2015 Health Alliance - Broker Compliance Training Exam

The examples provided in the question all demonstrate methods of safeguarding enrollee information. Shredding documents before disposal ensures that sensitive information cannot be accessed by unauthorized individuals. Storing documents in a locked cabinet or desk when not in use adds an extra layer of security to prevent unauthorized access. Transporting documents in a locked container ensures that the information remains protected during transit. Therefore, all of the above examples qualify as safeguarding enrollee information.

Any activity suspected, in good faith, to be fraud, misconduct, or compliance violation must be reported to the Health Alliance Compliance Officer or Compliance Line. This means that if an individual believes that there is any fraudulent, misconduct, or compliance violation occurring, they have a responsibility to report it to the appropriate authorities. This helps to ensure that any potential wrongdoing is addressed and that the organization maintains a culture of compliance and integrity. Therefore, the statement "True" is correct as it accurately reflects the requirement to report such activities.

False. According to HIPAA regulations, healthcare providers are not allowed to disclose any patient information to a spouse or family member without the patient's written authorization. Even if the spouse calls and wants to discuss a specific claim, it is necessary for the member to be present or provide a written HIPAA compliant authorization before any information can be shared.

The given examples are all considered fraud or abuse because they involve unethical and illegal actions. Loaning one's ID card to someone else to obtain prescription drug benefits is fraudulent as it involves misrepresentation of identity for personal gain. Submitting forged or altered prescription drug receipts for reimbursement is also fraudulent as it involves falsifying information to obtain financial benefits. Encouraging an individual to disenroll from a plan can be considered abusive as it may manipulate or deceive the individual for personal or financial gain. Therefore, all of the above examples are considered fraud or abuse.

Enrollee information typically includes sensitive personal data, such as social security numbers or medical records. To ensure the privacy and security of this information, it is recommended to encrypt the email before including any enrollee information. Failure to do so can put the information at risk of being intercepted or accessed by unauthorized individuals. Therefore, it is not permissible to include enrollee information in the body of an email without encrypting it.

The correct answer is "All of the above." This means that your contract with Health Alliance may be terminated in any of the instances mentioned, including confirmed misconduct, not adhering to the standards of conduct outlined in the broker application, and confirmed fraudulent activity.

Accepting bribes, kickbacks, or inducements is unethical and illegal in most jurisdictions. As a broker, it is important to maintain integrity and act in the best interest of the clients. Accepting such incentives can compromise the objectivity and fairness of the broker's services. Therefore, it is not allowed to accept bribes, kickbacks, or inducements in connection with performing duties for Health Alliance.

The correct answer is "All of the above". This means that as a contracted broker of Health Alliance, you are expected to act in an ethical and compliant manner, comply with all applicable laws and regulations, and protect member information and the physical and intellectual property of Health Alliance. In other words, you are expected to fulfill all of these responsibilities as part of your role as a broker for Health Alliance.

No, you are not allowed to receive member claims information from Health Alliance without authorization from the member. This is because member claims information is considered private and confidential, and it is protected by laws and regulations such as the Health Insurance Portability and Accountability Act (HIPAA). In order to access and receive this information, proper authorization from the member is required to ensure their privacy and confidentiality rights are upheld.

It is important to never pursue a business opportunity or relationship that would compromise the ethical standards of Health Alliance or violate any laws or regulations. This ensures that the organization maintains its integrity and operates within legal boundaries. By choosing the correct answer "True," it indicates that one should always prioritize ethical standards and legal compliance when making business decisions.

The HITECH Act, also known as the Health Information Technology for Economic and Clinical Health Act, does indeed extend the HIPAA Privacy and Security regulations and the enforcement actions for breaches to cover brokers. This means that brokers who handle health information are also required to comply with HIPAA regulations and can face penalties for any breaches of patient data.

According to HIPAA regulations, covered entities are required to notify individuals affected by a breach of unsecure protected health information (PHI) without unreasonable delay and no later than 60 days after the discovery of the breach. However, if the breach involves more than 500 individuals, covered entities must notify the affected individuals, the Secretary of Health and Human Services, and the media within 60 days. Therefore, the correct answer is 5 days, as it falls within the required timeframe for notifying Health Alliance of a breach of unsecure PHI.

Sharing your logon ID and password with others is not acceptable. This is because it violates security protocols and puts your personal information at risk. Sharing login credentials can lead to unauthorized access to your account, potential misuse of your personal data, and compromised privacy. It is important to keep your login information confidential and only accessible to yourself to ensure the security and privacy of your online accounts.

If a person suspects that their logon id and password to the Health Alliance web site have been compromised, it is crucial for them to change their password immediately. This action is necessary to protect their account and prevent unauthorized access. By changing the password, the individual can ensure that their account remains secure and their personal information is not at risk. Doing nothing in this situation would leave the account vulnerable to potential misuse and compromise the security of sensitive data.

When the work on the Health Alliance web site is finished, it is important to immediately log off for security reasons. This ensures that unauthorized access to the account or sensitive information is prevented. Leaving oneself logged in indefinitely or simply closing the browser without logging off can leave the account vulnerable to unauthorized access and potential misuse.