Contact Us

Search AMC Site

Hit Counter
since 9/12/01!

Please notify webmaster of any questions or site problems.

FROM THE DHS WEB SITE:

DHS HIPAA Roll-Out Plan Provider Update #159

2003 Minnesota HIPAA Implementation Summit

Health Information Privacy Matrix

HIPAA Readiness Schedule

Provider Updates

 

FROM THE CDC WEB SITE:

HIPAA Privacy Rule and Public Health Guidance from CDC and the U.S. Department of Health and Human Services

Appendix A: Selected Privacy Rule Concepts and Definitions

Appendix B: Sample Text That Can Be Used To Clarify Public Health Issues Under the Privacy Rule

 

AMC will continue to work on the issue and provide information as it becomes available.  For more information about HIPAA activities, contact Patricia Coldwell at 651-224-3344.
HIPAA Deadline Extended: Medicare announces plan to accept HIPAA non-compliant electronic transactions after deadline date

The Centers for Medicare and Medicaid Services (CMS) announced that it will implement a contingency plan to accept noncompliant electronic transactions after the October 16, 2003, compliance deadline. This plan will ensure continued processing of claims from thousands of providers who will not be able to meet the deadline and otherwise would have had their Medicare claims rejected.

CMS made the decision to implement its contingency plan after reviewing statistics showing unacceptably low numbers of compliant claims being submitted. The contingency plan permits CMS to continue to accept and process claims in the electronic formats now in use, giving providers additional time to complete the testing process. CMS will regularly reassess the readiness of its trading partners to determine how long the contingency plan will remain in effect.

Information on the electronic transactions standards, frequently asked questions and alerts are available on the CMS web site. To get to the electronic transactions section, use the HIPAA link and then the administrative simplification link.

What is HIPAA?

Compliance Checklist:

  • Designate a privacy officer, a security officer, and compliance manager.

  • Communicate the privacy officer and security officer designation to the workforce.

  • Appoint a HIPAA project manager.

  • Appoint a cross-functional HIPAA project steering committee.

  • Establish HIPAA subcommittees for the transactions and code sets, privacy rules (keep in mind that safeguards ARE also required).

  • Conduct a HIPAA readiness assessment.

  • Conduct a formal comprehensive compliance GAP assessment and analysis.

  • Catalog and map ALL PHI in any form within the overall organization.

  • Inventory polices and procedures for privacy and security rule issues.

  • Inventory information systems and the criticality/sensitivity of the information processed.

  • Define your Designated Record Set

  • Inventory business associates who handle protected information.

  • Inventory biomedical equipment that stores protected information.

  • Inventory employees with remote access to patient information systems.

  • Inventory vendors with remote access to patient information systems.

  • Solicit HIPAA readiness plans from information systems vendors.

  • Develop a HIPAA compliance plan, budget and reporting system.

  • Conduct workforce HIPAA awareness sessions.

  • Have first drafts of all Policies written, and be working on Procedures (Protocols).

  • Have a HIPAA Legal Expert and a HIPAA Implementation Expert on retainer, to verify and validate the work being conducted either internally or by subcontractors, and to provide reliable access to advice and opinion on issues as they emerge.

  • Keep in mind, there are many more steps yet to be done in these three short months!

Information provided by Local Government Compliance.

The federal Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996, presenting the single largest change in the health care business environment since the advent of Medicare and Medicaid in 1965.  HIPAA is not a state or federal program, but an industry-wide effort to enhance consumer control of insurance coverage, create health care industry standards to improve administration; and protect and secure personal health information

Although Minnesota already has existing data privacy and administrative uniformity laws, HIPAA will significantly impact health care business processes here — and throughout the country.

Administrative simplification is a method of making business practices (the billing, claims, computer systems and communication) uniform in order that providers and payers do not have to modify the way in which they interact with each other through each others’ proprietary systems.

An average of 26 cents of each health care dollar is spent on administrative overhead, including such tasks as:

  • enrolling an individual in a health plan;
  • paying health insurance premiums;
  • checking eligibility;
  • obtaining authorization to refer a patient to a specialist;
  • processing claims;
  • notifying a provider about the payment of a claim.

5 Specific areas of administrative overhead are:

  • Electronic data interchange (EDI) – the electronic transfer of information in a standard format between trading partners. It allows partners to exchange information and transact business in a fast and cost-effective way. The transactions that are included within HIPAA consist of standard electronic formats for enrollment, elibibility, payment an remittance advice, claims, health plan premium payments, health claim status, and referral certification and authorization.  (More info. on Standards for Electronic Transactions and Code Sets)

  • Code Sets – includes data elements used to uniformly document the reasons why patients are seen and what is done to them during their healthcare encounters (procedures).

  • Identifiers – numbers used in the administration of health care to identify health care providers, health plans, employers, and individuals (patients). Over time, this is intended to simplify administrative processes, such as referrals and billing, improve accuracy of data and reduce costs.

  • Security – standards need to be developed and adopted for all heatlh plans, clearinghouses, and providers to follow and to be required at all stages of transmission and storage of halth information to ensure integrity and confidentiality of the records at all phases of the process, before, during and after electronic transmission.

  • Privacy- Standards to define what are appropriate and inappropriate disclosures of individually identifiable health information and how patient rights are to be protected.

     Background courtesy of Walter Suarez, MD, of the Midwest Center for HIPAA Education

Privacy Rules

Headlines

Hot Topics & Resources

Pioneer Press

Star Tribune

Minnesota Public Radio (MPR)

Legislative News

AMC News

County  Announcements

Email us your local  news and we'll post it here!