healthcare it course - cie bookstore online · chapter 2 - healthcare ... 30 hit exam 1104b ......
TRANSCRIPT
Healthcare Information Technology: First Edition
CLEVELAND
INSTITUTE OF
ELECTRONICS
BOOKSTORE
COURSE
HEALTHCARE IT COURSE
LESSONS 1101B THROUGH 1109B
1
Study Guide to accompany Introduction to Healthcare Information Technology, First Edition
By Mark Ciampa and Mark Revels
ISBN:
ISBN 13: 9781133787778
This study guide contains excerpts from the Introduction to Healthcare Information Technology, First Edition Instructor's resources and the book Introduction to Healthcare Information Technology, First Edition by Mark Ciampa and Mark Revels
© Copyright 2013 Cleveland Institute of Electronics All Rights Reserved / Printed in the United States of America
FIRST EDITION / First Printing / May 2013
2
Table of Contents Chat with Your Instructor .......................................................................................................................................... 3 Chapter 1 - Introduction to Healthcare IT...................................................................................................................... 4
HIT Exam 1101B ..................................................................................................................................................... 11
Chapter 2 - Healthcare Organizations and Operations................................................................................................. 13 HIT Exam 1102B ..................................................................................................................................................... 19
Chapter 3 - Desktop IT Operations .............................................................................................................................. 21 HIT Exam 1103B ..................................................................................................................................................... 28
Chapter 4 - Network IT Operations ............................................................................................................................. 30 HIT Exam 1104B ..................................................................................................................................................... 36
Chapter 5 - Medical Business Operations .................................................................................................................... 38 HIT Exam 1105B ..................................................................................................................................................... 47
Chapter 6 - Document Imaging and Problem Solving ................................................................................................. 49 HIT Exam 1106B ..................................................................................................................................................... 56
Chapter 7 - Basic Healthcare Information Security ..................................................................................................... 58 HIT Exam 1107B ..................................................................................................................................................... 64
Chapter 8 - Advanced Healthcare Information Security .............................................................................................. 66 HIT Exam 1108B ..................................................................................................................................................... 72
HIT Final Exam 1109B ........................................................................................................................................... 74
3
Chat with Your Instructor
The Study Guide for Introduction to Healthcare Information Technology, First Edition, is
created to provide you with concepts, ideas and pointers for learning more aboutthe field of
healthcare information systems.Chapter outlines are included followed by topic ideas presented
in a chapter-by-chapter format, which include the following:
Quick Quizzes
Additional Resources
Key Terms definitions
The topics follow the section-by-section format of the book and are intended to give you a range
of ideas for your understanding.
Students often learn from investigation of supporting topics. For this reason, there are many topic
tips throughout this guide. These topic tips may require you to solve a problem, work through a
new direction in technology or even attempt to predict the future. All of the topic tips are meant
to be thought provoking and to help you apply what you are learning.
Each chapter in the Study Guide also includes a set of interesting Additional Resources, which
are Web links to topics of interest. Finally, a list of definitions of Key Terms is included for each
chapter.
Introduction to Healthcare Information Technology, First Edition, covers many exciting topics,
and the staff believes that you will share in the excitement.
If you have a technical problem, we recommend the following:
First, check the textbook that accompanies the software.
Many software products include on-line help. If the answer is not available in the printed
materials, try using the Help feature of your software.
Feel free to call the instruction department during business hours (8:30 AM to 6 PM
Eastern Time), Monday through Friday, and Saturday during the weekend hours (8:30
AM to 5 PM Eastern Time). Be prepared to describe which lesson you're working on and
the problem you're having.
Instructional Support Addresses and Phone Numbers
Main Support Help Line: (800) 243-6446 or (216) 781-9400
E-mail address: [email protected]
Instructional Support is available business hours (Eastern Time) Monday through Saturday.
Mailing address: Cleveland Institute of Electronics
1776 East 17th
Street
Cleveland, OH 44114
4
Chapter 1 - Introduction to Healthcare IT
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
5
Chapter Notes
Overview
This chapter introduces the field of healthcare information technology. It begins by defining
healthcare information technology, noting some of its benefits, and reviewing CompTIA’s
response to the shortage of trained healthcare information technology professionals. Then the
chapter examines various regulatory agencies and regulations applicable to healthcare
information technology, and finishes with an overview of legal documents that healthcare
information technology professionals encounter on a regular basis.
Objectives
Define healthcare information technology
Recognize some of the benefits of healthcare IT
Describe the CompTIA Healthcare IT Technician Certificate
List major healthcare regulators
Summarize the major healthcare regulations
Describe typical healthcare legal practices
Highlights
What Is Healthcare Information Technology?
Topic Tip
To learn more about health information technology, visit:
http://healthinsurance.about.com/od/healthinsurancebasics/a/health_IT_overvie
w.htm
Quick Quiz 1.1
1. ____ is the use of hardware and software in an effort to manage and manipulate data and
information.
2. ____ is like a set of instructions that helps hardware process data into information.
3. ____ is the use of hardware and software in an effort to manage and manipulate health
data and information.
4. ____ is the conversion of handwritten/verbal doctor’s orders and/or notes into typed or
electronic format.
6
Regulatory Compliance: Regulators
Important figures: Table 1-1
Department of Health and Human Services
Topic Tip To learn more about the Department of Health and Human Services (HHS), visit:
http://www.hhs.gov/about/.
The National Institute of Standards and Technology
Important figures: Table 1-2
Quick Quiz 1.2
1. A(n) ____ is something that constrains or controls.
2. A(n) ____ is an electronic health history wherein an individual maintains their own
health information.
3. The term ____ is used to describe information about content.
4. (True or False) ONC sets the standards and criteria for EHR technology certification.
Regulatory Compliance: Regulations
HIPAA Privacy Rule
Important figures: Table 1-3
HIPAA Security Rule
Important figures: Table 1-4
HITECH Act
Important figures: Table 1-5
Quick Quiz 1.3
1. (True or False) Any individually identifiable health information created or received by a
Covered Entity or Business Associate is protected by the Privacy Rule.
7
2. The HIPAA Identifier Rule mandates that all Covered Entities storing or transmitting
ePHI must have a standardized ____.
3. ____ can be defined as the standardized and structured exchange of electronic
information between two or more parties using public and/or private networks.
4. A healthcare provider that is eligible for the Medicare EHR financial incentives under the
HITECH Act is called a(n) ____.
Line of Reasoning Questions
1. Who, or what, are the covered entities under the HIPAA Identifier Rule?
2. Evaluate the reasons why many Covered Entities and Business Associates are starting to
use Web portals instead of e-mail.
3. Determine the difference between data and information.
Additional Resources
1. HIPAA Security Rule:
http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
2. CompTIA Healthcare IT Technician:
http://certification.comptia.org/getCertified/certifications/hittech.aspx
3. Electronic Health Records (EHR) Incentive Programs:
https://www.cms.gov/EHRIncentivePrograms/
Quick Quiz Answers
Quick Quiz 1.1 1. Information technology (IT)
2. Software
3. Healthcare information technology (HIT)
4. Medical transcription
Quick Quiz 1.2 1. regulation
2. personal health record (PHR)
3. metadata
8
4. True
Quick Quiz 1.3 1. True
2. National Provider Identifier (NPI)
3. Electronic data interchange (EDI)
4. Eligible Provider (EP)
Key Terms
American Recovery and Reinvestment Act of 2009 (ARRA): A law enacted by the
111th
United States Congress in February 2009 and signed February 17, 2009, by
President Barack Obama that created the HITECH Act.
Business Associate (BA): A person or other entity that performs functions for a Covered
Entity as defined by HIPAA.
Business Associate Agreement (BAA): Contract that ensures Business Associates of
Covered Entities follow HIPAA Privacy Rule guidelines and regulations.
Centers for Medicare and Medicaid Services (CMS): Previously known as the Health
Care Financing Administration (HCFA), CMS administers the Medicare program, the
Federal portion of the Medicaid program, and State Children’s Health Insurance Program
(CHIP).
CompTIA Healthcare IT Certificate: A technology- and vendor-neutral certificate that
shows a candidate has reached a certain level of proficiency in the knowledge and skills
needed to deploy and support HIT.
Covered Entities (CE): Health care providers, health plans, and health care
clearinghouses covered by HIPAA.
critical access hospital (CAH): A hospital that receives cost-based reimbursement from
Medicare.
Department of Health and Human Services (HHS): A regulator whose purpose is to
help provide people access to high-quality health care, to help people find jobs and child
care, to keep food safe, to manage infectious diseases, and to extend the practice of
diagnosis and treatment, among others.
electronic data interchange (EDI): The standardized and structured exchange of
electronic information between two or more parties using public and/or private networks.
electronic health record (EHR): An electronic collection of patient or population health
information.
electronic medical record (EMR): An electronic record of patient care, usually in a
standalone situation such as a doctor’s office.
Eligible Provider (EP): A healthcare provider that is eligible for the Medicare EHR
financial incentives under the HITECH Act.
ePHI: Electronically transmitted or stored PHI.
Hardware: Devices that input, process, and output data and information.
Health Information Technology for Economic and Clinical Health Act (HITECH
Act): A law created under Title XIII of the American Recovery and Reinvestment Act of
2009 (ARRA).
9
Health Insurance Portability and Accountability Act (HIPAA): Broad federal
regulation that was developed in order to: reduce cost and increase efficiency by
standardizing the interchange of electronic data, improve portability and continuity of
health insurance, manage waste, fraud, and abuse of the health care industry, and protect
the privacy of personal health issues.
Healthcare information technology (HIT): The use of hardware and software in an
effort to manage and manipulate health data and information.
Information technology (IT): The use of hardware and software in an effort to manage
and manipulate generic data and information.
Meaningful Use: HITECH Act general guidelines used to determine financial incentives
for EHR use.
memorandum of understanding (MOU): A voluntary agreement between health
providers to some mutually beneficial arrangement. Sometimes called a memorandum of
agreement (MOA).
National Institute of Standards and Technology (NIST): A department of the United
States Department of Commerce that sets standards for EHRs under the HITECH Act.
National Provider Identifier (NPI): A HIPAA identifier replaces all other identification
from Medicare, Medicaid, and other government programs.
Office for Civil Rights (OCR): An office of HHS that is responsible for enforcement
and penalties for Privacy Rule noncompliance.
Office of the National Coordinator for Health Information Technology (ONC): A
staff division of HHS whose responsibility is to coordinate the use of advanced HIT
practices at the national level.
Patient Protection and Affordable Care Act (PPACA): A federal health care statute
that was signed into law by President Barack Obama on March 23, 2010, and is a product
of the health care reform agenda of the 111th United States Congress.
personal health record (PHR): An electronic health history wherein an individual
maintains their own health information.
Privacy Rule: A HIPAA law that regulates the protection and privacy of healthcare
information; also known as Standards for Privacy of Individually Identifiable Health
Information.
prospective payment system (PPS): A Medicare Part A system in which most of a
patient’s cost is reimbursed to a provider hospital based on the diagnosis, not actual cost.
Protected Health Information (PHI): Any individually identifiable health information
created or received by a Covered Entity or Business Associate and that is protected by the
HIPAA Privacy Rule.
Regulator: Governmental entities that mandate regulations.
Security Rule: A HIPAA law that focuses on electronically transmitted or stored PHI
(ePHI or EHI) used by Covered Entities.
Service Level Agreement (SLA): Agreement frequently used in technology applications
to define the level of service a user might expect from a technology provider.
Software: Also known as computer programs; contains the logic that makes computers
do what they do.
Standards for Privacy of Individually Identifiable Health Information: See Privacy
Rule.
10
Transaction and Code Sets Rule (TCS): A HIPAA regulation that mandates consistent
electronic interchange of PHI for all Covered Entities.
waiver of liability: Agreement used by providers for protection in the case of certain
procedures or treatments that may subject the hospital or physician to legal liability for
treatment risks.
11
HIT Exam 1101B
Please complete the following exam. You may use the electronic grading system for quicker
response. Simply log on to www.study-electronics.com and enter your credentials. Once the
exam has been submitted, your results will be returned within 72 hours. You may also e-mail
your answers to [email protected], or fax them to us at 1-216-781-0331. If you have any
questions, please contact the Instruction Department.
