HIPAA Compliance

In this article, I will address HIPAA as it relates to the software and tools used by clinicians to manage their practice. The congress has put a set of rules under the HIPAA law, we will explain what's this law is about and how it applies to medical software.


What is HIPAA?

The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addressed the security and privacy of health data. As the industry adopts these standards for the efficiency and effectiveness of the nation's health care system will improve the use of electronic data interchange.

The Entities covered by HIPAA law are:

• Health Plans

• Health Care Providers who use certain electronic transactions

• Health Care Clearinghouses

The HIPAA provisions are summarized as:

• Transaction Standards and Code Sets
• Privacy
• Security
• National Standard Identifiers for the Provider, Employer, Health Plan and Individual

HIPAA in Practical terms

Administrative Simplification is a method of making medical practice (the billing, claims, computer systems and communication) uniform in order for providers and payers to interact with each other through each other's proprietary systems. The changes will affect such activities as:

• Enrolling an individual in a health plan

• Paying health insurance premiums

• Checking eligibility

• Obtaining authorization to refer a patient to a specialist

• Processing claims

• Notifying a provider about the payment of a claim

HIPAA Privacy Right and Security

HIPAA contains a provision that is related to Electronic Data Transactions to standardize the exchange of the data between trading partners. These transactions are mandated to be in the ANSI ASC X12 version 4010 format.
In Addition to the transactions, Software industry has introduced Electronic Medical Records. To guarantee the privacy rights and secure the access to the medical records, HIPAA provided guidlines to protect the patient's privacy.

Privacy rights

The HIPAA regulations establish standards for protecting individually identifiable health information and for guaranteeing the rights of individuals to have more control over such information. Here is the summary of these regulations:

1- Right to ask and see a copy of your records
2- Have Correction made to you records
3- Receive a notice that your information will be shared
4- Decide whether to accept that your information can be shared
5- Get a report of when and why your record is shared
6- Ask that your information shall not be shared
7- File a complaint

Security 101

The HIPAA regulations have establish standards for all health plans, clearing houses, and storage of health care information to ensure the integrity, confidentially, and availability of electronic protected health information.
The Security Rule covers only protected health information that is in electronic form and we can summarize the security standard into the following requirements.

- Administrative Safeguard
These are administrative functions that should be implemented to meet the security standards. These include assignment or delegation of security responsibility to an individual and security
training requirements.

More details on Administrative Safeguard Reference

- Physical Safeguard
These are the mechanisms required to protect electronic systems, equipment and the data they hold, from threats, environmental hazards and unauthorized intrusion.

More details on Physical Safeguard and recovery


- Technical Safeguard
These are primarily the automated processesused to protect data and control access to data. They include using authentication controls to verify that the person signing onto a computer is authorized to access that.

More details on on Technical Safeguard who has accesses what information?

Is X12 technology right for healthcare

By Sandrick Melbouci

Is X12 Format right for Healthcare.

In every corner, we hear about the rise of healthcare costs and how to reduce them. I would like to add one area where the cost can be reduced significantly.
We all agree that the cost can be reduced by automating certain procedures, such as the medical billing, electronic medical records, scheduling, reporting and so on.
The first question I asked was, what if the cost of automation is so huge that it will raise even more the costs of healthcare.
So, how can we reduce the cost of the automation.
The scheduling, automation can be accomplished at very minimal cost.
The Electronic Medical Records is specialty dependent, but there is some common data that can be defined as "standard" for each practice.
The medical billing is the big elephant in the room. The cost of its automation is significant and its implementation is complex. We will look at two aspects:

• Medical Coding
• Claim Processing

Medical Coding specialists are in high demand because of rapid growth in the number of medical tests, treatments, and procedures that will be increasingly scrutinized by health insurance companies, regulators, courts, and consumers." (See U.S. Department of Labor, Bureau of Labor Statistics.) , It is probably the fastest growing profession withing the healthcare industry. The 2005 statistics from the United States Department of Labor and Bureau of Statistics, showed the healthcare information industry is expected to grow faster than normal through 2014.

In practical terms, the medical coder adds cost to the clinician and that cost will be transferred to the patient. But this is required position that we may not be able to cut. So, where can we cut costs ?
We will look at how to reduce the cost HIPAA transactions processing.

