
- A duplicate record
- An overlay of two patients
- An enterprise overlap
- A legal hold
Correct answer: A duplicate record
Failing to find the existing record because of a misspelled name and then creating a new one produces a duplicate, where the same patient now has two medical record numbers. It is not an overlay since no second patient's data was merged in, not an overlap since it is within one facility, and a legal hold is unrelated.
- Why is the master patient index typically retained permanently while individual encounter records follow a defined retention period?
- Because the index contains the reimbursement totals
- Because the index is the enduring locator that links patients to all of their records over time
- Because the index sets the destruction method
- Because the index replaces the data dictionary
Correct answer: Because the index is the enduring locator that links patients to all of their records over time
The master patient index is retained permanently because it is the enduring locator that ties each patient to all of their records, and losing it would make historical records unfindable. It does not store reimbursement totals, set destruction methods, or replace the data dictionary.
- An HIM manager wants to reduce duplicate creation at the busiest registration desk. Which intervention targets the root cause most directly?
- Increasing the copying fee for release of information
- Lengthening the record retention period
- Improving search-before-create training and standardized name entry at registration
- Switching to terminal-digit filing
Correct answer: Improving search-before-create training and standardized name entry at registration
Most duplicates arise from skipped or ineffective searches and inconsistent data entry, so improving search-before-create training and standardizing name entry targets the root cause directly. Retention length, copying fees, and filing methods do not affect whether a duplicate is created at registration.
- A confirmed duplicate must be resolved by combining the two records into one. To preserve data integrity, the merge should be performed how?
- By assigning a brand-new third medical record number
- By permanently deleting one record so only one remains
- By leaving both records and adding a sticky note
- According to established policy with a retained audit trail of the change
Correct answer: According to established policy with a retained audit trail of the change
A confirmed duplicate is resolved by merging under established policy while retaining an audit trail, so the action is traceable and reversible if needed. Deleting a record loses data, leaving both unmerged perpetuates fragmentation, and creating a third number compounds the problem.
- In an enterprise master patient index spanning a health system, which scenario specifically defines an overlap?
- One patient has different medical record numbers at two facilities that are not yet linked
- Two different patients share one medical record number
- One patient has two numbers within the same facility
- An inactive record is removed from the index
Correct answer: One patient has different medical record numbers at two facilities that are not yet linked
An overlap occurs in an enterprise environment when a single patient holds different medical record numbers at separate facilities and those records are not yet linked under a common enterprise identifier. Two patients under one number is an overlay, two numbers within one facility is a duplicate, and removing an inactive record is a purge.
- An enterprise master patient index uses probabilistic matching. What does a high match-weight score between two records indicate?
- A guaranteed reimbursement increase
- A strong likelihood the two records belong to the same patient based on weighted field similarity
- That the records must be destroyed
- That the chargemaster needs updating
Correct answer: A strong likelihood the two records belong to the same patient based on weighted field similarity
In probabilistic matching, a high match-weight score reflects strong weighted similarity across identifying fields, indicating the two records very likely belong to the same patient and should be reviewed for linking. It has nothing to do with reimbursement, destruction, or the chargemaster.
- An enterprise master patient index auto-linked two records sharing the same name and birth year but with different Social Security numbers and addresses. Which data integrity outcome is the greatest concern?
- A shortened retention period
- A purge of active records
- An overlay combining two distinct patients into one identity
- An increased gross death rate
Correct answer: An overlay combining two distinct patients into one identity
Linking two records that differ on strong identifiers like Social Security number and address risks an overlay, combining two distinct patients into a single identity, which is a serious patient-safety and data-integrity error. It is not a purge, does not change retention, and is unrelated to mortality statistics.
- Quantitative analysis of a discharged record is best described as a review of what?
- The payer's remittance advice
- The clinical appropriateness of the treatment plan
- The accuracy of assigned procedure codes
- The presence and completeness of required entries, signatures, and dates
Correct answer: The presence and completeness of required entries, signatures, and dates
Quantitative analysis reviews the record for the presence and completeness of required entries, signatures, and dates, identifying what is missing. Judging clinical appropriateness is qualitative or peer review, verifying code accuracy is a coding audit, and the remittance advice is a billing artifact.
- During deficiency analysis, an unsigned verbal order is identified on a discharged chart. This unsigned item is properly recorded as which of the following?
- A deficiency assigned to the responsible provider
- An MPI overlay
- A chargemaster edit
- A legal hold
Correct answer: A deficiency assigned to the responsible provider
An unsigned required entry such as an unauthenticated verbal order is a deficiency that is assigned to the responsible provider for completion. An overlay is an MPI error, a chargemaster edit relates to billing items, and a legal hold suspends destruction.
- A record review evaluates whether progress notes are internally consistent and actually support the documented discharge diagnosis. This is an example of which type of analysis?
- Quantitative analysis
- Qualitative analysis
- Bed control
- Charge capture
Correct answer: Qualitative analysis
Evaluating whether documentation is internally consistent and supports the recorded diagnosis is qualitative analysis, which assesses the quality and substance of documentation beyond mere presence. Quantitative analysis checks for missing items, while bed control and charge capture are unrelated operational functions.
- A record remains incomplete past the facility's stated completion deadline. What term applies to this record?
- A purged record
- A duplicate record
- A delinquent record
- A shadow record
Correct answer: A delinquent record
An incomplete record that has passed the facility's completion deadline is a delinquent record, a status accreditors and the medical staff monitor. A duplicate is an MPI error, a purged record has been removed, and a shadow record is an unofficial copy kept outside the official system.
- Why do many facilities track a physician delinquency rate as part of deficiency management?
- To determine the bed occupancy rate
- To calculate the case-mix index
- To set the chargemaster prices
- To monitor and reduce the volume of incomplete records past the completion deadline
Correct answer: To monitor and reduce the volume of incomplete records past the completion deadline
Tracking the physician delinquency rate lets the facility monitor and reduce records left incomplete past the deadline, supporting timely, complete documentation. It is not a method for case-mix, chargemaster pricing, or bed occupancy.
- During concurrent analysis, a technician identifies a missing required assessment while the patient is still admitted. What advantage does concurrent review provide here?
- The deficiency can be corrected during the stay rather than after discharge
- It eliminates the need for an MPI
- It sets the retention period automatically
- It guarantees a higher reimbursement
Correct answer: The deficiency can be corrected during the stay rather than after discharge
Concurrent review identifies deficiencies while the patient is still admitted, so they can be corrected during the stay rather than chased after discharge, improving completeness and timeliness. It does not eliminate the MPI, set retention, or affect reimbursement directly.
- A facility wants to design a standardized intake form to capture allergy data uniformly across departments. Which HIM function leads the review, approval, and version control of that form?
- Utilization review
- Forms and document control
- Release of information
- Bed management
Correct answer: Forms and document control
Forms and document control leads the review, approval, standardization, and version control of forms so data is captured uniformly and obsolete versions are retired. Utilization review assesses medical necessity, release of information handles disclosures, and bed management addresses capacity.
- Which forms-design choice best supports accurate, uniform data capture across an organization?
- Allowing each unit to redesign the form independently
- Maximizing open free-text boxes on every form
- Using standardized, clearly defined fields with consistent formatting
- Removing all field labels to save space
Correct answer: Using standardized, clearly defined fields with consistent formatting
Standardized, clearly defined fields with consistent formatting promote accurate, uniform data capture across the organization. Excessive free text, independent unit redesigns, and removing labels all introduce inconsistency and error.
- Why does document control assign a version number and effective date to each approved health record form?
- So the form can replace the master patient index
- So the form increases reimbursement per encounter
- So the form can bypass the retention schedule
- So only the current approved version is in circulation and superseded versions are retired
Correct answer: So only the current approved version is in circulation and superseded versions are retired
Version numbers and effective dates let document control ensure only the current approved form is in use while superseded versions are retired, maintaining a single authoritative version. Versioning does not affect reimbursement, retention obligations, or the master patient index.
- Three departments each collect the patient's preferred language using different field names and value lists. From a document control standpoint, what is the primary problem?
- Inconsistent data capture that hampers integration and reliable reporting
- Improved redundancy that strengthens patient safety
- Reduced need for a data dictionary
- A guaranteed increase in case-mix index
Correct answer: Inconsistent data capture that hampers integration and reliable reporting
Collecting the same element with different names and value lists produces inconsistent data capture that hampers integration and reliable reporting, the exact problem standardization prevents. It is not a safety benefit, it increases rather than reduces the need for a data dictionary, and it has no bearing on case-mix.
- Under widely applied accreditation and Conditions of Participation standards, a complete history and physical must generally be documented within what timeframe after inpatient admission?
- 72 hours
- 24 hours
- 7 days
- 30 days
Correct answer: 24 hours
Accreditation and Conditions of Participation standards generally require a complete history and physical within 24 hours of inpatient admission so the care team has a timely clinical baseline. The 72-hour, 7-day, and 30-day options exceed the recognized timeframe.
- A surveyor cites a hospital for entries that lack a date and time. Which documentation standard is being applied?
- Entries must include the reimbursement amount
- Entries must be free of all abbreviations
- Entries must be dated, timed, and authenticated by the responsible author
- Entries must be filed by terminal digit
Correct answer: Entries must be dated, timed, and authenticated by the responsible author
Requiring entries to be dated, timed, and authenticated is a core documentation standard ensuring entries are attributable and verifiable. Standards do not prohibit all abbreviations, require reimbursement amounts in entries, or dictate filing method as a documentation requirement.
- What is the primary patient-safety rationale for an accreditor-driven do-not-use abbreviation list?
- To increase coder productivity
- To shorten the overall length of the record
- To reduce the record retention period
- To prevent ambiguous abbreviations that can cause medication or treatment errors
Correct answer: To prevent ambiguous abbreviations that can cause medication or treatment errors
A do-not-use abbreviation list prevents ambiguous or easily misread abbreviations that could lead to medication or treatment errors, directly supporting patient safety. It is not aimed at shortening records, changing retention, or boosting coder productivity.
- How does accreditation by a body with deeming authority relate to Medicare participation?
- It can confer deemed status, presuming the facility meets the Conditions of Participation
- It exempts the facility from all federal regulation
- It is legally required of every healthcare facility
- It applies only to coding accuracy
Correct answer: It can confer deemed status, presuming the facility meets the Conditions of Participation
Accreditation by a body with deeming authority can confer deemed status, meaning the facility is presumed to meet the Medicare Conditions of Participation. It does not exempt a facility from federal regulation, is voluntary rather than universally mandatory, and addresses far more than coding accuracy.
- A chart audit shows that 12 percent of inpatient records lack an authenticated operative report within the required timeframe. What is the best-supported interpretation for accreditation purposes?
- The facility is compliant because most reports are authenticated
- A documentation timeliness and authentication deficiency exists, creating accreditation risk that needs corrective action
- Authentication standards apply only to outpatients
- The finding affects only reimbursement, not accreditation
Correct answer: A documentation timeliness and authentication deficiency exists, creating accreditation risk that needs corrective action
A 12 percent failure to authenticate operative reports on time is a documentation timeliness and authentication deficiency that creates accreditation risk and requires corrective action. Partial compliance is still noncompliance, the standards apply to inpatient documentation here, and the issue is an accreditation matter, not solely reimbursement.
- The federal program that incentivized eligible providers to adopt and demonstrate effective use of certified electronic health record technology was known by what name?
- The Inpatient Prospective Payment System
- The Recovery Audit Program
- Meaningful Use
- Terminal-digit filing
Correct answer: Meaningful Use
Meaningful Use was the federal incentive program promoting adoption and effective use of certified EHR technology, later evolving into Promoting Interoperability. The Recovery Audit Program targets improper payments, the Inpatient Prospective Payment System is a reimbursement method, and terminal-digit filing is a paper filing technique.
- Which objective best reflects the intent of the Meaningful Use program?
- Standardizing bed occupancy across facilities
- Maximizing the number of paper forms in the chart
- Eliminating the need for patient authorization to disclose records
- Using certified EHR technology to improve care quality, safety, and coordination
Correct answer: Using certified EHR technology to improve care quality, safety, and coordination
A core intent of Meaningful Use was leveraging certified EHR technology to improve the quality, safety, efficiency, and coordination of care. It did not promote paper forms, change authorization requirements, or standardize bed occupancy.
- Meaningful Use later transitioned into which CMS program emphasizing electronic health information exchange?
- The Promoting Interoperability program
- The Correct Coding Initiative
- The Outpatient Code Editor
- The Recovery Audit program
Correct answer: The Promoting Interoperability program
Meaningful Use transitioned into the Promoting Interoperability program, which continued to emphasize electronic exchange of health information using certified EHR technology. The Correct Coding Initiative and Outpatient Code Editor are claims-editing mechanisms, and the Recovery Audit program targets improper payments.
- To attest to a Meaningful Use measure such as providing patients electronic access to their health information, what must an eligible provider demonstrate?
- That zero disclosures of PHI occurred during the period
- Measurable use of the corresponding certified EHR functionality at the required threshold
- That the facility uses paper records exclusively
- The average daily census for the year
Correct answer: Measurable use of the corresponding certified EHR functionality at the required threshold
Attestation required demonstrating measurable use of the corresponding certified EHR functionality at the specified threshold, such as the share of patients given timely electronic access. Exclusive paper use contradicts the program, zero disclosures is unrelated, and average daily census is a statistic, not an attestation requirement.
- The ICD-10-CM Official Guidelines for Coding and Reporting instruct coders to assign codes to what level of detail?
- The level that yields the highest payment
- The unspecified code in all cases to be safe
- The highest level of specificity supported by the documentation
- Whatever level the billing department prefers
Correct answer: The highest level of specificity supported by the documentation
The official guidelines require coding to the highest level of specificity supported by the documentation, selecting the most specific valid code available. Defaulting to unspecified when specificity is documented, coding for payment, or deferring to billing all violate the guidelines.
- In ICD-10-CM, what does a 'Use additional code' note instruct the coder to do?
- Skip documentation review for that condition
- Never report the code with any other code
- Always list the code last on the claim
- Report a secondary code to fully describe a condition when present
Correct answer: Report a secondary code to fully describe a condition when present
A 'Use additional code' note instructs the coder to report a secondary code to more fully describe the condition, such as an associated manifestation or causative organism, when present. It does not prohibit other codes, force last placement, or remove the need to review documentation.
- A coder finds an Excludes1 note linking two conditions. The provider has clearly documented that both conditions are present and unrelated. What is the most appropriate action under current guidance?
- Query the provider, because an Excludes1 generally bars reporting both together unless they are clearly unrelated
- Report both codes, because the Excludes1 exception applies when conditions are clearly unrelated
- Drop both conditions from the claim
- Always sequence the excluded code first
Correct answer: Report both codes, because the Excludes1 exception applies when conditions are clearly unrelated
Report both codes is correct: ICD-10-CM Official Guidelines Section I.A.12.a include an Excludes1 exception stating that when the two linked conditions are clearly unrelated, both codes may be assigned. The stem specifies the provider has clearly documented both conditions as present and unrelated, so the exception applies and no query is needed. Querying is unnecessary here, dropping both conditions loses valid diagnoses, and there is no rule to always sequence the excluded code first.
- For an outpatient surgery encounter, which condition does ICD-10-CM guidance direct the coder to list first?
- Any chronic condition the patient has had
- The diagnosis chiefly responsible for the outpatient service provided
- The condition with the highest charge
- The condition with the longest expected recovery
Correct answer: The diagnosis chiefly responsible for the outpatient service provided
For outpatient encounters, the first-listed diagnosis is the condition chiefly responsible for the service provided during that encounter. Listing any historical chronic condition first, selecting by charge, or selecting by recovery time all violate the guidelines.
- A coder must select between two versions of the official coding guidelines for a discharge dated September 30 of the prior fiscal year. Which version applies?
- Whichever version yields the higher-weighted code
- The newest version released this fiscal year
- The version in effect on the date of service for that discharge
- The version chosen by the payer
Correct answer: The version in effect on the date of service for that discharge
Coding compliance is governed by the code set and official guidelines in effect on the date of service, so a prior fiscal-year discharge is coded under the version then in effect. Applying the newest version retroactively, choosing by code weight, or deferring to the payer all violate the date-of-service principle.
- When documentation is ambiguous and does not support a specific code, what does compliant coding practice require?
- Closing the encounter with no code and no review
- Copying the code from a prior encounter
- Assigning the most specific code anyway to optimize payment
- Querying the provider for clarification rather than assuming the diagnosis
Correct answer: Querying the provider for clarification rather than assuming the diagnosis
When documentation is insufficient to support a specific code, compliant practice requires querying the provider rather than assuming the diagnosis or coding for payment. Copying a prior encounter's code, assigning a specific code without support, or skipping review all violate coding integrity.
- The Uniform Hospital Discharge Data Set was created chiefly to accomplish what?
- Standardize a minimum core set of data elements for hospital inpatient discharges
- Set the copying fees for release of information
- Define the do-not-use abbreviation list
- Determine HIM staffing ratios
Correct answer: Standardize a minimum core set of data elements for hospital inpatient discharges
The Uniform Hospital Discharge Data Set standardizes a minimum core set of data elements collected for every hospital inpatient discharge so data is comparable across facilities. It does not govern copying fees, abbreviations, or staffing ratios.
- Under the Uniform Hospital Discharge Data Set, the principal diagnosis is defined as which of the following?
- The diagnosis with the highest reimbursement weight
- The condition established after study to be chiefly responsible for the admission
- The first condition the physician mentions on admission
- Any chronic condition the patient has ever had
Correct answer: The condition established after study to be chiefly responsible for the admission
The Uniform Hospital Discharge Data Set defines the principal diagnosis as the condition established after study to be chiefly responsible for occasioning the admission. It is not chosen by reimbursement weight, by order of mention, or as any historical chronic condition.
- Under the Uniform Hospital Discharge Data Set, how is an 'other diagnosis' (secondary diagnosis) characterized?
- A diagnosis that is always coded first
- The single condition chiefly responsible for admission
- A condition that coexists at admission or develops afterward and affects the treatment or length of stay
- A diagnosis with the lowest severity
Correct answer: A condition that coexists at admission or develops afterward and affects the treatment or length of stay
Under the Uniform Hospital Discharge Data Set, an other diagnosis is a condition that coexists at admission or develops during the stay and affects treatment or length of stay. The condition chiefly responsible for admission is the principal diagnosis, secondary diagnoses are not coded first by rule, and severity does not define the category.
- Which data element is part of the Uniform Hospital Discharge Data Set core set for inpatient discharges?
- The terminal-digit filing location
- The chargemaster line items
- The do-not-use abbreviation list
- Disposition of the patient at discharge
Correct answer: Disposition of the patient at discharge
Disposition of the patient at discharge is a core Uniform Hospital Discharge Data Set element, capturing where or in what status the patient left the facility. The chargemaster, abbreviation list, and filing location are not core discharge data elements.
- Two hospitals report very different complication rates partly because they capture secondary diagnoses differently. Consistent application of which standard would make the data comparable?
- The Uniform Hospital Discharge Data Set definitions for core inpatient data elements
- The do-not-use abbreviation list
- The record retention schedule
- The chargemaster maintenance policy
Correct answer: The Uniform Hospital Discharge Data Set definitions for core inpatient data elements
Consistent application of the Uniform Hospital Discharge Data Set definitions, including how secondary diagnoses are captured, would make the two hospitals' inpatient data comparable. Abbreviation lists, retention schedules, and chargemaster policies do not define core inpatient data elements.
- A health system standardizes outpatient data collection to a defined minimum data set. From an information governance view, the main benefit is which of the following?
- A guaranteed increase in the case-mix index
- Comparable, complete data across encounters supporting reliable reporting
- A shorter record retention period
- Automatic resolution of all MPI overlaps
Correct answer: Comparable, complete data across encounters supporting reliable reporting
Enforcing a minimum data set ensures each encounter captures the same standardized, complete elements, producing comparable data that supports reliable reporting and analysis. It does not raise case-mix, shorten retention, or resolve MPI overlaps automatically.
- SNOMED CT is best described as which kind of healthcare terminology?
- A list of approved abbreviations for charting
- A reimbursement classification for assigning DRGs
- A comprehensive clinical reference terminology for encoding clinical concepts in the EHR
- A framework for tracking disclosures of PHI
Correct answer: A comprehensive clinical reference terminology for encoding clinical concepts in the EHR
SNOMED CT is a comprehensive clinical reference terminology used to encode clinical findings, procedures, and other clinical content in the EHR. It is not a reimbursement classification, an abbreviation list, or a disclosure-tracking framework.
- What is a key difference between SNOMED CT and ICD-10-CM?
