1 / 116

As HIPAA Progresses…..

As HIPAA Progresses…. …What you need to know to keep up. HIPAA Progresses. HIPAA EDI (Electronic Data Interchange) HIPAA Unique Provider & Employer ID HIPAA Security HIPAA Privacy Compliance NOA References to help you with HIPAA. HIPAA Progresses. HIPAA EDI (Electronic Data Interchange)

avery
Download Presentation

As HIPAA Progresses…..

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. As HIPAA Progresses….. …What you need to know to keep up

  2. HIPAA Progresses • HIPAA EDI (Electronic Data Interchange) • HIPAA Unique Provider & Employer ID • HIPAA Security • HIPAA Privacy Compliance • NOA References to help you with HIPAA

  3. HIPAA Progresses • HIPAA EDI (Electronic Data Interchange) • HIPAA Unique Employer ID • HIPAA Security • HIPAA Privacy Compliance • NOA References to help you with HIPAA

  4. EDI (Electronic Data Interchange) • If you use EDI it must comply with HIPAA • HIPAA does not force you to use EDI except for Medicare claims under limited circumstances

  5. EDI (Electronic Data Interchange) Why HIPAA EDI? • Prior to HIPAA EDI multiple EDI data forms • Different entities could not communicate • Delays and confusion in claims

  6. HIPAA Administrative Simplification • Sets standard data sets • Routine Care (VSP, EyeMed, CVC) • Medical Claims (Medicare, BCBS)

  7. Affects most electronic health data • Claims/Encounter submission • Payment remittance notices • Insurance eligibility • Claim status and…

  8. Additional electronic health data • Group Health enrollment • Health insurance premium payments • Other Internet health data

  9. End Result • When the data ends up at 3rd party payer it must be in HIPAA EDI format • Examples Follow: Current Method vs. HIPAA EDI

  10. Current vs. New: Authorization • Current Method • Provider seeks authorization over Internet  • 3rd Party Payer receives and replies • HIPAA EDI • Provider seeks authorization over Internet  • HIPAA compliant site or program intervenes  • 3rd Party Payer receives in HIPAA format and replies • WYNTD: Test

  11. Current vs. New: Routine Care Claims • Current Method • Provider completes web page form over Internet  • 3rd Party Payer receives and replies • HIPAA EDI • Provider completes web page form over Internet  • HIPAA compliant site or program intervenes  • 3rd Party Payer receives in HIPAA format and replies • WYNTD: Test

  12. Current vs. New: Medical Claims • Current Method • Provider’s paper data  • Billing service - Clearinghouse  • 3rd Party Payer • HIPAA EDI • Provider’s paper data  • HIPAA compliant Billing service - Clearinghouse  • 3rd Party Payer • WYNTD: Test

  13. Current vs. New: Medical Claims • Current Method • Provider’s data  • Computer program  • 3rd Party Payer • HIPAA EDI • Provider’s data  • HIPAA compliant computer program  • 3rd Party Payer • WYNTD: Test

  14. Testing NOW (yesterday!) is imperative • If you wait, you will be delayed by a traffic jam • Payment will be delayed until you comply • It is anticipated that many practitioners will not comply • It is anticipated that back-up systems will be swamped • Fax • Phone • Paper • Non-electronic filers should anticipate delays as well

  15. Contact all 3rd parties for immediate testing if: • You file claims electronically with them. • You communicate with them electronically in any way except • voice phone • paper fax

  16. Contacting 3rd parties • NOA August issue of 3rd Party Newsletter contains pages of information on what questions to ask. • Newsletter available at the NOA Website if you don’t have a printed copy

  17. Contacting 3rd parties • Respective 3rd party contact information should be available in their manual. • NOA 3rd Party HIPAA web page will contain as many contact sites as Dr. Quack can find. • Please email Dr. Quack of other sites not listed on NOA HIPAA Web page so he can add them to the list.

