Data Content Structure Governance
24-28%of exam
Access Disclosure Privacy Security
12-16%of exam
Data Analytics and Use
14-18%of exam
Revenue Cycle Management
14-18%of exam
Compliance
13-17%of exam
Audit ControlsFraud AbuseQuality ProgramsRisk Response
Leadership
11-15%of exam
WorkflowTrainingPoliciesChange ControlStaffing
Quick Facts
- Exam
- RHIT
- Owner
- AHIMA
- Questions
- 150 total
- Scored
- 130 scored
- Pretest
- 20 unscored
- Time
- 3.5 hours
- Pass
- 300 scaled
- Delivery
- Pearson VUE center
- Fee
- $229/$299
- Resources
- None required
- Retake
- 30-day wait
- Eligibility
- CAHIIM associate path
Domain Order
Govern, protect, analyze, bill, comply, lead
Governance biggestAnalytics ties revenueLeadership smallest
LHR vs Designated Set
LHR
- Business record
- Legal evidence
- Organization defined
Designated set
- Access scope
- HIPAA defined
- Patient rights
Evidence vs access
Record Source Picker
- Patient care proof→Legal record(Official business)
- Patient access request→Designated set(HIPAA scope)
- Changed entry→Audit trail(Integrity proof)
- Identity mismatch→MPI review(Correct linkage)
- Missing signature→Deficiency process(Completion tracking)
Exam Control
- Total
- 150 items
- Scored
- 130 items
- Pretest
- 20 random
- Time
- 3.5 hours
- Pass
- 300 scaled
- Scale
- 100-400
- Site
- Pearson VUE
- Resources
- None listed
Duplicate vs Overlay
Duplicate
- One patient
- Multiple records
- Merge needed
Overlay
- Multiple patients
- One record
- Unmerge needed
Split vs mixed
Blueprint Weights
- Governance
- 24-28%
- Privacy
- 12-16%
- Analytics
- 14-18%
- Revenue
- 14-18%
- Compliance
- 13-17%
- Leadership
- 11-15%
Record Content
- H&P
- Admission picture
- Orders
- Provider directions
- Progress notes
- Ongoing status
- Operative report
- Procedure detail
- Discharge summary
- Final summary
- Consent
- Treatment permission
- Lab
- Clinical evidence
- Problem list
- Active issues
Legal Record
- LHR
- Business record
- Designated set
- Access right scope
- Amendment
- Patient correction request
- Addendum
- New dated entry
- Late entry
- Delayed documentation
- Authentication
- Author validation
- Audit trail
- Change evidence
- Retention
- Policy plus law
Data Governance
- Stewardship
- Assigned accountability
- Standards
- Consistent definitions
- Dictionary
- Element definitions
- Metadata
- Data about data
- Integrity
- Trustworthy data
- Completeness
- All required elements
- Timeliness
- Available when needed
- Validity
- Allowed values
MPI Integrity
- MPI
- Patient identity index
- Duplicate
- One patient, two records
- Overlay
- Two patients, one record
- Overlap
- Cross-facility duplicate
- Merge
- Combine duplicates
- Unmerge
- Separate overlay
- Demographics
- Identity matching data
- Registration
- Prevention point
Coding Basics
- ICD-10-CM
- Diagnosis coding
- ICD-10-PCS
- Inpatient procedures
- CPT
- Physician procedures
- HCPCS II
- Supplies services drugs
- UHDDS
- Inpatient data set
- Principal dx
- After-study reason
- POA
- Admission timing
- Query
- Clarify documentation
ROI Flow
Request, verify, authorize, limit, track, send
Verify identityCheck authorityLog disclosure
Privacy vs Security
Privacy
- Use rules
- Disclosure limits
- Patient rights
Security
- ePHI safeguards
- Access controls
- Audit logs
Rules vs protections
Disclosure Picker
- Patient wants copy→Access right(30 days)
- Outside party asks→Authorization check(Verify scope)
- Treatment request→Permitted disclosure(Care purpose)
- Public health report→Required disclosure(Law driven)
- Curiosity access→Sanction process(Impermissible use)
Patient Rights
- Access
- Inspect or copy
- Timeline
- 30 days
- Extension
- One 30-day delay
- Amendment
- Request correction
- Accounting
- Disclosure list
- Restriction
- Limit request
- Confidential comm
- Alternate contact
- Notice
- Privacy practices
ROI Flow
- Request
- Capture scope
- Identity
- Verify requester
- Authority
- Check permission
- Authorization
- Required when applicable
- Minimum necessary
- Limit disclosure
- Sensitive data
- Extra rules
- Tracking
- Log release
- Secure send
- Protect transfer
Security Safeguards
- Administrative
- Policies risk training
- Physical
- Facility device controls
- Technical
- Access audit encryption
- Authentication
- Verify user identity
- Authorization
- Grant permitted access
- Audit controls
- System activity logs
- Encryption
- Readable only by key
- Breach
- Unsecured PHI incident
Data Quality
Accurate, complete, consistent, timely, valid
CorrectWholeSameCurrentAllowed
Primary vs Secondary Data
Primary
- Original record
- Patient care
- Source data
Secondary
- Derived data
- Registries
- Reports
Source vs derived
Analytics Picker
- Rate question→Numerator denominator(Define base)
- Trend question→Run chart(Time pattern)
- Compare facilities→Benchmark(External standard)
- Registry case→Abstracting rules(Consistent capture)
- Bad source values→Data validation(Fix quality)
Data Quality
- Accuracy
- Correct values
- Completeness
- No required gaps
- Consistency
- Same across systems