- ICD-10-CM is used only for documentation, never billing
- They are interchangeable systems
- SNOMED CT contains no codes
- SNOMED CT captures granular clinical meaning at the point of care, while ICD-10-CM classifies conditions for reporting and reimbursement
Correct answer: SNOMED CT captures granular clinical meaning at the point of care, while ICD-10-CM classifies conditions for reporting and reimbursement
SNOMED CT is a granular reference terminology for point-of-care clinical meaning, whereas ICD-10-CM is a classification that aggregates conditions for statistics and reimbursement. They are not interchangeable, SNOMED CT does contain codes, and ICD-10-CM is used for both reporting and billing.
- Why is mapping SNOMED CT-encoded findings to ICD-10-CM valuable in an EHR?
- It translates detailed clinical documentation into classified codes for reporting and reimbursement
- It sets the bed occupancy target
- It replaces the master patient index
- It authenticates verbal orders
Correct answer: It translates detailed clinical documentation into classified codes for reporting and reimbursement
Mapping SNOMED CT findings to ICD-10-CM translates granular clinical documentation into standardized classified codes usable for reporting and reimbursement, bridging clinical and administrative needs. It does not set occupancy targets, replace the master patient index, or authenticate orders.
- An organization wants clinical findings captured once at the point of care to remain meaningful when exchanged with another system. Adopting SNOMED CT primarily supports which goal?
- A higher reimbursement per encounter
- Semantic interoperability of clinical concepts across systems
- A shorter retention schedule
- Elimination of the data dictionary
Correct answer: Semantic interoperability of clinical concepts across systems
SNOMED CT supports semantic interoperability by representing clinical concepts consistently so they retain meaning when exchanged across systems. It does not raise reimbursement, shorten retention, or eliminate the need for a data dictionary.
- Which standardized terminology is specifically designed to identify laboratory tests and clinical observations for interoperable exchange?
Correct answer: LOINC
LOINC standardizes the identification of laboratory tests and clinical observations and measurements, supporting consistent exchange of results and orders. MS-DRG is an inpatient payment classification, Soundex is a phonetic name index, and UHDDS is an inpatient discharge data set.
- Which standardized terminology provides normalized names and codes for clinical drugs to support interoperable medication data?
- HCPCS Level I
- CPT
- UHDDS
- RxNorm
Correct answer: RxNorm
RxNorm provides normalized names and codes for clinical drugs to support interoperable medication data exchange. CPT classifies procedures, UHDDS is an inpatient discharge data set, and HCPCS Level I is procedural coding rather than a medication terminology.
- Within HIM, what is the primary distinction between a reference terminology and a classification system?
- A reference terminology captures detailed clinical meaning, while a classification aggregates concepts into categories for reporting
- A reference terminology is used only for billing
- A classification contains no codes
- They serve identical purposes
Correct answer: A reference terminology captures detailed clinical meaning, while a classification aggregates concepts into categories for reporting
A reference terminology such as SNOMED CT captures granular clinical meaning, while a classification such as ICD-10-CM aggregates concepts into categories for statistical reporting and reimbursement. Reference terminologies are not billing-only, classifications do contain codes, and the two serve different purposes.
- An HIM analyst must select a terminology so that lab results from multiple instruments can be combined into one consistent dataset. Which terminology is the most appropriate choice?
- ICD-10-PCS for procedure coding
- LOINC for standardizing the identity of lab observations
- The chargemaster for billing
- Soundex for name matching
Correct answer: LOINC for standardizing the identity of lab observations
LOINC standardizes the identity of laboratory observations, so results from multiple instruments can be combined into one consistent dataset. ICD-10-PCS codes procedures, the chargemaster lists billable items, and Soundex is a phonetic name-matching technique.
- A data dictionary entry restricts the 'gender' field to a defined list of allowable codes. This restriction is an example of which data dictionary component?
- A disclosure log
- A record destruction date
- A defined value set (allowable values) for the field
- A reimbursement weight
Correct answer: A defined value set (allowable values) for the field
Restricting a field to a defined list of allowable codes specifies its value set, a core data dictionary component that supports consistent, computable data. It is not a destruction date, a disclosure log, or a reimbursement weight.
- During integration of two systems, the same concept is stored as 'AdmitDate' in one and 'DateOfAdmission' in another. Which data dictionary element resolves this conflict?
- The do-not-use abbreviation list
- The bed occupancy rate
- The accounting of disclosures
- A standardized field name and definition for the element
Correct answer: A standardized field name and definition for the element
A shared data dictionary providing one standardized field name and definition resolves the naming conflict so both systems represent admission date consistently. Occupancy rates, disclosure accounting, and abbreviation lists do not standardize field names.
- What is the chief data integrity benefit of enforcing data dictionary edits, such as required formats and valid ranges, at the point of entry?
- Invalid or out-of-range values are prevented from being captured, improving accuracy at the source
- The case-mix index automatically rises
- Clinical documentation becomes unnecessary
- The retention schedule is shortened
Correct answer: Invalid or out-of-range values are prevented from being captured, improving accuracy at the source
Enforcing data dictionary edits at entry prevents invalid or out-of-range values from being captured, improving accuracy at the source. It does not affect case-mix, eliminate documentation, or change retention.
- An organization wants every report writer to interpret the 'observation status' field identically. Maintaining one enterprise data dictionary achieves this primarily by doing what?
- Setting the copying fee for the field
- Assigning a single definition and value set so all users apply the same meaning
- Determining the field's destruction date
- Computing the gross death rate from the field
Correct answer: Assigning a single definition and value set so all users apply the same meaning
A single enterprise data dictionary assigns one definition and value set for a field so every user interprets and applies it identically, ensuring consistent reporting. It does not set fees, destruction dates, or compute mortality statistics.
- A data dictionary specifies that 'discharge disposition' must use a defined code set rather than free text. What is the main data integrity advantage?
- Elimination of clinician documentation
- A guaranteed higher reimbursement
- Consistent, computable values that can be reliably aggregated and reported
- A shorter retention schedule
Correct answer: Consistent, computable values that can be reliably aggregated and reported
Constraining a field to a defined code set produces consistent, computable values that can be reliably aggregated and reported, improving integrity over free text. It does not guarantee higher reimbursement, remove documentation, or change retention.
- Information governance in a healthcare organization is best understood as which of the following?
- A tool that calculates average length of stay
- A schedule that sets only destruction dates for paper records
- A method for assigning ICD-10-CM codes
- An enterprise-wide accountability framework and set of decision rights for managing information across its lifecycle
Correct answer: An enterprise-wide accountability framework and set of decision rights for managing information across its lifecycle
Information governance is the enterprise-wide accountability framework and decision rights for managing information as a strategic asset throughout its lifecycle. It is broader than a destruction schedule, is not a coding method, and is not a statistical calculation tool.
- Which of the following is a recognized principle of information governance?
- Integrity of information
- Maximizing case-mix regardless of documentation
- Blocking all patient access to records
- Eliminating retention schedules
Correct answer: Integrity of information
Integrity is a recognized information governance principle, alongside accountability, protection, transparency, availability, retention, compliance, and disposition. Maximizing case-mix without support, blocking patient access, and abolishing retention schedules all contradict sound governance.
- An organization assigns a designated data steward for each major data domain. Which information governance principle does this most directly support?
- Charge capture
- Accountability
- Bed control
- Terminal-digit filing
Correct answer: Accountability
Assigning data stewards for each domain establishes accountability, ensuring responsibility for information decisions is defined and traceable. Charge capture, bed control, and terminal-digit filing are operational functions, not governance accountability mechanisms.
- Beyond regulatory compliance, what is a key benefit of a mature information governance program?
- The elimination of clinical documentation
- A fixed reimbursement amount per discharge
- More trustworthy, usable data for clinical care, analytics, and strategic decisions
- The removal of patient consent requirements
Correct answer: More trustworthy, usable data for clinical care, analytics, and strategic decisions
A mature information governance program makes data more trustworthy and usable for care, analytics, and strategic decisions, delivering value beyond compliance. It does not fix reimbursement amounts, replace documentation, or waive consent requirements.
- How is information governance best distinguished from data governance?
- Information governance applies only to paper records
- They are unrelated and never overlap
- Data governance is broader than information governance
- Information governance is the broad enterprise framework for all information, while data governance focuses on managing data assets and standards within it
Correct answer: Information governance is the broad enterprise framework for all information, while data governance focuses on managing data assets and standards within it
Information governance is the overarching enterprise framework for all information, while data governance is a component focused on managing data assets, definitions, and quality within that framework. They are related, information governance is broader, and it is not limited to paper.
- An information governance maturity review finds strong policies but weak, inconsistent enforcement and unclear ownership. Which action should be prioritized to raise maturity?
- Assigning clear accountability and stewardship and enforcing existing policies consistently
- Eliminating the policies to reduce confusion
- Raising copying fees for records
- Increasing the case-mix index
Correct answer: Assigning clear accountability and stewardship and enforcing existing policies consistently
When policies exist but ownership and enforcement are weak, the priority is to assign clear accountability and stewardship and enforce policies consistently, which directly raises governance maturity. Eliminating policies, raising fees, or chasing case-mix would not improve governance.
- A facility creates an inventory mapping where each patient data element is created, stored, and used across systems. From an information governance standpoint, this primarily supports what?
- Calculating the gross death rate
- Knowing where information lives so it can be governed, protected, retained, and produced consistently
- Assigning DRGs
- Setting the copying fee
Correct answer: Knowing where information lives so it can be governed, protected, retained, and produced consistently
A data inventory or map identifies where information is created, stored, and used so it can be governed, protected, retained, and produced consistently, a foundational governance activity. It does not compute mortality, assign DRGs, or set fees.
- Which data quality characteristic specifically means the data is correct and free from error?
- Accessibility
- Granularity
- Accuracy
- Timeliness
Correct answer: Accuracy
Accuracy means the data is correct and free from error, reflecting reality as captured. Granularity concerns level of detail, accessibility concerns whether authorized users can retrieve the data, and timeliness concerns availability when needed.
- A report shows a length of stay of negative two days because the discharge date precedes the admission date. Which data quality characteristic is most clearly violated?
- Confidentiality
- Granularity
- Accessibility
- Consistency and validity
Correct answer: Consistency and validity
A discharge date preceding admission yields a logically impossible negative length of stay, violating consistency and validity. Granularity concerns detail level, accessibility concerns retrieval, and confidentiality concerns protection, none of which describe this internal logical error.
- A field is accurate but is not useful for the report's intended purpose. Which data quality dimension is at issue?
- Relevancy
- Accuracy
- Accessibility
- Timeliness
Correct answer: Relevancy
Relevancy concerns whether the data is meaningful and useful for its intended purpose, the issue when accurate data does not serve the report's need. Accuracy concerns correctness, accessibility concerns retrieval, and timeliness concerns availability when needed.
- Documentation entered 48 hours after the encounter, when policy requires entry within 24 hours, most directly fails which data quality dimension?
- Granularity
- Timeliness
- Relevancy
- Precision
Correct answer: Timeliness
Documentation entered well past the required window fails the timeliness dimension, which requires data be recorded and available within the timeframe needed to support care and operations. Granularity, relevancy, and precision concern detail, usefulness, and exactness rather than when data is captured.
- AHIMA's data quality management model evaluates data across application, collection, warehousing, and analysis. What does this lifecycle view ensure?
- Only billing data is evaluated
- Data is collected once and never reviewed again
- Data quality is addressed at every stage where data is captured, stored, and used
- The master patient index becomes unnecessary
Correct answer: Data quality is addressed at every stage where data is captured, stored, and used
Viewing quality across application, collection, warehousing, and analysis ensures quality is managed at every lifecycle stage where data is captured, stored, and used, not at a single checkpoint. It does not limit review to one event, restrict evaluation to billing, or eliminate the master patient index.
- A data quality audit compares coded data against the source documentation before submission to an external registry. Which two data quality characteristics are most central to this audit?
- Shelf filing and Soundex matching
- Bed occupancy and census
- Copying fee and retention period
- Accuracy and completeness
Correct answer: Accuracy and completeness
Confirming that coded data correctly reflects the documentation and contains all required elements centers on accuracy and completeness before external submission. Occupancy, fees, retention, and filing are not the relevant quality dimensions.
- HL7 standards are used in health information systems primarily to do what?
- Provide standards for electronic exchange of clinical and administrative messages between systems
- Set inpatient reimbursement weights
- Define the legal health record retention period
- Assign ICD-10-CM codes automatically
Correct answer: Provide standards for electronic exchange of clinical and administrative messages between systems
HL7 provides standards for structuring and exchanging clinical and administrative messages between health information systems, supporting interoperability. It does not set reimbursement weights, define retention periods, or assign diagnosis codes.
- FHIR is an interoperability standard that supports which of the following?
- Assigning MS-DRGs to inpatient stays
- Exchanging discrete health data through standardized resources and modern web technologies
- Setting the record destruction schedule
- Calculating bed occupancy
Correct answer: Exchanging discrete health data through standardized resources and modern web technologies
FHIR is an interoperability standard that exchanges discrete health data using standardized resources and modern web technologies, improving data sharing across systems and applications. It does not assign DRGs, set destruction schedules, or calculate bed occupancy.
- Why is adopting standardized data exchange formats important for information governance?
- It raises the case-mix index
- It lets the facility skip deficiency analysis
- Consistent formats preserve data meaning and integrity as information moves between systems
- It shortens the retention schedule
Correct answer: Consistent formats preserve data meaning and integrity as information moves between systems
Standardized exchange formats preserve data meaning and integrity as information moves between systems, central to governance goals of trustworthy, usable information. They do not bypass deficiency analysis, raise case-mix, or shorten retention.
- In an electronic health record, metadata is best described as which of the following?
- The chargemaster line items
- The patient's principal diagnosis
- The reimbursement amount for the encounter
- Data that describes other data, such as the author, date, and source system of an entry
Correct answer: Data that describes other data, such as the author, date, and source system of an entry
Metadata is data about data, describing attributes such as the author, date, and source system of an entry, which supports integrity and retrieval. It is not the diagnosis, the reimbursement amount, or chargemaster items.
- A control requires that once an entry is signed, later changes create a tracked addendum rather than overwriting the original. This control primarily protects what?
- The integrity and trustworthiness of the original documentation
- The reimbursement weight
- The bed occupancy rate
- The copying fee
Correct answer: The integrity and trustworthiness of the original documentation
Requiring tracked addenda rather than overwrites after signing protects the integrity and trustworthiness of the original documentation by preserving an accurate historical record. It does not affect reimbursement weight, occupancy, or fees.
- Copying a prior note forward without updating it, sometimes called note cloning, primarily threatens which aspect of the record?
- Terminal-digit filing accuracy
- Documentation integrity, because the record may contain outdated or inaccurate information
- Bed occupancy reporting
- The record retention schedule
Correct answer: Documentation integrity, because the record may contain outdated or inaccurate information
Copying notes forward without updating threatens documentation integrity because the record can contain outdated, redundant, or inaccurate information that no longer reflects current status. It does not affect filing accuracy, occupancy reporting, or retention.
- Capturing the author, timestamp, and source system for every EHR entry most directly serves which two governance goals?
- Copying-fee calculation and chargemaster maintenance
- Reimbursement maximization and bed control
- Data integrity and the ability to audit and validate authenticity
- Forms standardization and Soundex indexing
Correct answer: Data integrity and the ability to audit and validate authenticity
Author, timestamp, and source-system metadata most directly serve data integrity and the ability to audit and validate the authenticity of documentation, since entries become traceable and verifiable. It is not primarily about reimbursement, bed control, fees, chargemaster work, or indexing.
- Under the HIPAA Security Rule, the safeguards that include workforce security, security awareness training, and a sanction policy are classified as which type of safeguard?
- Physical safeguards
- Administrative safeguards
- Technical safeguards
- Financial safeguards
Correct answer: Administrative safeguards
Workforce security measures, security awareness training, and the sanction policy are administrative safeguards, which are the policies and procedures that manage how the workforce protects electronic protected health information. Physical safeguards control the facility and devices, technical safeguards control electronic access to data, and financial safeguards are not a Security Rule category.
- A health information department installs locked doors, badge-controlled entry to the file room, and workstation positioning that hides screens from public view. These measures are examples of which HIPAA Security Rule safeguard category?
- Physical safeguards
- Technical safeguards
- Administrative safeguards
- Privacy notice requirements
Correct answer: Physical safeguards
Locked doors, badge access to the record room, and screen positioning are physical safeguards, which protect facilities, equipment, and media holding electronic protected health information from unauthorized physical access. Technical safeguards govern electronic access controls, administrative safeguards are policy-based, and the privacy notice is a Privacy Rule artifact rather than a security safeguard.
- Access controls, audit controls, integrity controls, and transmission security in an electronic health record are categorized under the HIPAA Security Rule as which type of safeguard?
- Technical safeguards
- Administrative safeguards
- Physical safeguards
- Documentation safeguards
Correct answer: Technical safeguards
Access controls, audit controls, integrity controls, and transmission security are technical safeguards, the technology-based mechanisms that protect electronic protected health information and control access to it. Administrative safeguards are policies and procedures, physical safeguards protect the physical environment, and documentation safeguards is not a defined category.
- Before a hospital shares protected health information with an outside transcription company that processes the data on its behalf, what does HIPAA require the hospital to have in place with that company?
- A notice of privacy practices signed by the company
- A record retention schedule
- A business associate agreement
- An accounting of disclosures
Correct answer: A business associate agreement
A business associate agreement is required before a covered entity discloses protected health information to a vendor that performs services on its behalf, because it contractually obligates the vendor to safeguard the information. A notice of privacy practices is given to patients, a retention schedule governs how long records are kept, and an accounting of disclosures is a patient right rather than a vendor contract.
- A cloud storage vendor stores and maintains a clinic's electronic protected health information. Under HIPAA, how is this vendor classified?
- A business associate
- A covered entity
- A personal representative
- A public health authority
Correct answer: A business associate
A vendor that creates, receives, maintains, or transmits protected health information on behalf of a covered entity, such as a cloud storage service, is a business associate and is directly subject to applicable HIPAA requirements. A covered entity is the provider or plan itself, a personal representative acts for the patient, and a public health authority is a government agency receiving reportable data.
- During registration, a visitor in the waiting area briefly overhears a clerk confirming a patient's appointment despite the clerk speaking quietly and following reasonable safeguards. Under HIPAA, how is this kind of disclosure best characterized?
- A reportable breach requiring individual notification
- A permissible incidental disclosure
- A violation of the minimum necessary standard
- A disclosure requiring patient authorization
Correct answer: A permissible incidental disclosure
An incidental disclosure that occurs as a byproduct of an otherwise permitted communication, when reasonable safeguards and the minimum necessary standard are applied, is permissible under HIPAA. It is not automatically a reportable breach, it does not by itself violate the minimum necessary standard when safeguards are used, and routine appointment communications do not require a separate authorization.
- A patient submits a written request asking the hospital to correct their recorded date of birth, which is wrong in the chart. Which HIPAA right is the patient exercising?
- The right of access
- The right to an accounting of disclosures
- The right to request an amendment
- The right to revoke a notice
Correct answer: The right to request an amendment
Asking a covered entity to correct inaccurate or incomplete information in the record is the right to request an amendment, distinct from simply obtaining a copy. The right of access provides a copy, the accounting of disclosures lists releases, and there is no right to revoke a notice of privacy practices.
- A provider denies a patient's request to amend a clinical note because the original entry is accurate and complete. Under HIPAA, what is the patient generally entitled to do next?
- Submit a statement of disagreement to be included with the record
- Delete the note from the legal health record themselves
- Demand the provider's license be revoked
- Require the provider to destroy the entire record
Correct answer: Submit a statement of disagreement to be included with the record
When an amendment request is denied, the patient may submit a statement of disagreement that the covered entity includes with the disputed information, preserving the patient's position. Patients cannot delete entries from the legal health record themselves, cannot force record destruction, and license revocation is unrelated to the amendment process.
- A patient asks the clinic to restrict disclosure of information about a self-paid service to the patient's health plan. Under the HIPAA right to request restrictions, how must the clinic respond when the individual paid out of pocket in full?
- It must always deny restriction requests
- It may release the information to the plan anyway
- It must agree to restrict that disclosure to the health plan for payment or operations
- It must obtain a court order before restricting
Correct answer: It must agree to restrict that disclosure to the health plan for payment or operations
HIPAA requires a covered entity to agree to a requested restriction on disclosing to a health plan for payment or operations when the individual has paid for the item or service in full out of pocket. Restriction requests are not always denied, the clinic may not override this particular restriction, and no court order is needed to honor it.
- Under the HIPAA Privacy Rule's right to request confidential communications, what may an individual ask a provider to do?
- Stop billing the patient's insurance permanently
- Communicate protected health information by alternative means or at an alternative location
- Delete the patient's entire treatment history
- Assign the patient a new diagnosis
Correct answer: Communicate protected health information by alternative means or at an alternative location
The right to request confidential communications lets a patient ask that a provider contact them by alternative means, such as a cell phone, or at an alternative location, such as a work address. It does not stop insurance billing, delete the treatment history, or change a diagnosis.
