130 likes | 355 Views
HIPAA COMPLIANCE. WHAT YOU NEED TO KNOW ABOUT “HIPAA”. WHAT IS HIPAA?. Health Insurance Portability & Accountability Act of 1996 (Federal Law). New rules to safeguard employees’ Protected Health Information (PHI).
E N D
HIPAA COMPLIANCE WHAT YOU NEED TO KNOW ABOUT “HIPAA”.
WHAT IS HIPAA? • Health Insurance Portability & Accountability Act of 1996 (Federal Law). • New rules to safeguard employees’ Protected Health Information (PHI). • Mandates the development of national standards and requirements to enable the electronic exchange of certain PHI.
EXAMPLES OF PHI • Explanation of Benefits (EOB) • Doctor’s Certification • Copies of anything pertaining to hospital and medical benefits; medical, dental, reimbursement accounts and vision.
Who must comply with HIPAA? • “Covered Entities” – organizations bound by the privacy standards were required to comply by April 14, 2003. • A Health Plan. • A Health care clearinghouse. • A Health care provider who transmits any health information in electronic form. Examples: medical, dental & flexible spending accounts (health care reimbursement)
How do we comply with HIPAA? • The privacy rule requires covered entities to make reasonable efforts to limit use and disclosure of PHI to the fewest people necessary. • ONLY the information obtained or created by MDC’s health plan will be regulated by the HIPAA requirements. • PHI specifically excludes “employment records.”
What is our Role with HIPAA? • Treat PHI as Private and Confidential. • Do not transmit or communicate such PHI to anyone other than the employee, unless we have the employee’s written permission to do so. • When responding to an email containing PHI, Do Not copy anyone. • Follow a few simple procedures to ensure compliance with the new rule.
The College’s Role with HIPAA • The College’s… • practice is to treat employees’ personal information with confidentiality. • Policy II-81A was established to ensure that MDC complies with HIPAA regulations. www.MDC.edu/policy/Chapter2/02-II-81A.pdf • systems do not access, use or disclose Protected Health Information [PHI].
To Whom should PHI requests be referred? • Requests from the employee for their own PHI – refer to Cigna • Requests for PHI from other than the person who is the subject of information – refer to Cigna • If unsuccessful with Cigna – refer to Janik Collin, Benefits Dept. for assistance with claims. Fax requests & authorization to (305) 237-0322 or email jcollin@mdc.edu
Summary • HIPAA is a Federal law that protects employees’ health information. • MDC only contracts with providers that comply with HIPAA regulations.