HIPAA update: how the Health Insurance Portability and Accountability Act affects your business.What is HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, ? The Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when of 1996. The first two sets of HIPAA regulations--the Electronic Transactions and the Privacy Regulations--are finalized and the compliance deadlines for these regulations are approaching quickly. I'm an employer. Will HIPAA impact me? Yes. If you provide health benefits to your employees, you are responsible for your group health plan's compliance with HIPAA and its regulations. What is the first step I should take? Determine whether your group health plan is a "covered entity" under HIPAA. Covered entities are defined as group health plans with more than 50 participants OR plans of any size that use a third-party administrator (TPA (Transient Program Area) See transient area. TPA - Transient Program Area ). It is most likely that your plan is a covered entity. Keep in mind that both self-funded and fully insured plans Insured plans Defined benefit pension plans that are guaranteed by life insurance products. Related: Non-insured plans are covered entities and self-funded plans have more obligations than fully-insured plans. On-site medical clinics, employee assistance plans, flexible spending accounts flexible spending account, n an employee reimbursement account primarily funded with employee-designated salary reductions. Funds are reimbursed to the employee for health care (medical and/or dental), dependent care, and/or legal expenses and are and medical savings accounts  This article or section is in need of attention from an expert on the subject.Please help recruit one or [ improve this article] yourself. See the talk page for details. may also be covered entities. Information sharing See data conferencing. for workers' compensation workers' compensation, payment by employers for some part of the cost of injuries, or in some cases of occupational diseases, received by employees in the course of their work. , medical leave, preemployment physicals and disease management program purposes raise special issues. What are the Electronic Transactions Regulations? The Electronic Transactions Regulations require covered entities to use standardized formats for transactions such as electronically processing claims, checking eligibility and paying premiums. The goal of these regulations is to eliminate the 400-plus formats that the industry is currently using. Even if your TPA performs these transactions for you, you are responsible for making sure your TPA is using the standardized formats. When do I have to comply with the Electronic Transactions Regulations? The compliance deadlines are: Oct. 16, 2002, for large health plans with over $5 million per year and Oct. 16, 2003, for small health plans with less than $5 million per year. If you are a large health plan and you or your TPA cannot implement the new standardized formats on time, you must submit a compliance extension plan to the government by Oct. 15, 2002, for a one-year extension. What are the Privacy Regulations? The Privacy Regulations require covered entities to: (1) follow strict rules on how they use and disclose health information; (2) respect new privacy rights granted to individuals; and (3) implement many administrative procedures designed to protect the privacy of health information. When do I have to comply with the Privacy Regulations? The compliance deadlines are April 14, 2003, for large health plans and April 14, 2004, for small plans. Hospitals, physician organizations, HMOs and insurance companies are already implementing HIPAA. Group health plans, on the other hand, are far behind. Given the complexity of the Privacy Regulations, employers need to begin taking immediate steps to meet the deadline. What are the consequences for failure to comply with the Privacy Regulations? Violators are subject to civil and criminal penalties of a maximum of $250,000 in fines and 10 years in prison. Litigation An action brought in court to enforce a particular right. The act or process of bringing a lawsuit in and of itself; a judicial contest; any dispute. When a person begins a civil lawsuit, the person enters into a process called litigation. under other legal theories remains a risk even though the Privacy Regulations do not create a private right of action. Elizabeth O. Callahan is an associate attorney and chair of the HIPAA Task Force at the Detroit-based law firm of Butzel Long Butzel Long is a law firm based in Detroit, Michigan. The firm has over 225 lawyers and offices throughout Michigan, as well as branches New York, Washington, D.C., Florida, and China. They specialize in commercial law. , a Silver-level member of the Detroit Regional Chamber. Visit our Website at www.detroitchamber.com for a checklist of HIPAA requirements. Click "Detroiter" on our home page and go to "HIPAA checklist." |
|
||||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion