Quality Oncology

HIPAA - FAQ

overview


What is HIPAA	Transaction & Code Sets	Privacy	Compliance Timeline	FAQs	Compliance Program

Frequently Asked Questions

Frequently Asked Questions

What is HIPAA?
Who is required to comply?
What are the goals of HIPAA?
What type of information is covered by HIPAA?
What is Quality Oncology doing to comply?
Quality Oncology Contacts

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is federal legislation that was passed by Congress and signed into law by President Bill Clinton in August of 1996. The primary intent of the law is to protect health insurance coverage for workers or their families when they lose or change jobs. This portion of the law has been in place for several years and has resulted in changes to COBRA (Consolidated Omnibus Budget Reconciliation Act) provisions and increased public awareness of individual protections of insurance coverage. Other provisions dealing with patient privacy and health information are more complex and require the Department of Health and Human Services (HHS) to establish a series of regulations to improve the efficiency and effectiveness of electronic interchange of information (Transaction and Code Set standards and creation of Unique Identifiers for key participants in the healthcare delivery system) and ensure the privacy and security of protected health information (Privacy and Security Standards.) )

Given the complexity of the HIPAA law and the impact on the healthcare system, there have been several changes to the implementation time schedule of Administrative Simplification rules and currently only two parts of the rulings have been issued in final form. Healthcare payers, providers and clearinghouses are currently working on implementation of the Transaction and Code Set Standards with compliance expected by 10/16/02 (or 10/16/03 with allowed extension) and the Privacy Standards with compliance expected by 4/14/03 (no extension permitted). The standards for the Employer Identifier have been released and after a comment period, are expected to require compliance by August of 2004. Final rulings for the Security and other Unique Identifiers (Providers and health plans) are expected during the summer of 2002 with compliance expected during the fall of 2004.

Who is required to comply?

As defined by the regulations, all health plans, providers and health information clearinghouses are considered covered entities and thus are required to comply with the HIPAA administrative simplification provisions by the dates listed above.

What are the goals of HIPAA?

There are three primary goals of HIPAA Administrative Simplification:

Reduce the administrative burden across the healthcare delivery system by standardizing transaction types and code sets to facilitate interoperability and data sharing among healthcare organizations.
Increase the efficiency and cost effectiveness of the healthcare industry by supporting the continued transition from paper based transactions to electronic transactions.
Ensure the privacy and security of health information by establishing a broad confidentiality framework and clearly identifying patients’ rights with respect to their own health information.

What type of information is covered by HIPAA?

For Covered Entities that exchange information electronically, the transaction and code set standards will apply. In terms of the definition of electronic media, the regulations include not only traditional electronic data interchange (EDI) but also, disks, CDs, computer databases, faxes, Internet and networks.

The Privacy ruling covers all types of information exchange and is not limited to electronic media. Written or oral disclosures of protected health information (PHI) will not be permitted, and HHS is continuing to work on guidelines regarding the definitions of PHI and what types of disclosures will result in a violation.

What is Quality Oncology doing to comply?

QO has completed a far-reaching readiness assessment and has reviewed all of our existing systems, policies and procedures and workflows and compared these to the HIPAA requirements. An implementation plan has been developed to allow for proper testing time of interfaces with our clients as well as updates to privacy policies and other procedures. An education and awareness program has been started and all staff have participated in HIPAA education sessions to provide a common understanding of the regulations and likely impacts on workflows and systems. This awareness program is being supported by on-going in-service sessions with staff and new-hire orientations.

A joint QO / client project planning calendar has been developed and discussions have been held with all clients to assess testing schedules and Business Associate addendum discussions. Over the next several months, individual work groups will be working on the Transaction and Code Set implementation plan, and the Privacy Program review in conjunction with security personnel to align resources and solutions.

As the implementation process continues, further updates on progress will be provided via this web-site and individual project meetings with each of our clients.

Quality Oncology Contacts

For general project inquiries please contact Becky Roberts, Matria HIPAA Manager at

home

home	about us	about disease management	contact us	HIPAA	press room	careers
all rights reserved, 2002-2007. Matria Healthcare Oncology Program A Matria Company If you experience any problems with this website, please contact the myerslowe@cancerpage.com