1. Keyboards, printers, and network devices are ____.
1) health information technology 3) software
2) hardware 4) instructions
2. If an infraction to the HIPAA Privacy Rule occurred on or after February 18, 2009, the penalty
amount could be up to $____ per violation with a calendar year cap at $1,500,000.
1) 1,000 3) 50,000
2) 25,000 4) 75,000
3. A ____ is typically a voluntary agreement between health providers to some mutually beneficial
arrangement.
1) memorandum of understanding 3) certificate of understanding
2) Service Level Agreement 4) waiver of liability
4. In 2007, the US spent approximately ____ percent of gross domestic product on healthcare.
1) 5.2 3) 17
2) 11 4) 24.5
5. The ____ is responsible for enforcement of the HIPAA Privacy Rule and penalties for
noncompliance.
1) National Institute of Standards and Technology
2) Office for Civil Rights
3) Office of the Inspector General
4) Electronic Health Record Laboratory Results Reporting Agency
6. ____ is information about content. For example, a radiologic image (content) can be described by
patient, date, time, and so on.
1) Symbolic data 3) Metadata
2) Raw data 4) Internal data
7. Under the ____ category of the HIPAA Security Rule, a covered entity must implement
information system access controls. 1) Technical 3) Physical
2) Administrative 4) Security
8. ____ is/are raw facts with little or no meaning.
1) Software 3) Programs
2) Data 4) Information
9. The cost of regulation is significant. One estimate contends that the cost of healthcare regulation in
the United States in 2004 was close to ____.
1) $250 million 3) $1 trillion
2) $578 billion 4) $47 trillion
10. In the event of any PHI breach, the Covered Entity is required to report the breach to ____.
1) HHS 3) the media
2) each individual affected 4) the Business Associate
12
11. The ____ makes essential primary care services accessible to the poor.
1) Administration on Aging
2) Agency for Healthcare Research and Quality
3) Health Resources and Services Administration
4) Centers for Disease Control and Prevention
12. The ____ is responsible for protecting the public from diseases and other preventable conditions.
1) Agency for Healthcare Research and Quality
2) Administration on Aging
3) Health Resources and Services Administration
4) Centers for Disease Control and Prevention
13. What is one of the most important obstacles to the healthcare industry embracing information
technology?
1) The lack of compartmentalization of the healthcare system
2) Laws preventing the use of electronic records for privacy reasons
3) The need for tools to convert existing manual systems to electronic systems
4) The shortage of trained healthcare technology professionals needed to implement the new
technologies
14. The ____ reports to the President.
1) National Institute of Standards and Technology
2) Department of Health and Human Services
3) Centers for Medicare and Medicaid Services
4) Office of the National Coordinator for Health Information Technology
15. The ____ Act is composed of four distinct Standards or Rules. These include Privacy, Security,
Identifiers, and Transactions and Code Sets.
1) Health and Human Services
2) National Institute of Standards and Technology
3) National Coordinator for Health Information Technology
4) Health Insurance Portability and Accountability
16. Under the ____ category of the HIPAA Security Rule, a covered entity must ensure that all members
of the workforce have appropriate access to ePHI.
1) Administrative 3) Security
2) Technical 4) Physical
17. ____ relates to the past, present, or future health of an individual, both mental and physical.
1) Electronic Medical Record (EMR) 3) Electronic Patient Record (EPR)
2) Protected Health Information (PHI) 4) Personal Health Information (PHI)
18. The United States spent over $7400 per person for health care in 2007, an amount that was an
increase over the previous year
1) True 2) False
19. Medicare is health insurance for people over the age of ____, or under that age if they have certain
disabilities.
1) 58 3) 65
2) 62 4) 70
20. Many industries already use EDI, so the technology is tested and proven. 1) True 2) False
END OF EXAMINATION
13
Chapter 2 - Healthcare Organizations and Operations
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
14
Chapter Notes
Overview
In this chapter, you will explore the various types of healthcare-related organizations, their
operations, codes of conduct, and proper methods for managing protected health information, or
PHI.
Objectives
Identify various healthcare organizational structures and their different methods of
operation
Explain the use of codes of conduct
Identify EHR/EMR access roles and responsibilities for using Protected Health
Information (PHI)
Describe the proper communication methods for use in the healthcare workplace
List best practices in handling PHI in the healthcare setting
Highlights
Healthcare Organizational Structures and Operation
Organizational Structures
Important figures: Table 2-1
Topic Tip To learn about emergency rooms, visit:
http://www.howstuffworks.com/emergency-room.htm
Methods of Operation
Important figures: Table 2-2, Table 2-3, Table 2-4
Quick Quiz 2.1
1. ____ are healthcare organizations that treat patients for injury or disease and usually
provide inpatient or long-term care.
2. ____ are a specialized department of a hospital where patients with acute conditions that
may be life threatening or need immediate treatment and are categorized into five levels.
15
3. The term ____ refers to the care of terminally ill patients either at home or in dedicated
facilities.
4. With reference to healthcare organizations, the term ____ refers to the set of established
behaviors for collectively achieving the organization’s goal.
Codes of Conduct
Sanitation
Topic Tip
For an interesting article on infection outbreaks in hospitals, visit:
http://ohsonline.com/articles/2012/02/07/norovirus-causes-most-hospital-
infection-outbreaks-study-says.aspx?admgarea=news
Quick Quiz 2.2
1. A(n) ____ refers to rules for behavior to which a group of people adhere.
2. The term ____ refers to the level of procedural formality based on the type of treatment
or diagnostics being administered.
3. ____ provide a private place where the patient can be examined without embarrassment.
4. (True or False) Contagions that originate in a hospital (or other healthcare setting) are
called nosocomial infections and are strictly monitored and managed through specific
procedures.
Protecting Healthcare Information
Access Roles and Responsibilities
Important figures: Table 2-5
Proper Communication
Important figures: Table 2-6
16
Quick Quiz 2.3
1. A method by which computer files can be transferred from one system to another over
the Internet or other computer network is called ____.
2. The use of the Internet and IP networks to route and carry telephone calls is called ____.
3. A(n) ____ is a device that is attached to a computer.
4. ____ are programs that lock out computer screens after a predetermined period of time.
Line of Reasoning Questions
1. Determine the importance of infection control in healthcare facilities.
2. Will Medicare pay for a patient’s long term-care in a nursing home? Why or why not?
3. Define the difference between a medical practitioner and a medical provider.
Additional Resources
1. CDC guidelines for infection control:
http://www.premierinc.com/safety/topics/guidelines/cdc_guidelines.jsp
2. Organizational Chart: http://www.sjlh.org/docs/SJLH_org_chart_02-01-12.pdf
3. Hospice care:
http://www.cancer.org/Treatment/FindingandPayingforTreatment/ChoosingYourT
reatmentTeam/HospiceCare/hospice-care-what-is-hospice-care
Quick Quiz Answers
Quick Quiz 2.1 1. Hospitals
2. Emergency rooms (ER)
3. hospice
4. formality of procedure
Quick Quiz 2.2 1. code of conduct
2. procedural behavior
3. Examination rooms
17
4. True
Quick Quiz 2.3 1. File Transfer Protocol (FTP)
2. Voice over IP (VoIP)
3. privacy screen
4. Screensavers
Key Terms
Ambulatory: Refers to walking; thus, ambulatory surgery refers to surgery on patients
who are able to “walk”—or be wheeled—away.
assisted living facility (ALF): A facility primarily designed for elderly people or others
who need some degree of assistance with activities of daily living (ADL).
code of conduct: Rules for behavior to which a group of people adhere. There are other
codes of conduct, but in the case of healthcare organizations, this is similar to formality
of procedure, but more rigid.
e-mail: A system of electronic message exchange over the Internet or other computer
network.
emergency room (ER): A specialized department of a hospital where patients with acute
conditions that may be life threatening or need immediate treatment are treated.
examination room: A private place in a healthcare setting where patients can be
examined.
Fax: The transmission of an electronic representation of printed material.
File Transfer Protocol (FTP): A method by which computer files can be transferred
from one system to another over the Internet or other computer network.
formality of procedure: Refers to the set of established behaviors for collectively
achieving the organization’s goal.
home health care: Rather than have the patient come to a hospital, clinic, or physician’s
office, home health care professionals go to the patient’s home.
Hospice: Care is for terminally ill patients either at home or in dedicated facilities.
Hospitals: Healthcare organizations that treat patients for injury or disease and usually
provide inpatient or long-term care.
imaging rooms: Rooms that are used for diagnostics such as x-ray, ultrasound, or other
electronic technology-based procedures.
instant messaging (IM): A method of sending electronic messages, but closer to real
time. IM messages tend to be shorter than e-mail and can be likened to electronic
chatting.
managerial operating procedures: Procedures developed to address business or
operational needs of the organization.
personal computer (PC): An electronic device that can be used to gain access to PHI,
either because PHI is stored on the device, or because the device is connected by a
network connection to the PHI.
Phone: See telephone
18
Placement: A method by which an electronic device that can be used to gain access to
PHI is located so as to minimize unauthorized access.
Printer: An electronic device that can be used to gain access to PHI.
privacy screen: A device that is attached to a computer monitor that prevents anyone not
sitting in front of the monitor from reading its contents.
private practice: In private practice, a single physician provides care to individual
patients. This can be in a private office, a clinic, or other setting.
procedural behavior: Procedural behavior refers to the level of procedural formality
based on the type of treatment or diagnostics being administered.
procedure rooms: Procedure rooms are settings wherein patients who require minor
procedures and privacy or specialized equipment may be treated.
professional communication: Communication that does not have to be managed or
monitored. This includes both style and content.
recovery room: Postsurgical patients are moved to recovery rooms directly after surgery
until anesthesia wears off and their vital signs stabilize.
Resources: The means by which organizations achieve their collective goals. Frequently,
these are divided into four types: financial, human, physical, and information.
Sanitation: The focus on the sterilization of facilities and instruments, and proper
disposal of contaminated wastes such as used hypodermic needles, bandages, gauze, and
other medical supplies.
scope of work: Defines the range of activities accomplished in an organization. General
hospitals usually have the broadest scope in that they will try to save life, reduce
suffering and pain, and eliminate disease of any patient who is presented for treatment.
Screensaver: Program that locks out a computer screen after a predetermined period of
time.
sensitivity of the environment: Sensitivity in a healthcare context usually means the
condition of the patient.
social behavior: Refers to conduct caused by or affecting other people.
surgical center: Center for outpatient surgery. Also known as ambulatory surgical center
(ASC).
telephone (phone): Handset device used to transmit electronic representations of the
human voice from one phone to another.
time lockout: Refers to the automatic logout of a computer program after a
predetermined period of time so that unauthorized users cannot use the system until they
are validated with the correct username and password.
voice over IP (VoIP): The use of the Internet and IP networks to route and carry
telephone calls.
19
HIT Exam 1102B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department.
1. Each healthcare team member, both medical and technical, has a unique responsibility in terms of,
access to, and the maintenance of PHI in the electronic health record/electronic medical record. A
____ may read a record but not create or modify it.
1) medical assistant 3) doctor’s assistant
2) nurse practitioner 4) medical doctor
2. ____ is frequently one of the largest healthcare departments.
1) Oncology 3) Cardiac care unit
2) Obstetrics 4) Medical/surgical
3. The ____ receives patients with acute conditions that may be life threatening or need immediate
treatment
1) intensive care unit 3) emergency room
2) cardiac care unit 4) neurology department
4. Rather than have a patient come to a hospital, clinic, or physician’s office, home health professionals
go to the patient. This is called ____.
1) home health care 3) ADL
2) temporary care 4) assisted living
5. In ____, a single physician provides care to individual patients.
1) group practice 3) private practice
2) large healthcare system 4) a nursing home
6. ____ provide only outpatient care.
1) Hospices 3) Psychiatric hospitals
2) Assisted living facilities 4) Private practices
7. ____ rooms have the least formality of any of the following environments.
1) Procedure 3) Recovery
2) Emergency 4) Imaging
8. Another name for a nursing home is a(n) ____.
1) convalescent hospital 3) contagious disease unit
2) hospice 4) independent living residence
9. ____ is a method by which an electronic device that can be used to access PHI is located so as to
minimize authorized access.
