HIPAA
|
|
|
|
HIPAA is the Health Insurance Portability and Accountability Act, passed by Congress and signed by President Clinton way back in 1996. It took effect on October 16, 2000 with all aspects of its laws required to be in place on or prior to October 16, 2002. The two main areas of the new law are as stated in the name, Portability and Accountability. These refer to the ability to send electronically to all insurance companies using the same format (Portability), and building security into office procedures and office software (Accountability). Portability Portability refers to the ability to file claims electronically, check claims status electronically, receive payments electronically, and to do membership verification electronically. It means, from a computer standpoint, that every medical office/clinic/billing service should be able to: 1. Verify patient insurance in a matter of a minute
or two at any time of night or day right from your practice management software. There are other areas that are part of this group, but these are the main ones. Insurance companies will be required to accept these requests and provide these responses electronically. Many are already testing parts of these abilities. MedBil Technologies is currently part of the Beta Testing program with UHIN (Utah Health Information Network). And since the formats for these tests are done with nationally required formats as part of the new law. when it works for Utah it will work for the nation. Accountability A better word for accountability is security. Medical offices will be required to have a security officer, and written and implemented security procedures for release of patient information and patient records. Offices may find themselves liable if medical information is given out to those not authorized, even down to someone overhearing a conversation between office staff where a patient's name is mentioned out loud. Scheduling a specific appointment for a patient where others can hear about it could violate the law. Every Medical Office should be checking into the requirements for this! There are links to national HIPAA pages at the bottom of this page. Signed documents will be required from patients for any release of information to insurance filing, or for research studies. Computers will have to have much greater security. A track record of who has accessed patient records, what was printed or displayed, when and by whom, will be necessary. Offices may need to print out listings of records accessed for a specific time frame. Security will have to be in place limiting access to records to specific personnel. Notification lists may be needed for patients whose records have been/will be accessed, and audit trails of these items may be necessary for the medical offices. All data on your computers will have to be encrypted, so that someone cannot copy it off and search the data for information. These areas are still being revised and re-written, and may change a lot before enforcement of them is started. Keep checking with us or your local HIPAA guideline office. We will keep links and changes updated. Other Other changes that will affect us shortly are 1. Release of the new ICD10 diagnosis codes
to replace the ICD9 codes. The old format of XXX.XX codes will be a thing
of the past. The new format will have up to seven digits to the left of
the period, and up to 14 digits to the right. The new codes could look like
XXXXXXX.XXXXXXXXXXXXXX. (eek!) One of the best links for checking HIPAA information is UHIN, the Utah Health Information Network. Since HIPAA is a national plan, requirements shown here are for all states in the United States. Other sites include: Health and Human Services Administration Washington Publishing Company - HIPAA guides Federal Register - (Actual HIPAA rules are found here!) |