- Timeliness
- Current enough
- Precision
- Enough detail
- Reliability
- Repeatable results
- Validity
- Allowed format
- Granularity
- Right detail level
Accuracy vs Precision
Accuracy
- Correct value
- Truth matched
- Error free
Precision
- Detail level
- Specific value
- Granular
Correct vs detailed
Statistics
- ADC
- Daily census average
- ALOS
- Average stay length
- BOR
- Bed use percent
- Mortality rate
- Deaths per base
- Infection rate
- Cases per exposure
- Denominator
- Population at risk
- Numerator
- Events counted
- Case mix
- Resource intensity
Secondary Data
- Registry
- Condition-specific database
- Index
- Finding tool
- Trauma registry
- Injury data
- Cancer registry
- Tumor data
- Quality measure
- Performance metric
- Dashboard
- Visual summary
- Benchmark
- Comparison standard
- Abstracting
- Data capture
Revenue Cycle
Register, code, claim, remit, deny, appeal
Front-end dataMiddle codingBack-end denial
DRG vs APC
DRG
- Inpatient
- Principal diagnosis
- CMI impact
APC
- Outpatient
- CPT driven
- OPPS payment
Inpatient vs outpatient
Revenue Picker
- Inpatient payment→MS-DRG(Principal dx)
- Outpatient payment→APC(CPT driven)
- Missing support→Provider query(Clarify record)
- Claim rejected→Denial review(Find cause)
- Coverage question→Medical necessity(Payer rule)
Revenue Flow
- Registration
- Collect demographics
- Authorization
- Payer approval
- Charge capture
- Record services
- Coding
- Assign codes
- Claim
- Submit bill
- Remittance
- Payer response
- Denial
- Payment refusal
- Appeal
- Challenge denial
Payment Methods
- MS-DRG
- Inpatient PPS
- APC
- Outpatient PPS
- Fee schedule
- Set payment list
- Capitation
- Per member payment
- Bundled payment
- Episode payment
- CMI
- Average DRG weight
- CDI
- Documentation improvement
- Medical necessity
- Coverage support
Compliance Response
Detect, investigate, correct, educate, monitor
Confirm factsFix causePrevent repeat
Fraud vs Abuse
Fraud
- Intentional deception
- False claim
- Knowingly done
Abuse
- Poor practice
- Unnecessary cost
- No intent
Intent vs practice
Compliance Picker
- Overpayment found→Investigate scope(Confirm facts)
- Pattern risk→Focused audit(Measure exposure)
- Intent suspected→Compliance officer(Escalate)
- Known false claim→Repay disclose(Follow policy)
- Recurring error→Education plan(Prevent repeat)
Compliance Controls
- OIG
- Fraud oversight
- FCA
- False claims
- Stark
- Self-referral limits
- AKS
- Kickback prohibition
- Audit
- Compliance review
- Education
- Corrective training
- Monitoring
- Ongoing checks
- Self-disclosure
- Report misconduct
Quality Risk
- QAPI
- Quality improvement program
- RCA
- Root cause analysis
- Incident report
- Risk documentation
- Sentinel event
- Serious safety event
- Accreditation
- Standards review
- Policy
- Required process
- Procedure
- Step instructions
- Corrective plan
- Fix and monitor
Policy vs Procedure
Policy
- What required
- Rule statement
- Leadership approved
Procedure
- How performed
- Step sequence
- Operational detail
What vs how
Leadership Tools
- Staffing
- Match workload
- Productivity
- Output per input
- Budget
- Resource plan
- Training
- Build competence
- Change control
- Manage transition
- Workflow map
- Process picture
- Policy review
- Keep current
- Downtime plan
- Continuity steps
Training vs Competency
Training
- Teach process
- Provide knowledge
- Initial support
Competency
- Verify skill
- Observed performance
- Documented ability
Teach vs verify
Common Traps
Pretest items
Randomly mixed ≠ Not identified
LHR scope
Policy defined ≠ Not every datum
Minimum necessary
Need-based access ≠ Treatment exception exists
Patient access
Usually 30 days ≠ Extension documented
MPI errors
Duplicate splits ≠ Overlay mixes
Rates
Define denominator ≠ Then calculate
DRG driver
Principal diagnosis ≠ MCC CC matter
Query use
Clarify ambiguity ≠ Never lead provider
Fraud trigger
Intent matters ≠ Document support missing
Competency
Training teaches ≠ Competency verifies
Last Minute
- 1.Governance weight: 24-28%
- 2.Analytics and revenue: 14-18%
- 3.Compliance: 13-17%
- 4.Privacy: 12-16%
- 5.Leadership: 11-15%
- 6.150 items; 130 scored
- 7.Pass score: 300 scaled
- 8.LHR equals business record
- 9.Designated set drives access
- 10.Minimum necessary limits disclosure
- 11.MPI duplicate splits records
- 12.Overlay mixes patients
- 13.Rates need defined denominator
- 14.DRG inpatient; APC outpatient
- 15.Fraud requires intent
- 16.Policy says what; procedure how
Buy on Amazon
Flashcards on MometrixSame family resources
Explore More AHIMA Certifications
Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.
More From This Family
Videos and articles for deeper review.
VideoAHIMA RHIT Exam Guide 2026: Pass the HIT Exam (FREE)ArticleAAPC CPB Exam Guide 2026: Pass Certified Pro Biller (FREE)28 min readArticleAHIMA CCA Exam Guide 2026: Pass Entry-Level Coding (FREE)26 min readArticleAHIMA CDIP Exam Guide 2026: Documentation Integrity Prep10 min readArticleAHIMA RHIA Exam Guide 2026: Pass HIM Administrator (FREE)28 min read