1) Networked devices 3) Physical placement
2) Secured location 4) Electronic access control
10. Organizational structure defines the authority, responsibilities, lines of communication, rights, and
duties of a group.
1) True 2) False
11. If PHI is deleted or changed, ____ is used to determine who made the changes and when.
1) authentication 3) an audit trail
2) emergency access 4) encryption
20
12. Knowing how a healthcare organization is compensated for service is foundational to understanding
general resource availability
1) True 2) False
13. A ____ are an access control technique where the program that is being used locks out users after a
certain period of time.
1) physical procedure 3) privacy screen
2) screensaver 4) time lockout
14. A patient who is not admitted and does not reside overnight receives ____ care.
1) laboratory 3) pediatric
2) inpatient 4) outpatient
15. ____ infections originate in a hospital or other healthcare setting.
1) Social 3) Medical
2) Nosocomial 4) Pathogen
16. ____ have a high amount of financial resource availability.
1) Pediatric hospitals 3) Nursing homes
2) Surgical centers 4) Assisted living facilities
17. ____ is an ancillary service department found in general hospitals.
1) Psychiatry 3) Oncology
2) Neurology 4) Clinical engineering
18. ____ is the level of procedural formality based on the type of treatment or diagnostics being
administered.
1) Code of conduct 3) Professional communication
2) Procedural behavior 4) Environmental formality
19. ____ provide only palliative care.
1) Home health care visits 3) Assisted living facilities
2) Surgical centers 4) Hospices
20. The use of the Internet and IP networks to route and carry telephone calls is called ____.
1) Instant Messaging (IM) 3) Voice over IP (VoIP)
2) Telephone Protocol (TP) 4) File Transfer Protocol (FTP)
END OF EXAMINATION
21
Chapter 3 - Desktop IT Operations
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
22
Chapter Notes
Overview
In this chapter, you will learn about desktop IT operations in the healthcare field that support
electronic records. First, an overview of IT will be presented, followed by how to install and
troubleshoot desktop workstations and other devices. Finally, you will explore how to configure
different types of devices.
Objectives
List the different types of computing resources and computer languages
Explain how to set up a desktop workstation
List the steps in troubleshooting hardware and software
Describe how to configure devices
Highlights
IT Overview
Types of Computing Resources
Important figures: Figure 3-1, Figure 3-2, Figure 3-3, Table 3-1
Topic Tip To learn more about cloud computing, visit:
http://computer.howstuffworks.com/cloud-computing/cloud-computing.htm
Quick Quiz 3.1
1. ____ are designed to be shared among all the healthcare providers involved with a
patient’s care, such as laboratories and specialists.
2. Mainframe computers can support hundreds of users simultaneously through a process
known as____.
3. A(n) ____ is defined as anything that resembles a net in how it looks or functions.
4. A variation of client-server computing is ____, in which software that allows for
applications are installed on servers and then accessed and executed through desktop
clients, instead of installing applications on each individual client computer.
23
Setting Up a Desktop Workstation
Parts of a Desktop System
Topic Tip To learn more about operating systems, visit:
http://www.howstuffworks.com/operating-system.htm
Installing and Configuring a Workstation
Important figures: Figure 3-7, Table 3-2
Troubleshooting
Hardware
Important figures: Table 3-3, Table 3-4
Quick Quiz 3.2
1. A security ____ is a general software security update intended to cover vulnerabilities
that have been discovered.
2. The term____ is used to describe software that addresses a specific customer situation
and often may not be distributed outside that customer’s organization.
3. The term ____ is used to describe software that is a cumulative package of all security
updates plus additional features.
4. The term ____ is used to describe software that the computer’s operating system uses to
interact with specific hardware.
Configuring Devices
Physical Interfaces
Important figures: Figure 3-10, Table 3-5
Mobile Storage Devices
Important figures: Figure 3-13, Figure 3-14
24
Quick Quiz 3.3
1. ____ is the name given to a wireless technology that uses short-range radio frequency
(RF) transmissions and provides for rapid ad hoc device pairings.
2. A(n) ____ is similar to an internal hard disk drive (HDD) found inside the computer,
except that it can be portable and is connected to the system with a USB or IEEE 1394
interface.
3. A(n) ____ is a small, often thumb-sized portable storage medium that utilizes flash
(solid-state) storage.
4. A(n) ____ is a small form factor card used for storage in handheld devices.
Line of Reasoning Questions
1. Investigate the reasons why some healthcare IT professionals regard EMRs as no better
than a paper record and feel that they may have contributed to the slow adoption of EHRs
by private practices.
2. Define the difference between a security patch and an update.
3. Determine the advantages of using virtualization.
Additional Resources
1. Electronic health record: https://www.cms.gov/EHealthRecords/
2. Introduction to Client Server Networks:
http://compnetworking.about.com/od/basicnetworkingfaqs/a/client-server.htm
3. Terminal Services: http://technet.microsoft.com/en-us/library/bb742597.aspx
4. Central Processing Unit/Microprocessor:
http://www.howstuffworks.com/microprocessor.htm
Quick Quiz Answers
Quick Quiz 3.1 1. Electronic health records (EHRs)
25
2. time-sharing
3. network
4. terminal services
Quick Quiz 3.2 1. patch
2. hotfix
3. service pack
4. driver
Quick Quiz 3.3 1. Bluetooth
2. external hard drive
3. USB flash drive
4. Secure Digital (SD)
Key Terms
Active Server Pages (ASP): A programming language alternative to PHP that is used to
create dynamic Web pages on a Web server.
application programming interface (API): A set of specifications that allows one
program to communicate with another program.
application software: “General” software that can be used for a variety of different
tasks.
barcode scanner: An optical scanner that can read a bar code.
Bluetooth: A wireless technology that uses short-range radio frequency (RF)
transmissions and provides for rapid ad hoc device pairings.
card/badge scanner: A scanner that processes employee ID cards or badges for entry
into a sensitive area.
client-server computing: The most common type of computer networking in which at
least one special high-powered computer called a server services requests from other
(usually less powerful) computers on the network called clients.
cloud computing: A “pay-per-use” model in which customers pay only for the
computing resources that they need at the present time.
compact disc (CD): An optical storage medium that was originally developed in 1982
for audio systems and was later used for recording computer data.
digital camera: A device that can be used to create a digital image of virtually any
object.
Digital Versatile Disc (DVD): An optical storage medium that has a high storage
capacity ranging from 1.46 GB to over 17 GB; also called Digital Video Disc.
document scanner: A device used to create an electronic image of a paper document.
Driver: Software that the computer’s operating system uses to interact with specific
hardware.
26
Extensible Markup Language (XML): A markup language often used in creating Web
pages that is designed to carry data instead of just indicating how to display it, as with
HTML.
external hard drive: A hard drive that functions in a similar fashion to an internal hard
disk drive found inside the computer, except that it can be portable and is connected to
the system with a USB or IEEE 1394 interface.
fax printer: A combination of a printer and a facsimile (fax) machine.
Flash: A multimedia platform that can be used to add special effects, such as animation,
video, and interactivity to Web pages.
Hotfix: Software that addresses a specific customer situation and often may not be
distributed outside that customer’s organization.
Hypertext Markup Language (HTML): The common language for displaying Web
page contents.
IEEE 1394: An interface that transfers bits one at a time like an older serial bus yet at
much faster speeds (800 Mbps).
Internet Service Provider (ISP): An organization that provides Internet connectivity.
Keyboard: The most common type of input hardware.
magnetic tape: A long, narrow strip of plastic whose surface is covered with a magnetic
substance, used in tape drives to back up data. Tape drives are an older technology.
mainframe computer: A large, expensive computer designed to process massive
amounts of data quickly.
Monitor: An output device that that displays the results of processing on a screen.
Mouse: A pointing device used to rapidly position a pointer at a specific location.
operating system (OS): Software that serves as the “intermediary” between the user and
the computer hardware.
Patch: A general software security update intended to cover vulnerabilities that have
been discovered.
PHP:A programming language that is used to create Web content that will change (is
dynamic) instead of remaining the same (static).
portable media player: A device that can play music, store data, and display images and
videos.
Secure Digital (SD) card: A small form factor card used for storage in handheld devices.
serial port: A legacy interface that sends one bit of information at a time from the
computer to the connected device.
service pack: Software that is a cumulative package of all security updates plus
additional features.
signature pad: A device that is used to capture a handwritten signature and store a
digitized image of the signature for later verification if needed.
small computer systems interface (SCSI): An older set of standards that can transmit
information at relatively high speeds.
Smartphone: Sophisticated cellular telephone that can also surf the Web, receive e-mail,
provide driving instructions, display photos, play music, and use other applications
(apps).
Structured Query Language (SQL): A programming language used to view and
manipulate data that is stored in a database.
27
Tablet: Lightweight touchscreen computing device like the Apple iPad or Samsung
Galaxy that uses a specialized mobile operating system to perform many functions
common to larger computers, such as media playing, Web browsing, e-mail, and video
chat. Most do not have a separate keyboard.
tablet PC: Enhanced laptop computer with a screen that rotates and can be written on
using a stylus.
Terminal Services: Software that allows for applications to be installed on servers and
then executed through desktop clients, instead of installing applications on each
individual client computer.
universal serial bus (USB): The most common type of physical interface for connecting
an external device to a computer.
Update: A universal software enhancement for all customers.
USB flash drive: A small, often thumb-sized portable storage medium that utilizes flash
(solid-state) storage.
Virtualization: The means of creating and using one or more virtual instances of a server
on one physical server.
28
HIT Exam 1103B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department.
1. Using terminal services is more expensive that installing applications on each individual client
computer due to the increased overhead needed to install, configure, and manage applications.
1) True 2) False
2. When troubleshooting a computer monitor, if the ____, the technician should ask “Is the cable to the
computer connected and tight?”
1) screen goes blank if no used 3) screen is blank and power light is on
2) screen is blank and power light is off 4) image flickers
3. A significant disadvantage to EMRs is that it they cannot be easily and accurately electronically
distributed.
1) True 2) False
4. What is the most common type of computer networking?
1) client-server 3) cloud
2) dumb terminal 4) mainframe
5. One recent enhancement to client-server computing is ____, in which more than one server can run
on the same physical piece of equipment.
1) time sharing 3) networking
2) terminal services 4) virtualization
6. The ____ is a type of output hardware.
1) CPU 3) mouse
2) monitor 4) keyboard
7. ____ is a programming language that is used to create Web content that will change (is dynamic)
instead of remaining the same (static).
1) PHP 3) Structured Query Language (SQL)
2) Extensible Markup Language (XML) 4) Hypertext Markup Language (HTML)
8. When setting up a desktop computer, a network connection ____.
1) is colored purple 3) uses a USB connection
2) resembles a larger telephone jack 4) is typically colored purple or green
9. Common ____ include Microsoft Windows, Apple Mac OS, and Linux.
1) programming languages 3) desktop operating systems
2) utility programs 4) application programs
10. The ____ characteristic of cloud computing means that the physical and virtual computing resources
are pooled together to serve multiple simultaneous consumers that are dynamically assigned or
reassigned according to the consumers’ needs.
1) on-demand self-service 3) invisible resource pooling
2) universal client support 4) immediate elasticity
11. ____ is a programming language used to view and manipulate data that is stored in a database.
1) Structured Query Language (SQL) 3) PHP
2) Extensible Markup Language (XML) 4) Hypertext Markup Language (HTML)
29
12. In ____, the consumer can install and run their own specialized applications on the cloud computing
network.
1) Cloud Services 3) Cloud Infrastructure as a Service
2) Cloud Platform as a Service 4) Cloud Software as a Service
13. The purpose of a computer network can be summarized in a single word: ____.
1) sharing 3) technology
2) security 4) server
14. When setting up a desktop computer, a mouse is typically connected to any available USB
connection; an older mouse may require a separate mouse connector that is colored ____.
1) blue 3) purple
2) yellow 4) green
15. A ____ is software that the computer’s operating system uses to interact with specific hardware.
1) driver 3) USB drive
2) user account 4) power setting
16. When troubleshooting a computer mouse, if the pointer on screen moves too slow or too fast, ____.
1) adjust the settings 3) remove the ball and clean it
2) turn of and restart the computer 4) replace the batteries
17. ____ are used to manipulate numbers.
