HIPAA Health Insurance Portability and Accountability Act of 1996: everything you always wanted to know but were afraid to ask!The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when of 1996 was signed into law on August 21, 1996 by then President Bill Clinton. It's many provisions were designed to make health insurance more affordable and accessible. Congress included provisions in HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, to require Health and Human Services Noun 1. Health and Human Services - the United States federal department that administers all federal programs dealing with health and welfare; created in 1979 Department of Health and Human Services, HHS (HHS HHS Department of Health and Human Services. ) to adopt national standards for certain electronic health care transactions, codes, identifiers and security. These rules may have a profound impact on healthcare organizations. At a minimum, organizations must ensure that they have written policies and procedures Policies and Procedures are a set of documents that describe an organization's policies for operation and the procedures necessary to fulfill the policies. They are often initiated because of some external requirement, such as environmental compliance or other governmental , training programs for staff, and methods in place to communicate with patients and ensure that their protected health information protected health information Health informatics Any individually identifiable health informatlon that is used or circulated by an entity that falls under the governance of HIPAA; the privacy regulations mandate safeguards for protected health information, and the is kept private and confidential. The Structure of the Law HIPAA is comprised of five Titles: Title I: Portability (medical plans only), Title II: Fraud and Abuse, Subtitle F: Administrative Simplification, Title III Title III Program is a U.S. Federal Grant Program to improve education History The Title III Program began as part of the Higher Education Act of 1965, which sought to provide support to strengthen various aspects of the schools through a formula grant program to accredited, : Tax Related, Title IV: Group Health Plans and Title V: Revenue Offsets. Dental Health care providers (as well as health plans, hospitals, etc.) are governed by the provisions in Title II, Subtitle F. Covered Entities: those who must comply with HIPAA are health plans, healthcare clearinghouses (third party insurance), software vendors and healthcare providers (including pharmacies) who conduct certain financial and administrative transactions electronically, such as eligibility, referral authorizations and claims. Offices should contact their software vendor/clearinghouse to make sure they are compliant and determine if the office will need a software upgrade. Title II Fraud and Abuse, Subtitle F: Administrative Simplification. The Fraud and Abuse Control Program created under the Attorney General and Secretary of Health and Human Services Noun 1. Secretary of Health and Human Services - the person who holds the secretaryship of the Department of Health and Human Services; "the first Secretary of Health and Human Services was Patricia Roberts Harris who was appointed by Carter" acts to conduct investigations, audits and evaluations relating to relating to relate prep → concernant relating to relate prep → bezüglich +gen, mit Bezug auf +acc delivery of health and payment for healthcare. It provides guidance on fraudulent practices and establishes a national data bank. Subtitle F mandates electronic claims filing by developing 1) Standard Healthcare Transaction and Code Set (effective 10/16/2002 or file for an extension, see below), 2) Patient Privacy Standard (effective 4/14/2003), 3) Information System Security Standard and 4) National Standard Healthcare Provider Identifier. In short, the purpose of Administrative Simplification is to streamline the processing of health care claims, reduce the volume of paperwork and provide better service for providers, insurers and patients. It is estimated that by eliminating inefficient paper forms and encouraging the use of electronic transactions, the health care industry will realize a savings of $29.9 billion over a ten year period. Standard Health Care Transaction and Code Set: by standardizing data content, codes and electronic formats, all health plans will be required to accept these standard electronic claims, referral authorizations and other transactions. In order to apply for an extension, you must submit a plan for achieving compliance by the new deadline. The model plan is available at http://www.cms.gov/hipaa. Patient Privacy Standard: the final modifications to the rule was published on August 14, 2002 in the Federal Register and was enacted to protect the confidentiality of medical records and other personal health information. The rule limits the use and release of individually identifiable health information; gives patients the rights to access their medical records; restricts most disclosure of health information to the minimum needed for the intended purpose; and establishes safeguards and restrictions regarding disclosure of records for certain public responsibilities such as public health, research and law enforcement. In other words Adv. 1. in other words - otherwise stated; "in other words, we are broke" put differently : * patients must give specific authorization before covered entities can use or disclose protected information for most non-routine circumstances. * covered entities must provide patients with written notice of their privacy practices and patient's privacy rights. * covered entities must first obtain an individual's specific authorization before sending them marketing materials. However, the rule permits free communication with patients about treatment options and other health related information. * covered entities may not sell, trade, share or otherwise release patients' names to a business for the purposes of marketing. * consents for release of information and use of health information will have to be more specific about what and how much information is released. * offices will need to obtain written authorization from patients permitting the office to leave messages for them on their personal answering devices * while locking file cabinets are not necessary, offices need to evaluate where patient charts are stored and who has access to those charts. Offices may utilize patient sign in sheets, post daily schedules in operatories and conduct health related or business related conversations with patients in a semi-private setting as long as the office has made every reasonable attempt to comply with the final privacy rule. Detailed information regarding the privacy rule can be found at http://www.hhs.gov/ocr/hipaa or www.hhs.gov/ocr/hipaa/finalreg.html Employer Identifier: In the past, health plans and providers may have used different ID numbers for a single employer in their transactions, increasing the time and cost for routine activities such as health plan enrollments and health plan premium payments. In May 2002, HHS issued a final rule to standardize the identifying numbers assigned to employers in the health care industry by using the existing Employer Identification Number Applicable to the United States, an Employer Identification Number or EIN (also known as Federal Employer Identification Number or (FEIN)) is the corporate equivalent to a Social Security Number, although it is issued to anyone, including individuals, who has to pay (EIN EIN Employer Identification Number EIN Employee Identification Number EIN European Ideas Network (think tank) EIN Environmental Information Network EIN Equivalent Input Noise EIN Elderhostel Institute Network ). Any employer that pays wages to employees already has an IRS-issued EIN. National Provider Identifier National Provider Identifier Medicare A unique 8 character ID assigned by the National Provider System to providers/suppliers who bill for services or goods. See Medicare Identification Number, NSC, OSCAR, UPIN. : Standards are being developed by HHS for health care providers to obtain a unique identifier With reference to a given (possibly implicit) set of objects, a unique identifier is any identifier which is guaranteed to be unique among all identifiers used for those objects and for a specific purpose. when filing electronic claims with public and private insurance programs. This identifier would be assigned to and forever belong to the individual provider. Currently, health care providers are assigned different ID numbers by each different private health plan. By standardizing the Provider Identifier the result will be to eliminate slower payments, decrease health care costs and coordinate the efforts of the providers and the health plans. Summary * Organizations must obtain a copy of the final privacy rule. For those organizations that have acted in advance and developed policies it will be necessary for them to assess and revise these policies as indicated. * Develop and post a notice of the organizations privacy practices and patient's privacy rights. * Develop and implement a mechanism in which patients would be asked to sign an acknowledgment of receipt of the privacy notice, which would become part of the patient's treatment record. * Offices will be required to provide evidence that staff has been trained on the organization's privacy policies procedures, patient's privacy rights and the consequence of violating established policies and procedures. This training should become part of the employee initial orientation. * Develop a log to be kept in each patient's record to document release of information. This includes any element of the patient's medical record released to a third party (sexual abuse, substance abuse, health issues, etc.). This document should be reviewed with legal counsel. * Develop a log to be kept in each patient's record to document patient authorization to leave messages on personal answering devices By ensuring consistency throughout the industry, these national standards will make it easier for health plans, doctors, dentists and hospitals to process claims and other electronic transactions efficiently and effectively. GLOSSARY HHS--Health and Human Services OCR--Office For Civil Rights HIPAA--Health Insurance Portability and Accountability Act There are a number of piece of legislation known as the Accountability Act:
CMS--Center for Medicare/Medicaid Services EIN--Employer Identification Number (issued by the IRS An abbreviation for the Internal Revenue Service, a federal agency charged with the responsibility of administering and enforcing internal revenue laws. ) Sources www.hhs.gov/ocr/hipaa/finalreg.html http://www.hhs.gov/news/press/2002pres/20020809a.html http://aspe.hhs.gov/admnsimp http://www.cms.gov/hipaa http://hhs.gov/ocr/hipaa http://www.hhs.gov/news References HHS Fact Sheet 2002.08.09 Statement by HHS Secretary Tommy G. Thompson HHS Fact Sheet 2002.08.02 Patient Protection HHS Fact Sheet 2002.08.21 Administrative Simplification Under HIPAA OCR OCR in full optical character recognition Scanning and comparison technique intended to identify printed text or numerical data. It avoids the need to retype already printed material for data entry. Privacy of Health Records MedSafe Executive Insights: HIPAA Impact MedSafe In the News: HHS Issues First Major Protections for Patient Privacy ODA ODA - Open Document Architecture (formerly Office Document Architecture). Newsletter April 2002 Volume 7, Number 11 Robin M. Caplan, CDA (1) (Compact Disc Audio) The compact disc file extension that is seen on the computer in Explorer or some other file manager. CDA files are actually pointers to the locations of the individual tracks on the CD medium. See CD-DA. , is a technical specialist for Total Compliance Solutions, Inc of Wayland, MA, OSHA OSHA n. Occupational Safety and Health Administration, a branch of the US Department of Labor responsible for establishing and enforcing safety and health standards in the workplace. compliance specialists. She was educated at Community College of Baltimore and Towson University in the area of community health and authored an instructors manual to accompany Delmar Publishing's book Dental Assisting--A Comprehensive Approach. At this time she serves her profession as president of the Maryland Dental Assistants Association as well as being ADAA ADAA Anxiety Disorders Association of America ADAA American Dental Assistants Association ADAA Art Dealers Association of America (since 1962; New York City, NY, USA) ADAA Aberdeen and District Angling Association Third District Trustee. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion