HLT 162 - Selected Topics in Health Science : Hiller: HIPAA

To improve the efficiency and effectiveness of the health care system, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, included Administrative Simplification provisions that required the Department of Health and Human Services (HHS) to adopt national standards for electronic health care transactions and code sets, unique health identifiers, and security. At the same time, Congress recognized that advances in electronic technology could erode the privacy of health information. Consequently, Congress incorporated into HIPAA provisions that mandated the adoption of Federal privacy protections for individually identifiable health information.

Following the passage of HIPAA, two additional laws have been enacted that add requirements to HIPAA and strengthen various aspects of administrative simplification. These laws are:

• Health Information Technology for Economic and Clinical Health Act (HITECH) enacted as part of the American Recovery and Reinvestment Act of 2009 (ARRA)
  Subtitle D of the HITECH Act addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules.
• Patient Protection and Affordable Care Act of 2010 (ACA)
  ACA builds upon HIPAA with new and expanded provisions, including requirement to adopt operating rules for each of the HIPAA covered transactions; a unique, standard Health Plan Identifier; and a standard for electronic funds transfer. ACA requires that health plans certify their compliance with the standards and operating rules, and increases penalties for noncompliance.
  -AMA Website

One of your first duties as a student is to "activate" your BCC Campus card...aka...student ID.  Why?  Well, once activated, the back of your library card, the barcode (22777...) becomes your accessPass to the libraries resources from home, or for that matter wherever you are that has a internet connection and a device to load it.

If you are trying to access books or online books, please type in the barcode from the back of your activated BCC Campus card.  This will ensure remote access.

To access Films on Demand

BCC Libraries provides access to a collection of streaming videos specific for anatomy topics. Below is a brief description of the selected titles and instructions on how to access. Please visit the database Films On Demand for further streaming videos on your topic.

Films On Demand videos are accessible on campus and off campus with a valid BCC Campus card activated at the library. If the barcode on the back of your ID is not working (22777...) please visit the Library at any of the three campuses to activate.

Any questions please email me @ Melanie Johnson.

HIPAA:
Acronym that stands for the Health Insurance Portability and Accountability Act, a US law designed to provide privacy standards to protect patients' medical records and other health information provided to health plans, doctors, hospitals and other health care providers. Developed by the Department of Health and Human Services, these new standards provide patients with access to their medical records and more control over how their personal health information is used and disclosed. They represent a uniform, federal floor of privacy protections for consumers across the country. State laws providing additional protections to consumers are not affected by this new rule. HIPAA took effect on April 14, 2003.

The Case for HIPAA Risk Assessments
A comprehensive security risk assessment is an important and necessary strategy for health care organizations in identifying gaps in their privacy and security environments. Though risk assessments alone do not directly mitigate data breaches, they can help to significantly decrease risk exposure by enabling an organization to know exactly where its protected health information resides and how it is handled. This program covers the reasons for a HIPAA risk assessment, explores both HITECH and HIPAA enforcement, and considers real-world examples of mistakes made by covered entities and what it cost them. Designated for 3 contact hours of continuing nursing education. Run Time: 35 minutes

The Auditors Are Coming: How to Prepare for an OCR Audit
All health care practitioners now face HIPAA-HITECH enforcement. Many experience the HITECH-mandated Office for Civil Rights (OCR) audits as intimidating, nerve-racking, and in other ways stressful. This program empowers practitioners with vital information as they prepare for the inevitable audit. Attorney James M. Barclay provides an insightful look at the OCR audit process by covering the following topics: reasons for self-audits, sources that generate an audit, how to form an audit team (and who should be on it), the categories of an audit, what the audit team will look for, the steps involved in conducting an audit, documentation requirements, and the review process of an OCR audit. Finally, Barclay walks viewers through one portion of an actual OCR audit. Run Time: 29 minutes

Transactions are electronic exchanges involving the transfer of information between two parties for specific purposes. For example, a physician will send a claim to a health plan to request payment for medical services. HIPAA adopted certain standard transactions for electronic data interchange (EDI) of administrative health care data. Under the Health Insurance Portability and Accountability Act (HIPAA), if a covered entity conducts one of the adopted transactions electronically, they must use the adopted standard. Covered entities must adhere to the content and format requirements of each transaction. Under HIPAA, the Department of Health and Human Services (HHS) also adopted specific code sets for diagnoses and procedures to be used in all transactions, including the Current Procedural Terminology (CPT®) (outpatient services/procedures), the Health Care Procedure Coding System (HCPCS) (ancillary services/procedures), International Classification of Diseases, Ninth Revision (ICD-9) (diagnosis and hospital inpatient procedures), and ICD-10 (as of October 1, 2015).

Version 5010 electronic transactions
"5010" is the current adopted version of the HIPAA standard transactions.

ICD-10 code set
ICD-10 codes will replace ICD-9 diagnosis codes for use in outpatient and inpatient settings and will replace ICD-9 procedure codes for inpatient settings beginning October 1, 2015. CPT codes will remain the codes used by physicians for reporting procedures in outpatient settings.

New standards
The Affordable Care Act (ACA) mandates the adoption of an electronic standard for conducting electronic funds transfer (EFT) and the adoption of the claims attachment standard that was already named in HIPAA.

• EFT: Physicians who want to receive reimbursement from their payers via EFT can now require them to do, as of January 1, 2014. Physicians are not required under HIPAA to receive their reimbursement via EFT, however, some payers such as Medicare, may as a condition of doing business, require physicians to be paid in this manner.
  • Learn more on how to implement EFT in your practice.

  It should also be noted that that AMA has received a number of complaints associated with abusive virtual credit card reimbursement practices by payers, which result in hefty fees for physicians. As a result of the new EFT HIPAA standard, physicians who want to avoid being reimbursed through the use of these credit cards will now have a recourse and may request their payers reimburse them via the new ACH EFT standard. If payers refuse to comply they will be out of compliance with HIPAA and should be reported to the Centers for Medicare and Medicaid Services (CMS). The AMA opposes payer’s use of credit card which result in hefty fees for physicians, as explained in "The effect of health plan virtual credit card payments on physician practices."

• Attachments: HHS has not yet named a standard for attachments.

Operating rules for transactions
ACA mandates the adoption of operating rules for each named HIPAA standard transaction.

- Source : AMA American Medical Association