by ProgressOhio

HIPAA-Healthcare Insurance Portability And Accounting Act: Part II

HIPAA-Healthcare Insurance Portability And Accounting Act: Part II

    Among the first endeavors was an effort to develop a national identification and data base system, using your social security number for all healthcare transactions. This would have allowed the federal government to track all health care transactions of every person in the United States.

Specifically 1995: HR-560, HR-756 and HR-1080 all sought to grant the federal government the means to tracking health care information. Most recently HIPAA, the Healthcare Insurance Portability And Accountability Act, signed by President Bush in April of 2001 seems to expand the accessibility of personal and medical information to federal and state law enforcement and can pre-empt state law. HIPAA is a very complex law and will in all probability have many legal challenges along its path for full implementation by April of 2003. Within HIPAA, which addresses privacy issues, confidentiality and medical records has regulatory categories there are different time frames when each category is to be implemented, which include:

 1. Transaction Standards: Effective 10/2002. This category deals with the method of electronic transmission of healthcare information through the use of specific management and HIPAA compliant software. Health information is any information, whether oral, recorded, or written in any form created or received by the healthcare provider, and relates to past, present or future physical, mental health or condition of the individual. It is also any past, present or future payment of the of healthcare to an individual. Subsection 160.202 of HIPAA.

 2. Code Sets: This category deals with reducing the need for a multi coding system through the use of ICD-9 (diagnosis) and CPT-4 (treatment) codes. Once HIPAA regulation takes effect, local codes may no longer be used, but there may be a national standard coding system used by all providers.

 3. Electronic Signatures: This category deals with your signature for electronic transmission of health information. This electronic signature will carry the same legal weight as you original hand written signature.

 4. Health Identifiers: Early formative stages. This category deals with the creation of a national identification system and may replace your UPIN number to identify the healthcare provider.

 5. Privacy Standards: Effective date up to 4/2003 with alterations. This category deals with individual identifiable health information, including demographic information collected from a individual and is created or received by a healthcare provider. It relates to the past, present or future physical or mental health or condition of the individual/patient. It includes, but not limited to chart notes, billing records, payment records, complete patient charts, all correspondence, all electronic information both written and oral. The provider must above all protect patient information and always obtain a consent and or authorization from the patient before releasing records or use patient information for other uses. There are exceptions, such as workers compensation, subpoenas and court orders necessary to comply with state laws. In addition, health information that does not identify an individual and there is no reasonable basis to

believe that the information can be used to identify the individual is another example of an exception. Found under: HIPAA subsection 164.514 and 164.514(1).

 6. Security Standards: Draft form only to date. This category deals with electronic and all

computer security to include your physical office place where patient files are stored. It may become necessary to modify your office to be compliant with record security.

 Pre-Exemption: HIPAA, being a federal law, would normally pre-empt state law. However due to the complexity and the gray areas of HIPAA, it may become necessary to blend both federal and state law. HIPAA does have a provision that says: “If your state law is more stringent then federal law, state law would apply”. In order to determine this, all state confidentiality, privacy regulations and all required statutes that deal protection of health information must be compared to HIPAA law. If state law is more stringent (gives more privacy protection), it prevails. When state law is less stringent, that is, does not give the same level of privacy protection as HIPAA, then states are bound to follow federal HIPAA laws. However the state may petition the Department of Health and Human Services for an exemption. This must be done in writing and show a comparison of state law vs. federal HIPAA law. The explanation must be detailed and show what negative effects submitting to HIPAA would have on the state. There are some state laws that do pre-empt HIPAA, which include laws necessary to prevent fraud and abuse and ensure state regulations of insurance and health plans, workers

Pages: 1 2