1) Spreadsheets 3) Management programs
2) Presentation software programs 4) Word-processing programs
18. The ____ is the most commonly used type of interface today.
1) USB interface 3) small computer systems interface (SCSI)
2) parallel port 4) serial port
19. The oldest storage technology is ____.
1) solid state storage 3) external hard drive
2) optical storage 4) magnetic storage
20. In many ways, a desktop client running ____ is similar to a dumb computer terminal.
1) terminal services 3) virtualization
2) cloud computing 4) networking
END OF EXAMINATION
30
Chapter 4 - Network IT Operations
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
31
Chapter Notes
Overview
In this chapter, you will learn about network IT operations in the healthcare field that support
electronic health records. First, you will explore with students common network devices and
look at network servers. Next, you will examine how to set up a network and then troubleshoot
it. Finally, you will study the network technologies that can be used for electronic medical
records and electronic health records.
Objectives
List and describe standard networking devices
Explain the function of servers
Explain how to set up basic networking
List the steps for troubleshooting a network
Describe different options for EHR/EMR network technologies
Highlights
Standard Network Devices
Important figures: Figure 4-1, Table 4-1
Topic Tip To learn more about the OSI model, visit:
http://computer.howstuffworks.com/osi.htm
Hubs
Important figures: Figure 4-2
Switches
Important figures: Figure 4-3
Routers
Topic Tip To learn more about routers, visit:
http://computer.howstuffworks.com/router.htm
32
Quick Quiz 4.1
1. A(n) ____ is an older device for connecting multiple Ethernet devices on a network,
typically by using shielded twisted-pair (STP) copper cables to make them function as a
single network segment.
2. A(n) ____ is a network device that can forward packets across computer networks.
3. A(n) ____ is a server that manages the security-related elements on the network for the
user.
4. (True or False) A Windows domain controller is generally suited for organizations when
fewer than 10 client computers are being used.
Servers
Protocols
Important figures: Figure 4-4, Figure 4-5
Topic Tip To learn more about IP addresses, visit:
http://computer.howstuffworks.com/internet/basics/question549.htm
Quick Quiz 4.2
1. ____ are processes that run software for network clients and thus enable clients to share
processing power across a network.
2. A(n) ____is a server that provides services to a database of stored data.
3. Network ____ is a technology that can help to evenly distribute work across a network.
4. The ____ is a TCP/IP protocol that resolves (maps) an IP address (such as 69.32.133.79)
to its equivalent symbolic name (www.cengage.com).
Basic Network Setup
Client Connections
Important figures: Figure 4-7
Network Hardware
33
Important figures: Figure 4-9, Figure 4-10, Figure 4-11, Figure 4-12, Figure 4-13, Figure 4-
14, Figure 4-15
Network Troubleshooting
Connectivity Problems
Important figures: Figure 4-16, Figure 4-17, Table 4-2
Quick Quiz 4.3
1. The hardware needed on the computer to send and receive data on a wired network is
called a(n) ____.
2. A(n) ____ was originally a device that changed a continuous analog signal into a discrete
digital signal (and vice versa).
3. (True or False) When connecting a router to an Internet modem, the router should be
turned off.
4. A(n) ____ is a device that receives all wireless signals and serves as a bridge between the
wireless and wired networks.
Line of Reasoning Questions
1. Determine the difference between IP and TCP.
2. What is the purpose of port forwarding and how is it used?
3. How does your computer get its IP address?
4. Evaluate the advantages and disadvantages of wireless data communication.
Additional Resources
1. How hubs, switches, routers, and access points differ:
http://windows.microsoft.com/en-US/windows-vista/How-do-hubs-switches-routers-
and-access-points-differ
2. TCP/IP: http://www.w3schools.com/tcpip/tcpip_intro.asp
34
3. How Domain Name Servers Work: http://www.howstuffworks.com/dns.htm
4. Remote Desktop Protocol: http://support.microsoft.com/kb/186607
Quick Quiz Answers
Quick Quiz 4.1 1. hub
2. router
3. domain controller
4. False
Quick Quiz 4.2 1. Application services
2. database server
3. load balancing
4. Domain Name System (DNS)
Quick Quiz 4.3 1. network interface card (NIC), client network adapter
2. modem
3. True
4. access point (AP)
Key Terms
access point (AP): A device that receives all wireless signals and serves as a bridge
between the wireless and wired networks.
ad hoc: A wireless mode in which devices send and receive network traffic only between
themselves.
application server: A server that centrally stores applications (such as a multiuser
version of a word processor) that are accessible and run across the network on client
computers, instead of installing the software separately on each client.
application services: Processes that run software for network clients and thus enable
clients to share processing power across a network.
database server: A server that provides services to a database of stored data.
domain controller: A server that manages the security-related elements on the network
for the user.
Domain Name System (DNS): A TCP/IP protocol that resolves (maps) an IP address
with its equivalent symbolic name.
Dynamic Host Configuration Protocol (DHCP): A protocol that automatically assigns
IP addresses.
35
fiber optic: A cable that uses a very thin cylinder of glass at its center instead of copper.
Infrastructure: A wireless mode in which devices communicate with an access point.
Interference: (also called noise) External signals that interfere with the signal being
transmitted.
Internet modem: A device used for connecting computers and networks to the Internet.
Internet Service Provider (ISP): A company that provides access to the Internet.
ipconfig/all: A command that lists all of the IP settings for a device on Windows
operating systems.
Modem: A device that changes a continuous analog signal into a discrete digital signal
(and vice versa).
operating system and application interoperability: Allows for applications to run on
either the network’s operating system or on the local client.
Ping: A command that can determine if another computer can be reached.
port forwarding: Assigning an unused software port number to a service that is
associated with a software application that runs on the computer.
print server: A server exclusively dedicated to managing the printing functions across
the network.
Remote Desktop Protocol (RDP): A proprietary Microsoft protocol that allows a user to
access another remote computer over a network and perform tasks on it as if they were
sitting at the remote computer.
Router: A network device that can forward packets across computer networks.
Service Set Identifier (SSID): A user-supplied wireless network name that can generally
be any alphanumeric string from 2 to 32 characters.
static IP address: An IP address that does not change.
Switch: A device that connects network segments together.
Tracert: A command that displays the route (path) that a packet travels.
Transmission Control Protocol/Internet Protocol (TCP/IP): The most common
protocol suite used today for local area networks (LANs) as well as the Internet.
36
HIT Exam 1104B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department. 1. A(n) ____ is a device that receives all wireless signals and serves as a bridge between the wireless
and wired networks.
1) network interface 3) Ethernet port
2) access point 4) modem
2. The ____ is a database, organized as a hierarchy or tree, of the name of each site on the Internet and
its corresponding IP address.
1) Host-to-Host Transport System 3) Domain Name System
2) Symbolic Name System 4) Transmission Control Protocol
3. Routers are generally preconfigured to act as a ____ server to manage the automatic distribution of IP
addresses.
1) DHCP 3) NIC
2) DNS 4) modem
4. The version of the OSI model is still used today was written in ____.
1) 1978 3) 1991
2) 1983 4) 2010
5. Computers on a TCP/IP network use a physical address called a MAC address.
1) True 2) False
6. An IP address is made up of four bytes (called octets), each of which contain eight bits (a total of 32
bits in length). Each octet is a number from 1 to ____.
1) 32 3) 254
2) 160 4) 326
7. ____ (also called noise) is caused when a strong external signal interferes with the signal being
transmitted.
1) Service Set Identifier (SSID) 3) Multipath disruptions
2) Crimped cabling 4) Interference
8. A ____ allows for a digital computer to use an analog telephone signal.
1) NIC 3) router
2) modem 4) wireless NIC
9. Typically, not much configuration needs to be performed on an Internet modem itself for setup.
1) True 2) False
10. When a computer attaches to the network, it requests an IP address from a ____ server.
1) WLAN 3) DHCP
2) DNS 4) FTP
11. There are ____ classes of IP addresses.
1) three 3) five
2) four 4) six
37
12. The 802.11n standard has four significant improvements over previous standards; these include
speed, ____, interference, and security.
1) bandwidth 3) coverage area
2) radio frequencies 4) distance
13. A hardware ____ is sometimes called a Layer 4–7 router.
1) domain controller 3) print server
2) load balancer 4) hub
14. In most network environments, networks are divided or segmented by using switches to divide the
network into a hierarchy. ____ switches reside at the top of the hierarchy and carry traffic between
switches.
1) Core 3) Workgroup
2) Application 4) Building
15. TCP/IP uses its own four-layer architecture that includes Network Interface, Internet, ____, and
Application layers.
1) Physical 3) Data Link
2) Session 4) Transport
16. The OSI model has ____ layers.
1) four 3) seven
2) six 4) eight
17. How many wireless LAN standards are currently in use?
1) none 3) two
2) one 4) four
18. The most common protocol suite used today for local area networks (LANs) as well as the Internet is
the ____.
1) Dynamic Host Configuration Protocol (DHCP)
2) Electronically Stored Information Protocol (ESIP)
3) Remote Desktop Protocol (RDP)
4) Transmission Control Protocol/Internet Protocol (TCP/IP)
19. The ____ layer of the OSI model has the responsibility of permitting the two parties on the network to
hold ongoing communications across the network.
1) Session 3) Application
2) Presentation 4) Network
20. On a computer, software ____ are numbered software connections that a computer uses to identify
different types of network traffic.
1) modems 3) patches
2) routers 4) ports
END OF EXAMINATION
38
Chapter 5 - Medical Business Operations
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
39
Chapter Notes
Overview
The purpose of this chapter is to review the various aspects of medical business operations. In
doing so, you will cover terminology, functional departments within various organizations,
clinical process and software applications, and typical medical devices.
Objectives
Define frequently used healthcare terms
Identify and describe the functions of certain healthcare departments
Describe the uses for clinical software
List and describe the steps in the clinical process or environment
Identify and describe the functions of various medical devices
Highlights
Medical Terminology
Trauma Levels
Important figures: Table 5-1
Controlled Substances
Important figures: Figure 5-2
Electronic Medical Record
Topic Tip
New Jersey has announced its plans to convert the state’s hospitals and physicians
to electronic medical records. To learn more, visit:
http://www.njspotlight.com/stories/12/0210/0029/
Topic Tip
To learn about the meridian Mobile app, which promises secure access to real-
time EHR data, visit: http://mobihealthnews.com/16260/emr-for-urologists-
goes-mobile-with-iphone-app/
40
Quick Quiz 5.1
1. In the healthcare environment, the term ____ usually refers to the use of technologies that
provide a visual representation of internal body structures to help diagnose and treat
medical disorders.
2. A(n) ____ is a doctor who diagnoses and treats patients in three of these specialties:
family or general practice (GP), internal medicine, or pediatrics.
3. The Controlled Substances Act (CSA) of 1970 established governmental control of
certain drugs and/or chemicals, which are known as ____.
4. In the healthcare environment, the term ____ is used when a patient is in respiratory or
cardiac distress and needs immediate help.
Medical Departments
Intensive Care Unit
Important figures: Figure 5-3
Operating Room
Important figures: Figure 5-4
Quick Quiz 5.2
1. ____ is an area of psychiatry that studies the relationship between behavior and the
inpatient’s overall well-being.
2. ____ is the medical study of the ears, nose, and throat (ENT).
3. ____ are departments that provide various chemical, microbial, microscopic, and other
studies for the purpose of diagnosing and treating disease or injury.
4. ____ is a medical imaging technology that uses the radioactive decay of
radiopharmaceuticals in the diagnosis and treatment of disease.
Clinical Software
Billing/Coding/Auditing
41
Important figures: Table 5-2
Medical Devices
Computerized Axial Tomography Scanner
Important figures: Figure 5-5
Magnetic Resonance Imaging
Important figures: Figure 5-6
Quick Quiz 5.3
1. ____ addresses this problem by helping manage the patient scheduling process through
automation.
2. ____ helps manage the billing process using technology like insurance claim validation.
3. ____ uses computer algorithms to automatically check that the correct Current Procedural
Terminology (CPT) and ICD codes are used.
4. A(n) ____ is a portable electronic device that directly reads the level of glucose in the
blood just seconds after a small sample is measured.
Line of Reasoning Questions
1. What are the limitations of capsule endoscopy?
2. What types of diseases can be diagnosed with capsule endoscopy?
3. What is a modular EHR system?
Additional Resources
1. Understanding Capsule Endoscopy:
http://www.asge.org/patients/patients.aspx?id=390
2. Fluoroscopy: http://www.chop.edu/service/radiology/fluoroscopy/
3. Magnetic resonance imaging: http://www.howstuffworks.com/mri.htm
42
4. Ultrasound: http://www.howstuffworks.com/ultrasound.htm
5. Nuclear medicine: http://www.howstuffworks.com/nuclear-medicine.htm
Quick Quiz Answers
Quick Quiz 5.1 1. imaging
2. primary care physician (PCP)
3. controlled substances
4. Code Blue
Quick Quiz 5.2 1. Behavioral health
2. Otolaryngology
3. Laboratories
4. Nuclear medicine
Quick Quiz 5.3 1. Scheduling software
2. Billing software
3. Audit software
4. glucose monitor
Key Terms
acuity: A measure of the degree of patient disease or injury.
ambulatory surgery: Surgical procedures that can be accomplished without the patient
needing an overnight stay.
audit software: Software that uses computer algorithms to automatically check that the
correct Current Procedural Terminology (CPT) is used.
behavioral health: An area of psychiatry that studies the relationship between behavior
and the patient’s overall well-being.
billing software: Software that helps manage the billing process using technology like
insurance claim validation.
cardiac care unit (CCU): Hospital unit commonly reserved for patients who require
specialized cardiac monitoring; the patient’s electrocardiogram (EKG) is usually
monitored on a central console at the bedside.
Cardiovascular department: A hospital department that addresses advanced cardiac
specialties like electrophysiology, heart failure, and heart transplantation.
clinical environment: Sequence of operations that must occur for the patient to be
examined, diagnosed, and treated.
43
clinical software: Used to manage and manipulate data and information in the clinical
environment. This can be in a hospital, a doctor’s office, or a clinic.
Code Blue: An emergency code, generally announced over a public address (PA) system
in a hospital. Refers to a patient in respiratory or cardiac distress and needs immediate
help.
coding software: Used to help clinical staff, professional coders, and others generate
complete and accurate coding using ICD and other codes before claim submission.
computed tomography (CT) or computerized axial tomography (CAT): An x-ray
system wherein the tomography is digitized and processed by a computer using special
computer software algorithms that convert the data into radiographic image slices of the
body.
computerized physician order entry (CPOE): The use of electronic systems to store
and transmit physician-generated orders to other healthcare professionals in departments
such as pharmacy, laboratory, or radiology.
Consult: When a physician communicates with other physicians or specialists for
additional information or ideas about a patient’s diagnosis or treatment.
Consultation: Questions asked of a patient as part of the clinical process. May include
information such as pain levels, location, and intensity. May also include a brief history
of activity so as to determine if behavior or certain actions contributed to the illness (also
known as medical history).
Continuity of Care Document (CCD): An extension of the HL7 Clinical Document
Architecture (CDA) based on XML markup standards for encoding patient summary
clinical documents for exchange between systems.
Continuity of Care Record (CCR): A standard based on XML that defines a patient
health summary.
controlled substance: A drug or chemical substance controlled by the U.S. Controlled
Substances Act (CSA) of 1970.
Current Procedural Terminology (CPT):A coding scheme that describes various
medical, surgical, and diagnostic services to facilitate uniform information
communication regarding medical services.
Dermatology department: The hospital department where skin diseases are treated.
Dictation: When a physician uses a centralized voice-recording system to give verbal
orders. The recording system may be shared by various other physicians.
digital signatures: Encrypted messages that are analogous to handwritten signatures, but
allow for electronic transmission and storage.
ears, nose, and throat (ENT):The area of medical study that addresses facial plastic
surgery, the head and neck, laryngology (voice), neuro-otology (middle/inner ear, base of
skull), otology (ear), and rhinology (sinuses).
electrocardiogram (EKG or ECG): A two-dimensional representation of electrical
heart activity used to determine disorders such as undesirable heart rhythms
(dysrhythmias).
electroencephalograph (EEG): A two-dimensional representation of electrical brain
function used to determine disorders such as coma, epilepsy, and brain death.
e-prescribing: The ability of a prescriber (healthcare professional who is authorized to
order medications for patients) to electronically transmit an accurate prescription to a
pharmacy from the point-of-care.
44
Evaluation and Management Coding (E/M coding): A coding system for billing based
on CPT codes that physicians must use with private insurance, Medicare, and Medicaid
programs.
Examination: Part of the clinical process, a physical examination to determine if there
are any macroscopic (seen by the eye) irregularities like swelling, rashes, or other
external expressions of illness, disease, or trauma.
family birth center (FBC): A department within a hospital or a stand-alone organization
that strives to provide a family-oriented approach to childbirth.
glucose monitor: A portable electronic device that directly reads the level of glucose in
the blood just seconds after a small sample is measured.
Gynecology: The study of the female reproductive system.
Health Level Seven (HL7): A not-for-profit standards organization that develops
frameworks and associated standards that support the exchange of electronic health
information.
Imaging: The use of technologies that provide a visual representation of internal body
structures to help diagnose and treat medical disorders.
Intensive Care Unit (ICU): Hospital unit reserved for patients with life-threatening
diseases or trauma who need specialized care.
Interface: A common language or dialect that supports system communication and
interaction with other systems.
International Statistical Classification of Diseases and Related Health Problems, 10th
Revision (ICD-10): A standard taxonomy for the classification of diseases, causes, social
conditions, and other pertinent data, as retained by the World Health Organization
(WHO).
Laboratory: Department that provides various chemical, microbial, microscopic, and
other studies for the purpose of diagnosing and treating disease or injury.
Magnetic Resonance Imaging (MRI): An imaging technology that uses very strong
magnetic fields to visualize internal body structures.
medical devices: Used to diagnose and treat patients by the use of physical and chemical
means.
Medical/Surgical (Med/Surg) department: A hospital department that primarily cares
for adult patients before and after surgery.
National Drug Code ID (NDCID): A 10-digit, 3-segment unique numeric code that
identifies each medication listed in Section 510 of the U.S. Federal Food, Drug, and
Cosmetic Act.
neonatal intensive care units (NICU): A department for the care of newborns who need
acute care in addition to specialized staff and equipment.
nuclear medicine: Medical imaging technology that uses the radioactive decay of
radiopharmaceuticals in the diagnosis and treatment of disease.
nuclear stress test: The use of a gamma camera (a device that creates two-dimensional
images from gamma rays) to capture detailed images of the blood flow in the heart during
a cardiac stress test (also called a vascular stress test).
Obstetrics: Area of medicine concerned with pregnancy, childbirth, and post-birth
issues.
occupational therapy (OT): An organizational department that helps people complete
tasks of daily living.
45
oncology (ONC): The ONC department addresses the specific needs of cancer patients
on both an inpatient and outpatient basis.
operating room (OR): The department where surgical operations are conducted.
ophthalmology department: A department with staff and equipment necessary to
diagnose and treat various eye conditions, including cataracts, glaucoma, and retinal
disorders.
patient tracking software: Used to help better manage patients and the practice by
providing the ability to track services provided; by helping better manage patient
demographics; by managing patient visit history, including services performed, time, and
diagnosis; and by tracking patient-specific illnesses like allergies.
physical therapy (PT): A department for the diagnosis and treatment of range-of-motion
issues due to illness or injury.
physician order entry: The process of storing and transmitting diagnostic or treatment
orders to other healthcare professionals in departments such as pharmacy, laboratory, or
radiology.
picture archiving and communication system (PACS): A system for providing storage
and access to medical images from multiple source types thereby eliminating manual
storage requirements.
plastic surgery: The medical specialty that is concerned with the alteration or
reconstruction of the human body.
portable x-ray machine: A smaller version of an x-ray machine that can be moved to
the patient.
positron emission tomography (PET): A device in which the gamma rays emitted by
positron-emitting radiopharmaceuticals (tracers) can be reconstructed into a three
dimensional image of tracer concentration, thereby providing highly detailed imaging of
internal body structures.
Post-Anesthesia Care Unit (PACU): Department for patients recovering from the use of
any type of anesthesia due to the potential for post-anesthesia events such as respiratory
arrest. PACUs are sometimes called recovery rooms.
practice management software (PMS): Integrates medical software functionalities for
day-to-day operations of a medical practice into one integrated system.
primary care physician (PCP): A doctor who diagnoses and treats patients in one of
three specialties: family or general practice (GP), internal medicine, or pediatrics.
Progressive Care Unit (PCU): Used for transition of CCU and ICU patients who are
making progress and may not need the full resources of the CCU or ICU (also called
Transitional Care Unit [TCU]).
radiology (x-ray) department: A department that provides imaging equipment that uses
x-rays, ultrasound, or nuclear isotopes to detect and diagnose disease or injury.
Referral: Sending a patient to other healthcare professionals for further diagnosis or
treatment.
Registration: A workflow step in which the patient’s demographic data (contact
information, billing information, next of kin, current medications, and other information
pertinent to the patient’s general condition ) is collected.
respiratory therapy (RT): RT treats many respiratory conditions using resources such
as bronchodilators, pulmonary rehabilitation, and mechanical ventilation.
scheduling software: Software that helps manage the patient-scheduling process.
46
Stat: Derived from the Latin word, statim, meaning “immediately,” stat means to
expedite diagnosis, treatment, or other activities.
Stork unit: See family birth center.
Systematized Nomenclature of Medicine (Snomed): A taxonomy that provides for the
classification of disease. Its nomenclature includes 11 axes (or properties) of disease.
Transcription: The conversion of verbal physician orders to an electronic, paper, or film
format.
Transitional Care Unit (TCU): Used for transition of CCU and ICU patients who are
making progress and may not need the full resources of the CCU or ICU (also called
Progressive Care Unit [PCU]).
trauma center: An ER that is equipped and certified to address differing levels of
trauma.
Ultrasound: Machines that use high-frequency sound waves to image soft-tissue
structures like various organs.
vascular stress test: The use of a gamma camera (a device that creates two-dimensional
images from gamma rays) to capture detailed images of the blood flow in the heart during
a cardiac stress test (also called a nuclear stress test).
vitals cuff: A device that measures two or more vital signs at one time for continuous
monitoring without staff intervention.
47
HIT Exam 1105B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department.
1. The ____ is a taxonomy that provides for the classification of disease.
1) Systematized Nomenclature of Medicine
2) Health Level Seven
3) International Statistical Classification of Diseases and Related Health Problems
4) Continuity of Care Document
2. In the clinical environment, ____ takes place directly before dictation/transcription.
1) consultation 3) referrals
2) registration 4) CPOE
3. Each medication listed in Section 510 of the U.S. Federal Food, Drug, and Cosmetic Act has a ____-
digit unique numeric code.
1) 8 3) 10
2) 9 4) 11
4. The study of tumors (cancer) is called ____.
1) Dermatology 3) Gynecology
2) Otolaryngology 4) Oncology
5. Morphine, opium, oxycodone, methamphetamine, and cocaine are Schedule ____ controlled
substances.
1) 1 3) 3
2) 2 4) 4
6. ____ are frequently the first to see patients with chronic disorders, regardless of origin.
1) Internists 3) Specialists
2) Family physicians 4) Pediatricians
7. ____ is the use of electronic systems to store and transmit physician-generated orders to other
healthcare professionals in departments such as pharmacy, laboratory, or radiology.
1) Billing software
2) Computerized physician order entry (CPOE)
3) Patient tracking software
4) Electronic health records (EHRs)
8. Code ____ is such an emergency code, and commonly means that a patient is in respiratory or cardiac
distress and needs immediate help.
1) Acuity 3) Blue
2) Stat 4) Red
9. ____ is an imaging technique in which image sections or slices are created by using a penetrating
wave.
1) Electrocardiogram 3) Electroencephalograph
2) Stethoscope 4) Tomography
10. ____ is an imaging technique that measures ionic current flows within the brain.
1) Electroencephalograph 3) Stethoscope
2) Tomography 4) Electrocardiogram
48
11. ____ questions may include information such as pain levels, location, and intensity.
1) Registration 3) Consultation
2) Examination 4) Transcription
12. The hospital department, where skin diseases like dermatitis, hives, and psoriasis are treated, is called
____.
1) Gynecology 3) Ambulatory
2) Cardiovascular 4) Dermatology
13. ____ is a type of imaging that uses x-rays.
1) Ultrasound 3) Nuclear medicine
2) CT scan 4) Magnetic resonance imaging
14. Normally, an initial examination is performed by a nurse or other medical professional, but it could
be by a physician.
1) True 2) False
15. A Level 5 trauma center has a(n) ____ on staff 24x7.
1) researcher 3) trauma nurse
2) surgeon 4) anesthesiologist
16. The ____ is the department where surgical operations are conducted.
1) intensive care unit (ICU) 3) medical/surgical department
2) emergency room (ER) 4) operating room (OR)
17. ____ machines are large and complex, usually filling a room.
1) MRI 3) Gamma camera
2) EKG 4) Glucose monitor
18. Pediatricians usually diagnose and treat children until age 12.
1) True 2) False
19. Outpatient surgeries are known as ____ surgeries.
1) ambulatory 3) hospital
2) behavioral 4) cardiac
20. ____ is the medical study of the ears, nose, and throat (ENT).
1) Dermatology 3) Oncology
2) Otolaryngology 4) Gynecology
END OF EXAMINATION
49
Chapter 6 - Document Imaging and Problem Solving
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
50
Chapter Notes
Overview
The purpose of this chapter is to review the various aspects of document imaging, interfacing,
and problem solving. In doing so, you will learn about file types and their characteristics,
scanning and indexing, medical interface components, how to diagnose interface problems, how
to troubleshoot clinical software problems, the concept of change control, and why it is needed.
Objectives
Describe frequently used healthcare image file types and their characteristics
Identify medical interface components
Explain the interface diagnosis process
Describe the clinical software troubleshooting process
Explain the need for and use of change control in the clinical environment.
Highlights
Document Imaging
Characteristics
Important figures: Table 6-1
Topic Tip To learn more about compression, visit: http://www.howstuffworks.com/file-
compression.htm
Quick Quiz 6.1
1. ____ is a technique used to reduce to size of a digital image file, can be used
2. The term image ____ refers to the number of pixels (smallest image element) in an
image.
3. A(n) ____ is the smallest unit of computer storage.
4. The ____ format is best used for images with few distinct colors because it has low
resolution and can only represent 256 unique colors.
51
Medical Interface Components
Health Level Seven
Important figures: Table 6-2
E-Prescribing
Topic Tip For an interesting article on how e-prescribing could save $240 billion, visit:
http://informationweek.com/news/healthcare/CPOE/232600087
Quick Quiz 6.2
1. ____ is the process of avoiding medication inconsistencies across care settings.
2. ____ is commonly accomplished by using barcodes and a barcode scanner to verify that
the right medications are administered to the right patient.
3. ____ is a process in which an e-prescribing system helps ensure that the medications
prescribed are covered by the patients’ insurance formularies.
4. The ability of a prescriber (healthcare professional who is authorized to order
medications for patients) to electronically transmit accurate prescription information to a
pharmacy from the point of care is called ____.
Diagnosing Interface Problems
Billing Problems
Important figures: Figure 6-3
Medical Device Problems
Important figures: Table 6-3
Troubleshooting Clinical Software Problems
Escalate When Necessary
Important figures: Table 6-4
52
Quick Quiz 6.3
1. ____ are problems generated as a result of a failure in a fax, network, or Internet
connection and can also cause minor data anomalies.
2. A(n) ____ is one that that is no longer contained in the pharmacy’s formulary and
therefore cannot be filled.
3. A(n) ____ is a form used by providers to quickly list a patient’s procedures and diagnosis
for reimbursement.
4. A(n) ____ refers to a specific software problem fix for a security, usability, or
performance issue.
Line of Reasoning Questions
1. How pervasive is the use of e-prescribing in the healthcare industry?
2. Why do some doctors refuse to use an e-prescribing system?
3. Evaluate the physician’s role in medication reconciliation.
Additional Resources
1. Health Level Seven: http://www.hl7.org/about/index.cfm
2. Bedside medication verification:
http://www.healthtechnica.com/blogsphere/2010/05/06/bedside-medication-
verification/
3. What Is the Difference Between Bits and Bytes?:
http://compnetworking.about.com/cs/basicnetworking/f/bitsandbytes.htm
Quick Quiz Answers
Quick Quiz 6.1 1. Compression
2. resolution
3. bit
4. Graphics Interchange Format (GIF)
53
Quick Quiz 6.2 1. Medical reconciliation
2. Bedside medication verification (BMV)
3. Formulary checking
4. e-prescribing
Quick Quiz 6.3 1. Communication link errors
2. deactivated medication
3. superbill
4. patch
Key Terms
AL1 segment: An HL7 segment used to transmit patient allergy information.
bedside medication verification (BMV): Verification that the right medications are
administered to the right patient by scanning barcodes at the bedside.
billing segments: HL7 message units that are used for billing interface purposes.
BLG segment: HL7 message unit used to provide billing information on the ordered
service.
change control: A process for addressing the needs of software change throughout an
organization.
change management governance board (CMGB): An organizational group whose
responsibility is to work together to approve changes that may result in critical service
interruption.
Clearinghouse: An intermediary billing service that validates claims to ensure they are
error free.
clinical software: Computer programs that define EMR/HER, LIS, PIS, RIS, and other
electronic healthcare systems.
communication link errors: Problems that are generated as a result of failure in a fax,
network, or Internet connection and that can cause minor data anomalies.
Compression: A technique used to reduce the size of a digital image file.
configuration settings: User configuration options available on hardware and software.
data type: A data classification based on data properties like text, numeric, and binary.
deactivated medication: A common cause of e-prescribing message failure due to
medication no longer being contained in the pharmacy’s formulary; therefore, the
prescription cannot be filled.
deactivated node: A common cause of HL7 message failure due to configuration or
other errors.
Development: Writing new program code that addresses security, usability, and
performance issues or adds new features or functionality. The first stage of the software
change process.
drug allergy interactions (DAI): The effect of certain drugs, when used individually or
together, causing allergic reactions (activation of the immune system) in some patients.
54
e-prescribing: The ability of a prescriber to electronically transmit accurate prescription
information to a pharmacy from the point of care.
Field: A computer screen data entry area. Also, a component of an HL7 segment.
file size: Numbers of bytes (units of data) needed to store data in a given file.
formulary checking: A process in which an e-prescribing system helps ensure that the
medications prescribed are covered by the patients’ insurance formularies.
Graphics Interchange Format (GIF): Image format best used for images with few
distinct colors because it has low resolution and can only represent 256 unique colors.
Health Level Seven (HL7): A not-for-profit, accredited standards development
organization that develops standard languages that define how electronic messages sent
between healthcare providers are formatted.
image files: Files that are composed of pixels (very small picture elements), bitmap data,
vector (geometric) data, or some combination of these.
improperly formatted patient demographics: A common problem with HL7 and other
message types.
IN1 segment: HL7 message unit used to provide insurance policy coverage information
for private health insurers.
Index: A data structure that allows for fast retrieval of information.
input/output (I/O) errors: Errors that are the result of network and communication
problems.
Joint Photographic Experts Group (JPG or JPEG): Format widely used for image
storage when small size is needed and image quality degradation is not a problem.
medication reconciliation: The process of avoiding medication inconsistencies across
care settings.
Metadata: Data used to describe image attributes such as creation date, patient ID
number, diagnostic results, and other information.
Modules: Software subunits that are part of larger medical software systems.
MSH segment HL7: message unit that defines the message’s source, purpose,
destination, and syntax specifics such as delimiters (separator characters) and character
sets.
network and communication problems: A common reason for data corruption. Can be
caused by damaged network media, deteriorating network interface cards (NIC), or server
crashes.
OBR segment HL7: message unit that defines information about an exam, diagnostic
study/observation, or other assessment that is specific to an order.
optical character recognition (OCR): The process in which scanned images of
handwritten or printed text are translated into computer readable text.
outbound communication: Billing information that is not staying within the
organization (clinic, hospital, or private practice) but is being sent outside the
organization.
Patch: A specific software problem fix for security, usability, or performance issues.
PID segment HL7: message unit used to uniquely identify the patient.
Portable Document Format (PDF): A file format created by Adobe for representing
documents that can be used with almost any type of software, hardware, or operating
system.
power (lack of): A common hardware problem is the unintentional lack of electricity.
55
problem escalation process: A system by which hardware or software malfunctions can
be addressed by appropriate personnel.
Production: The final step in the software change process wherein software is used in a
live environment.
provider types: Categories of healthcare suppliers who use electronic interfaces.
quality assurance (QA) test: An assessment to ensure that software meets functional
requirements and defined performance behaviors. The second stage of the software
change process.
Resolution: The number of pixels (smallest image element) in an image. More pixels
mean higher resolution.
Retrieval: The process of locating saved data.
Scanning: The process of converting data printed on paper-based (or other flat) media
into an electronic format by using a device called a scanner.
SCH segment HL7: message unit that contains patient scheduling information.
standard contents: Group of standard segments used frequently in an HL7 message
subtype like MSH, SFT, EVN, and PID.
Storage: The process of saving structured or unstructured data for future retrieval and
use.
structured data: Data that is arranged in a defined manner.
Superbill: A form used by providers to quickly list a patient’s procedures and diagnosis
for reimbursement.
systematic software customization: Another term for change control, but using
procedural techniques.
Tagged Image File Format (TIFF or TIF): File format frequently used in commercial
image applications because it is supported by most computer operating systems,
including Linux, Mac, and Windows and provides good image quality. However, file size
tends to be large.
technical support: A group of technicians trained to support the use of certain hardware
and software.
tiered support: Technical support provided in service levels so as to provide the best
support in the most efficient manner.
unstructured data: Data that has no predefined arrangement.
Update: A software problem fix that may address security, usability, or performance
issues but also adds features or functionality.
user test: An assessment used to ensure that software meets users’ requirements; the
third stage of the software change process.
56
HIT Exam 1106B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department. 1. ____ are temporary decreases in power line voltage caused by the start-up power demands of many
electrical devices.
1) Surges 3) Spikes
2) Brownouts 4) Blackouts
2. To solve the power issue of ____, use an EMI/RF line filter or shield the source.
1) noise 3) spikes
2) surges 4) blackout
3. The last step of troubleshooting is ____.
1) determination 3) confirmation
2) identification 4) generation
4. A ____ is a list of medicines.
1) drug allergy interaction report 3) billing segment
2) formulary 4) bedside medication verification checklist
5. The HL7 billing segment ____ indicates the visit information.
1) PID 3) GT1
2) AUT 4) PV1
6. Scanning is the process of converting data printed on paper-based (or other flat) media into electronic
format by using a device called a scanner.
1) True 2) False
7. ____ represents a process that provides a procedural method for systematic software customization.
1) Module creation 3) Escalation
2) Change control 4) Clinical software
8. The ____ HL7 message segment is used to provide insurance policy coverage information for private
health insurers.
1) OBR 3) MSH
2) IN1 4) SCH
9. Subunits that are a part of larger medical software systems are called ____.
1) metadata 3) structured data
2) modules 4) lossless
10. Text printed on paper is considered to be structured data as long as it is formatted in paragraphs.
1) True 2) False
11. A database stores ____ data.
1) unstructured 3) structured
2) optical 4) image
12. ____ can be used to prevent the wrong patient from taking the wrong medication.