HIPAA Transactions.
HIPAA defined a set of transactions to support Electronic data exchange:

• Health Care Claims or equivalent encounter information (837);
• Eligibility for a Health Plan (270/271);
• Referral Certification and Authorization (278 or NCPDP for retail pharmacy);
• Health Care Claim Status (276/277);
• Enrollment and Disenrollment in a Health Plan (834);
• Health Care Payment and Remittance Advice (835);
• Health Plan Premium Payments (20); and
• Coordination of Benefits (837 or NCPDP for retail pharmacy).

While many entities in the health sector have developed, or are in the process of developing, electronic data interchange (EDI) format standards, the lack of common, industry-wide standards is a major obstacle to realizing potential efficiency and savings.

The problem starts with the choice of EDI format, X12. For those who had some experience with X12, they know what I'm talking about. It is a complex format that is very hard to maintain and terribly complex to implement.

Today, the software industry offers other technologies that can actually reduce the cost of the implementation of the HIPAA transactions and HIPAA specifications. One of these technologies is XML Web services (Dont confuse it with a web site) that operates under SOAP (Simple Object Adapter Protocol) or REST.
The data for each transaction can be defined with an interface called WSDL (Web Service Definition Language) and the companies can implement the business behind each transaction independently.
This protocol is platform independent (Windows, Mac, Unix, Linux, MVS ...etc) and it can reduce the implementation costs by 500% and increase efficiency at every level of claim processing because this technology provides hooks to validate, secure, transport data. This reduction of cost in claim processing will imply reduction in insurance premiums as well as the reduction of the cost of billing systems.
Compared to EDI where the claims are submitted in batch format, the Web Service technology can submit the claims in realtime or immediate send or in batch mode. The number of errors will be reduced to under 1%.

The combination of efficient medical coding along with web services technology as the protocol of choice for HIPAA transactions will reduce the cost of claim processing by at 200%.

Conclusion

The ultimate goal is to take care of the patient at reduced cost. Many things need to come together in order to accomplish this goal. One of them is Medical Practice Management Systems implemented at reasonable cost that offers the functions that will optimize the provider time and costs. I believe that it start by applying the right technology that can help the business.

Medical Practice Management Software - EzMedPro

By Sandrick Melbouci

Introduction

With today's rising healthcare costs and the baby boomers needing care, it is important to automate medical records, billing, ...etc in the everyday provider's tasks. For patients, they want the best care. They want to get an appointment with a doctor when they are not feeling well and not wait few days for a possible care. And when they show up at the doctor's office, they want the best care.
The best care comes when the provider knows our medical history and can be accessed quickly on each visit.


How do we make the provider more efficient?
Well, we need to look at how to optimize the time the provider spends in tasks other then seeing patients.
I will try to list some that every patient may have seen:

1- Medical Records are on paper and hard to find, the doctor does not go through every pages of our record. He looks at the last visit. We need to have a way to show the medical history summary of the patient that can be seen by the provider without going through 30 pages.
2- Medical Coding is another area of headache. To put it in simple words, a visit to doctor has a code (that's a CPT code) and diagnosis is another code (that's the ICD code). These codes are used to submit the claim to the insurance company.
3- Billing is critical to raise revenue for a practice. Having a system that generates a bill for each visit and manage the receivable accounts will help the providers save time. However, I have seen that these two functions are usually managed by two different systems. EzMedProis a software that integrates these 2 functions.
4- Insurance Claims , this is an area I believe needs the most improvement. The Insurance companies make it hard for both the provider and the patient when it comes to pay a claim. Today there are two way to get a claim processed:
- HCFA form and send it by mail
- Electronic Claims
5- Scheduling is not really an issue but need to be mentioned for large practices to run reports and send reminders to the patients prior to their appointment.

The potential solution
The solution is to automate the daily tasks as much as possible. Basically we need to automate at the least the 5 tasks I listed above: Scheduling, billing, insurance claims, medical coding and medical records.
Not only do these task need automation but they need to be integrated within one system in compliance with HIPAA.

There are certain number of systems that provide some type of solution. However, for most of the providers, affordability is an issue, until now. EzMedPro is a Medical Practice Management Software that integrates all the tasks I listed above and is available for a price under $300.

The Objective is to make the provider focus on the patient. EzMedPro Software from DSOFT Systems provides the lead way for affordable software with efficiency for providers.

Add to Technorati Favorites