HIPAA Deadline Quickly Approaching....Small Health Plans Must Comply With HIPAA by April 14, 2004
In today's world of acronyms and compliance mandates, we know it can be hard to keep HIPAA straight from hippos. We offer the following synopsis to help you and your business understand the Health Insurance Portability and Accountability Act (HIPAA).
(PRWEB) March 14, 2004
In todayÂs world of acronyms and compliance mandates, we know it can be hard to keep HIPAA straight from hippos. We offer the following synopsis to help you and your business understand the Health Insurance Portability and Accountability Act (HIPAA).
What Is HIPAA?
Enacted in August of 1996, HIPPA established rules to combat waste, fraud and abuse, improve portability of health insurance coverage, and simplify administration of healthcare. By establishing consistent industry standards, HIPPA makes it easier for health plans, doctors, hospitals, and other health care providers to process transactions electronically. Enforcement of the requirements is the responsibility of the Office for Civil Rights (OCR).
Who Does HIPAA Affect?
HIPAA covers three groups:
Healthcare practices, and any business that sponsors a health plan that transmits ANY patient information digitally or uses a billing service that electronically administers claims. Health benefit plans (except those that are self-administered and cover fewer than 50 participants). Clearinghouses that supply services to convert transactions to required formats for healthcare practices and benefit plans.
What Is a Small Health Plan?
A small health plan is one that collects less than $5 million annually. Dental, vision, medical, and long term care are all health benefit plans. A fully insured plan that collected premiums of less than $5 million in the planÂs last full fiscal year is a small health plan and, if not self-administered, or if more than 50 participants are covered, is subject to HIPAA as of April 14, 2004. If more than $5 million was collected, then it is a large plan, subject to the earlier deadline of April 14, 2003. If you missed the deadline, please call us immediately; we can help you minimize your exposure or liability.
What Are the Deadlines for Compliance?
The HIPAA administrative simplification was finalized April 14, 2001. Most health plans, clearinghouses and health care providers who engage in certain electronic transactions were given two years (to April 14, 2003) from the time the final regulation took effect to comply with the HIPAA standards. Small health plans were given three years to comply Â a deadline of April 14, 2004.
What Does HIPAA Require of Health Plans?
Health Plans are covered by Title II. This section mandates rules for maintaining the privacy of protected health information establishes security requirements to protect that information and publishes, documents, requires standard identifiers for Electronic Data Interchange.
The Department of Health and Human Services (HHS) established the final privacy rules to provide health care recipients with:
The right to review and copy their health information. The right to request an amendment of their health information. The right to receive a reporting of disclosures of their health information. The right to request disclosure restriction of their health information. The right to request alternative methods of communication of their health information.
What Do You Need To Do?
The privacy rule contains five necessary responsibilities for a small health plan to meet by the April 14 deadline. Plans must:
1. Provide information to participants about their privacy rights and how their information can be used.
2. Adopt clear privacy procedures.
3. Train all employees in the planÂs privacy procedures.
4. Designate an individual to be held responsible for enforcing privacy procedures.
5. Secure all patient records and individually identifiable health information.
Who Can Help?
With the April 14 deadline quickly approaching, now is the time to act. Sifting through the requirements of HIPAA is not a simple task and is one that takes time and effort. The good news: help is out there. The United States Department of Health and Human Services, Office for Civil Rights (OCR), provides in-depth explanations of HIPAA under the Privacy of Health Information / HIPAA feature at www. os. dhhs. gov/ocr/hipaa/ (http://www. os. dhhs. gov/ocr/hipaa/).
Additionally, experienced professionals, fully aware of these requirements and conversant with pertinent laws, rules and regulations pertaining to HIPPA, are available. Our team has developed an effective procedure to bring your company into compliance, including:
Evaluating your current practices, policies and procedures in light of HIPAA privacy legislation Preparing a gap analysis Constructing implementation plans Providing specimen policies, procedures and resources Assisting with implementation We have worked with a number of companies to meet their needs and complete the compliance requirements in a timely, cost efficient manner.
# # #
About Bill Wagnon, CPC
As a senior auditor with the Privacy and Security team of Brown Smith Wallace Consulting Group, Bill specializes in IT Security and Controls Reviews and Regulatory Compliance (i. e. HIPAA, Sarbanes-Oxley). BillÂs expertise can help determine the appropriateness of the methods by which an organization controls physical and logical access to your buildings and systems. Bill also reviews change management processes and can assess your compliance with legislative requirements. Bill earned a BS, Personnel Psychology at the University of Illinois and holds the Certified Pension Consultant designation from the American Society of Pension Actuaries (ASPA). His association memberships include the Institute of Internal Auditors (IIA), Information Systems Audit and Control Association and Healthcare Information and Management Systems Society (ISACA). On A Personal Note: Bill, his wife, Chris, and their children, Benjamin and Elizabeth, reside in Richmond Heights, Missouri.
About Brown Smith Wallace Consulting Group
St. Louis based Brown Smith Wallace Consulting Group, founded in 1976, is a leader in the strategic use of technology to create competitive advantage. While other firms may bring answers based on their experience, we use our experience to help our clients find the unique answers to their unique situations.
At Brown Smith Wallace we make a measurable difference in our clientsÂ lives. We do this by making sure that our clients get more than just a good return on their investment. Our staff works to find hidden value, we look where others forget, we bridging gaps to form long lasting relationships, we are accessible and by guarantee our work in writing. For more information visit www. bswllc. com.
EDITORS NOTE: Permission to reprint is hereby given to all print, broadcast and electronic media provided that the contact information at the end of each article or quotation is included in your publication. Permission is also granted for reasonable editing, including article title change and customizing for your audience/industry. Please send a copy of the published information to: Brown Smith Wallace, Media Placement, 1050 N. Lindbergh Blvd., St. Louis, MO 63102