Home
Our Publications
Advertise
Contact Us
Archives
Subscriptions
Corporate
Member Options
Navigating the HIPAA Labyrinth
By: BY CARL RAUS
What is HIPAA? What impact does the Health Insurance Portability and Accountability Act (HIPAA) have on the medical community? What are the advantages and disadvantages of this law? How can the medical community adhere to the HIPAA guidelines and still serve its patients in a timely manner? Does it prohibit access to medical information that otherwise could serve consumers in a positive way? What are the loopholes in the law? These and other questions have been challenging many practitioners since HIPAA went into effect.

What is the background of HIPAA?
As cited in the United States Department of Health and Human Services (HHS) Web site, enactment of the Health Insurance Portability and Accountability Act (HIPAA) dates back to 1996. Perhaps the most positive result of that initial legislation was the provision for individuals to have a means of continuing healthcare coverage when their employment, and subsequently, their healthcare benefits, ended. Prior to that, many consumers faced dire circumstances when they became unemployed because this option was not available.

Congress solicited HHS to add on an imperative to this law, namely, a more stringent compliance directive regarding privacy. For the first time, federal privacy standards were outlined that were specifically designed to protect patients' medical records and other information — data that is most often made available to physicians, health insurance carriers, healthcare facilities and others who are in need of vital medical information. The intent of this new legislation was to restrict the use of medical records and to give the consumer more control over how this very personal information would be used. On April 14, 2003, compliance with this additional privacy provision became mandatory.

What terminology is important to know?
Understanding the term "covered entity" is vital when trying to interpret HIPAA requirements. Simply put, an "entity" is a healthcare provider, a healthcare plan, a healthcare clearinghouse, or a health plan provider that engages in enrolling participants and billing.This not an exhaustive list, but it provides some idea of the scope of consumers and professionals affected by HIPAA.

What are some procedural concerns for providers?
Knowing the basics and having your staff informed about compliance with HIPAA is the key to dealing manageably with the law. Here are some of those basics:
· Your patients are entitled to see and have copies of their medical records. (You may charge them for the expense of copying and mailing them.) If you deny access, you are required to give the patient a written explanation why. Note: Patients may not access psychotherapy documentation that results from private counseling or has been collected for litigation purposes.
· Your patients can specify in what manner they want their medical information communicated. For example, a patient may ask you to call them at home instead of work to inform them of appointments, test results and other matters.
· Consumers may file formal complaints against entities.
· If you are an entity, you must have written privacy procedures. The patient must acknowledge receipt of these in some manner and this must be documented.
· As an entity, you must access prior authorization from the patient if you plan to disclose their information for marketing purposes.
· Entities must train their employees in privacy procedures and assign an employee as the designee for ensuring that privacy policies are carried out.
· State laws requiring additional privacy practices must be adhered to in addition to HIPAA standards.

Are they any exceptions?
The HIPAA law recognizes that the efficient operation of a medical care environment requires provisions for what they term "incidental use and disclosure." Here are some examples of these:
· Items such as communication boards at nursing stations are permitted.
· Healthcare providers may discuss patient care among themselves, but this must be done in the strictest privacy.
· Physicians may confer with patients' families.
· Patient charts may be kept at the bedside.
· High-risk precautions may be posted for the safety of the patient and caregivers.

What procedures are permitted without prior authorization?
Examples of these include:
· Scheduling surgery
· Filing a claim for payment
· Faxing information to another specialist (you must have confirmation that it has been received)
· Reporting victim abuse

What is the difference between authorization and agreement?
In some cases you do not need specific authorization from the patient, but you do need agreement, and once again, this agreement should be witnessed and documented. The most frequent example is when family members or others involved in the care of the patient need critical information that affects how they provide appropriate care for the patient.

Commentary
One contrary aspect of HIPAA is the restrictiveness it presents when entities must enforce the regulations and guidelines of the act. For example, students who are preparing for careers in the allied health professions are in need of patient contact. They also need to shadow and be mentored by practitioners as much as possible. In many cases, this aspect of academic and hands-on preparation is diminished due to restricted access to healthcare environments and excessive paperwork. As a result, much of this training is now done in the classroom with "virtual" learning because it is the easiest and most practical way for higher education institutions to provide what is needed to accommodate this critical aspect of the student's field experience.

In a positive light, the enactment of HIPAA has been advantageous in many respects. Consumers are relieved to know that there are checkpoints in place that can legally guarantee the privacy of their health status. Although cumbersome at times, the HIPAA legislation enables individuals to feel empowered by these rights to privacy. More often than not, the patient's frustration with the red tape that goes along with strict adherence to HIPAA guidelines is tempered with the security of knowing that his or her privacy is being protected. For many, this factor can even serve to improve the relationship between provider (entity) and consumer.

For healthcare providers such as hospitals and physicians, there is a clear advantage in that the HIPAA guidelines are closely aligned with the requirements of their primary accrediting agency, the Joint Commission on Accreditation of Healthcare Organizations (JCAHO). Complying with HIPAA requirements insures that many of the JCAHO regulations will be met simultaneously. The law does inhibit, to some degree, more timely and cost-effective medical practice, but it also gives some assurance that professional liability issues may be minimized.

In conclusion, given the challenges of rising healthcare costs and diminished accessibility for many, the HIPAA legislation does uphold a basic individual right to privacy for consumers, and for this reason, one might consider that it is a good thing.
Tags:
None
Related:
No Related Articles
Do you know someone else who would like to see this?
Your Email:
Their Email:
Comment:
(Will be included with e-mail)
 
 
Copyright © and Trademark ™ 2008 All Rights Reserved
Copyright Statement | Privacy Statement | Terms of Service
Making Web Design Easy Since 2001
Newspaper Software, Magazine Software, HOAs, Trade Associations & Community Website Software  |  Email Marketing, E-Commerce