- A HIM department applies role-based access so each user can reach only the data needed for their job function. Within the HIPAA Security Rule, this technical capability is most directly part of which standard?
- Access control
- Transmission security
- Contingency planning
- Workforce clearance
Correct answer: Access control
Role-based permissions that limit each user to the data needed for their function are part of the access control standard, a technical safeguard that restricts electronic access to protected health information. Transmission security protects data in transit, contingency planning addresses emergencies, and workforce clearance is an administrative process for granting access in the first place.
- To meet the HIPAA Security Rule, an EHR requires each user to enter a unique username and a confidential password before viewing patient data. This practice primarily supports which goal?
- Increasing the case mix index
- Shortening the record retention period
- Verifying user identity so access can be controlled and attributed
- Calculating the bed occupancy rate
Correct answer: Verifying user identity so access can be controlled and attributed
Unique user identification combined with authentication verifies who is accessing the system so access can be controlled and individual actions can be attributed in the audit trail. It does not change the case mix index, alter retention periods, or compute occupancy statistics.
- A hospital implements automatic logoff so workstations lock after a period of inactivity. Which HIPAA Security Rule concern does this control most directly address?
- Preventing unauthorized viewing of PHI on unattended workstations
- Assigning the principal diagnosis
- Calculating average length of stay
- Maintaining the chargemaster
Correct answer: Preventing unauthorized viewing of PHI on unattended workstations
Automatic logoff after inactivity reduces the risk that an unattended workstation lets an unauthorized person view protected health information, supporting access control. It is unrelated to diagnosis assignment, length-of-stay statistics, or chargemaster maintenance.
- Under the HIPAA Security Rule, what is the primary purpose of a contingency plan that includes data backup and a disaster recovery plan?
- To assign diagnosis codes during downtime
- To ensure protected health information can be recovered and remains available after an emergency such as a system failure or natural disaster
- To increase the facility's case mix index
- To set the chargemaster prices
Correct answer: To ensure protected health information can be recovered and remains available after an emergency such as a system failure or natural disaster
A contingency plan with data backup and disaster recovery ensures that electronic protected health information can be restored and remains available after emergencies such as system failures or natural disasters, protecting the availability of the data. It does not assign codes, change the case mix index, or set chargemaster prices.
- A HIM director wants to identify the threats and vulnerabilities to electronic protected health information and the likelihood and impact of each. Which Security Rule activity is the director performing?
- A deficiency analysis
- A case mix analysis
- A risk analysis
- A chargemaster review
Correct answer: A risk analysis
Identifying threats and vulnerabilities to electronic protected health information along with their likelihood and impact is a risk analysis, a foundational administrative safeguard that drives security decisions. A deficiency analysis reviews chart completeness, a case mix analysis examines patient acuity, and a chargemaster review checks billing codes.
- After a security risk analysis identifies vulnerabilities, what is the next step required by the HIPAA Security Rule's risk management process?
- Implement security measures sufficient to reduce the identified risks to a reasonable and appropriate level
- Immediately destroy all electronic records
- Stop using audit trails
- Publish the vulnerabilities publicly
Correct answer: Implement security measures sufficient to reduce the identified risks to a reasonable and appropriate level
Risk management follows risk analysis by implementing security measures sufficient to reduce the identified risks and vulnerabilities to a reasonable and appropriate level. Destroying records, abandoning audit trails, or publicizing vulnerabilities would each increase rather than reduce risk to protected health information.
- An organization's sanction policy disciplines workforce members who violate security and privacy policies. Under the HIPAA Security Rule, this policy is an example of which safeguard?
- A physical safeguard
- An administrative safeguard
- A technical safeguard
- A transmission safeguard
Correct answer: An administrative safeguard
A sanction policy that disciplines workforce members for security and privacy violations is an administrative safeguard, since it is a workforce-management policy supporting compliance. It is not a physical safeguard protecting facilities, a technical safeguard controlling system access, or a transmission safeguard protecting data in transit.
- The HIPAA Security Rule requires security awareness and training for the workforce primarily to accomplish what?
- To assign MS-DRGs more quickly
- To increase the gross death rate reporting
- To ensure workforce members understand how to protect electronic protected health information and follow security policies
- To shorten the notice of privacy practices
Correct answer: To ensure workforce members understand how to protect electronic protected health information and follow security policies
Security awareness and training ensures workforce members understand their responsibilities for protecting electronic protected health information and following the organization's security policies, reducing human-error risk. It is unrelated to coding speed, mortality reporting, or shortening the privacy notice.
- Under the HIPAA Security Rule, transmission security measures such as encrypting protected health information sent over the internet are intended primarily to protect what?
- Protected health information while it is being transmitted across a network
- The facility's bed occupancy rate
- The accuracy of the master patient index
- The reimbursement weight of each DRG
Correct answer: Protected health information while it is being transmitted across a network
Transmission security, including encryption of data in transit, protects electronic protected health information from interception while it moves across a network. It does not affect occupancy statistics, the master patient index, or DRG reimbursement weights.
- A laboratory faxes results to a physician's office and includes a confidentiality statement on the cover sheet directing unintended recipients to destroy the fax and notify the sender. This practice is best described as which kind of HIPAA measure?
- An accounting of disclosures
- A de-identification method
- A reasonable safeguard to limit improper disclosure of protected health information
- A record retention schedule
Correct answer: A reasonable safeguard to limit improper disclosure of protected health information
A fax confidentiality statement instructing unintended recipients to destroy the document and notify the sender is a reasonable safeguard that helps limit improper disclosure of protected health information. It is not an accounting of disclosures, a de-identification technique, or a retention schedule.
- Which set of items reflects identifiers that must be removed for the HIPAA Safe Harbor method of de-identification?
- Names, geographic subdivisions smaller than a state, and full dates such as birth dates
- Diagnosis severity, DRG weight, and case mix index
- Bed count, occupancy rate, and length of stay
- Coder name, query volume, and audit frequency
Correct answer: Names, geographic subdivisions smaller than a state, and full dates such as birth dates
The Safe Harbor method requires removing specified identifiers including names, geographic subdivisions smaller than a state, and full dates such as birth dates, so the data can no longer identify individuals. DRG weight, case mix index, occupancy statistics, and operational metrics are not the identifiers the Safe Harbor method targets.
- A researcher receives a data set that still contains dates of service and five-digit ZIP codes but no names. Compared with fully de-identified data, how should this data set be treated?
- As fully de-identified and outside HIPAA
- As a limited data set, which remains protected health information and requires a data use agreement
- As public information requiring no safeguards
- As a notice of privacy practices
Correct answer: As a limited data set, which remains protected health information and requires a data use agreement
A data set that removes direct identifiers but retains elements such as dates and ZIP codes is a limited data set, which is still protected health information and may be used or disclosed for permitted purposes only under a data use agreement. It is neither fully de-identified, public, nor a privacy notice.
- A patient who is a minor in a state where the minor may legally consent to certain confidential services seeks records of that care. How does HIPAA generally treat the parent's access to those specific records?
- The parent always has unrestricted access to all minor records
- The parent never has any access to any minor's records
- The parent's right to access may be limited consistent with applicable state law for that confidential care
- The records must be destroyed when the minor turns 18
Correct answer: The parent's right to access may be limited consistent with applicable state law for that confidential care
When a minor lawfully consents to confidential services under state law, HIPAA generally defers to that state law, which may limit a parent's access to those specific records. Parents do not have unrestricted access to all minor records in every case, parents are not categorically barred from all minor records, and reaching adulthood does not trigger destruction.
- Under HIPAA, the protected health information of a deceased individual generally remains protected for what period after death?
- For 24 hours following death
- For 50 years following the individual's death
- Indefinitely with no time limit
- It loses all protection immediately at death
Correct answer: For 50 years following the individual's death
HIPAA generally continues to protect a decedent's protected health information for 50 years following the date of death, after which it is no longer treated as PHI under the rule. Protection does not end immediately, last only 24 hours, or continue indefinitely without limit.
- After a patient's death, who is generally able to exercise the deceased individual's HIPAA rights, such as authorizing release of the decedent's records?
- The personal representative, such as an executor or administrator of the estate, under applicable law
- Any family member who asks
- Only the treating physician
- No one, because rights end at death
Correct answer: The personal representative, such as an executor or administrator of the estate, under applicable law
After death, the decedent's personal representative, such as an executor or estate administrator authorized under applicable law, may exercise the individual's HIPAA rights, including authorizing release of records. Not every family member qualifies, the treating physician does not automatically hold these rights, and the rights do not simply vanish at death within the protected period.
- When a HIM department discloses records that originated from another provider along with its own records, what redisclosure concern should it consider?
- Whether the case mix index will rise
- Whether the bed occupancy rate is accurate
- Whether any restrictions or special protections, such as those for substance use disorder records, limit redisclosure of the outside information
- Whether the gross death rate is current
Correct answer: Whether any restrictions or special protections, such as those for substance use disorder records, limit redisclosure of the outside information
Before redisclosing information that came from another source, the department must consider whether special protections, such as the heightened rules for federally protected substance use disorder records, restrict further disclosure. The case mix index, bed occupancy, and gross death rate are statistical measures unrelated to redisclosure rules.
- Records from a federally assisted substance use disorder treatment program are generally subject to confidentiality protections that, compared with the baseline HIPAA Privacy Rule, are which of the following?
- More restrictive, often requiring specific patient consent for disclosures that HIPAA alone might permit
- Less restrictive than HIPAA in every case
- Identical to HIPAA with no differences
- Exempt from all confidentiality requirements
Correct answer: More restrictive, often requiring specific patient consent for disclosures that HIPAA alone might permit
Federal substance use disorder confidentiality rules are generally more restrictive than baseline HIPAA, frequently requiring specific patient consent for disclosures that HIPAA alone might otherwise allow. They are not less restrictive, identical, or exempt from confidentiality requirements.
- A workforce member with legitimate access to the EHR looks up a neighbor's record out of personal curiosity. From a privacy standpoint, this conduct is best classified as what?
- A permissible use because the employee is authorized
- A required disclosure under HIPAA
- An incidental disclosure
- Snooping, an impermissible use of protected health information without a work-related purpose
Correct answer: Snooping, an impermissible use of protected health information without a work-related purpose
Accessing a record out of personal curiosity without a work-related purpose is snooping, an impermissible use of protected health information even by an otherwise authorized user. It is not permissible merely because the user has system access, not a required disclosure, and not an incidental byproduct of a permitted activity.
- Which scenario represents a permissible disclosure of protected health information without patient authorization under HIPAA?
- Selling a patient list to a pharmaceutical marketer
- Posting a patient's photo on social media
- Reporting a suspected case of child abuse to the appropriate authority as required by law
- Sharing records with a curious coworker
Correct answer: Reporting a suspected case of child abuse to the appropriate authority as required by law
HIPAA permits disclosures required by law, such as reporting suspected child abuse to the appropriate authority, without patient authorization. Selling a patient list for marketing, posting a patient's photo publicly, and sharing records with an unauthorized coworker are all impermissible disclosures.
- A staff member needs to take protected health information off-site on a portable USB drive for an approved work purpose. Which control most directly reduces the privacy risk if the drive is lost?
- Writing the patient's name on the device label
- Increasing the chargemaster fee
- Recording the data on the bed occupancy report
- Encrypting the data on the device so it is unreadable without the key
Correct answer: Encrypting the data on the device so it is unreadable without the key
Encrypting the data on a portable device renders the information unreadable without the key, sharply reducing privacy risk if the device is lost. Labeling the device with a patient name increases exposure, while chargemaster fees and occupancy reports do nothing to protect the data.
- A HIM department establishes a written standard that release of information requests must be completed within a set number of business days. This standard most directly supports which goal?
- A higher case mix index
- Timely, consistent turnaround for processing disclosures of protected health information
- A lower gross death rate
- A larger chargemaster
Correct answer: Timely, consistent turnaround for processing disclosures of protected health information
Setting a target turnaround time for release of information requests supports timely and consistent processing of disclosures, helping the department meet patient and legal expectations. It does not affect the case mix index, gross death rate, or chargemaster size.
- A facility wants to verify that its release of information turnaround time meets the standard it set. What should the HIM manager do?
- Recalculate the case mix index
- Audit the chargemaster line items
- Review the gross death rate
- Measure how long requests actually take and compare the results against the established turnaround standard
Correct answer: Measure how long requests actually take and compare the results against the established turnaround standard
To verify performance, the manager measures actual request processing times and compares them against the established turnaround standard, identifying gaps to address. Recalculating the case mix index, auditing the chargemaster, and reviewing the gross death rate measure unrelated functions.
- Privacy, confidentiality, and security are related but distinct concepts. Which statement best describes security in the context of protected health information?
- The individual's right to control how their information is used
- The expectation that information shared in trust is not improperly revealed
- The means and safeguards used to protect information and control access to it
- The assignment of diagnosis codes
Correct answer: The means and safeguards used to protect information and control access to it
Security refers to the administrative, physical, and technical safeguards used to protect information and control access to it. Privacy is the individual's right to control use of their information, confidentiality is the expectation that information shared in trust is not improperly revealed, and code assignment is a coding function.
- A breach notification letter is returned because the affected individual's address on file is outdated, and the entity lacks current contact information for ten or more individuals. Under the Breach Notification Rule, what substitute notice is generally appropriate?
- No further action is required
- Notice only to the entity's billing office
- A note placed in each patient's chart
- A conspicuous posting on the entity's website for a required period or notice in major print or broadcast media
Correct answer: A conspicuous posting on the entity's website for a required period or notice in major print or broadcast media
When contact information is insufficient or out of date for ten or more individuals, substitute notice such as a conspicuous website posting for a required period or notice in major print or broadcast media is generally appropriate. Taking no action, notifying only billing, or charting a note would not satisfy the substitute notice requirement.
- Under the Breach Notification Rule, when a breach is caused by a business associate, who is generally responsible for ensuring affected individuals are notified?
- The patients themselves
- No one, because business associates are exempt
- The state licensing board
- The covered entity, although the business associate must notify the covered entity of the breach
Correct answer: The covered entity, although the business associate must notify the covered entity of the breach
The covered entity is generally responsible for ensuring affected individuals receive breach notification, while the business associate is required to notify the covered entity of a breach it discovers. Patients are not responsible for notifying themselves, business associates are not exempt from HIPAA, and the licensing board does not perform breach notification.
- A HIM professional must safeguard PHI displayed on a workstation in a shared area. Which physical safeguard most directly addresses unauthorized viewing by passersby?
- A longer record retention schedule
- A higher copying fee
- An expanded chargemaster
- A privacy screen filter that limits the viewing angle of the monitor
Correct answer: A privacy screen filter that limits the viewing angle of the monitor
A privacy screen filter limits the monitor's viewing angle so passersby cannot read protected health information, directly addressing unauthorized viewing in a shared area. Retention length, copying fees, and chargemaster scope have no effect on who can see a screen.
- A patient calls and asks the HIM department to confirm test results over the phone. Before disclosing anything, what privacy step is most important?
- Verify the caller's identity to confirm they are the patient or an authorized person
- Increase the case mix index
- Check the bed occupancy rate
- Recalculate the gross death rate
Correct answer: Verify the caller's identity to confirm they are the patient or an authorized person
Before disclosing protected health information by phone, staff must verify the caller's identity to confirm they are the patient or an authorized person, preventing disclosure to an imposter. The case mix index, bed occupancy rate, and gross death rate are statistics unrelated to identity verification.
- Which HIPAA workforce practice helps ensure that only appropriate staff obtain access to protected health information in the first place?
- Increasing the chargemaster size
- Workforce clearance and authorization procedures that grant access based on job role before access is given
- Lengthening the record retention period
- Lowering the bed occupancy rate
Correct answer: Workforce clearance and authorization procedures that grant access based on job role before access is given
Workforce clearance and authorization procedures determine appropriate access based on job role before access is granted, an administrative safeguard ensuring only suitable staff reach protected health information. Chargemaster size, retention length, and occupancy rate do not govern who is cleared for access.
- When a workforce member is terminated, which Security Rule administrative procedure most directly reduces the risk of inappropriate access to electronic protected health information?
- Raising the case mix index
- Updating the chargemaster
- A termination procedure that promptly revokes the former employee's system access
- Shortening the notice of privacy practices
Correct answer: A termination procedure that promptly revokes the former employee's system access
A termination procedure that promptly disables or removes a departing employee's system access prevents continued access to electronic protected health information, reducing risk. Adjusting the case mix index, chargemaster, or privacy notice does nothing to revoke access.
- A patient asks the HIM department to explain, before any sensitive disclosure, what the law allows and how their information will be shared. Educating patients about privacy practices and their rights is most closely aligned with which document and function?
- The chargemaster review process
- Privacy education supported by the notice of privacy practices
- The case mix analysis
- The deficiency analysis
Correct answer: Privacy education supported by the notice of privacy practices
Educating patients about how their information may be used and their privacy rights is a privacy function supported by the notice of privacy practices, which conveys those uses, disclosures, and rights. The chargemaster review, case mix analysis, and deficiency analysis address billing, acuity, and chart completeness rather than privacy education.
- A covered entity wants to confirm it is meeting its obligation to provide patients an accounting of disclosures for releases made to public health authorities and in response to legal process. Which ongoing practice best ensures this capability?
- Recalculating the incidence rate monthly
- Auditing the case mix index quarterly
- Reviewing the chargemaster annually
- Consistently logging each accountable disclosure with its date, recipient, description, and purpose as it occurs
Correct answer: Consistently logging each accountable disclosure with its date, recipient, description, and purpose as it occurs
Consistently logging each accountable disclosure with its date, recipient, description, and purpose as it occurs ensures the entity can compile a complete and accurate accounting of disclosures on request. Recalculating the incidence rate, auditing the case mix index, and reviewing the chargemaster address statistics and billing, not disclosure tracking.
- A HIM department wants to monitor for inappropriate access to high-profile patient records by reviewing system logs on a defined schedule. Which Security Rule technical safeguard does this routine review rely on?
- The chargemaster maintenance process
- Audit controls that record and enable examination of system access activity
- The bed occupancy calculation
- The principal diagnosis assignment
Correct answer: Audit controls that record and enable examination of system access activity
Routine review of system logs for inappropriate access relies on audit controls, the technical safeguard that records and enables examination of activity in systems containing electronic protected health information. Chargemaster maintenance, occupancy calculation, and diagnosis assignment are unrelated billing, statistical, and coding functions.
- A 320-discharge medical service accumulated diagnosis-related group relative weights totaling 480.0 for the month. What case mix index should the analyst report, rounded to two decimals?
Correct answer: 1.50
The reported case mix index is 1.50, found by dividing the total relative weight of 480.0 by the 320 discharges. The value 0.67 inverts the division, 3.20 simply restates the discharge count, and 15.0 misplaces the decimal point, so none equals the average weight per case.
- An analyst is told the case mix index for two service lines is identical at 1.40, yet one line generates far more total relative weight than the other. What does this most directly reveal?
- The higher-total line logged more releases of information
- The higher-total line must have a longer record retention schedule
- The higher-total line had a lower bed occupancy rate
- The higher-total line discharged more cases at the same average weight
Correct answer: The higher-total line discharged more cases at the same average weight
An equal index with a larger total weight reveals that the higher-total line discharged more cases at the same average weight, since the index is total weight divided by case count. Retention schedules, occupancy, and release-of-information activity are records, capacity, and privacy measures that do not follow from the total weight.
- When an analyst studies the distribution of individual diagnosis-related group weights that make up the case mix index, what is the most useful reason to look beyond the single average value?
- The average cannot be calculated without first encrypting the data
- The average determines how long records must be retained
- The average sets the minimum necessary standard for disclosures
- The average alone hides whether a few very high-weight cases or a broad mix produced it
Correct answer: The average alone hides whether a few very high-weight cases or a broad mix produced it
Looking beyond the single value is useful because the average alone hides whether a few very high-weight cases or a broad mix produced it, and the distribution reveals that structure. Encryption, retention length, and the minimum necessary standard are security, records, and privacy concepts unrelated to interpreting the weight distribution.
- An incidence rate and a prevalence proportion are both reported for a chronic condition. Which statement correctly separates what each measures?
- Incidence measures all cases present at one time, while prevalence measures only fatal cases
- Incidence and prevalence both measure only newly diagnosed cases
- Incidence measures total charges, while prevalence measures total payments
- Incidence measures new cases arising over a period, while prevalence measures all existing cases at a point in time
Correct answer: Incidence measures new cases arising over a period, while prevalence measures all existing cases at a point in time
The correct separation is that incidence measures new cases arising over a period, while prevalence measures all existing cases at a point in time. Limiting incidence to all present cases or to fatal cases, treating both as new diagnoses, or tying them to charges and payments confuses occurrence measures with one another or with financial figures.
- During a calendar year a defined service area of 40,000 at-risk people recorded 120 newly diagnosed cases of a reportable condition. What is the incidence rate per 1,000 population?
- 3 per 1,000
- 30 per 1,000
- 0.3 per 1,000
- 12 per 1,000
Correct answer: 3 per 1,000
The incidence rate is 3 per 1,000, found by dividing the 120 new cases by the 40,000 population and multiplying by 1,000. The value 0.3 per 1,000 applies the wrong multiplier, 30 per 1,000 misplaces the decimal, and 12 per 1,000 ignores the denominator entirely.
- A surveillance analyst must explain why a raw count of new infections cannot fairly compare two units with very different patient volumes. What is the strongest justification for converting the counts to incidence rates?
- Rates relate new cases to the exposed population, so units of different sizes can be compared fairly
- Rates remove the need to define the at-risk population
- Rates always produce smaller numbers that are easier to print
- Rates convert the data into patient-identifiable form
Correct answer: Rates relate new cases to the exposed population, so units of different sizes can be compared fairly
The strongest justification is that rates relate new cases to the exposed population, so units of different sizes can be compared fairly, which a raw count cannot do. Rates are not chosen for smaller printed numbers, they require defining the at-risk population rather than removing it, and they do not make data patient-identifiable.
- An infection preventionist reports a device-associated infection rate using device days as the denominator instead of patient days. Why is the device-day denominator more appropriate for this specific rate?
- Device days determine the record retention period
- Device days equal the total number of discharges
- Device days reflect the actual exposure to the device that can cause the infection
- Device days are easier to encrypt than patient days
Correct answer: Device days reflect the actual exposure to the device that can cause the infection
The device-day denominator is more appropriate because device days reflect the actual exposure to the device that can cause the infection, aligning the denominator with the true risk. Encryption ease, retention periods, and discharge counts are security, records, and volume concepts that have nothing to do with device exposure time.
- A registry abstractor is given a list of predefined data elements to capture from each qualifying record. Which characteristic of this work makes it data abstraction rather than ordinary documentation?
- The abstractor decides who may access the record
- The abstractor selectively pulls defined elements from an existing record into a secondary system
- The abstractor writes new clinical findings into the chart
- The abstractor assigns the bill's reimbursement amount
Correct answer: The abstractor selectively pulls defined elements from an existing record into a secondary system
It is data abstraction because the abstractor selectively pulls defined elements from an existing record into a secondary system rather than creating original content. Writing new clinical findings is documentation, assigning a bill amount is a revenue function, and deciding access is a security function, none of which describes extraction into a secondary source.
- An analyst auditing an abstraction process re-abstracts a sample of records and compares the new values to the originals. What is this re-abstraction sample primarily intended to measure?
- The hospital's licensed bed count
- The accuracy and consistency of the abstracted data
- The number of disclosures logged for each patient
- How long the records must be retained
Correct answer: The accuracy and consistency of the abstracted data
Re-abstracting a sample and comparing values is primarily intended to measure the accuracy and consistency of the abstracted data, surfacing errors or interpretation differences. Retention length, licensed beds, and disclosure counts are records, capacity, and privacy measures that a re-abstraction audit does not assess.
- A new abstractor consistently captures a laboratory value from the wrong panel because the abstraction guide does not specify which panel to use. Which fix most directly improves abstraction validity for that element?
- Adding a precise data-element specification naming the exact source panel
- Increasing the number of beds on the unit
- Encrypting the abstraction database at rest
- Shortening how long records are kept
Correct answer: Adding a precise data-element specification naming the exact source panel
Validity improves most directly by adding a precise data-element specification naming the exact source panel, removing the ambiguity that caused the wrong value. Adding beds, shortening retention, and encrypting the database address capacity, records lifespan, and security rather than which source the abstractor should use.
- An operation index, a disease index, and a physician index are all maintained from coded inpatient data. What do these indexes have in common as secondary data sources?
- They each serve as the legal health record for the encounter
- They each contain only financial transactions
- They each set the facility's reimbursement rates
- They each let users locate or count cases by a specific data element such as procedure, diagnosis, or provider
Correct answer: They each let users locate or count cases by a specific data element such as procedure, diagnosis, or provider
The common feature is that they each let users locate or count cases by a specific data element such as procedure, diagnosis, or provider, which is the purpose of an index. None of them is the legal health record, sets reimbursement rates, or holds only financial transactions, since those are documentation, payment, and accounting functions.
- An analyst needs to find every inpatient case that received a particular surgical procedure last year for a quality study. Which secondary data source is designed to retrieve cases by procedure most efficiently?
- The breach notification log
- The operation (procedure) index
- The charge description master
- The notice of privacy practices
Correct answer: The operation (procedure) index
The operation, or procedure, index is designed to retrieve cases by procedure most efficiently, because it is organized by procedure code to list the qualifying encounters. A notice of privacy practices, a charge description master, and a breach log serve privacy, billing, and security purposes and are not built to locate cases by procedure.
- A cancer registry maintains lifetime follow-up on its registered patients. What is the primary analytic value of this long-term follow-up?
- It supports survival and outcome analysis over time for the registered population
- It replaces the need for coded diagnoses
- It shortens the legal retention period for the records
- It raises the facility's bed occupancy rate
Correct answer: It supports survival and outcome analysis over time for the registered population
Lifetime follow-up primarily supports survival and outcome analysis over time for the registered population, which is a core reason cancer registries exist. It does not shorten retention, change occupancy, or remove the need for coded diagnoses, which are records, capacity, and coding matters separate from longitudinal follow-up.
- A trauma registry reports that its case ascertainment relies on multiple sources, including emergency logs and admission lists, rather than a single feed. Why does using multiple case-finding sources improve the registry's data?
- It automatically encrypts every record
- It guarantees a higher reimbursement per case
- It eliminates the need for eligibility criteria
- It reduces missed eligible cases, improving the completeness of the registry
Correct answer: It reduces missed eligible cases, improving the completeness of the registry
Multiple case-finding sources reduce missed eligible cases, improving the completeness of the registry, because no single list captures every qualifying case. The practice does not encrypt records, change reimbursement, or remove eligibility criteria, which are security, payment, and definitional concerns unrelated to case finding.
- A national registry requires participating facilities to use coding and staging rules that change each reporting year. What is the most important analytic reason to apply the edition in effect for each case's diagnosis year?
- It keeps comparisons across years valid by applying consistent, version-appropriate definitions
- It increases the hospital's case mix index
- It shortens the abstraction time per case
- It reduces the number of beds counted
Correct answer: It keeps comparisons across years valid by applying consistent, version-appropriate definitions
Applying the correct edition keeps comparisons across years valid by applying consistent, version-appropriate definitions, so trends reflect real change rather than rule changes. It does not exist to shorten abstraction time, raise the case mix index, or reduce bed counts, which are workload, complexity, and capacity matters.
- Core measure specifications define both a numerator and a denominator for each measure. In a measure of recommended discharge counseling, what does the denominator generally represent?
- The dollars billed for the discharge
- The number of beds available during the period
- The patients eligible for the measure who could appropriately receive the recommended care
- The number of records released to outside parties
Correct answer: The patients eligible for the measure who could appropriately receive the recommended care
The denominator generally represents the patients eligible for the measure who could appropriately receive the recommended care, against whom adherence is judged. Available beds, billed dollars, and released records are capacity, financial, and privacy figures that do not define the eligible measure population.
- An analyst compares two hospitals' core measure rates and finds Hospital A at 88 percent and Hospital B at 95 percent on the same measure. Before concluding B delivers better care, which step is most important?
- Confirm both retain records for the same number of years
- Confirm both have the same number of licensed beds
- Confirm both used the same measure specification, eligible population, and exclusions
- Confirm both use the same encryption algorithm
Correct answer: Confirm both used the same measure specification, eligible population, and exclusions
The most important step is to confirm both used the same measure specification, eligible population, and exclusions, because differences there would make the rates noncomparable. Equal bed counts, retention periods, and encryption algorithms are capacity, records, and security attributes that do not affect whether the measure rates can be compared.
- A quality team wants to improve a stalled core measure rate. What is the most appropriate first analytic action to target their effort?
- Drill into the failing cases to identify the specific documentation or process gaps
- Restrict who may access protected health information
- Lengthen the record retention schedule
- Increase the bed occupancy rate for the unit
Correct answer: Drill into the failing cases to identify the specific documentation or process gaps
The most appropriate first action is to drill into the failing cases to identify the specific documentation or process gaps, since targeted improvement requires knowing why cases failed. Raising occupancy, lengthening retention, and restricting access are capacity, records, and security actions that do not diagnose the cause of low performance.
- An analyst presents a unit's average length of stay alongside the unit's median length of stay and notes the mean is much larger than the median. What does this most directly suggest about the unit's stays?
- The distribution is right-skewed by a small number of very long stays
- Every patient stayed exactly the same number of days
- The stays are perfectly symmetric around the mean
- The data contain no variation at all
Correct answer: The distribution is right-skewed by a small number of very long stays
A mean much larger than the median most directly suggests the distribution is right-skewed by a small number of very long stays that pull the average up. Identical stays or no variation would make the two measures equal, and a symmetric distribution would place the mean near the median rather than well above it.
- A rehabilitation unit discharged 40 patients who together used 360 total length-of-stay days. What was the average length of stay?
- 9.0 days
- 11.0 days
- 7.0 days
- 4.0 days
Correct answer: 9.0 days
The average length of stay was 9.0 days, found by dividing the 360 total length-of-stay days by the 40 discharges. The values 7.0, 11.0, and 4.0 days come from arithmetic errors or dividing the wrong quantities and do not equal total days divided by discharges.
- An analyst must compute the total length of stay for a single patient admitted on the 3rd and discharged on the 10th of the same month. Using standard inpatient day counting, how many days are counted?
- 10 days
- 3 days
- 7 days
- 8 days
Correct answer: 7 days
The length of stay is 7 days, because standard inpatient counting subtracts the admission date from the discharge date, and the day of discharge is not counted. Counting 10 or 3 simply reports a calendar date, and 8 results from incorrectly including the discharge day in the total.
- An analyst notices that one unit's average length of stay looks low only because many same-day discharges are counted as one day each. What does this illustrate about interpreting the average length of stay?
- The metric can never be affected by short stays
- The metric measures mortality rather than duration
- The metric reflects how stays are counted and defined, so counting rules must be understood before drawing conclusions
- The metric is always identical to the bed occupancy rate
Correct answer: The metric reflects how stays are counted and defined, so counting rules must be understood before drawing conclusions
This illustrates that the metric reflects how stays are counted and defined, so counting rules must be understood before drawing conclusions about efficiency. The average length of stay is not the same as the occupancy rate, is clearly affected by short stays, and measures duration rather than mortality.
- An analyst computes the daily inpatient census and then sums it across the month to support occupancy reporting. The daily inpatient census represents which quantity?
- The number of inpatients present at the official census-taking time each day
- The number of records completed each day
- The total charges generated each day
- The number of patients discharged each day
Correct answer: The number of inpatients present at the official census-taking time each day
The daily inpatient census represents the number of inpatients present at the official census-taking time each day, the basis for service-day and occupancy statistics. Daily discharges, daily charges, and daily record completions are throughput, financial, and timeliness counts that are not the census.
- A 250-bed hospital reported 6,000 inpatient service days in a 30-day month. What was its bed occupancy rate, rounded to the nearest whole percent?
- 70 percent
- 85 percent
- 75 percent
- 80 percent
Correct answer: 80 percent
The bed occupancy rate was 80 percent, found by dividing the 6,000 service days by the 7,500 available bed days, which is 250 beds times 30 days. The other percentages come from an incorrect denominator or arithmetic and do not match the service-day-to-available-bed-day ratio.
- A hospital's bed occupancy rate held at about 95 percent for several months. From a capacity-analytics standpoint, what does a sustained occupancy this high most directly suggest to leadership?
- The facility's case mix index must be falling
- The facility has little spare bed capacity and may face access or surge pressure
- The facility logged fewer disclosures of protected health information
- The facility's records are being destroyed too early
Correct answer: The facility has little spare bed capacity and may face access or surge pressure
Sustained occupancy near 95 percent most directly suggests the facility has little spare bed capacity and may face access or surge pressure, since nearly all beds are in use. Record destruction timing, the case mix index, and disclosure counts are records, complexity, and privacy measures that occupancy does not indicate.
- An analyst computes the bed turnover rate to complement the occupancy rate. The bed turnover rate most directly describes which of the following?
- The average relative weight of the cases treated
- The percentage of deaths among discharges
- How many discharges, on average, each bed produced during the period
- The number of new infection cases per 1,000 patients
Correct answer: How many discharges, on average, each bed produced during the period
The bed turnover rate most directly describes how many discharges, on average, each bed produced during the period, indicating how intensively beds were used. The average case weight is the case mix index, deaths among discharges is the death rate, and new infections per 1,000 is an incidence rate, none of which is bed turnover.
- The net death rate differs from the gross death rate in which way?
- The net death rate excludes deaths occurring within 48 hours of admission
- The net death rate includes only outpatient deaths
- The net death rate uses available bed days as the denominator
- The net death rate counts each death twice
Correct answer: The net death rate excludes deaths occurring within 48 hours of admission
The net death rate excludes deaths occurring within 48 hours of admission, removing very early deaths that may reflect conditions present before treatment could take full effect. It does not double-count deaths, switch to a bed-day denominator, or restrict itself to outpatient deaths, which would misstate the measure.
- In a month, a hospital had 10 inpatient deaths among 500 total discharges, including those deaths. What was the gross death rate?
- 2.0 percent
- 0.2 percent
- 20 percent
- 5.0 percent
Correct answer: 2.0 percent
The gross death rate was 2.0 percent, found by dividing the 10 deaths by the 500 total discharges and converting to a percentage. The value 0.2 percent and 20 percent misplace the decimal, and 5.0 percent uses an incorrect denominator, so none equals the deaths-to-discharges ratio.
- An analyst computes a postoperative death rate for a surgical service. Which numerator and denominator correctly define this rate?
- New infections divided by patient days
- Surgical discharges divided by total discharges
- Deaths within a defined postoperative window divided by the patients who had operations
- Total inpatient deaths divided by total admissions
Correct answer: Deaths within a defined postoperative window divided by the patients who had operations
The postoperative death rate is deaths within a defined postoperative window divided by the patients who had operations, tying the deaths to the surgical population. Inpatient deaths over admissions is a broader death rate, surgical over total discharges is a proportion of cases, and infections over patient days is an incidence rate.
- A quality department reports a fetal death rate for the obstetric service. The denominator for the fetal death rate is best described as which group?
- All emergency department visits for the period
- Total births, including live births and the intermediate and late fetal deaths counted
- All surgical procedures performed
- All inpatient discharges for the period
Correct answer: Total births, including live births and the intermediate and late fetal deaths counted
The fetal death rate denominator is best described as total births, including live births and the intermediate and late fetal deaths counted, since the rate measures fetal deaths relative to all births. Total inpatient discharges, emergency visits, and surgical procedures are unrelated populations that do not define the birth base.
- An analyst is preparing a quarterly statistical report and must decide whether a measure should be expressed as a rate, a ratio, or a proportion. The percentage of deliveries that were cesarean is best classified as which of these?
- A ratio of two unrelated quantities
- A proportion, because the numerator is part of the denominator
- A raw count with no denominator
- A measure of dispersion
Correct answer: A proportion, because the numerator is part of the denominator
The cesarean percentage is best classified as a proportion, because the numerator is part of the denominator, with cesarean deliveries being a subset of all deliveries. It is not a ratio of unrelated quantities, a raw count lacking a denominator, or a measure of dispersion, which describe different relationships among the data.
- An analyst must distinguish a rate from a ratio when describing hospital data. The number of nurses divided by the number of patients on a unit is best described as which of the following?
- A proportion of a single whole
- An incidence rate of disease
- A measure of central tendency
- A ratio comparing two distinct quantities, where the numerator is not part of the denominator
Correct answer: A ratio comparing two distinct quantities, where the numerator is not part of the denominator
Nurses divided by patients is best described as a ratio comparing two distinct quantities, where the numerator is not part of the denominator. It is not a proportion of a single whole, an incidence rate of disease, or a measure of central tendency, since those describe subsets, new cases, or typical values rather than two separate groups compared.
- A dataset of daily emergency arrivals is 12, 15, 15, 18, 25. What is the mean of this dataset?
Correct answer: 17
The mean is 17, found by adding the five values to get 85 and dividing by 5. The value 15 is both the mode and the median, and 25 is the maximum, none of which equals the arithmetic average of all observations.
- For the same arrivals dataset of 12, 15, 15, 18, 25, what is the median?
Correct answer: 15
The median is 15, because when the five values are ordered (12, 15, 15, 18, 25), 15 sits in the middle position (3rd of 5) with two values below (12, 15) and two values above (18, 25). The value 18 is the 4th value, not the median; 17 is the mean; and 25 is the maximum.
- An analyst reports that a patient's blood pressure result fell at the 90th percentile of the unit's distribution. What does the 90th percentile mean in this context?
- The result is 90 units above the mean
- The result occurred 90 times in the dataset
- The result is 90 percent of the maximum possible value
- About 90 percent of the values in the distribution fall at or below that result
Correct answer: About 90 percent of the values in the distribution fall at or below that result
The 90th percentile means about 90 percent of the values in the distribution fall at or below that result, locating it near the top of the distribution. It does not mean 90 percent of a maximum, a frequency of 90 occurrences, or a distance of 90 units above the mean, which describe other concepts entirely.
- An analyst describes a roughly bell-shaped, symmetric distribution of a continuous measurement. In such a normal distribution, how do the mean, median, and mode relate?
- The median is always the smallest of the three
- They are unrelated and cannot be compared
- They are approximately equal to one another
- The mean is always far above the mode
Correct answer: They are approximately equal to one another
In a roughly symmetric, bell-shaped normal distribution the mean, median, and mode are approximately equal to one another, all sitting at the center. The mean is not far above the mode, the median is not the smallest, and the three measures are clearly comparable, so the other statements describe skewed or unrelated data instead.
- An analyst wants to compare the count of release-of-information requests across five departments for a single month. Which display is best suited to comparing distinct category totals side by side?
- A single pie slice
- A scatter plot of two variables
- A bar chart
- A line graph over time
Correct answer: A bar chart
A bar chart is best suited to comparing distinct category totals side by side, because the height of each bar lets the reader compare departments at a glance. A line graph shows trends over time, a single pie slice shows one part of a whole, and a scatter plot shows relationships between two variables, none of which is built for category comparison.
- An analyst must display the cumulative percentage of total coding errors contributed by each error type, ordered from largest to smallest, to focus improvement. Which display is most appropriate?
- A confidentiality notice
- An organizational chart
- A patient name list
- A Pareto chart
Correct answer: A Pareto chart
A Pareto chart is most appropriate, because it orders categories from largest to smallest and overlays a cumulative percentage line to highlight the vital few causes. An organizational chart shows structure, a confidentiality notice is a privacy document, and a patient name list conveys no error pattern, so none supports prioritization.
- An analyst plots monthly turnaround time on a control chart and sees eight consecutive points all above the centerline though within the control limits. What does this run most likely signal?
- A guaranteed data-entry error in every point
- A nonrandom pattern suggesting a real shift in the process worth investigating
- An automatic improvement in care quality
- That the process can no longer be measured
Correct answer: A nonrandom pattern suggesting a real shift in the process worth investigating
Eight consecutive points on one side of the centerline most likely signal a nonrandom pattern suggesting a real shift in the process worth investigating, even when all points stay within the limits. Such a run does not prove data-entry errors, confirm improved quality, or mean the process cannot be measured, which are unsupported conclusions.
- An analyst examines whether longer wait times are associated with lower patient satisfaction scores across many encounters and finds that as one rises the other tends to fall. This pattern is best described as which kind of relationship?
- A proof that wait times cause dissatisfaction
- A negative correlation between the two variables
- A positive correlation between the two variables
- A measure of central tendency
Correct answer: A negative correlation between the two variables
When one variable rises as the other falls, the pattern is best described as a negative correlation between the two variables. It is not a positive correlation, which would move together, it does not by itself prove causation, and it is not a measure of central tendency, which describes a typical value rather than a relationship.
- An analyst reminds a team that a strong correlation between two measures does not establish that one causes the other. What is the soundest reason behind this caution?
- Correlation can only be computed on encrypted data
- Correlation is a measure of record retention
- An unmeasured third factor could be driving both measures
- Correlation always equals the case mix index
Correct answer: An unmeasured third factor could be driving both measures
The soundest reason is that an unmeasured third factor could be driving both measures, so an observed association may not be causal. Correlation does not depend on encryption, does not equal the case mix index, and is not a retention measure, so the other options misstate what correlation is.
- An analyst loads admission and discharge dates into an automated edit check that flags any record where the discharge date precedes the admission date. This automated edit check is primarily a tool for which purpose?
