Home    News & Links       HIPAA News        Contact Us

W'ere Your Compliance Source
 

Provider Services

Arbitration Service

Billing Service

Collection Service

Claims Cost Analysis

Electronic Claims Services

Procedure Code Analysis

Software Solutions

Web-Based Services

News & Links

Dr. Links

Events Calendar

CMS News

What's News

HIPAA News & Links

HIPAA Links & News

HIPAA Seminar Reg.

HIPAA Simplified

HIPAA Training

Contact Us

Feedback

Home Page

Information Request

Disclaimer

 
 
 

Frequently Asked Questions???

It may possibly be the most confusing set of regulations ever created for the health care industry. HIPAA is certainly here to stay, but what are the regulations exactly?

       This is a question ask by just about every health care professional. Unfortunately, the people who created HIPAA have not made it ease for the general public to locate simple terms and definitions, as well as the requirements of the all parties governed by these regulations. In fact, the regulations change every day, most have not even been finalized. 

       To help address some of your concerns regarding the HIPAA regulations, we have created our HIPAA Q&A page. On this page we have listed some of the most frequently asked questions regarding the regulations and the answers to those questions. In addition, we have made some recommendations to help you with your HIPAA compliance requirements.

    The following information has been compiled by our company in an effort to help you understand the regulations and to let you know what you need to do in order to comply with these regulations. This information has been gathered from numerous HIPAA internet sources, HIPAA research and Federal Registry postings, as well as our attendance of various HIPAA seminars.

Disclaimer: Universal Medical Management Systems & Drbilling.com have taken reasonable steps verify the information on this site. However, we do make any representations or warranties, express or implied, as to the accuracy of the information contained in this site. Universal Medical Management Systems, Drbilling.com and its employees, owners and contractors assume no responsibility or liability for any errors or omissions in it's information or the results obtained from the use of any information available on this site.  Site users are solely responsible for determining the validity of the information provided on this site and whether or not that information is suitable for their purposes. Users should consult with their legal counsel regarding any matter which may effect their business.

1. How can my office provide evidence that we have made every efforts to comply with the HIPAA requirements?

Create a folder and store all of our office HIPAA documents in it. Your HIPAA Folder is where you should keep all of your HIPAA forms, vendor or business associate agreements and other documents related to your HIPAA office policies. Please place this folder in a secure location.

 
2. Do I really need to file the HIPAA extension plan?

If you have not done so yet, you must file your HIPAA compliance extension. This can be done by visiting the CMS HIPAA site and completing the form online. Remember your extension must be filed by October 15, 2002. After you have completed the extension form online, print the form or save it for your records. After you have submitted your form, you will be given a confirmation number. This confirmation number should be stored in your HIPAA folder. Some small Practices and supplies may not need to file the extension plan. See the HIPAA regulation at the CMS website for more details.  Click here to visit the CMS HIPAA site
3. What will HIPAA Cost your practice? 

The initial financial impact for HIPAA compliance should not be to significant. However, When completing the HIPAA extension form you must consider the long term cost, included in this figure should be: salaries and hours spent in the evaluation and implementation process, forms creation, office equipment, software upgrades, consulting and training costs, etc. It is estimated that the average practice will spend between $50,000.00 to $100,000.00 during the entire compliance period.

 
4. What will your practice need to do to ensure that it complies with the Electronic Transactions Standards (ETS)?

Your software vendor should be responsible for handling with this issue. You may incur a cost for software upgrades but it shouldn't be significant. However, if it does look to be a costly issue, you may want to consider changing vendors. 

The ETS compliance is not scheduled to go into effect until mid-year 2003. However, it is a good idea to request something in writing from your vendor addressing this issue and outlining their migration plan and target date for compliance.

 
5.

 

 Do patient charts need to be locked-up in secured storage units? 

No. At this time you do not need to keep patient charts and records locked in file or storage cabinets. However, you will need to keep these records in a location in your office where patients or other parties will not have visual or physical access to them. 

Protection of patient health information (PHI) is the most important aspect of the HIPAA regulations. As a party governed by these regulations, you must make every effort to ensure that information on each and every patient remains privileged. This means that your files can not be placed in the site of patients or other parties, your computer monitor screens must be out of the view of said parties, charts holders or bins must be designed to block the name of the patients or other privileged PHI, etc. 

It's a good idea to take a little time and walk around your office. If you are able to easily see any documentation containing PHI you should make immediate modifications to prevent this. Remember to document all compliance efforts and keep these with your HIPAA records.

For more information on privacy standards, visit the following pages at the Department of Health and Human Services website:

Standards For Privacy Of Individually Identifiable Health Information

HHS First Major Protections For Patient Privacy

Modifications To The Standards For Privacy Of Individually Identifiable Health Information-Final Rule

For more information on the protection of privacy and access to health care, visit the following page at he Department of Health and Human Services website: Protection Of Privacy And Access To Care

 
6. What is a notice of privacy practices?

The HIPAA compliant notice of privacy practices outlines what kind of information your practice may disclose, as well as the patients rights. This document should be placed in an area of your office where patients can access it. Click here to view sample a Notice of Privacy Practices

 
7. What is a HIPAA compliant authorization to disclose private health information form used for and how is it used?

A HIPAA complaint authorization form is one that specifically states what information is authorized to be disclosed and to whom. A HIPAA compliant authorization form must also include the name of the health care provider or practice name, as well as signature of the patient or other authorized party. This form must be signed by the patient or authorized party when every PHI is disclosed. A copy of the authorization should be kept in the patient chart. This form is not needed in order to submit claim information for insurance payment or other third party payment.

Click here see a sample of a HIPAA compliant authorization form

 
8.

 

 

 

 

 

 

 

 

 

 

 

 

 

What is the current HIPAA compliance Calendar?

 

HIPAA Rule Compliance Date
Transactions & Code Sets October 16, 2003*

*If an extension is submitted to HHS by October 15, 2002
Privacy April 14, 2003
Unique Employer Identifier July 30, 2004

 The following HIPAA rules will go into effect two years after a Final Rule is published:

HIPAA Rule Pending Expected Final Rule Publication Date
Security August 2002
Unique Health Care Provider Identifier August 2002
Unique Health Plan Identifier August 2002
Standards for Claims Attachments August 2002
Standard for Electronic Signature Unknown (Awaiting recommendations from the NCVHS)
Standard Transaction for First Report of Injury Unknown (Proposed rule expected in 2002)
Unique Individual Identifier Delayed indefinitely
9. Are office policy manuals required under the HIPAA regulations?

Yes, you will need to develop written HIPAA office policies or manuals. In addition, an individual in your office will need to be assigned the title of Privacy Officer and Compliance Officer. This individual does not have to be specially trained or certified. The assigned party must be knowledgeable in office policies, state and federal regulations including HIPAA regulations. This party must also be responsible for training and updating staff members on new regulations and amended regulations, as well as enforcement of office privacy policies.

Please continue to visit our website for updates to this page. You may enter your email information below to enroll in our question of the week emailer. Each week we will email a Q & A you and your staff may have interest in. 

Would you like to submit a question to our Q&A staff.  Answers to your questions will be sent to you via email and may be posted on our website. 

Please send your response via email

Enroll me in the Question of the Week email program 

Send literature on company services

Have a salesperson contact me

 

Name

Title

Company

Address

Email

Phone

Fax

Question