Overview

The Health Insurance Portability and accountability Act of 1996 was intended to provide for the waiver of pre-existing provisios for persons who move from one employer to another. In the enacted law, "Administrative Simplification" provisions were added. These include: Transaction Code Sets, Security, and Privacy.

Transaction Code Sets Provisions

Transaction provisions require standardization of electronic formats for the transmission of clains, electronic remittance advice, eligibility, authorization, pharmacy information, enrollment information, benefits, and first notice of claim. Eventually, reimbursement will also be made electronically which should facilitate the efficiency of your office. Electronic eligibility information will simplify claims submission and help to insure payment. Insurers report that 30-40% of rejected claims are for missing or inaccurate member ID numbers. Physicians will soon be able to track claims submitted electronically in real time.

Transaction Codes Sets provisions were recently extended to October, 2003.

To get the extension, you must apply for it by October 16, 2002.

 

Privacy Regulations

Regulations governing privacy of patient identifiable health information become effect on April 14, 2003. You need to take reasonable measures to control the privacy of patient's healthcare information under these new regulations. Physicians do not need to remodel their offices to meet the privacy requirements. The U.S. Dept. of Health and Human Services recognizes that privacy of health information cannot be absolutely guaranteed. The privacy regulations state that whatever administrative processes are used by the physician to implement this regulation can be flexible and fit the physician's individual circumstances. Not all privacy programs will be the same. The AOA HIPAA privacy manal provides a more detailed discussion of these requirements.

HHS

Beginning a compliance program

• Appoint a privacy official

• Conduct a risk assessment and gap analysis for current privacy policies and procedures

• Inventory the protected health information in your practice.

• Inventory your business associates - attorneys, accountants, data processing, transcription, billing companies, and practice management companies.

• Conduct an assessment of applicable state law.

• Gather and compare existing confidentiality agreements.

• Coordinate employee education and begin privacy awareness training.

• Gather and compare your existing privacy policies and procedures

A free HIPAA privacy compliance manual is available on DO-Online and contains a step-by-step approach to compliance. It also contains a plan to review a practice's current privacy procedures for patient's medical records and other patient health information to determine what additional procedures need to be implemented to be in compliance. Model forms for patient consent and autorization, forms to track releases of patient information and a model business associate contract are also included in the manual; all materials can be downloaded and printed with the name of your practice.

Becoming more aware of how health information is currently handled in your office is a start. You and your staff probably can handle any modifications needed to comply with the privacy regulations. Hiring a consultant to bring your office into compliance with HIPAA should only be done after a review of the free AOA manual. At this time the AOA manual covers only the HIPAA privacy regulations, but when the HIPAA security regulations are issued in final form, a security supplement will be issued.

For questions about the AOA HIPAA manual, contact Janet Horan, JD, Director, AOA Division of Socioeconomic Affairs at (800) 621-1773, extension 8187 or by email at jhoran@aoa-net.org

General questions about HIPAA may be posted to the DO-Online Practice Management Discussion Board and will be answered by the AOA staff.