- Encrypting the dataset for transmission
- Setting the legal retention schedule
- Validating data before analysis so logically impossible values are caught
- Authorizing disclosures of protected health information
Correct answer: Validating data before analysis so logically impossible values are caught
The automated edit check is primarily a tool for validating data before analysis so logically impossible values are caught, improving data quality at intake. It does not encrypt the dataset, set retention schedules, or authorize disclosures, which are security, records-management, and privacy functions outside the edit's purpose.
- Before merging an inpatient file with an outpatient file for a combined analysis, an analyst standardizes the date format and sex coding so both files use the same values. Why is this standardization important to the analysis?
- It lets the fields be matched and combined consistently, preventing errors from mismatched formats
- It increases the reimbursement per encounter
- It removes the need to define the population at risk
- It automatically deletes duplicate patients
Correct answer: It lets the fields be matched and combined consistently, preventing errors from mismatched formats
Standardizing formats and codes lets the fields be matched and combined consistently, preventing errors from mismatched formats when the files are merged. It does not change reimbursement, remove the need to define the at-risk population, or by itself delete duplicates, which are financial, methodological, and separate data-cleaning concerns.
- An analyst preparing an aggregate quality report removes direct patient identifiers and presents only summary counts and rates. What is the primary analytic and ethical reason for using aggregate, de-identified data in such a report?
- It lengthens the record retention period
- It increases the bed occupancy rate
- It supports population-level analysis while protecting individual patient privacy
- It raises the case mix index
Correct answer: It supports population-level analysis while protecting individual patient privacy
Using aggregate, de-identified data supports population-level analysis while protecting individual patient privacy, which is the goal of summary reporting. It does not affect bed occupancy, retention length, or the case mix index, which are capacity, records, and complexity measures unrelated to how the report protects identities.
- An executive dashboard tracks several key performance indicators for the HIM department, such as coding accuracy and request turnaround. What is the primary analytic purpose of presenting these indicators together on a dashboard?
- To set the facility's reimbursement rates
- To serve as the legal health record for each patient
- To authorize who may release protected health information
- To give a concise, at-a-glance view that supports timely monitoring and decisions
Correct answer: To give a concise, at-a-glance view that supports timely monitoring and decisions
A dashboard's primary purpose is to give a concise, at-a-glance view that supports timely monitoring and decisions by displaying key indicators together. It is not the legal health record, does not set reimbursement rates, and does not authorize disclosures, which are documentation, payment, and privacy functions.
- A manager requests a one-time report counting last quarter's releases of information by requester type for a board presentation. Which analytic activity best describes producing this specific, non-recurring report?
- Abstracting cases into a disease registry
- Running an ad hoc query against the data to answer a specific question
- Assigning diagnosis codes for billing
- Authenticating the legal health record
Correct answer: Running an ad hoc query against the data to answer a specific question
Producing this specific, non-recurring report is best described as running an ad hoc query against the data to answer a specific question, since it is generated on demand rather than on a fixed schedule. Abstracting into a registry, assigning billing codes, and authenticating the record are registry, coding, and documentation activities, not on-demand reporting.
- An analyst is asked why presenting only the most recent month's single value, with no prior months for comparison, can mislead leadership about performance. What is the best reason?
- A single value cannot be stored without encryption
- A single value gives no baseline or trend, so normal variation can look like real change
- A single value automatically violates the minimum necessary standard
- A single value lengthens the record retention schedule
Correct answer: A single value gives no baseline or trend, so normal variation can look like real change
A single value can mislead because it gives no baseline or trend, so normal variation can look like real change without context from prior periods. The concern is analytic, not about encryption, the minimum necessary standard, or retention, which are security, privacy, and records matters unrelated to interpreting one data point.
- An analyst summarizing a small set of monthly denial counts wants a single measure of how much the counts vary from month to month. Which statistic directly describes that variability?
- The total of the monthly counts
- The median of the monthly counts
- The mode of the monthly counts
- The standard deviation of the monthly counts
Correct answer: The standard deviation of the monthly counts
The standard deviation of the monthly counts directly describes how much the counts vary from month to month, measuring spread around the mean. The mode and median identify a frequent or middle value, and the total is a sum, none of which captures variability in the data.
- An analyst computing an annual incidence rate of a condition realizes the population at risk changed substantially during the year. Which population figure is the most appropriate denominator for the annual rate?
- The estimated average (midyear) population at risk during the year
- The total charges billed during the year
- The number of beds licensed at year end
- The number of records released during the year
Correct answer: The estimated average (midyear) population at risk during the year
The most appropriate denominator is the estimated average, or midyear, population at risk during the year, because it best represents the population exposed over a year of changing size. Licensed beds, released records, and total charges are capacity, privacy, and financial figures that do not represent the at-risk population.
- Under the Medicare hospital outpatient prospective payment system, which classification method groups outpatient services into payment categories based on clinical and resource similarity?
- Ambulatory Payment Classifications
- Medicare Severity Diagnosis-Related Groups
- Resource Utilization Groups
- Resource-Based Relative Value Scale
Correct answer: Ambulatory Payment Classifications
Ambulatory Payment Classifications are the correct grouping method. APCs are the unit of payment under the hospital Outpatient Prospective Payment System (OPPS), bundling outpatient services that are clinically comparable and similar in resource use into a single payment group. MS-DRGs apply to inpatient stays, RUGs were used in skilled nursing, and RBRVS underlies the physician fee schedule.
- A coder is assigning the payment group for a hospital outpatient encounter that included a surgical procedure. Which code set primarily drives Ambulatory Payment Classification assignment for that encounter?
- ICD-10-CM diagnosis codes only
- CPT and HCPCS Level II procedure codes
- ICD-10-PCS procedure codes
- UB-04 condition codes
Correct answer: CPT and HCPCS Level II procedure codes
CPT and HCPCS Level II procedure codes primarily drive APC assignment. The outpatient prospective payment system maps these procedure and service codes to APC groups, so accurate outpatient procedure coding directly determines the payment category. ICD-10-PCS is used for inpatient procedures, and diagnosis codes establish medical necessity rather than the APC itself.
- A hospital reports a sudden drop in outpatient reimbursement after a coding workflow change. An analyst suspects services are mapping to lower-paying Ambulatory Payment Classifications. Which review would most directly confirm the cause?
- Recalculate the inpatient case mix index for the same period
- Audit the master patient index for duplicate records
- Compare the CPT/HCPCS codes assigned before and after the change to the APCs they map to
- Review the notice of privacy practices acknowledgment rate
Correct answer: Compare the CPT/HCPCS codes assigned before and after the change to the APCs they map to
Comparing the assigned CPT/HCPCS codes to their resulting APC groups before and after the change is the most direct confirmation. Because outpatient payment flows from procedure code to APC, a shift toward lower-paying groups will show up in that mapping comparison. Inpatient case mix, the MPI, and privacy acknowledgments do not affect outpatient APC payment.
- Which classification system is used to assign Medicare inpatient hospital cases to payment groups under the Inpatient Prospective Payment System?
- Ambulatory Payment Classifications
- Healthcare Common Procedure Coding System
- Current Procedural Terminology
- Medicare Severity Diagnosis-Related Groups
Correct answer: Medicare Severity Diagnosis-Related Groups
Medicare Severity Diagnosis-Related Groups are correct. MS-DRGs classify inpatient admissions into payment groups under IPPS, accounting for severity through the use of complications/comorbidities and major complications/comorbidities. APCs apply to outpatient services, while HCPCS and CPT are code sets rather than inpatient payment classifications.
- An inpatient record is being coded for MS-DRG assignment. Which element most directly determines the base MS-DRG before severity is considered?
- The principal diagnosis and any principal procedure
- The patient's secondary insurance plan
- The admitting physician's specialty
- The hospital's bed occupancy rate
Correct answer: The principal diagnosis and any principal procedure
The principal diagnosis, together with any principal procedure, most directly determines the base MS-DRG. The grouper first assigns the case to a base group from these elements, then adjusts severity using qualifying secondary diagnoses. The patient's secondary insurance, physician specialty, and occupancy rate have no role in MS-DRG logic.
- A coder adds a documented secondary diagnosis that qualifies as a major complication or comorbidity to an inpatient record. What is the most likely effect on MS-DRG assignment?
- The case is automatically excluded from MS-DRG payment
- The case may shift to a higher-weighted MS-DRG with greater reimbursement
- The principal diagnosis is replaced by the secondary diagnosis
- The encounter converts to outpatient APC payment
Correct answer: The case may shift to a higher-weighted MS-DRG with greater reimbursement
Adding a qualifying major complication or comorbidity may shift the case to a higher-weighted MS-DRG with greater reimbursement. MS-DRG severity tiers respond to documented MCCs and CCs, which is why accurate secondary diagnosis capture matters for revenue integrity. A qualifying MCC does not exclude the case, replace the principal diagnosis, or change the setting to outpatient.
- What is the primary function of the charge description master (CDM) in a hospital revenue cycle?
- It stores the legal health record for each patient
- It tracks employee productivity in the HIM department
- It links each billable item or service to a charge, code, and department
- It records the accounting of disclosures for released records
Correct answer: It links each billable item or service to a charge, code, and department
Linking each billable item or service to a charge, code, and department is the CDM's primary function. The charge description master is the master list that drives charge capture and claim generation, connecting services to HCPCS/CPT codes, revenue codes, and prices. It does not store the legal health record, track HIM productivity, or log disclosures.
- During a charge description master review, a technician finds an active line item still mapped to a HCPCS code that was deleted at the start of the year. What is the most appropriate corrective action?
- Leave the code in place until the next annual review
- Delete the patient records associated with the service
- Convert the service to an inpatient MS-DRG
- Update the line item to the current valid HCPCS code
Correct answer: Update the line item to the current valid HCPCS code
Updating the line item to the current valid HCPCS code is the appropriate action. The CDM must reflect current code sets so claims are not rejected or denied for outdated codes, and corrections should be made when discovered rather than deferred. Deleting patient records or converting an outpatient service to a DRG would be improper.
- Why is periodic maintenance of the charge description master considered essential to revenue integrity?
- Outdated codes or prices in the CDM cause claim denials and lost or incorrect revenue
- The CDM determines patient eligibility for the certifying examination
- The CDM replaces the need for clinical documentation in the record
- The CDM is used to calculate the gross death rate
Correct answer: Outdated codes or prices in the CDM cause claim denials and lost or incorrect revenue
Outdated codes or prices in the CDM lead to claim denials and lost or incorrect revenue, which is why periodic maintenance is essential. Because the CDM feeds automated charge capture, errors propagate to every claim using that line item. It has nothing to do with certification eligibility, clinical documentation, or mortality statistics.
- What is the primary purpose of a clinical documentation improvement (CDI) program in the revenue cycle?
- To negotiate the prices listed in the charge description master
- To ensure provider documentation supports accurate, specific code assignment and reimbursement
- To schedule patient appointments and registration
- To store backup copies of the electronic health record
Correct answer: To ensure provider documentation supports accurate, specific code assignment and reimbursement
Ensuring provider documentation supports accurate, specific code assignment and reimbursement is the primary purpose of CDI. By clarifying ambiguous or incomplete documentation concurrently, CDI improves the precision of coded data that drives MS-DRG and other payment groups. CDI does not set prices, schedule patients, or manage data backups.
- A coder collaborates with a CDI specialist on an inpatient case where the provider documented 'anemia' without further detail. From a revenue cycle standpoint, why does this collaboration matter?
- It allows the coder to bypass the official coding guidelines
- It transfers responsibility for the diagnosis to the coder
- Greater diagnostic specificity can support a more accurate severity level and DRG payment
- It eliminates the need to verify the principal diagnosis
Correct answer: Greater diagnostic specificity can support a more accurate severity level and DRG payment
Greater diagnostic specificity can support a more accurate severity level and DRG payment, which is why coder-CDI collaboration matters. Clarifying whether the anemia is, for example, acute blood loss anemia may affect the case's CC/MCC status and DRG. Collaboration never bypasses coding guidelines, shifts diagnostic authority to the coder, or removes the need to confirm the principal diagnosis.
- An organization is evaluating the impact of its CDI program on the revenue cycle. Which metric most directly reflects CDI's intended effect on coded data?
- The number of pages scanned per day
- The percentage of patients who signed the notice of privacy practices
- The average wait time in the registration line
- A change in the case mix index reflecting more accurately captured severity
Correct answer: A change in the case mix index reflecting more accurately captured severity
A change in the case mix index reflecting more accurately captured severity most directly reflects CDI's intended effect. Because CDI improves documentation specificity, properly assigned severity should be visible through a CMI that aligns with true patient acuity. Scanning volume, privacy acknowledgments, and registration wait times are unrelated to CDI's coding impact.
- In the revenue cycle, when is it appropriate for a coder or CDI specialist to issue a physician query?
- When documentation is conflicting, ambiguous, or incomplete and affects code assignment
- Whenever a higher-paying diagnosis would increase reimbursement
- Only after the claim has already been paid in full
- Whenever the patient requests a copy of the record
Correct answer: When documentation is conflicting, ambiguous, or incomplete and affects code assignment
A query is appropriate when documentation is conflicting, ambiguous, or incomplete and affects code assignment. The purpose is to clarify the clinical picture so codes accurately reflect documented care. Querying simply to obtain a higher-paying diagnosis is non-compliant, and queries are tied to documentation clarity, not to payment status or patient record requests.
- Which feature distinguishes a compliant physician query from a leading one in the revenue cycle?
- It tells the provider which diagnosis will yield the highest payment
- It presents clinical indicators without directing the provider to a specific diagnosis
- It is sent only when reimbursement would decrease
- It is answered by the coder rather than the provider
Correct answer: It presents clinical indicators without directing the provider to a specific diagnosis
Presenting clinical indicators without directing the provider toward a specific diagnosis distinguishes a compliant query. A non-leading query offers the documented evidence and lets the provider determine the clinical conclusion. Steering toward the highest-paying diagnosis, restricting queries to revenue-reducing scenarios, or having the coder answer would all be improper.
- A discharged inpatient account cannot be billed because coding is incomplete pending a physician query. This account is best categorized under which revenue cycle measure?
- Bed occupancy rate
- Accounting of disclosures
- Discharged not final billed
- Minimum necessary standard
Correct answer: Discharged not final billed
Discharged not final billed (DNFB) best categorizes this account. DNFB tracks discharged accounts that have not yet been billed, often because coding or documentation is incomplete, and unresolved queries are a common cause. Bed occupancy is a census statistic, while accounting of disclosures and minimum necessary are privacy concepts.
- Why does an HIM department closely monitor the discharged not final billed (DNFB) total?
- DNFB measures patient satisfaction with discharge instructions
- DNFB determines the facility's gross death rate
- DNFB is required before a patient can access their record
- A rising DNFB delays cash flow and signals coding or documentation bottlenecks
Correct answer: A rising DNFB delays cash flow and signals coding or documentation bottlenecks
A rising DNFB delays cash flow and signals coding or documentation bottlenecks, which is why it is closely monitored. Accounts stuck in DNFB represent earned revenue that cannot yet be billed, so the metric is a key indicator of revenue cycle health. It is unrelated to patient satisfaction, mortality rates, or record access.
- An HIM manager sees DNFB climbing well above target for three consecutive weeks. Which root cause is most consistent with this revenue cycle trend?
- A backlog of accounts awaiting coding because of unanswered physician queries
- An increase in the number of notice of privacy practices forms signed
- A decrease in the hospital's average length of stay
- A change in the data dictionary field labels
Correct answer: A backlog of accounts awaiting coding because of unanswered physician queries
A backlog of accounts awaiting coding due to unanswered physician queries is most consistent with rising DNFB. When coding cannot be finalized, accounts remain unbilled and DNFB grows. Privacy form volume, a shorter length of stay, or relabeled data dictionary fields would not drive a sustained DNFB increase.
- When two conditions are present and either could be the principal diagnosis, which authority governs the selection for inpatient coding and DRG assignment?
- The hospital's charge description master
- The ICD-10-CM Official Guidelines for Coding and Reporting
- The facility's bed control policy
- The notice of privacy practices
Correct answer: The ICD-10-CM Official Guidelines for Coding and Reporting
The ICD-10-CM Official Guidelines for Coding and Reporting govern principal diagnosis selection. These nationally recognized guidelines, required under HIPAA, direct sequencing and selection decisions that drive accurate DRG assignment. The CDM, bed control policy, and privacy notice play no role in code selection.
- A coder is uncertain how to sequence codes for an admission and consults the official coding guidelines. What is the compliance significance of these guidelines in the revenue cycle?
- They are optional internal suggestions the facility may ignore
- They apply only to outpatient laboratory billing
- They are HIPAA-recognized standards that must be followed for accurate, compliant code assignment
- They replace the need for provider documentation
Correct answer: They are HIPAA-recognized standards that must be followed for accurate, compliant code assignment
The guidelines are HIPAA-recognized standards that must be followed for accurate, compliant code assignment. Adherence ensures coded data is consistent and defensible, supporting correct reimbursement and reducing denial risk. They are not optional, are not limited to outpatient lab billing, and never substitute for documentation.
- Which code set is used to report inpatient procedures for MS-DRG assignment under the Inpatient Prospective Payment System?
- CPT
- HCPCS Level II
- ICD-10-CM
- ICD-10-PCS
Correct answer: ICD-10-PCS
ICD-10-PCS is used to report inpatient procedures for MS-DRG assignment. Its multiaxial seven-character structure captures inpatient procedure detail that can affect DRG grouping. CPT and HCPCS Level II are used for outpatient and physician services, and ICD-10-CM reports diagnoses rather than procedures.
- A technician must build a complete ICD-10-PCS code for an inpatient surgical procedure. What characteristic of the system must be understood to assign it correctly?
- Each of the seven characters represents a specific value such as section, body system, and approach
- The code is selected from a single alphabetical index entry without further specification
- The code length varies depending on the payer
- The code is identical to the corresponding CPT code
Correct answer: Each of the seven characters represents a specific value such as section, body system, and approach
Understanding that each of the seven characters represents a specific value, such as section, body system, root operation, body part, approach, device, and qualifier, is essential. ICD-10-PCS is built character by character from these axes. The code is always seven characters, is independent of payer, and is not equivalent to a CPT code.
- Which type of items are most appropriately reported using HCPCS Level II codes?
- Inpatient surgical procedures
- Durable medical equipment, supplies, and drugs not described by CPT
- Principal diagnoses for inpatient admissions
- Hospital bed occupancy figures
Correct answer: Durable medical equipment, supplies, and drugs not described by CPT
Durable medical equipment, supplies, and drugs not described by CPT are reported with HCPCS Level II codes. This national code set fills gaps left by CPT for products and services in the outpatient and supply space. Inpatient procedures use ICD-10-PCS, diagnoses use ICD-10-CM, and occupancy is a statistic, not a billable code.
- An outpatient claim for an injectable drug is denied because the supply was not properly reported. Which coding action most directly addresses the issue?
- Assign an ICD-10-PCS code for the injection
- Recalculate the inpatient case mix index
- Verify and assign the correct HCPCS Level II code for the drug
- Update the master patient index entry
Correct answer: Verify and assign the correct HCPCS Level II code for the drug
Verifying and assigning the correct HCPCS Level II code for the drug most directly addresses the denial. HCPCS Level II captures drugs and supplies for outpatient billing, so a missing or wrong code in this set commonly causes such denials. ICD-10-PCS, case mix calculations, and the MPI are not the relevant tools here.
- How is the principal diagnosis defined for an inpatient admission under UHDDS rules?
- The most expensive condition treated during the stay
- The first diagnosis the physician documented on arrival
- The condition with the highest reimbursement weight
- The condition established after study to be chiefly responsible for the admission
Correct answer: The condition established after study to be chiefly responsible for the admission
The principal diagnosis is the condition established after study to be chiefly responsible for occasioning the admission. This UHDDS definition is the basis for accurate DRG assignment. It is not selected by cost, by chronological order of documentation, or by reimbursement weight.
- Why is correct principal diagnosis selection critical to inpatient reimbursement?
- It is a primary driver of the MS-DRG and therefore the payment amount
- It determines the patient's notice of privacy practices
- It sets the facility's record retention schedule
- It establishes the gross death rate for the period
Correct answer: It is a primary driver of the MS-DRG and therefore the payment amount
Correct principal diagnosis selection is critical because it is a primary driver of the MS-DRG and therefore the payment amount. An incorrect principal diagnosis can group the case into the wrong DRG, causing over- or underpayment and compliance exposure. It does not affect the privacy notice, retention schedule, or mortality statistics.
- A reviewer finds that a coder sequenced a chronic condition as the principal diagnosis when documentation shows an acute condition was chiefly responsible for the admission. What is the most likely revenue cycle consequence?
- The patient's right of access is automatically revoked
- The case may be assigned to an incorrect MS-DRG, leading to inaccurate payment
- The charge description master is deactivated
- The encounter is excluded from the DNFB report
Correct answer: The case may be assigned to an incorrect MS-DRG, leading to inaccurate payment
Assigning the case to an incorrect MS-DRG and producing inaccurate payment is the most likely consequence. Because the principal diagnosis drives DRG grouping, sequencing the wrong condition first distorts the payment group. Principal diagnosis errors do not affect record access rights, deactivate the CDM, or alter DNFB inclusion.
- What does the present on admission (POA) indicator report for a secondary diagnosis on an inpatient claim?
- Whether the diagnosis was the most costly to treat
- Whether the patient consented to release of the record
- Whether the condition was present at the time the inpatient admission order was written
- Whether the code is in the charge description master
Correct answer: Whether the condition was present at the time the inpatient admission order was written
The POA indicator reports whether the condition was present at the time the inpatient admission order was written. This distinction lets payers separate pre-existing conditions from those that developed during the stay. POA has nothing to do with treatment cost, record release consent, or CDM contents.
- Why does accurate present on admission reporting matter for reimbursement?
- It changes the patient's average length of stay
- It determines the outpatient APC assignment
- It sets the minimum necessary disclosure amount
- Conditions not present on admission may be treated as hospital-acquired and excluded from higher payment
Correct answer: Conditions not present on admission may be treated as hospital-acquired and excluded from higher payment
Accurate POA reporting matters because conditions not present on admission may be treated as hospital-acquired and excluded from higher payment. The POA indicator drives whether a complication counts toward severity and payment or is denied as preventable. It does not change length of stay, outpatient APCs, or disclosure limits.
- What is a hospital-acquired condition (HAC) in the context of inpatient reimbursement?
- A condition not present on admission that the facility could reasonably have prevented
- Any chronic illness the patient had before admission
- A condition that always increases the DRG payment
- A diagnosis used only for outpatient APC grouping
Correct answer: A condition not present on admission that the facility could reasonably have prevented
A hospital-acquired condition is one not present on admission that the facility could reasonably have prevented. Medicare uses the HAC policy to withhold the additional payment that such conditions would otherwise generate. It is not a pre-existing chronic illness, does not increase payment, and is not an outpatient APC concept.
- How does the hospital-acquired condition policy interact with the present on admission indicator to affect payment?
- A HAC marked present on admission is always denied
- A HAC coded as not present on admission can be prevented from increasing the DRG payment
- The POA indicator is ignored when a HAC is present
- HACs are reimbursed at the outpatient APC rate
Correct answer: A HAC coded as not present on admission can be prevented from increasing the DRG payment
A HAC coded as not present on admission can be prevented from increasing the DRG payment. The HAC and POA policies work together so that a condition the hospital caused does not generate the higher severity-based payment. A condition marked present on admission is not penalized, the POA indicator is essential rather than ignored, and HACs are not paid under outpatient APCs.
- A coding audit confirms that a documented pressure ulcer was a hospital-acquired condition not present on admission. What is the correct revenue cycle handling?
- Omit the diagnosis to avoid a payment reduction
- Report it as present on admission to maximize the DRG
- Code it accurately with a POA status of 'no' so payment rules can be applied correctly
- Move the case to outpatient APC billing
Correct answer: Code it accurately with a POA status of 'no' so payment rules can be applied correctly
Coding it accurately with a POA status of 'no' so the payment rules apply correctly is the proper handling. Compliant coding requires reporting the condition and its true POA status even when it reduces payment. Omitting the diagnosis or falsely marking it present on admission would be fraudulent, and the case remains inpatient.
- What is the defining principle of a prospective payment system (PPS)?
- Providers are paid their full billed charges after services are rendered
- Payment is set by the patient at the time of service
- Reimbursement is based solely on the facility's bed count
- Payment amounts are predetermined based on the patient's classification rather than actual charges
Correct answer: Payment amounts are predetermined based on the patient's classification rather than actual charges
A prospective payment system pays predetermined amounts based on the patient's classification rather than actual charges. Under PPS, methods such as MS-DRGs and APCs set the payment in advance for each group, encouraging efficiency. It is not based on full billed charges, patient-set prices, or bed count.
- Which pairing correctly matches a Medicare prospective payment system to its setting?
- IPPS for inpatient hospital stays and OPPS for hospital outpatient services
- IPPS for outpatient clinics and OPPS for inpatient surgery
- Both IPPS and OPPS for skilled nursing facilities only
- IPPS for physician offices and OPPS for emergency transport
Correct answer: IPPS for inpatient hospital stays and OPPS for hospital outpatient services
IPPS for inpatient hospital stays and OPPS for hospital outpatient services is the correct pairing. The Inpatient Prospective Payment System uses MS-DRGs while the Outpatient Prospective Payment System uses APCs. The other pairings misassign the systems to incorrect care settings.
- A facility is analyzing why a service line's margin shrank under a prospective payment system. Which concept best explains how PPS can pressure margins?
- Because PPS pays every charge submitted, margins cannot shrink
- Because payment is fixed by classification, costs exceeding the predetermined amount are not reimbursed
- Because PPS reimburses based on the patient's privacy preferences
- Because PPS payment depends on the record retention schedule
Correct answer: Because payment is fixed by classification, costs exceeding the predetermined amount are not reimbursed
Because payment is fixed by classification, costs that exceed the predetermined amount are not reimbursed, which pressures margins. This fixed-payment design transfers cost risk to the provider, so inefficient care erodes margin. PPS does not pay every charge, and it is unrelated to privacy preferences or retention schedules.
- What does a Medicare local coverage determination (LCD) establish?
- A nationwide ban on a particular procedure
- The price set in the charge description master
- Whether a service is reasonable and necessary within a specific Medicare contractor's jurisdiction
- The patient's right to access their record
Correct answer: Whether a service is reasonable and necessary within a specific Medicare contractor's jurisdiction
A local coverage determination establishes whether a service is reasonable and necessary within a specific Medicare Administrative Contractor's jurisdiction. LCDs guide coverage and medical necessity decisions regionally, affecting whether claims are paid. They are not national bans, do not set CDM prices, and are unrelated to record access.
- A claim is denied for medical necessity because the diagnosis did not meet the payer's coverage policy for the service. Which payer guideline most likely governs this determination?
- The minimum necessary standard
- The accounting of disclosures requirement
- The data dictionary
- A local or national coverage determination
Correct answer: A local or national coverage determination
A local or national coverage determination most likely governs this denial. Coverage determinations define the diagnoses and circumstances under which a service is considered medically necessary, and a mismatch triggers a medical necessity denial. The minimum necessary standard and accounting of disclosures are privacy rules, and the data dictionary is a data-standardization tool.
- In the revenue cycle, what is the primary objective of utilization review?
- To evaluate the medical necessity and appropriate level of care for services provided
- To assign final diagnosis codes for billing
- To maintain the master patient index
- To calculate the bed occupancy rate
Correct answer: To evaluate the medical necessity and appropriate level of care for services provided
Evaluating the medical necessity and appropriate level of care for services is the primary objective of utilization review. UR helps ensure care is delivered at the right level and setting, which supports appropriate reimbursement and reduces denials. It is distinct from final code assignment, MPI maintenance, and statistical calculations.
- A utilization review nurse questions whether a patient meets inpatient admission criteria or should be in observation status. Why does this determination matter to the revenue cycle?
- The status changes the patient's principal diagnosis
- The status affects which prospective payment system and reimbursement level applies
- The status determines the record retention period
- The status alters the notice of privacy practices
Correct answer: The status affects which prospective payment system and reimbursement level applies
The inpatient-versus-observation status affects which prospective payment system and reimbursement level applies, so the determination is central to the revenue cycle. Inpatient stays bill under IPPS while observation is an outpatient service, and an incorrect status invites denials. The status does not change the principal diagnosis, retention period, or privacy notice.
- When does utilization review most directly support correct reimbursement?
- By scanning records into the document imaging system
- By assigning HCPCS Level II codes to supplies
- By confirming the appropriate level of care before and during the stay to prevent denials
- By auditing the accounting of disclosures log
Correct answer: By confirming the appropriate level of care before and during the stay to prevent denials
Confirming the appropriate level of care before and during the stay to prevent denials is how UR most directly supports correct reimbursement. Concurrent and pre-admission review aligns the billed level of care with payer criteria. Document scanning, supply coding, and disclosure auditing are separate functions.
- What is the main goal of denial management in the revenue cycle?
- To increase the number of records released to patients
- To shorten the average length of stay
- To expand the data dictionary
- To resolve denied claims and prevent future denials through root-cause analysis
Correct answer: To resolve denied claims and prevent future denials through root-cause analysis
Resolving denied claims and preventing future denials through root-cause analysis is the main goal of denial management. Effective programs both appeal recoverable denials and address the causes, such as coding errors or missing documentation, to reduce repeat denials. It is unrelated to record release volume, length of stay, or data dictionaries.
- A denial management report shows a cluster of denials tied to one payer's medical necessity rules. Which action best addresses the root cause?
- Educate coders and providers on that payer's coverage determination requirements
- Reduce the facility's bed occupancy rate
- Shorten the record retention schedule
- Increase the minimum necessary disclosure threshold
Correct answer: Educate coders and providers on that payer's coverage determination requirements
Educating coders and providers on that payer's coverage determination requirements best addresses the root cause. Because the denials stem from medical necessity rules, aligning documentation and code selection with the coverage policy prevents recurrence. Adjusting occupancy, retention, or disclosure thresholds would not resolve coverage-based denials.
- Which denial is classified as a coding-related denial that an HIM coding team would primarily own?
- A claim denied because the patient's insurance had lapsed
- A claim denied because the reported codes did not match the documented services
- A claim denied because the registration captured the wrong subscriber ID
- A claim denied because prior authorization was never requested by scheduling
Correct answer: A claim denied because the reported codes did not match the documented services
A claim denied because the reported codes did not match the documented services is a coding-related denial owned by HIM coding. These denials hinge on code accuracy and documentation support, which fall within coding's responsibility. Lapsed insurance, wrong subscriber IDs, and missing prior authorization are front-end or eligibility issues handled outside coding.
- What does an analysis of a hospital's case mix tell revenue cycle leaders?
- The number of records pending release of information
- The percentage of staff certified as RHITs
- The relative complexity and resource intensity of the patients treated
- The facility's compliance with the minimum necessary standard
Correct answer: The relative complexity and resource intensity of the patients treated
Case mix analysis tells leaders about the relative complexity and resource intensity of the patients treated. By examining the mix of DRGs and their weights, leaders understand reimbursement potential and resource demands. It does not measure ROI backlog, staff certification rates, or privacy compliance.
- A revenue cycle analyst reviews the facility's case mix to plan for the coming year. Which insight is a legitimate output of case mix analysis?
- Determining each patient's right of access to records
- Calculating the breach notification timeline
- Building the data dictionary for the EHR
- Identifying which service lines drive higher-weighted DRGs and reimbursement
Correct answer: Identifying which service lines drive higher-weighted DRGs and reimbursement
Identifying which service lines drive higher-weighted DRGs and reimbursement is a legitimate output of case mix analysis. Understanding the case mix helps leaders forecast revenue and allocate resources to high-acuity service lines. Record access, breach timelines, and data dictionaries are outside the scope of case mix analysis.
- What is the primary purpose of the federal False Claims Act as it applies to healthcare billing?
- To define which providers may join a hospital medical staff
- To impose liability on those who knowingly submit false or fraudulent claims for payment to government health programs
- To set the retention period for inactive medical records
- To establish the official inpatient procedure coding system
Correct answer: To impose liability on those who knowingly submit false or fraudulent claims for payment to government health programs
The False Claims Act imposes liability on individuals and organizations that knowingly submit, or cause to be submitted, false or fraudulent claims for payment to government health programs such as Medicare and Medicaid. It is not a coding system, a retention rule, or a medical staff bylaw, all of which fall outside its purpose.
- Under the False Claims Act, what does the term knowingly generally encompass when a false claim is submitted?
- Only errors that a computer system generated automatically
- Actual knowledge, deliberate ignorance, or reckless disregard of the truth or falsity of the information
- Only situations where the person had a signed contract with the government
- Only claims that were submitted on paper rather than electronically
Correct answer: Actual knowledge, deliberate ignorance, or reckless disregard of the truth or falsity of the information
Under the False Claims Act, knowingly encompasses actual knowledge of falsity, deliberate ignorance of the truth, and reckless disregard for whether the information is true or false, so no specific intent to defraud is required. It is not limited to contracted parties, automated errors, or paper claims, which mischaracterize the statute's knowledge standard.
- A coder routinely reports a higher-paying diagnosis code than the documentation supports in order to increase reimbursement. Which fraudulent coding practice does this describe?
- Abstracting demographic data
- Sequencing the principal diagnosis first
- Upcoding
- Querying the physician for clarification
Correct answer: Upcoding
Reporting a code that yields higher reimbursement than the documentation supports is upcoding, a recognized form of coding fraud. Sequencing the principal diagnosis, querying a physician, and abstracting demographics are legitimate HIM activities, not fraudulent practices.
- A compliance auditor reviews records and finds that a hospital consistently assigns a complication or comorbidity code that boosts the MS-DRG even when the clinical documentation does not establish the condition. What is the most appropriate way to characterize this finding?
- Upcoding that creates false claims and fraud-and-abuse exposure
- Acceptable optimization of the case mix index
- A normal result of using current coding software
- A privacy violation under the disclosure rules
Correct answer: Upcoding that creates false claims and fraud-and-abuse exposure
Assigning a complication or comorbidity code that inflates the MS-DRG without documentation support is upcoding, which generates false claims and creates fraud-and-abuse exposure. It is not legitimate optimization, a software artifact, or a privacy matter, since the issue is unsupported code assignment for higher payment.
- What is the chief purpose of a recovery audit contractor in the Medicare program?
- To assign medical record numbers to new patients
- To identify and recover improper Medicare payments, including both overpayments and underpayments
- To write the ICD-10-CM Official Coding Guidelines
- To set hospital nurse staffing ratios
Correct answer: To identify and recover improper Medicare payments, including both overpayments and underpayments
A recovery audit contractor reviews Medicare claims to identify and recover improper payments, correcting both overpayments and underpayments. It does not assign medical record numbers, author coding guidelines, or set staffing ratios, which are unrelated to its recovery mission.
- A hospital receives notice that a recovery audit contractor is requesting records for postpayment review of several inpatient claims. Which response best reflects sound compliance practice?
- Track the request, respond by the deadline with the requested documentation, and monitor for findings and appeal rights
- Immediately refund all payments without reviewing the claims
- Refuse to provide the records because the claims were already paid
- Delete the claims from the billing system to avoid scrutiny
Correct answer: Track the request, respond by the deadline with the requested documentation, and monitor for findings and appeal rights
Sound compliance practice is to log the recovery audit contractor request, submit the requested documentation by the deadline, and track findings and appeal rights. Refusing records, blindly refunding, or deleting claims would each create greater compliance and legal exposure.
- What is the primary role of the Office of Inspector General within the Department of Health and Human Services regarding healthcare compliance?
- To certify medical coders
- To approve all hospital chargemaster prices
- To detect and combat fraud, waste, and abuse in HHS programs and issue compliance guidance
- To assign principal diagnoses for inpatient stays
Correct answer: To detect and combat fraud, waste, and abuse in HHS programs and issue compliance guidance
The Office of Inspector General works to detect and combat fraud, waste, and abuse in HHS programs and publishes compliance guidance such as its annual Work Plan. It does not approve chargemaster prices, certify coders, or assign diagnoses, which are outside its oversight function.
- An HIM compliance officer reviews the annual Office of Inspector General Work Plan when planning the year's internal coding audits. Why is consulting the Work Plan a sound compliance practice?
- It guarantees the facility will be exempt from any future audit
- It assigns the facility's record retention schedule
- It identifies areas the OIG has flagged as high risk so the facility can audit those areas proactively
- It lists the prices payers will reimburse for each code
Correct answer: It identifies areas the OIG has flagged as high risk so the facility can audit those areas proactively
The OIG Work Plan identifies areas the government considers high risk for fraud, waste, and abuse, so reviewing it lets a facility focus internal audits on those vulnerable areas proactively. It does not set reimbursement prices, grant audit exemptions, or determine retention schedules.
- In an HIM compliance program, what does the term coding compliance most directly refer to?
- Distributing the notice of privacy practices to patients
- Assigning codes that are accurate, complete, and supported by documentation in accordance with official guidelines and regulations
- Filing paper charts in terminal-digit order
- Calculating the hospital's average length of stay
Correct answer: Assigning codes that are accurate, complete, and supported by documentation in accordance with official guidelines and regulations
Coding compliance means assigning codes that are accurate, complete, and supported by the documentation, consistent with official coding guidelines and applicable regulations. Filing charts, calculating length of stay, and distributing privacy notices are unrelated HIM or statistical functions.
- Which document is the foundational element of an organization's coding compliance program, setting expectations for ethical and accurate code assignment?
- The written coding compliance plan or policy
- The patient registration script
- The chargemaster pricing sheet
- The bed control log
Correct answer: The written coding compliance plan or policy
A written coding compliance plan or policy is the foundational element that sets expectations for ethical, accurate, guideline-driven code assignment and defines monitoring and corrective action. A bed control log, registration script, and chargemaster pricing sheet serve operational or financial purposes, not coding compliance governance.
- What is the primary purpose of conducting a coding audit within a compliance program?
- To negotiate contracts with commercial payers
- To set the patient's appointment reminders
- To schedule operating room time
- To evaluate the accuracy and integrity of code assignment against documentation and guidelines and to detect error patterns
Correct answer: To evaluate the accuracy and integrity of code assignment against documentation and guidelines and to detect error patterns
A coding audit evaluates whether codes are accurate and supported by documentation under official guidelines and surfaces error patterns that need correction. Negotiating payer contracts, scheduling surgeries, and setting appointment reminders are unrelated to the audit's compliance purpose.
- A compliance department debates whether to perform a prospective coding audit or a retrospective coding audit. Which statement accurately distinguishes the two?
- A prospective audit reviews coded claims before they are billed, while a retrospective audit reviews claims after they have been submitted or paid
- A prospective audit reviews only outpatient claims, while a retrospective audit reviews only inpatient claims
- A prospective audit examines privacy logs, while a retrospective audit examines staffing levels
- A prospective audit is performed by payers, while a retrospective audit is performed only by patients
Correct answer: A prospective audit reviews coded claims before they are billed, while a retrospective audit reviews claims after they have been submitted or paid
A prospective coding audit reviews coded claims before they are billed so errors can be corrected pre-submission, whereas a retrospective audit reviews claims after submission or payment. The other options misstate the distinction by tying it to claim type, who performs it, or unrelated privacy and staffing content.
- A coding audit identifies a recurring error in which a coder reports a procedure code not supported by the operative report. After education fails to correct the pattern, what is the most appropriate compliance escalation?
- Lower the coding accuracy standard so the coder passes
- Stop auditing that coder to avoid documenting more errors
- Ignore the pattern because one coder cannot create organizational risk
- Apply progressive disciplinary or corrective action per the compliance plan and continue monitoring through follow-up audits
Correct answer: Apply progressive disciplinary or corrective action per the compliance plan and continue monitoring through follow-up audits
When education fails to correct a recurring unsupported-code error, the compliance plan calls for progressive corrective or disciplinary action plus continued follow-up auditing to confirm improvement. Ignoring it, halting audits, or lowering the standard all conceal the risk rather than addressing the noncompliant pattern.
- What does data quality management primarily ensure within a health information compliance program?
- That physicians are credentialed before practicing
- That the cafeteria meets nutritional standards
- That data are accurate, complete, consistent, timely, and fit for their intended use throughout their lifecycle
- That the building meets fire-code requirements
Correct answer: That data are accurate, complete, consistent, timely, and fit for their intended use throughout their lifecycle
Data quality management ensures that health data are accurate, complete, consistent, timely, and fit for their intended use across the data lifecycle, supporting reliable reporting and compliance. Cafeteria standards, fire codes, and physician credentialing are unrelated to managing data quality.
- A health information technician explains that reported quality measure rates depend on the integrity of the underlying coded data. Which data quality management principle does this concern most directly illustrate?
- That data accuracy directly affects the validity of information derived from it, so poor data quality undermines reliable measures
- That faster filing improves data quality
- That data quality applies only to paper records
- That data quality is solely the responsibility of the IT department
Correct answer: That data accuracy directly affects the validity of information derived from it, so poor data quality undermines reliable measures
This illustrates that data accuracy directly affects the validity of any information derived from it, so inaccurate coded data produce unreliable quality measures and compliance reporting. Filing speed, a paper-only scope, and sole IT ownership all misstate the principle of data quality management.
- Which scenario is the clearest example of a violation that could trigger liability under the False Claims Act?
- Calculating the gross death rate for the quarter
- Filing a discharged record in the permanent file room
- Submitting a claim for a service that was never actually provided to the patient
- Mailing a patient a copy of the notice of privacy practices
Correct answer: Submitting a claim for a service that was never actually provided to the patient
Billing for a service that was never rendered is a textbook false claim that can trigger False Claims Act liability. Filing a record, computing a death rate, and mailing a privacy notice are routine, lawful activities with no connection to fraudulent billing.
- A hospital employee discovers a pattern of claims billed for services not documented and reports it through a False Claims Act provision that lets private individuals sue on the government's behalf. What is this type of action called?
- A breach notification
- A subpoena duces tecum
- An accounting of disclosures
- A qui tam, or whistleblower, lawsuit
Correct answer: A qui tam, or whistleblower, lawsuit
A False Claims Act action brought by a private individual on the government's behalf is a qui tam, or whistleblower, lawsuit, which can entitle the relator to a share of any recovery. A subpoena, breach notification, and accounting of disclosures are unrelated legal and privacy mechanisms.
- Why is reckless disregard for coding accuracy a compliance concern under fraud-and-abuse law even when a coder did not intend to defraud anyone?
- Because the law only applies to coders who sign a confession
- Because reckless coders always work faster than careful coders
- Because recklessness changes the record retention period
- Because intent to defraud is irrelevant; the law can impose liability for knowing, deliberately ignorant, or reckless submission of false claims
Correct answer: Because intent to defraud is irrelevant; the law can impose liability for knowing, deliberately ignorant, or reckless submission of false claims
Fraud-and-abuse law can impose liability for false claims submitted with reckless disregard or deliberate ignorance, so specific intent to defraud is not required. Coding speed, written confessions, and retention periods have nothing to do with the knowledge standard that makes recklessness actionable.
- A coder is pressured by a manager to assign codes that maximize reimbursement regardless of documentation. According to professional coding ethics within a compliance program, how should the coder respond?
- Quietly upcode only the highest-volume claims
- Assign whatever codes pay the most and document nothing about the request
- Comply, because managers always set coding policy
- Refuse to assign unsupported codes and report the pressure through the compliance reporting channel
Correct answer: Refuse to assign unsupported codes and report the pressure through the compliance reporting channel
Professional coding ethics require refusing to assign codes unsupported by documentation and reporting improper pressure through the compliance reporting channel. Complying, silently maximizing payment, or selectively upcoding would all participate in fraudulent coding rather than uphold compliance.
- Which practice best demonstrates ongoing coding compliance monitoring rather than a one-time activity?
- Auditing coders only during their first week of employment
- Checking coding accuracy once at the time the compliance plan is written
- Performing periodic coding audits and reporting accuracy trends to the compliance committee on a recurring schedule
- Reviewing codes only when a payer denies a claim
Correct answer: Performing periodic coding audits and reporting accuracy trends to the compliance committee on a recurring schedule
Ongoing coding compliance monitoring means performing recurring audits and reporting accuracy trends to the compliance committee on a regular schedule. Auditing only at hire, only after denials, or only once when the plan is written are isolated activities that fail to provide continuous oversight.
- An external recovery audit contractor identifies that an inpatient stay should have been billed as an outpatient observation, resulting in an overpayment. What is this kind of finding commonly called?
- A delinquent record deficiency
- A duplicate master patient index entry
- A medical necessity or status-related improper payment
- A privacy breach
Correct answer: A medical necessity or status-related improper payment
When a claim billed as inpatient should have been outpatient observation, the resulting overpayment is a medical necessity or patient-status improper payment, a common recovery audit contractor finding. A duplicate MPI entry, a delinquent record, and a privacy breach describe entirely different HIM issues.
- After a recovery audit contractor denies several claims, an HIM compliance team analyzes the denials and finds most stem from insufficient physician documentation of medical necessity. What is the best long-term corrective action?
- Resubmit the identical claims unchanged
- Stop billing inpatient claims entirely
- Strengthen documentation through provider education and clinical documentation integrity efforts to support medical necessity
- Reduce the coding staff to cut costs
Correct answer: Strengthen documentation through provider education and clinical documentation integrity efforts to support medical necessity
When recovery audit denials trace to weak medical-necessity documentation, the durable fix is provider education and clinical documentation integrity efforts that strengthen the record at the source. Resubmitting unchanged claims, halting inpatient billing, or cutting staff do not address the documentation root cause.
- According to OIG compliance program guidance for hospitals, which of the following is identified as a fundamental element of an effective compliance program?
- A promise of higher reimbursement from all payers
- A requirement to outsource all coding
- Designating a compliance officer and compliance committee to oversee the program
- A guarantee that the hospital will never be audited
Correct answer: Designating a compliance officer and compliance committee to oversee the program
OIG compliance program guidance identifies designating a compliance officer and committee to oversee the program as a fundamental element. Guaranteed audit exemption, higher reimbursement, and mandatory coding outsourcing are not elements of OIG-recommended compliance programs.
- An HIM department wants to align its annual audit focus with national enforcement priorities. Which OIG resource most directly supports this goal?
- The patient satisfaction survey
- The OIG Work Plan, which signals the agency's current oversight and audit priorities
- The facility's terminal-digit filing manual
- The hospital's bed occupancy report
Correct answer: The OIG Work Plan, which signals the agency's current oversight and audit priorities
The OIG Work Plan signals the agency's current oversight and audit priorities, so aligning internal audits with it targets areas of national enforcement focus. A bed occupancy report, filing manual, and satisfaction survey provide operational or experience data, not enforcement priorities.
- A coding audit reveals that the overall accuracy rate is acceptable, but a single high-volume DRG shows a much higher error rate than any other. What does focused analysis of this finding most strongly suggest?
- The overall rate makes the DRG-specific problem irrelevant
- A targeted compliance vulnerability exists in that DRG that warrants focused education and re-audit
- The DRG should simply be removed from the chargemaster
- The audit should be discarded as unreliable
Correct answer: A targeted compliance vulnerability exists in that DRG that warrants focused education and re-audit
A single high-volume DRG with a disproportionate error rate signals a targeted compliance vulnerability that warrants focused education and a follow-up re-audit of that DRG. A good overall rate does not erase the localized risk, the audit is not invalid, and DRGs are payment groupings, not chargemaster line items to delete.
- When designing a coding audit sample, why does a compliance program often combine random selection with targeted selection of high-risk record types?
- Combining methods guarantees a zero error rate
- Sampling type determines the patient's principal diagnosis
- Targeted sampling is illegal, so random sampling is the only option
- Random sampling estimates overall accuracy while targeted sampling concentrates review on known compliance vulnerabilities
Correct answer: Random sampling estimates overall accuracy while targeted sampling concentrates review on known compliance vulnerabilities
Combining random and targeted sampling lets a program estimate overall accuracy through random selection while concentrating extra scrutiny on high-risk record types through targeted selection. Targeted sampling is lawful, no method guarantees zero errors, and sampling has nothing to do with assigning a principal diagnosis.
- A facility's quality measure submission is rejected because reported data contained conflicting and incomplete values. Which data quality management dimensions were most directly compromised?
- Bed turnover and census
- Filing order and storage temperature
- Print resolution and font size
- Consistency and completeness of the data
Correct answer: Consistency and completeness of the data
Conflicting values reflect a failure of data consistency, and missing values reflect a failure of completeness, both core data quality management dimensions. Census, filing and storage conditions, and print formatting are not data quality dimensions relevant to the rejected submission.
- Why is data quality management considered part of an HIM compliance program rather than only an IT concern?
- Because inaccurate or incomplete data can lead to noncompliant reporting, improper payments, and unreliable quality measures
- Because compliance programs are required to ignore data entirely
- Because data quality only matters for marketing materials
- Because IT staff are not allowed to view any health data
Correct answer: Because inaccurate or incomplete data can lead to noncompliant reporting, improper payments, and unreliable quality measures
Data quality management belongs to compliance because inaccurate or incomplete data can produce noncompliant reporting, improper payments, and unreliable quality measures. The other options misstate IT access rules, narrow data quality to marketing, or absurdly claim compliance ignores data.
- Billing for two separately reimbursable services that should have been reported with a single comprehensive code is best described as which improper coding practice?
- Sequencing
- Unbundling
- Indexing
- Abstracting
Correct answer: Unbundling
Reporting components separately when a single comprehensive code should be used to gain higher payment is unbundling, a recognized improper coding practice. Sequencing, abstracting, and indexing are legitimate HIM activities unrelated to fragmenting a bundled service.
- A compliance review finds that a clinic reports the same office-visit level for every patient regardless of the documented complexity, with all visits coded at the highest level. What is the most likely compliance issue and appropriate response?
- A statistics error; recalculate the average length of stay
- Potential upcoding of evaluation and management services; audit documentation against the codes and educate providers
- A privacy violation; send a breach notification
- No issue exists because consistency is always good
Correct answer: Potential upcoding of evaluation and management services; audit documentation against the codes and educate providers
Coding every visit at the highest level regardless of documented complexity suggests potential upcoding of evaluation and management services, calling for a documentation-to-code audit and provider education. Uniform high-level coding is a red flag rather than good consistency, and the issue is neither a privacy breach nor a statistics calculation.
- Which statement best describes the relationship between the False Claims Act and a hospital's coding compliance program?
- A coding compliance program replaces the need to bill accurately
- The False Claims Act applies only to coding software vendors
- The False Claims Act prohibits hospitals from having compliance programs
- A coding compliance program helps prevent the submission of false claims that could trigger False Claims Act liability
Correct answer: A coding compliance program helps prevent the submission of false claims that could trigger False Claims Act liability
A coding compliance program reduces the risk of submitting false claims and thus helps protect the organization from False Claims Act liability. The Act does not bar compliance programs, a program does not excuse inaccurate billing, and the statute is not limited to software vendors.
- A new coder asks why the coding compliance plan requires using only official coding guidelines and authoritative coding advice rather than informal shortcuts. What is the best compliance-based answer?
- Informal shortcuts are faster and therefore always preferred
- Official guidelines and authoritative advice ensure consistent, defensible code assignment that withstands audit scrutiny
- Official guidelines exist only for inpatient coding
- Coding advice is optional once a coder is certified
Correct answer: Official guidelines and authoritative advice ensure consistent, defensible code assignment that withstands audit scrutiny
Following official guidelines and authoritative coding advice produces consistent, defensible code assignment that holds up under audit, which is why the compliance plan requires it. Shortcuts are not preferred, guidelines apply across settings, and certification does not make authoritative advice optional.
- A recovery audit contractor issues findings that a hospital believes are incorrect. What is the appropriate compliance step before simply paying back the alleged overpayment?
- Destroy the disputed records
- Submit duplicate claims to offset the loss
- Stop responding to all future audit requests
- Pursue the formal appeal process to challenge findings the hospital believes are unsupported
Correct answer: Pursue the formal appeal process to challenge findings the hospital believes are unsupported
When a hospital disputes recovery audit findings, the proper step is to pursue the formal appeal process rather than automatically repaying. Destroying records, submitting duplicate claims, and ignoring future requests would each compound legal and compliance exposure.
- Which activity best reflects an organization using OIG resources to strengthen its compliance program proactively?
- Waiting for an OIG subpoena before reviewing any claims
- Assuming OIG guidance does not apply to small departments
- Treating OIG advisories as suggestions to be ignored until enforcement
- Mapping internal audits to the risk areas highlighted in the OIG Work Plan and compliance guidance
Correct answer: Mapping internal audits to the risk areas highlighted in the OIG Work Plan and compliance guidance
Proactively mapping internal audits to OIG Work Plan risk areas and compliance guidance uses the agency's resources to target vulnerabilities before they become problems. Waiting for a subpoena, assuming exemption, or ignoring advisories are reactive postures that increase compliance risk.
- A coding audit compares each assigned code to the documentation and to official guidelines, then categorizes each discrepancy by type. What is the chief compliance benefit of categorizing discrepancies this way?
- It identifies the specific error types so education and corrective action can target root causes
- It sets the facility's bed occupancy target
- It guarantees the audit will find no further errors
- It eliminates the need for the coding compliance plan
Correct answer: It identifies the specific error types so education and corrective action can target root causes
Categorizing audit discrepancies by type reveals the specific error patterns so education and corrective action can target their root causes. It does not guarantee error-free future coding, replace the compliance plan, or set bed occupancy targets.
- An organization implements edits that flag claims where a code combination is improbable or unsupported before the claim is submitted. How does this practice support coding compliance?
- It transfers all compliance responsibility to the payer
- It eliminates the need to follow official coding guidelines
- It detects potential coding errors prospectively so they can be corrected before a possibly false claim is submitted
- It increases reimbursement on every claim automatically
Correct answer: It detects potential coding errors prospectively so they can be corrected before a possibly false claim is submitted
Pre-bill edits flag improbable or unsupported code combinations so errors can be corrected before a potentially false claim goes out, advancing coding compliance. They do not inflate reimbursement, replace official guidelines, or shift compliance responsibility to the payer.
- A data quality management review finds that a key date field is frequently entered in inconsistent formats across source systems, corrupting downstream reports. Which corrective approach best addresses the underlying data quality problem?
- Standardize the data definition and entry format and validate it at the point of capture
- Tell users to ignore the inconsistent values
- Stop running the affected reports permanently
- Delete the field from all reports
Correct answer: Standardize the data definition and entry format and validate it at the point of capture
Standardizing the data definition and entry format and validating at the point of capture fixes the inconsistent-format problem at its source, restoring downstream report integrity. Deleting the field, ignoring bad values, or stopping reports avoid the symptom without correcting the data quality defect.
- Which best explains why upcoding and unbundling are both treated as fraud-and-abuse concerns rather than mere clerical errors when done knowingly?
- Because they only affect the master patient index
- Because they change the physician credentialing requirements
- Because knowingly assigning unsupported or fragmented codes to obtain higher payment can constitute submission of false claims
- Because they always slow down the billing process
Correct answer: Because knowingly assigning unsupported or fragmented codes to obtain higher payment can constitute submission of false claims
Knowingly upcoding or unbundling to obtain higher payment can amount to submitting false claims, which is why both are fraud-and-abuse concerns rather than innocent errors. They do not inherently slow billing, affect the MPI, or alter credentialing rules.
- A compliance committee receives a coding audit report showing the department's accuracy improved after targeted education following an earlier audit. What does this trend most directly demonstrate about the compliance program?
- That the audit-educate-reaudit cycle is functioning and corrective action is producing measurable improvement
- That the False Claims Act no longer applies
- That audits are no longer necessary
- That coding guidelines can now be disregarded
Correct answer: That the audit-educate-reaudit cycle is functioning and corrective action is producing measurable improvement
Improved accuracy after targeted education following a prior audit demonstrates that the audit-educate-reaudit cycle is working and corrective action is producing measurable improvement. It does not make ongoing audits unnecessary, suspend the False Claims Act, or permit ignoring guidelines.
- Why does an effective coding compliance program require that audit results and corrective actions be documented and retained?
- To provide evidence of a good-faith, functioning compliance effort and to track improvement over time
- To increase the storage costs of the department
- To replace the patient's clinical documentation
- To set commercial payer contract rates
Correct answer: To provide evidence of a good-faith, functioning compliance effort and to track improvement over time
Documenting and retaining audit results and corrective actions provides evidence of a good-faith, functioning compliance effort and lets the program track improvement over time. It is not about raising storage costs, substituting for clinical documentation, or setting payer rates.
- A whistleblower alleges that a hospital knowingly billed Medicare for unnecessary inpatient admissions. Which combination of compliance functions is most directly implicated by this allegation?
- Bed control and cafeteria management
- Coding compliance and adherence to the False Claims Act
- Terminal-digit filing and census reporting
- Master patient index matching and printer maintenance
Correct answer: Coding compliance and adherence to the False Claims Act
An allegation of knowingly billing Medicare for unnecessary admissions directly implicates coding compliance and adherence to the False Claims Act, since it concerns potentially false claims for payment. Filing, census, bed control, MPI matching, and equipment maintenance are unrelated to the fraudulent-billing allegation.
- An HIM compliance officer is building this year's internal audit plan and wants the strongest defensible basis for selecting focus areas. Which approach best integrates external and internal compliance intelligence?
- Select focus areas alphabetically by department name
- Combine the OIG Work Plan priorities with the facility's own prior audit error trends to target the highest-risk coding areas
- Choose focus areas based on which manager complains loudest
- Audit only the areas that produced the most revenue
Correct answer: Combine the OIG Work Plan priorities with the facility's own prior audit error trends to target the highest-risk coding areas
Combining OIG Work Plan priorities with the facility's own prior audit error trends produces the most defensible, risk-based selection of audit focus areas. Alphabetical order, revenue alone, or the loudest complaint ignore actual compliance risk and external enforcement signals.
- A health information technician notices that several abstracted records have transposed digits in a reported clinical value, which would skew a public quality report. Within data quality management, what is the most appropriate immediate action?
- Submit the report as-is since the errors are small
- Correct the erroneous values, identify how the errors occurred, and add a validation check to prevent recurrence
- Discard the entire registry
- Blame the reporting agency for the discrepancy
Correct answer: Correct the erroneous values, identify how the errors occurred, and add a validation check to prevent recurrence
The proper data quality management response is to correct the transposed values, determine how the errors occurred, and add a validation check to prevent recurrence before the report is released. Submitting flawed data, discarding the registry, or blaming the agency fail to safeguard data integrity.
- A coding audit finds that 6 of 50 reviewed inpatient records contain a principal-diagnosis selection error that changed the DRG. What is the most appropriate compliance interpretation of this rate?
- A 12 percent DRG-affecting error rate that signals a compliance and payment-integrity concern requiring corrective action
- A perfect result requiring no action
- An error rate too small to affect payment integrity
- Evidence that auditing should stop
Correct answer: A 12 percent DRG-affecting error rate that signals a compliance and payment-integrity concern requiring corrective action
Six DRG-changing errors out of 50 records is a 12 percent DRG-affecting error rate, a meaningful compliance and payment-integrity concern that warrants corrective action. It is neither a perfect result nor negligible, and it argues for more, not less, auditing.
- What is the role of a compliance hotline or anonymous reporting mechanism within an HIM compliance program?
- To allow staff to report suspected coding fraud or compliance concerns without fear of retaliation
- To calculate the hospital's bed occupancy rate
- To assign principal diagnoses after discharge
- To negotiate reimbursement rates with payers
Correct answer: To allow staff to report suspected coding fraud or compliance concerns without fear of retaliation
A compliance hotline or anonymous reporting mechanism lets employees report suspected fraud or compliance concerns without fear of retaliation, a recognized element of an effective compliance program. Assigning diagnoses, calculating occupancy, and negotiating rates are unrelated operational and financial functions.
- A coding audit shows a coder frequently assigns codes for conditions documented only by ancillary staff, not the treating provider, in violation of coding rules. From a compliance standpoint, what is the most appropriate first corrective step?
- Bill the affected claims again at a higher level
- Terminate the coder without any review
- Remove the coding compliance plan to reduce confusion
- Provide targeted education on which documentation sources are acceptable for code assignment and re-audit
Correct answer: Provide targeted education on which documentation sources are acceptable for code assignment and re-audit
When a coder relies on non-acceptable documentation sources, the appropriate first corrective step is targeted education on acceptable sources for code assignment, followed by a re-audit to confirm improvement. Immediate termination is premature, rebilling higher compounds risk, and removing the compliance plan eliminates needed guidance.
- From an HIM leadership perspective, what is the primary purpose of creating a formal departmental policy?
- To establish a consistent, authoritative statement of management's expectations that guides how staff perform a function
- To calculate the facility's average length of stay
- To assign diagnosis codes to inpatient encounters
- To set the price of items in the chargemaster
Correct answer: To establish a consistent, authoritative statement of management's expectations that guides how staff perform a function
A formal HIM policy is created to establish a consistent, authoritative statement of management's expectations that guides how staff carry out a function, providing direction and accountability across the department. Calculating length of stay is a statistical task, assigning diagnosis codes is a coding function, and setting chargemaster prices is a revenue function, none of which is the purpose of a policy.
- In HIM management, how does a policy differ from a procedure?
- A policy states what is to be done and why, while a procedure describes the specific step-by-step actions for how it is done
- A policy and a procedure are identical documents with different titles
- A policy is written by staff while a procedure is written only by patients
- A policy applies only to coding while a procedure applies only to release of information
Correct answer: A policy states what is to be done and why, while a procedure describes the specific step-by-step actions for how it is done
A policy expresses what is to be done and the guiding principle behind it, while a procedure spells out the specific step-by-step actions staff follow to carry the policy out, so the two are complementary rather than identical. Policies and procedures are authored by management, not patients, and both apply broadly across HIM functions rather than to a single function each.
- An HIM director is drafting a new departmental policy. Which element should the policy include to make it actionable and enforceable?