  18. Medicare and EDI • If you have 10 or more FTE employees you must file with Medicare via EDI • Most offices of this size already use EDI • If you have less employees you do not have to tell Medicare (no waiver needed) • No official employee counter has been appointed to Dr. Quack’s knowledge

  19. Medicare and EDI • Electronic filers should TEST as described • Delays in paper claim payments expected since more paper claims -with errors- are anticipated

  20. HIPAA EDI Bottom Line: TEST IMMEDIATELY

  21. HIPAA Continues • HIPAA EDI (Electronic Data Interchange) • HIPAA Unique ID • HIPAA Security • HIPAA Privacy Compliance • NOA References to help you with HIPAA

  22. National Identifiers • Requires standard Identifier for • Health care providers • Health-related Employers

  23. Applies to • All health plans, • All health care clearinghouses, and • Any health care providers that transmit any health information in electronic form

  24. Electronic transmissions include all media: • Magnetic tape • Disk • CD media

  25. Transmissions include • Internet • Extranet • Leased lines • Dial-up lines • Private networks.

  26. Not Included • Telephone voice response • “Fax back” systems

  27. Estimated time of implementation: • Mid-2004 (Dr. Quack wonders…)

  28. Action needed at this time: • None

  29. HIPAA Continues • HIPAA EDI (Electronic Data Interchange) • HIPAA Unique Employer ID • HIPAA Security • HIPAA Privacy Compliance • NOA References to help you with HIPAA

  30. HIPAA Security and Electronic Signature Standards • Requires health care information be protected to ensure privacy and confidentiality when electronically • stored, • maintained, or • transmitted.

  31. HIPAA Security and Electronic Signature Standards • The proposed security standards also specify a standard for electronic signature • …but does not require the use of an electronic signature

  32. Applies to • All health plans, • All health care clearinghouses, and • Any health care providers that transmit any health information in electronic form

  33. Electronic transmissions include all media: • Magnetic tape • Disk • CD media

  34. Transmissions include • Internet • Extranet • Leased lines • Dial-up lines • Private networks.

  35. Not Included • Telephone voice response • “Fax back” systems

  36. Estimated time of implementation: • 2005

  37. Action required at this time: • None

  38. HIPAA Continues • HIPAA EDI (Electronic Data Interchange) • HIPAA Unique Employer ID • HIPAA Security • HIPAA Privacy Compliance • NOA References to help you with HIPAA

  39. HIPAA PRIVACY What do we do now? • Dr. Quack has been receiving many Questions regarding HIPAA Privacy • Some show fear and over-reaction • Others reflect lack of compliance • ERGO: • 15 Minute review of HIPAA Privacy basics • For those that already understand, please be patient!

  40. HIPAA PRIVACY What do we do now? • Read aloud your Notice of Privacy Practices at staff meetings once a quarter. • Follow it with a HIPAA discussion of • reasonable safeguards • minimum necessary • Your Privacy Officer should review and update your HIPAA Privacy Manual once a quarter.

  41. OCR Guidance • Privacy Rule permits certain incidental uses & disclosures of PHI when the covered entity uses • reasonable safeguards • minimum necessary policies & procedures

  42. Reasonable Safeguards • Speaking quietly when discussing a patient’s condition with family members in a waiting room or other public area; • Avoiding using patients’ names in public hallways & elevators

  43. Reasonable Safeguards • Posting signs to remind employees to protect patient confidentiality; • By supervising, isolating, or locking file cabinets or records rooms; • By providing additional security, such as passwords, on computers maintaining personal information.

  44. More Safeguards • Ask waiting customers to stand a few feet back from a counter used for patient counseling. • Use of cubicles, dividers, shields, curtains, or similar barriers where multiple patient-staff communications routinely occur

  45. OCR Guidance • Privacy Rule permits certain incidental uses & disclosures of PHI when the covered entity uses • reasonable safeguards • minimum necessary policies & procedures

  46. Minimum Necessary Rule • Requires limit of access to PHI, based on needs to perform job duties. • Unimpeded access to PHI, where not necessary for the job at hand, is not applying the minimum necessary standard. • Any incidental use or disclosure that results from not applying the Minimum Necessary Standard would be an unlawful.

  47. Minimum Necessary Rule • The minimum necessary standard does not apply to disclosures, including oral disclosures, among health care providers fortreatment purposes

  48. FAQs Frequently Asked Questions….

  49. OCR Guidance FAQs....... confidential conversations • Q: Can health care providers engage in confidential conversations with other providers or with patients, even if there is a possibility that they could be overheard? • A: Yes, when using reasonable safeguards.

More Related