HIPAA
Data Breaches
Retaliation/Anonymous Reporting
Stark Law/Anti-Kickback
False Claims Act
100

What Date did HIPAA become effective?

August 21,1996

100

How often should you change your password?

Every 60-90 Days

100

What is the number to our Non-Retaliation Policy?

COMP-23

100

True or False: The Stark Law only applies to Medicare and Medicaid Patients.

True

100

True or False: Was the FCA referred to as the Lincoln Law?

True: The False Claims Act was often called the "Lincoln Law" because it was originally enacted during President Abraham Lincoln's administration in 1863. At that time The US was facing rampant fraud by contractors supplying the Union Army during the Civil War.

200

What does HIPAA stand for?

Healthcare Insurance Portability and Accountability Act

200

How many calendar days from discovery do you have to report a breach?

60 Days

200

True or False: Does CMS require a Medicare Advantage Organization to have a reporting hotline?

True

200

What type of penalties could you incur if you violate the Anti-Kickback Statue?

Criminal and Civil

200

What is Upcoding?

Misrepresenting the type or complexity of services provided to receive a higher reimbursement than is appropriate.

300

What is the primary purpose of HIPAA?

To protect the privacy and security of patients' health information.

300

What should you do if you receive a suspicious email asking for sensitive information?

Do not click on any links or attachments and report to the IT Department..AKA CAM

300

What is the Mass Advantage Hotline number?

833-215-7231

300

What is the main purpose of the Stark Law?

To limit physician self-referrals where there is a financial relationship.

300

Who can be held liable under FCA?

Liability under the FCA can extend to individuals, corporations, contractors, or any entity that knowingly submits, or caused to be submitted, false claims to the government.

400

What other three areas did HIPAA expand into?

Privacy Rule, Security Rule, and HITECH Act

400

True or False: Only employees in IT are responsible for data security within the organization.

False - Data security is EVERYONE's responsibility.

400

What should an employee do if they feel they are being retaliated against?

They should report the suspected retaliation to their compliance officer, HR department, or through the anonymous reporting hotline.

400

True or False: Under the Anti-Kickback Statute, it is acceptable for a healthcare provider to receive payment from a pharmaceutical company as long as it's for recommending their products to patients.

False - The Anti-Kickback Statute prohibits accepting payments or incentives in exchange for referrals or product recommendations, as this could lead to biased patient care.

400

What does "knowingly" mean under FCA?

It means actual knowledge, deliberate ignorance, or reckless disregard of the truth.

500

Name three examples of identifiers that, when combined with health information, make data protected under HIPAA.

Name, SSN, Address, DOB, Telephone numbers, Medical Records, Email

500

Who must be notified when a data breach involves PHI?

HHS, the affected individuals, and sometimes the media must be notified, depending on the breach size.

500

Why is anonymous reporting important for a compliance program?

It allows employees to report concerns without fear of retaliation, which can increase reporting of issues that might otherwise go unreported.

500

What is one of the primary goals of both the Stark Law and Anti-Kickback Statute?

to ensure we’re always making decisions in the best interest of our patients.

500

What is the reward for a whistleblower?

Whistleblowers may receive 10-30% of the monetary sanctions collected