★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Realistic of HIT-001 sample question materials and keys for CompTIA certification for IT professionals, Real Success Guaranteed with Updated HIT-001 pdf dumps vce Materials. 100% PASS CompTIA Healthcare IT Technician Exam exam Today!
2016 Apr HIT-001 Study Guide Questions:
Q346. You are the privacy officer for a medical practice and are making sure that you have created and secured written business associate agreements with your business associates. With which of the following would you not have to create a BAA (Business Associate Agreement)?
A. The data shredding company that destroys all PHI from patients no longer with the practice.
B. The accreditation board for your local hospital who decides which of your physicians goes on their panel of emergency providers and may need to review PHI during this process.
C. Your postal carrier who carries protected health information in the mail.
D. Your practice's malpractice lawyer who reviews PHI during case reviews.
Explanation: Your postal carrier. HIPAA does not require business associate agreements with conduits of PHI. A conduit is defined as an individual or organization that transports but does not access PHI other than as the law requires or for random or infrequent process required to carry out its functions. Answer: D is incorrect. HIPAA requires BAA's with any entity that provides legal services to the practice, particularly when it involves direct exposure to PHI. Answer: A is incorrect. Again, the data thredding company has open access to the PHI unlike the postal worker and engagement with the PHI (in this case, destroying it) is primary to its work. Answer: B is incorrect. Accreditation is a common example of a business associate under HIPAA and like the legal and data shredding services, it involves direct engagement with PHI to provide its services to the practice. HIPAA defines the "disclosure of individually identifiable health information" during the course of the activities provided to a covered entity as the standard for determining the need of a BAA. It lists legal, actuarial, accounting, consulting, data aggregation, management, administrative, accreditation, or financial services as categories of possible Business Associates.
Q347. A healthcare organization hires you to provide consultancy for setting up its Windows network. The company's server room will be in a highly secured environment. You are required to suggest an authentication method for it. The CFO of the company wants the server to use thumb impressions for authentication. Which of the following authentication methods will you suggest?
C. Smart card
Explanation: Biometrics is a method of authentication that uses physical characteristics, such as fingerprints, scars, retinal patterns, and other forms of biophysical qualities to identify a user. Nowadays, the usage of biometric devices such as hand scanners and retinal scanners is becoming more common in the business environment. Answer: C is incorrect. A smart card is a credit card-sized device used to securely store personal information such as certificates, public and private keys, passwords, etc. It is used in conjunction with a PIN number to authenticate users. In Windows, smart cards are used to enable certificate-based authentication. To use smart cards, Extensible Authentication Protocol (EAP) must be configured in Windows. Answer: D is incorrect. A certificate is a set of data that completely identifies an entity. It is a digitally signed statement that binds the value of a public key to the identity of a person. It can be issued to perform a number of functions such as Web server authentication, secure e-mail, etc. A certificate is valid only for the period of time specified within it. Moreover, a user can set the duration for a certificate's validity. After the validity period, the certificate becomes invalid. A certificate also eliminates the need for hosts to maintain a set of passwords for individuals who are required to be authenticated. Answer: B is incorrect. When two or more access methods are included as part of the authentication process, it implements a multifactor system. A system that uses smart cards and passwords is referred to as a two-factor authentication system. Though biometrics can also be a part of two-factor authentication, the question. only one method, that is thumb impression as an authentication factor.
Q348. For what period of time do all records containing HIPPA information be retained?
A. 4 years
B. 6 years
C. 30 years
D. 10 years
Explanation: All material containing HIPAA information must be retained for a period of 6 years after the materials were last in effect. This rule also pertains to any authorizations or business associated materials that may contain protected information.
Q349. You subscribe to a health care plan that provides health care services for a prepaid, fixed amount of reimbursement. Which of the following types of health insurance do you subscribe to?
B. Point of Service
D. Indemnity Plan
Explanation: Health Maintenance Organization (HMO) offers healthcare services for a prepaid fixed amount of reimbursement. In an HMO, providers and subscribers voluntarily enroll and the HMO assumes responsibility and financial risks. Answer: D is incorrect. Indemnity plan is incorrect as this type of plan allows you to visit any doctor, any hospital and direct your own care. Answer: B is incorrect. . Point of Service (POS) is an agreement where a patient is permitted to choose a provider each time healthcare service is required. Answer: C is incorrect. PPO or preferred provider organization is a network of physicians or healthcare organizations who provide healthcare at a discounted rate in return for higher patient volume.
Q350. You are responsible for securing the network at a law firm. You are concerned about printer security. What steps should you take to prevent printer security breaches? Each correct answer represents a complete solution. Choose two.
