CHPC Study Guide 2026
Everything you need to pass the CHPC exam in one place: the exam format, every topic to study, real practice questions with explanations, flashcards, and full-length practice tests. Free, no sign-up needed.
📋 CHPC Exam Format at a Glance
📚 CHPC Topics to Study (21)
✍️ Sample CHPC Questions & Answers
1. Which scenario does NOT require a Business Associate Agreement?
HIPAA explicitly exempts transmission-only entities like the USPS from the business associate definition when they are not accessing PHI content.
2. What happens to a BAA if the underlying covered entity–business associate relationship ends?
Upon termination of the relationship, the business associate must return or destroy all PHI and certify that no copies have been retained, unless retention is legally required.
3. If an internal investigation uncovers a significant compliance violation, which of the following steps should occur?
When a significant compliance violation is uncovered, the most critical immediate step is to implement corrective actions. These actions directly address the identified violation, aiming to stop the non-compliant behavior, remediate any harm, and prevent its recurrence. This demonstrates the organization's commitment to resolving issues and maintaining compliance, forming the foundation for further steps like reporting or retraining.
4. Under HIPAA, psychotherapy notes receive special protection. Which statement best describes this?
Psychotherapy notes are separately defined and require a specific patient authorization for most disclosures, beyond the general authorization used for other PHI.
5. If a covered entity denies a patient's amendment request, what must the entity provide?
When denying an amendment, the covered entity must provide a written denial that includes the basis for denial and the patient's right to submit a statement of disagreement.
6. Which right allows patients to receive a list of disclosures of their PHI made by a covered entity in the past six years?
The HIPAA right of accounting of disclosures allows individuals to request a log of certain PHI disclosures made without their authorization.