1) Outbound communication 3) Bedside medication verification
2) Medication reconciliation 4) E-prescribing
57
13. A HL7 message begins with the ____.
1) PID 3) MSH
2) EVN 4) PV1
14. In a RDE - Pharmacy Encoded Order HL7 message, ____ indicates the pharmacy order route.
1) AL1 3) RXE
2) RXR 4) PID
15. In a HL7 message, ____ means to add or change the billing account.
1) BAR 3) DFT
2) ADT 4) ACK
16. In an HL7 admission message, ____ means patient discharge.
1) A01 3) A03
2) A02 4) A04
17. Tier 1 technical support ____.
1) collects customer information
2) refers to an in-house IT department
3) may involve staff capable of working directly with the software designers
4) provides in-depth support
18. The second step in the software change process is ____.
1) production 3) development
2) user testing 4) quality assurance testing
19. A ____ is commonly adapted for a specific provider and is composed of patient demographic data,
common CPT procedure codes, and common ICD diagnostic codes.
1) patient demographic chart 3) patient billing code
2) electronic medical record 4) superbill
20. The ____ file format has medium quality and small file size.
1) PDF 3) TIFF
2) JPG 4) GIF
END OF EXAMINATION
58
Chapter 7 - Basic Healthcare Information Security
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
59
Chapter Notes
Overview
This chapter explores the basics of IT security as it relates to healthcare. First, you will look at
the definition of information security and examine the different types of physical security that
can be used to keep out data thieves. Next, computer technology protections will be studied.
Finally, you will explore how to back up data as protection against an attack or disaster.
Objectives
Define information security
List and describe the different elements of physical security
Explain how computer security can protect data
Describe different types of data backups
Highlights
What Is Information Security?
Important figures: Figure 7-1, Table 7-1
Physical Security
Environment
Important figures: Table 7-2, Figure 7-2, Table 7-3
Office Hardware
Important figures: Figure 7-3
Regulating Access
Important figures: Figure 7-5, Figure 7-6, Figure 7-7
Quick Quiz 7.1
1. ____, or rooms that house computer systems and network equipment, typically have
special cooling requirements.
60
2. A(n) ____ is a device that maintains power to equipment in the event of an interruption in
the primary electrical power source.
3. Standard ____ uses fingerprints or other unique physical characteristics, such as a
person’s face, hands, or eyes (irises and retinas) to authenticate a user.
4. (True or False) RFID tags on ID badges are passive and do not have their own power
supply
Computer Security
Passwords
Important figures: Figure 7-8, Table 7-4
Topic Tip To learn more password tips, visit:
http://www.nyu.edu/its/security/passwords/
Permissions
Important figures: Figure 7-9
Common Security Risks
Important figures: Table 7-5, Figure 7-10
Topic Tip
To learn more about social engineering, visit:
http://www.symantec.com/connect/articles/social-engineering-
fundamentals-part-i-hacker-tactics
Data Backups
Important figures: Figure 7-11, Table 7-6
Quick Quiz 7.2
1. The term ____ means that only the minimum amount of privileges necessary to perform a
job or function should be allocated.
2. A(n) ____ is a malicious program designed to take advantage of vulnerability in an
application or an operating system to enter a computer.
61
3. ____ is a general term used to describe software that spies on users by gathering
information without consent, thus violating their privacy.
4. Sending an e-mail or displaying a Web announcement that falsely claims to be from a
legitimate enterprise in an attempt to trick the user into surrendering private information
is known as ____.
Line of Reasoning Questions
1. What is reverse social engineering?
2. Investigate the importance of performing regular data backups.
3. Determine the importance of testing backups to ensure that they are functional and
accurate.
Additional Resources
1. Information Security Concepts: Availability:
http://www.brighthub.com/computing/smb-security/articles/31096.aspx
2. Information Security Concepts: Integrity:
http://www.brighthub.com/computing/smb-security/articles/30209.aspx
3. The Simplest Security: A Guide To Better Password Practices:
http://www.symantec.com/connect/articles/simplest-security-guide-better-password-
practices
4. How to prevent spyware:
http://www.microsoft.com/security/pc-security/spyware-prevent.aspx
5. Avoiding Social Engineering and Phishing Attacks:
http://www.us-cert.gov/cas/tips/ST04-014.html
Quick Quiz Answers
Quick Quiz 7.1 1. Data closets
2. uninterruptible power supply (UPS)
3. biometrics
4. True
62
Quick Quiz 7.2 1. least privilege
2. worm
3. Spyware
4. phishing
Key Terms
access control: The process of granting or denying approval to use specific resources.
Antispyware: Software that that helps prevent computers from becoming infected by
different types of spyware.
archive bit (also called archive flag): A setting in the properties of the file that indicates
if the file has been backed up.
Biometrics: Using a person’s unique physical characteristics for authentication.
daily backup: A backup of the entire set of data performed each day.
data backup: Copying information to a different medium and storing it (preferably at an
offsite location) so that it can be used in the event of a disaster.
data closet: Room that houses computer systems and network equipment and typically
has special cooling requirements.
differential backup: Backs up any data that has changed since the last full backup and
the archive bit is not cleared.
full access: Access that allows a user to read, write, change, or delete a file.
Generator: A device that is used to create electrical power.
heating, ventilation, and air conditioning (HVAC): Systems that provide and regulate
heating and cooling.
ID badge: Originally contained a photograph of the bearer and was visually screened by
security guards; later ID badges contained a magnetic stripe that was “swiped”; a bar
code identifier was then “scanned” to identify the user.
incremental backup: Backs up any data that has changed since the last full backup or
last incremental backup and the archive bit is cleared.
intermediate distribution frame (IDF): A wiring rack that is used to support the
internal network connections.
Keyfob: A device that can be read by a proximity reader to allow a user access to a
restricted area.
main distribution frame (MDF): A wiring rack that is used to connect external network
connections (such as to the Internet) to the internal connections.
Malware: Software that enters a computer system without the user’s knowledge or
consent and then performs an unwanted—and usually harmful—action.
Modify: Access that allows a user the ability to read, write, and delete a file.
Password: A secret combination of letters, numbers, and/or characters that only the user
should have knowledge of.
Permissions: An access granted to a computer user to perform specific job duties.
63
Phishing: Sending an e-mail or displaying a Web announcement that falsely claims to be
from a legitimate enterprise in an attempt to trick the user into surrendering private
information.
privacy screen: A panel to divide a work area; also a cover that slips over a computer
monitor to create a narrow viewing angle so the computer image is only visible to those
directly in front of the screen.
Read: Access that allows a user to view or access a file’s contents.
read and execute: Permission that allows a user to list files and select a specific
executable file to run it.
security lighting: Lighting that is used to illume an area at night.
social engineering: A means of gathering information for an attack by relying on the
weaknesses of individuals.
spam filter: Hardware and software that is used to block spam.
Spam: Unsolicited e-mail.
Spyware: A general term used to describe software that spies on users by gathering
information without consent, thus violating their privacy.
uninterruptible power supply (UPS): A device that maintains power to equipment in
the event of an interruption in the primary electrical power source.
video surveillance: Monitoring activity with a video camera.
Virus: A malicious computer code that, like its biological counterpart, reproduces itself
on the same computer.
Worm: A malicious program designed to take advantage of the vulnerability in an
application or an operating system to enter a computer.
Write: Access that allows a user to add content to a file.
64
HIT Exam 1107B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department.
1. ____ locks are combination locks that use buttons that must be pushed in the proper sequence to open
the door.
1) Pushbutton 3) Key
2) Combination 4) Cipher
2. The top five most common passwords found were _____, 123456, 12345678, qwerty, and abc123.
1) pass 3) password
2) pw 4) password123
3. Wood, paper, textiles, and other ordinary combustibles cause Class ____ fires.
1) A 3) C
2) B 4) D
4. A ____ lock can lock the door but have access to unlock from the outside via a small hole.
1) keyed entry 3) passage
2) patio 4) privacy
5. The Windows permissions setting, ____, permits a user to read, write, change, or delete a file.
1) read and execute 3) full control
2) modify 4) all access
6. A ____ is a malicious program designed to take advantage of vulnerability in an application or an
operating system to enter a computer.
1) spyware program 3) popup
2) worm 4) virus
7. In terms of information security, procedures provide ____ security.
1) CIA 3) physical
2) personnel 4) organizational
8. Security lighting is always effective regardless of positioning.
1) True 2) False
9. ____ restricts access based on “what you are.”
1) An ID badge 3) Biometrics
2) A metal key 4) A cipher lock
10. During a ____ backup, the archive bit is not cleared.
1) daily 3) full
2) differential 4) incremental
11. Fencing deterrents include the use of ____, which provide(s) a nonaggressive barrier at the top of a
fence.
1) roller barriers 3) anti-climb paint
2) anti-climb collars 4) rotating spikes
12. A username serves to ____ the user.
1) identify 3) authenticate
2) secure 4) confirm
65
13. Most passwords consist of a root along with an ending suffix; this combination is used ____ percent
of the time.
1) 50 3) 75
2) 65 4) 90
14. ____ are the most common type of standard biometric device.
1) iris scanners 3) Fingerprint scanners
2) ID badges 4) RFID scanners
15. The ____ lock includes a keyed cylinder in both outside and inside knobs, and the key unlocks its
own knob independently.
1) classroom 3) store entry double cylinder
2) communicating double cylinder 4) storeroom
16. A modern desktop computer can generate ____ passwords per second.
1) 20,000 3) 20 million
2) 1 million 4) 305 million
17. An electronic keyfob is a device that can be read by a proximity reader to allow a user access to a
restricted area.
1) True 2) False
18. Live or energized electric wires or equipment cause Class ____ fires.
1) A 3) C
2) B 4) D
19. A ____ lock latches but does not lock a door.
1) passage 3) patio
2) privacy 4) keyed entry
20. ____ fire suppression systems do not harm people, documents, or electrical equipment in the room.
1) Water sprinkler 3) Handheld
2) Clean agent 4) Dry chemical
END OF EXAMINATION
66
Chapter 8 - Advanced Healthcare Information Security
At a Glance
Study Guide Contents
Overview
Objectives
Topic Tips
Quick Quizzes
Line of Reasoning Questions
Additional Resources
Quick Quiz Answers
Key Terms
67
Chapter Notes
Overview
In this chapter, you will learn how encryption and other advanced healthcare information
security can be used to protect data. You will first learn what cryptography is and how it can be
used for protection. Then, wireless security and remote access will be examined. Finally, you
will see how to securely dispose of documents.
Objectives
Define encryption and explain how it can be used to secure information
Describe the vulnerabilities and protections of wireless networks
List the different remote access technologies
Explain how to securely dispose of a document
Highlights
Encryption
Basic Cryptography
Important figures: Figure 8-1, Table 8-1, Figure 8-2, Figure 8-3, Figure 8-4
Applying Cryptography
Topic Tip To learn more about HTTPS, visit:
http://websearch.about.com/od/dailywebsearchtips/qt/dnt0513.htm
Quick Quiz 8.1
1. Cleartext data that is to be encrypted is called ____.
2. ____ cryptography uses the same single key to encrypt and decrypt a document.
3. A(n) ____ device can be connected to a network and provide storage for any device that
is connected to the network so that individual files and folders can be stored there.
4. (True or False) Cryptography can be used to secure any data that needs to be protected.
68
Wireless Security
Vulnerabilities of IEEE 802.11 Security
Important figures: Figure 8-5
Topic Tip To learn more about MAC addresses, visit:
http://compnetworking.about.com/od/networkprotocolsip/l/aa062202a.htm
Wireless Security Solutions
Important figures: Figure 8-6
Quick Quiz 8.2
1. ____ is an IEEE 802.11 security protocol designed to ensure that only authorized parties
can view transmitted wireless information.
2. (True or False) SSIDs can be changed in an AP or wireless router configuration screen.
3. TKIP keys are known as ____.
4. (True or False) IEEE 802.11iallows both AES and TKIP clients to operate in the same
WLAN.
Remote Access
Virtual Private Network (VPN)
Important figures: Figure 8-7
Topic Tip To learn more about virtual private networks, visit:
http://www.howstuffworks.com/vpn.htm
Terminal Emulation
Important figures: Table 8-2
Remote Control Applications
Important figures: Figure 8-8
69
Quick Quiz 8.3
1. A(n) ____ uses an unsecured public network, such as the Internet, as if it were a secure
private network.
2. ____ is an encrypted alternative to the Telnet protocol that is used to access remote
computers.
3. ____ generally include all types of documents (including papers, letters, maps, books,
tapes, photographs, and so forth) that are either manually or electronically prepared,
maintained, or received in the course of the operation of a public office or agency.
