HIPAA Bulletin for Management
Now, the clock is running for you and your organization to comply with Health Insurance Portability and Accountability Act (HIPAA). The Bush administration in April acted to move forward on implementation of the regulations.
Industry surveys have found that many healthcare provider organizations have not yet begun to address and work on plans to implement HIPAA requirements. Just about every aspect of healthcare and patient information is affected by the HIPAA regulations.
HIPAA 'AIN'T' JUST AN IT DEPARTMENT HEADACHE
Senior executives clearly are responsible for the security and confidentiality of patient health information. A 'quickie' once a month meeting with your IT guy and your compliance officer won't cut it. HIPAA compliance requires top-down commitment to organizational cultural change.
HIPAA language is the new jargon: assessment, business associate, covered entity, compliance date, standard transaction, code sets, nonstandard data content, implementation specific, identifiers, blah, blah, blah…
Right now, you need to focus on and be aware of your organization's day-to-day operational responsibilities under HIPAA guidelines. What's been the result of your assessment of your organization's readiness to come into HIPAA compliance. Where do you stand on your gap analysis and planning? What about budgeting for HIPAA implementation?
You need to begin working on "cultural" change within your organization. Your vendors will have to provide you with services that will enable you to become HIPAA compliant.
To help you deal with the most important management and operational issues surrounding compliance, HIPAA Bulletin for Management has been developed.
A body of knowledge is beginning to be developed. Much of the information is "word of mouth" on discussion lists. You can't rely on what is essentially a debate often between very knowledgeable technical experts. The discussion is way deep into technology.
Your organization is not exempt from the law. And, failing to comply with the law's provision will result in stiff financial penalties, even jail time!
Industry surveys have found that many healthcare provider organizations have not yet begun to address and work on plans to implement HIPAA guidelines.
HIPAA…WHAT ME WORRY?
You don't have to worry about HIPAA compliance unless your organization is a
clinical laboratory, managed care plan, pharmaceutical benefit management company, ambulatory surgical center, case management service, disease management company, healthcare collection agency, imaging center, claims processing provider, management services organization, physician billing service, a blood bank, practice management company, healthcare clinic, a hospice, health data firm, rehabilitation services, diagnostic radiology center, pain management center, medical record storage company, a skilled nursing facility, nursing home, medical software firm, PPO, home healthcare agency, hospital, Visiting Nurse Agency, pathology lab, third party administrator, employer health plan, infirmary, walk-in medical center, health care clearinghouse, government health agency, medical coding services, medical record transcription service, ambulance company……….
You face serious challenges ahead, according to an HFMA survey, including the cost of implementation; time and staffing constraints; understanding differences between local and federal regulations; focusing on the opportunities as well as compliance; and involving the right people in the process.
Respondents also said they had to ensure senior management and the board of directors that HIPAA implementation needs to be an organization-wide priority, the survey found.
"PRIVACY, ACCESS, ADMINISTRATIVE SIMPLIFICATION"
Dealing with HIPAA is the single most difficult issue facing healthcare providers, payors, and health technology vendors today. Indeed, complying with the new regulations is the major concern in healthcare and as well the single most pressing healthcare industry IT priority.
HIPAA also governs how health plans will be able to pay providers, authorize services, certify referrals and coordinate benefits. Even employers who provide health insurance to their workers and dependents also will be affected since they will be able to use a standard electronic format to enroll employees.
HIPAA compliance is not just an IT department problem. Operational healthcare executives must become knowledgeable about the security implications. HIPAA will not go away. The HIPAA standards affect such areas as cost of software development and maintenance, software integration between payors and health plans, and even the lowering of the cost of administrative transactions.
This is where HIPAA Bulletin for Management can help you and your leadership team. In each monthly issue you'll get news and insight on administrative and operational issues surrounding HIPAA implementation and compliance.
You'll get a roundup of regulatory developments, sure, but more importantly, with HIPAA Bulletin for Management you'll get a concise monthly report, in laymen's language, to help you understand in plain English, the information on HIPAA you need to know including:
- awareness efforts
- training and education of your staff
- policy and procedure development
- analysis and planning
- security and privacy
- access
- implementation progress
- case histories
- interviews with leading experts
- what the consultants are recommending
YOUR ORGANIZATION'S HIPAA AGENDA
HIPAA addresses three major topics: privacy, access and administrative simplification. The HIPAA regulations federalize the law of patient access. With your subscription you'll tap into a vault of ideas you can use like a checklist of what must be covered by the provider when creating notices to disclose information to the patient. You'll get a checklist of what must be covered in the notice and how to distribute the notice. Coming in HIPAA Bulletin for Management:
- Implementing the provisions of the privacy regulations, the "most sticky" challenge
- Adapting a culture change within your organization
- What your organization should be doing about HIPAA right now
- How you should move forward
- Taking the basic steps to thinking about how your organization will become HIPAA compliant
- Policy elections for your organization, how to begin initial security analysis
- Building a comprehensive assessment of your organizations current security practices, procedures and IS/IT technologies
- Developing your corporate security strategy
- Developing your training plan for your organization's staff
- Including appropriate HIPAA provisions in vendor negotiations for information systems and telecommunications systems
Hospitals, health plans, physician practices and clearinghouses have much at stake.
HIPAA imposes sweeping requirements for the use and disclosure of "protected health information." Get help understanding the scope and timing of various aspects of the regulatory requirements. Get a checklist of how healthcare organizations should prepare for HIPAA and what providers should do.
You'll get a list of exceptions to the rule, the pre-emption of state law, and a discussion of the liability for business partners and contracts. Get information on patient's rights, written notice and penalties.
HIPAA Bulletin for Management will update you on patient privacy and confidentiality issues and provide suggestions for safeguarding statistics. For instance, you'll learn how some e-health companies have united to create standards and protect patients' privacy. As a subscriber you'll get ideas you can put to use right away, like eight tips for securing your enterprise, including creating an overall written security policy that details and internal and external security.
As the healthcare industry moves further into the era of Internet-enabled applications, the pressure to improve security standards is mounting. HIPAA forces the issue.
WHAT OTHER ORGANIZATIONS ARE DOING
Discover what other organizations are doing, for instance how they are going about following the HIPAA regulations to develop new policies and procedures governing everything from obtaining patient consents under HIPAA to the use and disclosure of protected health information (PHI.)
The penalties for failure to comply with provisions of the HIPAA law and regulations are onerous including stiff financial penalties and jail time. The federal government is serious about this. HIPAA is not going away.
Subscribe to HIPAA Bulletin for Management now for your own peace of mind. Deadlines for compliance are coming fast.
