Transcript 2.5 HIPAA Legislation and its Impact on Physician Practices
2.5 HIPAA Legislation and its Impact on Physician Practices
• The
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
number of rules, including: contains a –
HIPAA Electronic Transaction and Code Sets standards
– –
HIPAA Privacy Rule HIPAA Security Rule
– Final Enforcement Rule
2-15
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.
2.5 HIPAA Legislation and its Impact on Physician Practices (Continued)
• HIPAA Electronic Transaction and Code Sets standards – Describe an electronic format that providers and health plans must use to send and receive health care transactions – The electronic transmission of data is called
electronic data interchange (EDI)
– Payment may be via
electronic funds transfer (EFT) 2-16
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.
2.5 HIPAA Legislation and its Impact on Physician Practices (Continued)
• Claim Formats – The HIPAA-standard
X12-837 Health Care Claim
, or
837P
– The
CMS-1500 (08/05)
paper claim • The
National Provider Identifier (NPI)
is a ten position numerical identifier consisting of all numbers
2-17
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.
2.5 HIPAA Legislation and its Impact on Physician Practices (Continued)
• HIPAA Privacy Rule – Protects individually identifiable health information – Mandates rules all covered entities must follow in protecting patients’ privacy – Information that can be used to find out a person’s identification, is referred to as
protected health information (PHI) 2-18
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.
2.5 HIPAA Legislation and its Impact on Physician Practices (Continued)
• HIPAA Security Rule – Outlines safeguards to protect health information stored on a computer system or transmitted across computer networks –
Administrative safeguards:
the policies and procedures that protect electronic health information –
Physical safeguards:
the mechanisms required to protect electronic systems, equipment, and data –
Technical safeguards:
the automated processes used to protect data and control access to data • An
audit trail
is a report that shows who has accessed information and when
2-19
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.
2.5 HIPAA Legislation and its Impact on Physician Practices (Continued)
• HIPAA in the Age of Health Information Technology – A
breach
is the acquisition, access, use, or disclosure of unsecured PHI in a manner not permitted under the HIPAA Privacy Rule
2-20
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.
2.6 The HITECH Act’s Impact on Privacy and Security
• The HITECH Act introduced additional privacy and security regulations, including: – Breach notification – Monetary penalties – Advanced enforcement
2-21
© 2011 The McGraw-Hill Companies, Inc. All rights reserved.