1 / 18

6th National HIPAA Summit

6th National HIPAA Summit. JCAHO and NCQA and HIPAA Business Associates Friday, March 28, 2003. The Players. Sue Miller, Moderator HIPAA Certified LLC Co-chair WEDI SNIP SPWG Chair Advisory Committee, NCQA, Business Associate Privacy Certification Program

mrinal
Download Presentation

6th National HIPAA Summit

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 6th National HIPAA Summit JCAHO and NCQA and HIPAA Business Associates Friday, March 28, 2003 HIPAA Certified LLC www.HIPAAcertified.com

  2. The Players • Sue Miller, Moderator • HIPAA Certified LLC • Co-chair WEDI SNIP SPWG • Chair Advisory Committee, NCQA, Business Associate Privacy Certification Program • Patricia Pergal, JD, Director Program Compliance, NCQA • Anthony J. Tirone, JD, Director, Federal Relations, JCAHO HIPAA Certified LLC www.HIPAAcertified.com

  3. What is HIPAA ? • Health Insurance Portability and Accountability Act • aka “Kennedy-Kassebaum Act” • Adopted August 21, 1996 HIPAA Certified LLC www.HIPAAcertified.com

  4. Why HIPAA ? • Improve efficiency and effectiveness of healthcare through standardization of all shared electronic information • Protect the privacy and security of patient information stored and exchanged electronically • Reduce the cost of exchanging information among healthcare partners HIPAA Certified LLC www.HIPAAcertified.com

  5. What does HIPAA apply to? • Health Insurance Portability • Standards for Electronic Claims Submission • Privacy and Security Protection HIPAA Certified LLC www.HIPAAcertified.com

  6. Who does HIPAA apply to? • Applies to Covered Entities • Health care providers who transmit any health information in electronic form • Health plans • Health care clearinghouses HIPAA Certified LLC www.HIPAAcertified.com

  7. HIPAAeze (speak the language) • PHI – Protected Health Information = demographic, clinical & financial information • medical record • x-rays • insurance information • demographic intake sheets • transmitted by, maintained in electronic media • transmitted by, maintained in any other form or medium HIPAA Certified LLC www.HIPAAcertified.com

  8. HIPAAeze (speak the language) • CE – Covered Entity = Doctor, Dentist, Hospital • BA – Business Associate = Accountant • P&P – Policies & Procedures = staff rules and practices • NPP – Notice of Privacy Practices = how use PHI • TPO – Treatment, payment & health care operations HIPAA Certified LLC www.HIPAAcertified.com

  9. When did HIPAA Happen? Transaction and code sets published August 17, 2000 • Effective Date Transaction and Code Sets October, 2002 • With Extension Implementation date: October 2003 Privacy Rule published December 28, 2000 • August 14, 2002 PMFR • Implementation date: Privacy Rules April 14, 2003 HIPAA Certified LLC www.HIPAAcertified.com

  10. When did HIPAA Happen? Data Security published February 20, 2003 • Implementation date: April 21, 2005 National Employer Identifier published May 31, 2002 • Implementation date: July 30, 2002 HIPAA Certified LLC www.HIPAAcertified.com

  11. Yet to Come • Claims Attachments • Unique Identifiers • National Provider Identifier (NPI) • Health Plan Identifier • Enforcement HIPAA Certified LLC www.HIPAAcertified.com

  12. HIPAA Covers • Paper • Oral • Electronic Transmissions HIPAA Certified LLC www.HIPAAcertified.com

  13. HIPAA Privacy Penalties Civil • Not more than $100 for each violation • No more than $25,000 for all violations of identical type during calendar year • “Loss of reputation” HIPAA Certified LLC www.HIPAAcertified.com

  14. HIPAA Privacy Penalties Criminal • Improper use of unique health identifiers, or • Improperly obtaining or disclosing individual health information are • subject to maximum of both: • Knowingly $ 50,000 1 year • False pretenses $100,000 5 years • For profit, gain or harm $250,000 10 years HIPAA Certified LLC www.HIPAAcertified.com

  15. Business Associate Definition • Does a CE function • Does a function per privacy regulation • Other than workforce • lawyer • data aggregator HIPAA Certified LLC www.HIPAAcertified.com

  16. Disclosures to Business Associate A covered entity may disclose PHI to a business associate with documentation of satisfactory assurances by written contract HIPAA Certified LLC www.HIPAAcertified.com

  17. Business Associate Contract • PMFR: sample business associate contract provisions • Make available PHI per 164.524, 164.526, 164.528 • Internal books and records open for review • Termination of contract HIPAA Certified LLC www.HIPAAcertified.com

  18. WARNING: Dangerous HIPAA! Please Keep Her Quiet By Keeping All Health Information Confidential HIPAA Certified LLC www.HIPAAcertified.com

More Related