Sample Examination Questions

  1. 1. In auditing the effectiveness of internal controls within a billing department, the auditor should 
  1.           A.    request the certifications and credentials of the billing staff.
  2.           B.    evaluate the existing processes for pre and post submission review of claims.
  3.           C.    review the accounts receivable ledger for credit balances.
  4.           D.    verify the billing staff are utilizing the most current coding resources.

 2. An auditor is planning for a credit balance audit.  Which of the following might be a root cause to why the hospital’s Accounts Receivable has credit balances?

  1.           A.    The hospital’s patient billing system did not record enough contractual
  2.                   adjustment  once the insurance company paid the billed amount.
  3.           B.    The patient paid the co-pay at the time of service and had already met the
  4.                   deductible.
  5.           C.    The patient’s secondary insurance was billed before the primary insurance carrier
  6.                   paid its billed amount.
  7.           D.    The patient’s insurance company performed an audit of patient accounts and
  8.                   determined it underpaid on one Diagnosis Related Group (DRG).
  10. 3. Which of the following would best be considered a segregation of duties conflict in the hospital’s disbursements system?
  1.           A.    A payroll clerk adds a fictitious employee.
  2.           B.    An accounts payable clerk can add a vendor and later change the vendor’s
  3.                   address.
  4.           C.    A payroll clerk can add an employee and enter their hours recorded on the
  5.                   timesheet in the payroll system.
  6.           D.    An accounts payable clerk forges the signature of the Chief Financial Officer on a
  7.                   check.
  1. 4. A healthcare system has confidential data in many areas that need to be protected such as Electronic Protected Health Information (EPHI) and Personally Identifiable Information (PII). The PRIMARY purpose of installing data leak prevention (DLP) software is to control which of the following?
          A.    Access privileges to confidential files
          B.    Confidential documents leaving the internal network
          C.    Attempts to destroy critical data on the internal network
          D.    Which external systems can access internal resources
  1. 5. In performing an audit of the Health Information Portability and Accountability Act (HIPAA) Privacy Rule at a hospital, a healthcare internal auditor should know that HIPAA is enforced by which external agency?
    1.           A. Office of Inspector General (OIG)
  2.           B. Office for Civil Rights (OCR)
  3.           C. Centers for Medicare & Medicaid Services (CMS)
  4.           D. The Joint Commission (Joint Commission) 

   Answer Key