|
|
What is HIPAA?
|
|
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 contains the
following three major provisions:
Portability
Medicare Integrity Program/Fraud and Abuse
Administrative Simplification
The portability provisions, implemented in 1997, provide available and renewable health coverage and remove the
pre-existing condition clause, under defined guidelines, for individuals changing employers and health plans.
The Medicare Integrity Program (MIP) implemented in 1998, guarantees that the Health Care Financing Administration
(HCFA) has a funding source for integrity activities and expands its authority to hire anti-fraud contractors.
The administrative simplification provision will implement standard transaction and code sets, identifiers,
security, and privacy rules across the health care industry. These requirements will be further discussed in this
article and in upcoming provider publications, and will be referred to as the HIPAA requirements. |
Administrative Simplification Requirements of HIPAA
The four major requirements of administrative simplification are the following
(click the hyperlinked text for more information about a particular regulation):
Transactions and code sets
Identifiers
Security
Privacy
The requirements promote electronic transactions, regulate format and content standards, and make conforming
security and privacy standards. The Transaction and Code Set final rule was published in the Federal Register August 17, 2000, and became effective October 16, 2000.
The rule requires full compliance for large health plans (including federal and state programs), clearinghouses, and providers by
October 16, 2002.
Note: Covered entities that have filed for the one year compliance extension have until October 16, 2003.
Please see the HIPAA Compliance Extension section below. |
Entities Affected by the HIPAA Administrative Simplification Requirements
All of the following entities are affected by the HIPAA administration simplification requirements:
All health plans, including Medicaid, Medicare, and commercial plans
Providers that transmit or store health information electronically
Health care clearinghouses
It is important to obtain a copy of this rule and review it thoroughly to determine the effects HIPAA will have on your organization’s systems and
business processes. The final rule defines the requirements and standards that you must implement to comply with HIPAA regulations. This rule can be
accessed at:
http://www.access.gpo.gov/su_docs/fedreg/a000817c.html |
HIPAA Provider Focus Group Meetings
The Provider Focus Group is a meeting of provider association representatives, EDS, and Health Management Associates (a HIPAA consultant to the IHCP).
These meetings are designed to share HIPAA information as it relates to the IHCP's ongoing plans for system remediation and readiness as it works toward HIPAA compliance.
Providers are requested to encourage the involvement of their associations in this process, and both seek information from and share concerns and questions with their association for discussion at future meetings.
The IHCP extends its appreciation to the association represented at past meetings for their time and input regarding the successful implementation of the HIPAA requirements, and encourages all associations to be represented at future focus group meetings.
The Provider Focus Group Attendance and Notes for June 2002 are available on this site. |
HIPAA Compliance Extension
Congress originally required health care clearinghouses, health care providers who transmit certain health information, and health plans like Medicaid to implement the requirements of the Health Insurance Portability
and Accountability Act (HIPAA) dealing with electronic transaction and code set compliance by October 16, 2002. President Bush and the Congress have provided a one-year delay in this HIPAA requirement for
qualified covered entities. To qualify, the covered entity must have submitted a compliance plan to the Health and Human Services (HHS) Secretary by October 15, 2002. The plan included the details outlining their
strategy to meet the delayed October 16, 2003 compliance date.
Due to this change in federal law, the Indiana Health Coverage Programs (IHCP), including Medicaid, has submitted a HIPAA compliance plan and has requested the one-year extension.
Like our provider community, the IHCP continues to work toward HIPAA compliance. Please monitor bulletins, banner pages, and this web site for IHCP HIPAA training opportunities coming in 2003.
Providers should note there is no extension for the HIPAA Privacy rule compliance. Privacy compliance is effective April 14, 2003. |
Trading Partner Information
All entities desiring to exchange data with IHCP must become an IHCP Trading Partner. These entities include Providers, Clearinghouses, Billing Services, MCOs, Medicare Intermediaries, and VANs. |
Resources
The Indiana Health Coverage Programs (IHCP) and EDS will continue to monitor federal HIPAA regulations, identify the impact to their systems and processes,
and develop solutions to help ensure timely compliance. For further information on HIPAA, please visit the following Web sites:
|
|
August 17, 2000, Final Rule |
http://www.access.gpo.gov/su_docs/fedreg/a000817c.html |
|
HCFA Web site; HIPAA page |
http://cms.hhs.gov/hipaa/ |
|
Department of Health and Human Services, Administrative Simplification |
http://www.aspe.os.dhhs.gov/admnsimp |
|
HIPAA Glossary of Terms as published by the Workgroup for Electronic Data Interchange |
http://www.wedi.org/public/articles/HIPAA_GLOSSARY.pdf |
|
CMS Covered Entity Decision Tools |
http://www.cms.hhs.gov/hipaa/hipaa2/support/tools/ decisionsupport/default.asp |
|
Taxonomy and Other Codes Sets as published by the Washington Publishing Company |
http://www.wpc-edi.com/codes/Codes.asp |
|
CMS Helpful HIPAA links |
http://www.indianamedicaid.com/ProviderServices/Forms/Medicaid Provider HIPAA Outreach.doc |
|
HIPAA Claims-Related Updates |
http://www.indianamedicaid.com/ihcp/Banners/BR200337.pdf |
HIPAA FAQs
HIPAA Frequently Asked Questions (FAQs) are available on this site.
To submit questions specific to the IHCP HIPAA implementations, please contact inxixhipaainquiries@eds.com
The HHS Office for Civil Rights (OCR) released an updated guidance document for the Privacy regulations on December 4, 2002. The document can be found at http://www.hhs.gov/ocr/hipaa/whatsnew.html under the What's New section. |
| |