4. A(n) ____ is the documentation of the healthcare services provided to an individual in
any aspect of healthcare delivery by a healthcare provider organization.
Line of Reasoning Questions
1. What is the difference between symmetric and asymmetric key cryptography?
2. Determine the difference between plaintext and plain text.
3. Evaluate the benefits of hardware encryption.
Additional Resources
1. Keep Your Data Secure with the New Advanced Encryption Standard:
http://msdn.microsoft.com/en-us/magazine/cc164055.aspx
2. Public Key Encryption: http://computer.howstuffworks.com/encryption3.htm
3. Storage area network:
http://compnetworking.about.com/od/networkstorage/g/storage_san.htm
Quick Quiz Answers
Quick Quiz 8.1 1. plaintext
2. Symmetric
3. network attached storage (NAS)
4. True
70
Quick Quiz 8.2 1. Wired Equivalent Privacy (WEP)
2. True
3. per-packet keys
4. False
Quick Quiz 8.3 1. virtual private network (VPN)
2. Secure Shell (SSH)
3. Public records
4. legal health record (LHR)
Key Terms
Advanced Encryption Standard (AES): A symmetric algorithm approved in late 2000
as a replacement for DES.
Chat: Real-time online correspondence between multiple users who have joined a virtual
chat room to share common interests.
collaboration sites: Web sites through which information is entered or sites are used to
edit shared documents.
Data Encryption Standard (DES): One of the first widely popular symmetric
cryptography algorithms; it was replaced by the more secure 3DES.
Degaussing: Demagnetizing a magnetic object such as a computer tape or hard disk
drive.
Encryption: Changing original text into a secret message using cryptography.
Hypertext Transport Protocol over Secure Sockets Layer (HTTPS): An encryption
protocol used to secure Web communications.
Layer 2 Tunneling Protocol (L2TP): A protocol used on virtual private networks
(VPNs) that merges the features of PPTP with Cisco’s Layer 2 Forwarding Protocol
(L2F).
legal health record (LHR): The documentation of the healthcare services provided to an
individual in any aspect of healthcare delivery by a healthcare provider organization.
Media Access Control (MAC) address filtering: A method for controlling access to a
WLAN based on the physical device address (MAC address).
network attached storage (NAS): A device that can be connected to a network and
provide storage for any device that is connected to the network.
Pretty Good Privacy (PGP): One of the most widely used asymmetric cryptography
systems for files on Windows systems.
private records: Documents that are held privately by a person or entity.
public records: All types of documents (including papers, letters, maps, books, tapes,
photographs, and so forth) that are either manually or electronically prepared, maintained,
or received in the course of the operation of a public office or agency.
RADIUS (Remote Authentication Dial In User Service): A technology for limiting
access to a network by limiting port security.
71
remote control application: A software application that allows one computer to connect
to a second computer so that the user can function as if sitting at the remote computer.
Remote Desktop Connection (RDC): The Microsoft implementation of a remote control
application.
Sanitizing: Removing only sensitive information from the document.
Secure FTP (SFTP): A comprehensive protocol used for securing FTP communications.
Secure Shell (SSH): An encrypted alternative to the Telnet protocol that is used to access
remote computers.
secure shredding: Using shredding by a third-party to destroy paper documents.
Secure Sockets Layer (SSL): A protocol developed by Netscape for securely
transmitting documents over the Internet using asymmetric cryptography.
site survey: An in-depth examination and analysis of a proposed wireless LAN site.
Smartphone: An enhanced cellular telephone that includes computing capability and
Internet connectivity.
storage area network (SAN): A dedicated storage network that provides access to
network file servers so that the devices appear like locally attached devices to the
network operating system.
terminal emulation: A software application can allow a desktop computer to function as
a terminal.
Triple Data Encryption Standard (3DES): A symmetric algorithm designed to replace
DES that uses three rounds of encryption instead of just one.
virtual private network (VPN): A technology that uses an unsecured public network,
such as the Internet, as if it were a secure private network, using encryption and
encapsulation to keep communications private.
Wi-Fi Protected Access (WPA): The first generation of security mechanisms to protect
both present and future wireless devices; it has been superseded by WPA2.
Wi-Fi Protected Access 2 (WPA2):The second generation of WPA security to address
authentication and encryption on WLANs; it is currently the most effective type of
wireless security.
Wired Equivalent Privacy (WEP): An IEEE 802.11 security protocol designed to
ensure that only authorized parties can view transmitted wireless information; it has been
superseded by WPA/WPA2.
72
HIT Exam 1108B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department.
1. TKIP keys are known as ____ keys.
1) preshared 3) symmetric
2) per-packet 4) asymmetric
2. Because Voice over IP (VoIP) is digital communications transmitted over a network, it can be
encrypted using standard LAN encryption technologies.
1) True 2) False
3. Data Encryption Standard (DES) uses a key length ____.
1) 480 bits 3) one byte
2) 128 bits 4) 56 bits
4. A VPN ____ aggregates hundreds or thousands of VPN connections.
1) handle 3) endpoint
2) tunnel protocol 4) concentrator
5. A(n) ____ uses an unsecured public network, such as the Internet, as if it were a secure private
network.
1) rogue access point
2) virtual private network (VPN)
3) Point-to-Point Tunneling Protocol (PPTP) endpoint
4) access point probe
6. Another name for symmetric cryptography is ____ cryptography.
1) two key 3) asymmetric
2) private key 4) public key
7. ____ relies on a secret key that is shared between the wireless client device and the AP.
1) Wired Equivalent Privacy (WEP) 3) MAC address encryption
2) Wi-Fi Protected Access (WPA) 4) Wi-Fi Protected Access 2 (WPA2).
8. ____ uses RADIUS for authentication.
1) Wi-Fi Protected Access 2 (WPA2) 3) Wired Equivalent Privacy (WEP)
2) MAC address encryption 4) Wi-Fi Protected Access (WPA)
9. Encryption under WPA2 is accomplished by using ____.
1) AES 3) RADIUS
2) 3DES 4) TKIP
10. During the first step of RADIUS authentication, ____.
1) the RADIUS server validates the authentication request
2) the supplicant sends an appeal for access
3) the authenticator creates an authentication request data packet
4) the RADIUS server starts an entry in the database
11. In general, individual health care providers must retain a patient’s LHR for ____ years after the last
treatment date, or three years from the patient’s death.
1) four 3) six
2) seven 4) ten
73
12. A ____ is used to encrypt cleartext data using an algorithm.
1) cipher 3) key
2) steganographic image 4) password
13. Applications, users, and software can all take advantage of ____ without the need to install additional
software or configure individual settings.
1) IPSec 3) TLS
2) SSL 4) HTTPS
14. ____ is an open source product which provides software encryption.
1) GNU Privacy Guard (GPG) 3) BitLocker
2) Pretty Good Privacy (PGP) 4) Encrypting File System (EFS)
15. Where is the best place to mount an AP?
1) an interior wall 3) the floor
2) the ceiling 4) an exterior wall
16. The most common type of wireless probe is the access point probe.
1) True 2) False
17. The ____ symmetric algorithm is designed to be secure well into the future.
1) Advanced Encryption Standard (AES) 3) Data Encryption Standard (DES)
2) Triple Data Encryption Standard (3DES) 4) Lucifer
18. Cryptography can protect the ____ of information by ensuring that only authorized parties can view
it.
1) authenticity 3) integrity
2) availability 4) confidentiality
19. ____ encrypts the entire system volume, including the Windows Registry and any temporary files that
might hold confidential information.
1) BitLocker 3) GNU Privacy Guard (GPG)
2) Pretty Good Privacy (PGP) 4) Encrypting File System (EFS)
20. Public key cryptography is also known as ____.
1) bidirectional cryptography 3) Advanced Encryption Standard (AES)
2) symmetric cryptography 4) asymmetric cryptography
END OF EXAMINATION
74
HIT Final Exam 1109B
Please complete the following exam. You may use the electronic grading system for quicker response.
Simply log on to www.study-electronics.com and enter your credentials. Once the exam has been
submitted, your results will be returned within 72 hours. You may also e-mail your answers to
[email protected], or fax them to us at 1-216-781-0331. If you have any questions, please contact the
Instruction Department.
1. 3DES employs a total of ____ iterations in its encryption.
1) 3 3) 48
2) 16 4) 56
2. General hospitals are frequently categorized by ____.
1) their budget
2) the number of residents in a 10 mile radius
3) their bed count
4) their university affiliation
3. In terms of information security, products provide ____ security.
1) CIA 3) personnel
2) physical 4) organizational
4. In the clinical environment, ____ is the last step of the workflow.
1) a referral 3) CPOE
2) a consultation 4) registration
5. A ____ has a high level of formality in patient treatment.
1) private practice 3) psychiatric hospital
2) surgical center 4) hospice
6. ____ are designed to be shared among all the healthcare providers involved with a patient’s care, such
as laboratories and specialists.
1) Electronic health records 3) Electronic medical record
2) Patient medical records 4) Lab reports
7. The ____ layer of the OSI model provides services for user applications.
1) Application 3) Session
2) Presentation 4) Network
8. The ____ specification is an extension of the HL7 CDA and is based on XML markup standards for
encoding patient summary clinical documents for exchange between systems.
1) Systematized Nomenclature of Medicine
2) Health Level Seven
3) Continuity of Care Document
4) International Statistical Classification of Diseases and Related Health Problems
9. The information about an image such as the patient name are stored using ____.
1) Portable Document Format 3) unstructured data
2) indexes 4) metadata
10. The HIPAA Identifier Rule mandates that all Covered Entities storing or transmitting ePHI must have
a standardized ____.
1) Referral Certification and Authorization 3) Transaction Code Set
2) National Provider Identifier 4) Electronic Data Interchange
75
11. Under the ____ category of the HIPAA Security Rule, a covered entity must ensure that all members
of the workforce have appropriate access to ePHI.
1) Security 3) Administrative
2) Technical 4) Physical
12. A patient social security number of 123-4T-5678 is an example of ____ in a HL7 message.
1) improperly formatted patient demographics
2) an intentional error
3) a communication link error
4) a deactivated node
13. The ____ is a type of processing hardware.
1) CPU 3) monitor
2) keyboard 4) mouse
14. ____ are frequently combined into one department.
1) Oncology and physical therapy 3) Cardiac care unit and neurology
2) Intensive care unit and medical/surgical 4) Gynecology and obstetrics
15. ____ is the protocol that functions primarily at the OSI Network Layer to provide addressing and
routing.
1) TCP 3) IP
2) DNS 4) RDP
16. In order for a fire to occur, four entities must be present at the same time: ____.
1) fuel, oxygen, heat, and chemical reaction
2) fuel, carbon monoxide, heat, and chemical reaction
3) air, chemical reaction, physical reaction, and fuel
4) wood, hydrogen, water, and heat
17. Passive RFID tags have ranges from about ____.
1) 1 to 12 inches 3) 1/3 inch to 19 feet
2) 2 to 24 inches 4) 1/2 inch to 30 feet
18. ___ is an encrypted alternative to the Telnet protocol that is used to access remote computers.
1) Secure Telnet 3) Virtual Private Networks (VPN)
2) terminal emulation 4) Secure Shell (SSH)
19. The ____ is an electronic record of patient care, usually in a stand-alone situation such as a doctor’s
office.
1) electronic medical record 3) personal health record
2) electronic health record 4) Medicare health record
20. The ____ HL7 message segment defines information about an exam, diagnostic study/observation, or
other assessment that is specific to an order.
1) MSH 3) IN1
2) OBR 4) SCH
21. Examples of Schedule ____ substances include cough and cold preparations containing limited
quantities of certain narcotics.
1) 1 3) 4
2) 3 4) 5
22. Virtually all wireless AP vendors choose to use ____ address filtering as a method for controlling
access to a WLAN based on the physical device address.
1) IEEE 802.11 3) access point
2) media access control (MAC) 4) network interface control (NIC)
23. A ____ operates at the Network Layer of the OSI model.
1) router 3) switch
2) hub 4) domain controller
76
24. When installing and configuring a mobile storage device, the first step is to ____.
1) identify the proper interface port 3) configure the device
2) install correct drivers 4) connect the device
END OF EXAMINATION