A. Remove the printer's driver from user computers.
B. Scan printer hard drives for spyware and viruses.
C. Secure any administrative connections (SSH, Telnet, etc.) to printers.
D. Limit print jobs.
Explanation: Many high-end printers have hard drives that can be infected with viruses and spyware. You must ensure they are regularly scanned and protected. Also, many high-end printers allow remote administration, and those services (SSH, TELNET, etc.) must be secured.
Abreast of the times HIT-001 free practice exam:
Q351. One key clinical process in the functioning of a private practice or a hospital is for patient encounters, progress notes and other physician reports to be recorded. Most often, physicians use audio recorders that generate either tapes or audio files to speak an account of the visit and their findings. This process is referred to as.
C. Patient Encounter
Explanation: Dictation is the process of a physician speaking their notes from a patient visit into a recording device. Answer: C is incorrect. This is not the name for the process of speaking their notes into a recording device. Answer: B is incorrect. This is not the name for the process of speaking their notes into a recording device. Answer: D is incorrect. Although the speech is recorded, this is not the conventional name for the process of speaking notes into a recording device.
Q352. As a member of the healthcare IT team, you are asked to send a patient's MRI exam from the MRI department to a PACS system for permanent archival. Which of the following would you depend on for transmission of these images?
D. Health Level 7
Explanation: DICOM, short for Digital Imaging and Communications in Medicine, refers to the standard of handling, storing, printing and transmitting information in medical imaging. Answer: D is incorrect. Health Level 7 is incorrect as this is a is an international community of healthcare subject matter experts and information scientists collaborating to create standards for the exchange, management and integration of electronic healthcare information. HL7 promotes the use of such informatics standards within and among healthcare organizations to increase the effectiveness and efficiency of healthcare information delivery for the benefit of all.
Q353. Which of the following options will you use to minimize ESD problems?
A. A plastic CPU cover.
B. An antiglare screen.
C. Wearing synthetic clothes in the computer lab.
D. A wrist strap.
Explanation: To minimize Electrostatic Discharge (ESD) problems, you should wear a wrist strap when you are working on computer components. A wrist strap is a simple wire with a watchband-style strap at one enA, D clip on the other end. The clip is connected to a common ground or to the piece of equipment being worked on. Answer: B is incorrect. An antiglare screen on the monitor is used to protect the eyes from radiation. Answer: C is incorrect. Wearing synthetic clothes can make the ESD problem worse. Synthetic clothes an transfer ESD charges from your skin when they rub against your clothes and can damage the computer components. It happens when your body or clothes come in contact with computer components. Answer: A is incorrect. A plastic CPU cover cannot decrease the ESD problem.
Q354. An 80 year old man is dissatisfied with several aspects of his hospital stay, which of the following pieces of legislation allows him to file a formal complaint?
D. Patient Bill of Rights
Explanation: Patient Bill of Rights. Patient Bill of Rights is correct as this legislation requires health care providers inform all patients of their rights as patients receiving medical treatment. There are eight rights every patient has as a recipient of medical care and one of those rights is the ability to file a complaint against the health plan, physician, hospitals and other health care personnel. Answer: A is incorrect. MIPPA is as this as this legislation is designed used to adjust Medicare reimbursement to certain facilities. Answer: C is incorrect. EMTALA is as this legislation legally obligates health care facilities to provide emergent care regardless of citizenship, legal status or ability to pay Answer: B is incorrect. HIPPA is as this legislation is designed to insure the privacy and security of personal health information.
Q355. What is the data transfer rate of IEEE 1394 standard?
Explanation: Institute of Electrical and Electronics Engineers (IEEE) 1394 supports a data transfer rate of 400Mbps. However, most of the devices currently available run at 200 Mbps.
Exact HIT-001 keys:
Q356. While installing a printer in a newly remodeled office at a large physician's practice, you consider what the best placement for the printer might be in order to protect patient's health information. Which of the following is a good guideline for printer/fax/copier policy?
A. PHI should never be printed on a shared or networked printer.
B. PHI in hardcopy form should be disposed of as soon as possible.
C. Printers and copiers used for printing of PHI should be in a secure, non-public location. If the equipment is in a public location, the information being printed or copied is required to be strictly monitored.
D. Physical access to the printer should be restricted only to providers.
Explanation: Ideally, printers, faxes and copiers in a healthcare facility should only be placed in secure, non-public locations. However, there are some high traffic areas where healthcare personnel interact with the publiA, C printer may be required for receipts, patient instructions and other documentation. A printer in this location should be strictly monitored, any hardcopies should be picked up promptly and given to the correct recipient, filed or disposed of as needed. Answer: D is incorrect. Many employees require access to printers, faxes and copiers, and access cannot be limited to one type of employee. There are many employees that will need access to PHI to carry out the functions of a healthcare facility, not just for treatment, but for the business operations of the facility. Printing access must be managed wisely and monitored closely to protect PHI, but this kind of extreme restriction would not allow the facility to function properly. Answer: A is incorrect. Many facilities have multiple workstations and mobile devices connected to a shared printer. Although extra care needs to be exercised both in the network security of the printer as well as the physical security of hardcopy documents printed out, it is possible to protect PHI and still use a shared printer. Often, one individual in physical proximity to the shared printer is assigned responsibility for the security of the hardcopy printouts and that they are promptly picked up so that no PHI exposure is risked. Answer: B is incorrect. Destroying hardcopies as a means of protecting PHI may actually cause some information to be lost. It is important to always observe the policies of record retention and disposal that the healthcare organization has set up in order to make sure that key information is properly filed and eventually disposed of in an approved manner.
Q357. Which of the following transfer protocols is used to access a secure Web server on the Internet?
Explanation: The Hypertext Transfer Protocol Secure (HTTPS) protocol is a protocol used in the Universal Resource Locater (URL) address line to connect to a secure site. If a site has been made secure by using the Secure Sockets Layer (SSL), then the HTTPS instead of the HTTP protocol should be used as a protocol type in the URL. Answer: C is incorrect. Point-to-Point Tunneling Protocol (PPTP) is a remote access protocol. It is an extension of the Point-to-Point Protocol (PPP). PPTP is used to securely connect to a private network by a remote client using a public data network such as the Internet. Virtual private networks (VPNs) use the tunneling protocol to enable remote users to access corporate networks securely across the Internet. PPTP supports encapsulation of encrypted packets in secure wrappers that can be transmitted over a TCP/IP connection. Answer: D is incorrect. Hypertext Transfer Protocol (HTTP) is a client/server TCP/IP protocol used on the World Wide Web (WWW) to display Hypertext Markup Language (HTML) pages. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. For example, when a client application or browser sends a request to the server using HTTP commands, the server responds with a message containing the protocol version, success or failure code, server information, and body content, depending on the request. HTTP uses TCP port 80 as the default port. Answer: A is incorrect. Transmission Control Protocol (TCP) is a reliable, connection-oriented protocol operating at the transport layer of the OSI model. It provides a reliable packet delivery service encapsulated within the Internet Protocol (IP). TCP guarantees the delivery of packets, ensures proper sequencing of data, and provides a checksum feature that validates both the packet header and its data for accuracy. If the network corrupts or loses a TCP packet during transmission, TCP is responsible for retransmitting the faulty packet. It can transmit large amounts of data. Application layer protocols, such as HTTP and FTP, utilize the services of TCP to transfer files between clients and servers.
Q358. Which of the following serial bus specifications is also known as Firewire?
B. IEEE 1284
C. IEEE 1394
Explanation: IEEE 1394 is a high-speed serial bus that provides enhanced PC connectivity for a wide range of devices. These devices include consumer audiovisual components, traditional PC storage devices, and handheld devices. IEEE 1394 is also known as Firewire. Answer: A is incorrect. DIN is a type of connector that is used in standard 101-key IBM-style keyboards. Answer: D is incorrect. RS-232 standard is a specification for serial communication ports, also known as COM ports, serial ports, or RS-232 ports, and is used to connect RS-232 compatible serial devices, such as modems and pointing devices to a computer. Answer: B is incorrect. Institute of Electrical and Electronics Engineers (IEEE) 1284 is a specification of a printer cable used to take advantage of bi-directional printing. Typically, bi-directional cables have the number 1284 printed on them.
Q359. You are a minor, under the age of eighteen, that requires medical care. For which of the following conditions are you able to seek medical care without consent of your parents?
B. Drug and Alcohol Abuse
C. Eating Disorders
Explanation: A minor child can request and receive medical treatment for drug and alcohol abuse and for treatment of sexually transmitted disease without the consent of a parent. Answer: C is incorrect. Parental consent is required for treatment of eating disorders. Answer: D is incorrect. Parental consent is required for treatment of obesity. Answer: A is incorrect. Parental consent is required for treatment of pregnancy.
Q360. There are millions of insurance billing claims being sent out to hundreds of difference insurance carriers everyday, and with many different formats for claim forms and the need for error checking, there's a need for a service to manage electronic claims in one accessible format for billing offices to contact if there is a problem. If you have a problem with a billing transaction program, you will likely contact one of these services during your employment. What is the name of this kind of entity?
A. Medical Billing Clearinghouse
B. Insurance Server
C. Claims manager
D. Electronic traffic controller
Explanation: A healthcare billing clearinghouse receives from a healthcare provider's billing office an electronic claim and then scrubs it for potential errors, then the clearinghouse securely transmits the claim to the correct payer (insurer, government program, etc). Answer: D is incorrect. Although a clearinghouse may seem like an information "air traffic controller" this is not the proper name for the company. Answer: B is incorrect. This is not the correct term. Answer: C is incorrect. This is not what a claims manager does. A claims manager is a position within an insurance company.