- A clearly defined scope, purpose, and assignment of responsibility for carrying it out
- The patient's principal diagnosis for each encounter
- The facility's bed occupancy rate for the prior year
- A list of every duplicate record in the master patient index
Correct answer: A clearly defined scope, purpose, and assignment of responsibility for carrying it out
To be actionable and enforceable, a policy should clearly define its scope, purpose, and who is responsible for carrying it out so that staff understand when it applies and who is accountable. A patient's diagnosis, the bed occupancy rate, and a list of duplicate records are operational data that do not belong in the structure of a policy.
- A new federal privacy regulation takes effect, but the HIM department's written procedures still describe the prior process. What leadership action is most appropriate?
- Revise and reissue the affected procedures so the documented process matches the current regulation
- Leave the procedures unchanged because staff already know the new rule informally
- Delete all procedures so there is nothing to keep current
- Wait until the next accreditation survey to update the procedures
Correct answer: Revise and reissue the affected procedures so the documented process matches the current regulation
When a regulation changes, the leader must revise and reissue the affected procedures so the documented process matches current requirements and staff have an accurate, authoritative guide to follow. Relying on informal knowledge invites inconsistency, deleting procedures removes needed guidance, and delaying the update leaves staff following an outdated process.
- Why does effective HIM policy management require a defined review and approval cycle for each policy?
- To ensure policies stay current, accurate, and aligned with regulations rather than becoming outdated
- To eliminate the need to train staff on the policies
- To increase the facility's case mix index automatically
- To replace the organization's record retention schedule
Correct answer: To ensure policies stay current, accurate, and aligned with regulations rather than becoming outdated
A defined review and approval cycle keeps policies current, accurate, and aligned with changing regulations and practices so they do not become outdated and misleading. A review cycle does not raise the case mix index, does not remove the need to train staff, and is unrelated to the retention schedule.
- An HIM supervisor finds that two units interpret the same documentation completion policy differently, producing inconsistent results. What does this most clearly indicate about the policy?
- The policy or its procedure is ambiguous and should be clarified so it is applied consistently
- The policy should be discarded because policies cannot prevent variation
- The inconsistency is a coding error rather than a policy issue
- The units should each keep their own interpretation permanently
Correct answer: The policy or its procedure is ambiguous and should be clarified so it is applied consistently
Two units applying the same policy differently signals that the policy or its accompanying procedure is ambiguous and should be clarified so it is interpreted and applied consistently across the department. Discarding the policy abandons needed direction, allowing divergent interpretations perpetuates the inconsistency, and the problem is a policy-clarity issue rather than a coding error.
- As part of a leadership responsibility, why should HIM policies and procedures be made readily accessible to all department staff?
- So that staff can consistently follow the approved process and management can hold them accountable to it
- So that the policies can replace the legal health record
- So that patients can assign their own diagnosis codes
- So that the bed occupancy rate can be calculated
Correct answer: So that staff can consistently follow the approved process and management can hold them accountable to it
Policies and procedures must be accessible to all staff so everyone can consistently follow the approved process and management can hold staff accountable to a known standard. Accessible policies do not replace the legal health record, do not let patients assign codes, and have nothing to do with calculating bed occupancy.
- An HIM manager wants new procedures to actually change how work is performed. Which leadership practice best supports successful implementation of a newly written procedure?
- Communicating the change and training affected staff on the new procedure before it takes effect
- Publishing the procedure with no communication or training
- Implementing it secretly so staff are surprised by an audit
- Assigning the procedure to whichever employee has the least experience
Correct answer: Communicating the change and training affected staff on the new procedure before it takes effect
Successful implementation depends on the leader communicating the change and training affected staff on the new procedure before it takes effect, so they understand and can perform it correctly. Publishing without communication, implementing secretly, or assigning it without regard to competence all undermine adoption and consistent performance.
- A health information technician is asked to lead a session teaching coding staff about a newly enacted health information law. Which HIM leadership task does this represent?
- Providing education to staff regarding HIM laws and regulations
- Calculating the facility's mortality rate
- Merging duplicate records in the master patient index
- Setting the price of a billable procedure
Correct answer: Providing education to staff regarding HIM laws and regulations
Leading a session that teaches staff about a newly enacted health information law is the leadership task of providing education regarding HIM laws and regulations, ensuring the workforce understands and can apply current legal requirements. Calculating a mortality rate, merging duplicates, and pricing procedures are statistical, data-integrity, and revenue functions rather than this educational leadership role.
- Why is ongoing staff education about HIM laws and regulations considered a core leadership responsibility rather than a one-time event?
- Because laws and regulations change over time, and staff must stay current to remain compliant
- Because education permanently raises the case mix index
- Because it removes the need for a compliance risk assessment
- Because it determines the terminal-digit filing order
Correct answer: Because laws and regulations change over time, and staff must stay current to remain compliant
Ongoing education is a core leadership responsibility because laws and regulations evolve, so staff must be continually updated to keep performing in compliance with current requirements. Education does not raise the case mix index, does not replace a risk assessment, and has nothing to do with filing order.
- After a major regulatory update on patient access rights, an HIM leader must decide how to bring frontline release-of-information staff up to date. Which approach best fulfills the leader's education responsibility?
- Deliver targeted training on the specific changes and how they affect daily ROI workflows
- Assume staff will read the regulation on their own time
- Wait for staff to make errors and correct them individually afterward
- Post the full regulation text with no explanation and consider the matter handled
Correct answer: Deliver targeted training on the specific changes and how they affect daily ROI workflows
The leader best fulfills the education responsibility by delivering targeted training on the specific regulatory changes and how they affect daily release-of-information workflows, so staff can apply the new rules correctly. Assuming self-study, posting raw text without explanation, or waiting for errors leaves staff unprepared and the department at compliance risk.
- An HIM director measures the effectiveness of a compliance training program. Which outcome best indicates the education achieved its purpose?
- Staff can correctly apply the new legal requirements in their daily work
- The training session lasted longer than scheduled
- Attendance was recorded but comprehension was never assessed
- The training slides were printed in color
Correct answer: Staff can correctly apply the new legal requirements in their daily work
Education on laws and regulations is effective when staff can correctly apply the new legal requirements in their daily work, demonstrating real comprehension and behavior change. Session length, color printing, and mere attendance without any comprehension check do not demonstrate that the learning objectives were met.
- A newly hired coding employee has never worked under the organization's privacy and disclosure rules. From a leadership standpoint, what should occur as part of onboarding?
- Education on relevant HIM laws and regulations should be provided before the employee handles protected health information independently
- The employee should begin disclosing records before any training
- The employee should learn the rules only after the first complaint
- No training is needed because the employee has a credential
Correct answer: Education on relevant HIM laws and regulations should be provided before the employee handles protected health information independently
Leadership should ensure the new employee receives education on relevant HIM laws and regulations before independently handling protected health information, so the work is performed compliantly from the start. Allowing disclosures before training, waiting for a complaint, or assuming a credential substitutes for organization-specific legal training all create avoidable compliance risk.
- An HIM leader is asked to keep the department's coding staff informed about evolving regulations on an ongoing basis. Which method best supports sustained legal awareness across the team?
- Periodic in-service education and updates whenever significant laws or regulations change
- A single new-hire orientation with no follow-up
- Relying entirely on each coder to monitor regulations independently
- Posting changes only in the director's private office
Correct answer: Periodic in-service education and updates whenever significant laws or regulations change
Sustained legal awareness is best supported by periodic in-service education and timely updates whenever significant laws or regulations change, keeping the whole team current. A one-time orientation, leaving monitoring to each individual, or posting updates where staff cannot see them fails to maintain consistent, current legal knowledge.
- What is the leadership purpose of establishing a defined chart completion standard for the HIM department?
- To set a measurable expectation for how promptly records must be completed so performance can be managed
- To determine the patient's date of birth in the master patient index
- To assign the present-on-admission indicator
- To calculate the bed occupancy rate
Correct answer: To set a measurable expectation for how promptly records must be completed so performance can be managed
Establishing a chart completion standard sets a measurable expectation for how promptly records must be completed, giving leadership a benchmark against which to manage and improve performance. It does not set MPI demographics, assign the present-on-admission indicator, or calculate bed occupancy, which are unrelated tasks.
- An HIM leader establishes a target turnaround time for release-of-information requests and a minimum coding accuracy rate. Collectively, what do these targets represent?
- Performance standards that define expected outcomes for HIM functions
- An ICD-10-CM coding convention
- A record retention schedule
- A notice of privacy practices
Correct answer: Performance standards that define expected outcomes for HIM functions
A turnaround time target and a minimum accuracy rate are performance standards that define the expected outcomes for HIM functions, allowing leadership to set, communicate, and monitor expectations. They are not a retention schedule, a privacy notice, or a coding convention, which serve entirely different purposes.
- From a leadership standpoint, what makes a well-written HIM performance standard most useful for managing a function?
- It is specific and measurable so actual performance can be objectively compared against it
- It is vague so it can be interpreted in any way
- It changes randomly each week
- It applies to patients rather than to staff performance
Correct answer: It is specific and measurable so actual performance can be objectively compared against it
A useful performance standard is specific and measurable so leadership can objectively compare actual performance against the expectation and identify gaps. A vague, randomly changing, or patient-directed standard cannot be reliably measured or used to manage staff performance.
- An HIM manager sets a productivity standard that experienced staff easily exceed but that new hires cannot reach even when working accurately. What leadership adjustment is most appropriate?
- Reassess the standard's reasonableness and consider a ramp-up expectation for new staff while maintaining the quality target
- Eliminate the standard entirely because standards are unfair
- Discipline all new hires immediately for failing the standard
- Lower the quality requirement so new hires can hit the volume number
Correct answer: Reassess the standard's reasonableness and consider a ramp-up expectation for new staff while maintaining the quality target
When an otherwise reasonable standard is unattainable for new hires despite accurate work, the leader should reassess the standard's reasonableness and consider a ramp-up expectation for new staff while preserving the quality target. Eliminating standards removes management benchmarks, disciplining new hires for a ramp-up gap is unfair, and lowering quality to hit volume sacrifices accuracy for speed.
- Why should HIM performance standards be aligned with regulatory and accreditation requirements when they are established?
- So that meeting the internal standard also supports external compliance obligations
- So that the standards can replace the legal health record
- So that patients can set their own coding accuracy goals
- So that the master patient index can be purged
Correct answer: So that meeting the internal standard also supports external compliance obligations
Aligning internal HIM standards with regulatory and accreditation requirements ensures that meeting the internal benchmark also supports the organization's external compliance obligations, avoiding conflicting expectations. The alignment does not replace the legal health record, let patients set goals, or relate to purging the MPI.
- An HIM leader wants to ensure that established standards actually drive improvement rather than sitting unused. Which practice best accomplishes this?
- Regularly measure performance against the standards and provide feedback and corrective action when results fall short
- Set the standards and never measure performance against them
- Change the standards only when a new director is hired
- Keep the standards confidential from the staff they apply to
Correct answer: Regularly measure performance against the standards and provide feedback and corrective action when results fall short
Standards drive improvement when leadership regularly measures performance against them and provides feedback and corrective action when results fall short, closing the management loop. Setting standards without measurement, hiding them from affected staff, or changing them only with leadership turnover all prevent the standards from improving performance.
- An HIM department must work with the information technology department to ensure patient data flows correctly between the EHR and a new laboratory system. From a leadership standpoint, what does this collaboration represent?
- Cross-departmental collaboration to support HIM interoperability
- A release-of-information disclosure to a third party
- A coding accuracy audit
- A bed control function
Correct answer: Cross-departmental collaboration to support HIM interoperability
Working with IT to ensure patient data flows correctly between systems is cross-departmental collaboration that supports HIM interoperability, a core leadership task of coordinating across departments to keep information usable and connected. It is not a disclosure of records, a coding audit, or a bed control activity.
- Why is collaboration with other departments essential for an HIM leader trying to achieve interoperability of health information?
- Because interoperability depends on shared data standards and coordinated workflows that no single department controls alone
- Because collaboration eliminates the need for any data standards
- Because HIM alone owns every clinical system in the organization
- Because interoperability is purely a billing function
Correct answer: Because interoperability depends on shared data standards and coordinated workflows that no single department controls alone
Interoperability requires shared data standards and coordinated workflows that span multiple departments, so no single area controls it alone, making cross-departmental collaboration essential for the HIM leader. HIM does not own every clinical system, collaboration does not remove the need for data standards, and interoperability is far broader than billing.
- During implementation of a new system that must exchange data with an existing registration system, the HIM leader is asked to represent data integrity needs. Which contribution best reflects the HIM role in this interoperability effort?
- Ensuring patient-matching and data definitions are consistent so information exchanged between systems remains accurate
- Deciding the facility's nursing staffing ratios
- Selecting the cafeteria vendor
- Setting the organization's marketing budget
Correct answer: Ensuring patient-matching and data definitions are consistent so information exchanged between systems remains accurate
The HIM leader's interoperability contribution is to ensure patient-matching and data definitions are consistent so the information exchanged between systems remains accurate and correctly attributed to the right patient. Nursing ratios, cafeteria vendors, and marketing budgets fall outside the HIM data-integrity role in an interoperability project.
- Two departments disagree about which system should be the authoritative source for a shared patient data element during an interoperability project. What is the most appropriate HIM leadership action?
- Facilitate agreement on a single authoritative source and consistent data definition to preserve data integrity across systems
- Let both systems remain authoritative so neither department is upset
- Choose whichever system is newest regardless of data quality
- Refuse to participate because data sourcing is not an HIM concern
Correct answer: Facilitate agreement on a single authoritative source and consistent data definition to preserve data integrity across systems
The HIM leader should facilitate agreement on a single authoritative source and a consistent data definition so the shared element stays accurate as it moves between systems, preserving data integrity. Allowing dual authoritative sources invites conflicting data, abstaining ignores a core HIM responsibility, and choosing by system age ignores data quality.
- An HIM leader collaborates with clinical, IT, and revenue departments to standardize how a key data element is captured across the organization. What is the primary interoperability benefit of this collaboration?
- It allows data to be shared and understood consistently across systems and departments
- It increases the facility's bed occupancy rate
- It shortens the record retention period
- It replaces the need for a legal health record
Correct answer: It allows data to be shared and understood consistently across systems and departments
Collaborating to standardize how a key data element is captured allows that data to be shared and understood consistently across systems and departments, which is the essence of interoperability. It does not change bed occupancy, replace the legal health record, or affect the retention period.
- An HIM director is invited to an enterprise committee planning data exchange with an outside health information network. Why is HIM participation valuable to this interoperability initiative?
- Because HIM expertise in data standards, patient identification, and data integrity helps ensure exchanged information is accurate and usable
- Because HIM controls the building's physical security
- Because HIM sets the organization's capital budget
- Because HIM determines physician staffing levels
Correct answer: Because HIM expertise in data standards, patient identification, and data integrity helps ensure exchanged information is accurate and usable
HIM participation is valuable because HIM expertise in data standards, patient identification, and data integrity helps ensure that information exchanged with an outside network is accurate, correctly matched, and usable. Setting capital budgets, controlling physical security, and determining physician staffing are not HIM responsibilities in this context.
- When an HIM leader develops a new departmental policy, why is it good practice to base the policy on applicable laws, regulations, and accreditation standards?
- So the policy directs staff to act in a way that keeps the organization compliant with external requirements
- So the policy reflects an arbitrary preference of the director
- So the policy can avoid ever being reviewed again
- So the policy can replace the data dictionary
Correct answer: So the policy directs staff to act in a way that keeps the organization compliant with external requirements
Basing a policy on applicable laws, regulations, and accreditation standards ensures it directs staff to act in ways that keep the organization compliant with external requirements rather than reflecting arbitrary preference. Grounding a policy in requirements does not exempt it from future review and does not replace the data dictionary.
- An HIM manager observes that staff frequently bypass a written procedure because it no longer matches the current EHR workflow. What is the best leadership response?
- Update the procedure to reflect the current workflow and retrain staff on the revised version
- Discipline staff for not following the obsolete procedure exactly
- Remove all procedures so staff can improvise freely
- Keep the obsolete procedure and ignore the workaround
Correct answer: Update the procedure to reflect the current workflow and retrain staff on the revised version
When staff bypass a procedure because it no longer matches the actual workflow, the leader should update the procedure to reflect the current process and retrain staff on the revised version, restoring an accurate authoritative guide. Disciplining staff for an obsolete procedure, removing all procedures, or ignoring the gap leaves the documented process out of step with reality.
- An HIM leader wants new performance standards for coding, release of information, and chart completion to be accepted by the staff who must meet them. Which approach best supports buy-in while keeping the standards meaningful?
- Involve staff input where appropriate, explain the rationale, and base the targets on realistic, measurable expectations
- Impose the standards without explanation and forbid any questions
- Set the targets so low that no one could ever miss them
- Keep the standards secret until the first performance review
Correct answer: Involve staff input where appropriate, explain the rationale, and base the targets on realistic, measurable expectations
Buy-in for meaningful standards is best supported when the leader involves staff input where appropriate, explains the rationale, and bases the targets on realistic, measurable expectations, so staff understand and accept them. Imposing standards without explanation, setting trivially low targets, or hiding the standards undermines either acceptance or the value of the standard.
- An HIM department's coding turnaround standard conflicts with a quality target because rushing to meet the turnaround time increases coding errors. As a leader, how should these standards be reconciled?
- Balance the standards so timeliness and accuracy are both addressed, adjusting staffing or expectations rather than sacrificing quality for speed
- Discard the quality target so the turnaround number is always met
- Eliminate both standards to remove the conflict
- Ignore the conflict and let staff choose which standard to meet
Correct answer: Balance the standards so timeliness and accuracy are both addressed, adjusting staffing or expectations rather than sacrificing quality for speed
Conflicting timeliness and quality standards should be reconciled by balancing them so both are addressed, for example by adjusting staffing or expectations rather than sacrificing accuracy for speed. Discarding the quality target, leaving the choice to individual staff, or eliminating both standards each abandons a legitimate performance objective.
- An HIM leader provides recurring education to staff on a regulation but never updates the content when the regulation is amended. What is the main leadership weakness in this practice?
- The training teaches outdated requirements, leaving staff unprepared to comply with the current regulation
- Education should never be repeated, so recurrence itself is the flaw
- Education content can only be updated by patients
- Repeating training automatically lowers coding accuracy
Correct answer: The training teaches outdated requirements, leaving staff unprepared to comply with the current regulation
Delivering recurring education without updating the content when the regulation is amended means staff are taught outdated requirements and are left unprepared to comply with the current rule, defeating the purpose of the education. Recurrence is appropriate, repeating training does not lower coding accuracy, and content updates are a leadership responsibility rather than a patient task.
- An HIM director is asked to justify why the department should send a representative to an organization-wide interoperability and EHR governance committee. Which justification is strongest from a leadership perspective?
- HIM brings essential data-integrity, patient-identification, and standards expertise that shapes how health information is exchanged across the enterprise
- HIM should attend only to take notes for other departments
- HIM should attend so it can set the committee's catering
- HIM has no stake in interoperability and attends only as a courtesy
Correct answer: HIM brings essential data-integrity, patient-identification, and standards expertise that shapes how health information is exchanged across the enterprise
The strongest justification is that HIM brings essential expertise in data integrity, patient identification, and data standards that directly shapes how health information is exchanged across the enterprise, making its voice valuable on the committee. Attending merely to take notes, arrange catering, or as a courtesy understates HIM's substantive interoperability role.
- An HIM leader must decide how to roll out both a revised policy and updated staff education following a new regulation. Which sequence best reflects sound leadership of these interrelated tasks?
- Revise the policy to reflect the new regulation, then educate staff on the revised policy so practice matches the documented expectation
- Educate staff on the old policy and never revise it
- Roll out neither and wait for an external auditor
- Revise the policy but deliberately withhold it from staff
Correct answer: Revise the policy to reflect the new regulation, then educate staff on the revised policy so practice matches the documented expectation
Sound leadership revises the policy to reflect the new regulation and then educates staff on the revised policy, so the documented expectation and actual practice align under the current rule. Training on the old policy, doing nothing until an auditor intervenes, or revising the policy while withholding it from staff all leave practice misaligned with the new requirement.
- An HIM leader establishes standards, writes supporting policies, educates staff on the applicable laws, and coordinates with other departments on data exchange. What overarching domain of HIM responsibility do these activities collectively represent?
- HIM leadership and management of the department's functions and collaboration
- Coding and reimbursement
- Privacy disclosure logging
- Statistical computation of healthcare rates
Correct answer: HIM leadership and management of the department's functions and collaboration
Establishing standards, writing policies, educating staff on applicable laws, and coordinating cross-departmental data exchange collectively represent HIM leadership and management of the department's functions and collaboration. These are leadership activities distinct from coding and reimbursement, privacy disclosure logging, or computing healthcare statistics, which are separate domains.