LightHouse HEALTHCARE POLICY MANUAL

Similar documents
Last Approval Date: April 2017

HIPAA Policy Minimum Necessary Use December 1, 2015

HIPAA HITECH POLICY OVERVIEW OF THE HIPAA HITECH ACT OF Effective March 1, 2010

AccessCUBICIN Enrollment Form

This form is to be used in conjunction with the Application for IRB Review

The Merck Access Program ENROLLMENT FORM

Trinity Family Physicians

PLEASE CHECK ALL BOXES THAT APPLY AND COMPLETE THE APPROPRIATE SECTION(S) OF THE FORM

PLEASE CHECK ALL BOXES THAT APPLY AND COMPLETE THE APPROPRIATE SECTION(S) OF THE FORM

HILLSBOROUGH COUNTY HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) PROCEDURES

STANDARDS FOR PRIVACY OF INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION [45 CFR Parts 160 and 164]

PLEASE CHECK ALL BOXES THAT APPLY AND COMPLETE THE APPROPRIATE SECTION(S) OF THE FORM. Patient name: _Date of birth: Sex: M F

THE CITY AND COUNTY OF SAN FRANCISCO SECTION 125 CAFETERIA PLAN HIPAA PRIVACY POLICIES & PROCEDURES

HIPAA PRIVACY RULE: WHEN TO OBTAIN AUTHORIZATIONS TO USE AND DISCLOSE PROTECTED HEALTH INFORMATION

PRO SPORTS THERAPY, INC. (P.S.T.)

Ann Silvia, BS, CPC, CPB, CPC-I, CPMA, CPPM, CANPC, CEMC, CFPC

NEUROLOGICAL INSTITUTE OF MICHIGAN PATIENT INFORMATION FORM

Effective Billing and Collections. Copyright 2017 State Volunteer Mutual Insurance Company

The Merck Access Program ENROLLMENT FORM

Procedure Access Program

Limited Data Set Data Use Agreement For Research

NESNIP PRIVACY WORKGROUP

Modifiers GA, GX, GY, and GZ

PATIENT REGISTRATION FORM

CONTRACT YEAR 2018 MEDICARE ADVANTAGE PRIVATE FEE-FOR-SERVICE PLAN MODEL TERMS AND CONDITIONS OF PAYMENT

Medicare Advantage Private Fee-for-service Plan Model Terms and Conditions of Payment

State Data Requests Memo Introduction Defining research

Colorado All Payer Claims Database Privacy, Security and Data Release Fact Guide

Patient Name: Last First Middle Address: Marital Status: (circle one) Single Married Divorced Widowed Other Gender: Female Male

HIPAA PRIVACY MONITORING REQUIREMENTS

PLEASE CHECK ALL BOXES THAT APPLY AND COMPLETE THE APPROPRIATE SECTION(S) OF THE FORM. Patient name: Date of birth: Sex: M F

Sponsored by: Approved instructor

SUBJECT: Disclosure and accounting of protected health information (PHI).

Building Clinical Trial Revenue Integrity Compliance Through Auditing and Understanding Payer Requirements

HIV Contracting for Public Health Departments

HIPAA PRIVACY POLICY AND PROCEDURES FOR PROTECTED HEALTH INFORMATION THE APPLICABLE WELFARE BENEFITS PLANS OF MICHIGAN CATHOLIC CONFERENCE

Medicare Claims/Liens and Medicare Set-Asides: What do they mean to your practice? Brett Newman

SUMMARY OF PRIVACY PRACTICES

Ethel Owen - Administrator Arthritis & Rheumatology Associates of Palm Beach, Inc. West Palm Beach, FL

SDM Health Insurance Portability and Accountability Act (HIPAA) Terms and Conditions For Business Associates

ALABAMA MEDICAID AGENCY ADMINISTRATIVE CODE CHAPTER 560-X-20 THIRD PARTY TABLE OF CONTENTS

Dear Patient, Now that you are 18 years old we need a signed copy from you on file. Attached is a copy of the HIPAA form.

Key Terms: Pre-payment Review: Review of claims prior to payment. A pre-payment review results in an initial determination.

DIABETES & ENDOCRINE CENTER OF ORLANDO, P.A. WELCOME LETTER 3113 LAWTON ROAD, SUITE 100 ORLANDO, FL

FLORIDA MEDICAL CLINIC, P.A. Your Life, Our Specialty

Health Insurance Portability and Accountability Act (HIPAA) Terms and Conditions For Business Associates

HIPAA Administrative Simplification Provisions

Central Florida Regional Transportation Authority Table of Contents A. Introduction...1 B. Plan s General Policies...4

CMS Provider Payment Dispute Resolution Mechanism

THE MEDICATIONS THAT THE BMS3ASSIST PROGRAM HELPS WITH ARE:

SENATE BILL 954. J1, C3 2lr3110 CF 2lr3058 By: Senator Middleton Introduced and read first time: February 13, 2012 Assigned to: Rules A BILL ENTITLED

HEALTH INFORMATION PRIVACY POLICIES & PROCEDURES

Health Care Fraud for Physicians

Connecticut Asthma & Allergy Center LLC Registration Form

Permitted Disclosures Under GLB & HIPAA

The benefits of electronic claims submission improve practice efficiencies

TITLE: Appropriate Use and Disclosure

NOTICE OF PRIVACY PRACTICES

Benchmarking the Revenue Cycle Top 10 Revenue Cycle Best Practice Solutions

NOTICE OF AVAILABILITY OF HIPAA PRIVACY NOTICE. If you have any questions on this Notice, please contact Human Resources.

Policy: Financial Assistance Policy

The Merck Access Program ENROLLMENT FORM

HIPAA Insurance Portability Act HIPAA. HIPAA Privacy Rule - Education Module for Institutional Review Boards

Payment Policy: Clinical Validation of Modifer 25 Reference Number: CC.PP.013 Product Types: ALL

ADMINISTRATIVE POLICY & PROCEDURE

Advantage Physical Therapy Patient Registration

ADDENDUM TO PARTICIPATING PHYSICIAN, PHYSICIAN GROUP AND PHYSICIAN ORGANIZATION CONTRACT

Payment Policy: New Patient Reference Number: CC.PP.036 Product Types: ALL

WellCare of Iowa, Inc.

COLLECTION SERVICES AND BUSINESS ASSOCIATE AGREEMENT

ICD-10. ProviderNews2015. coded prior authorizations. Did you know you also have NEW JERSEY

HIPAA Policy 5032 Statement of Policy on Use and Disclosure of Protected Health Information for Research Purposes

NeedyMeds

Would you like to receive s with special offers from Carolina Vein Center? yes no

CLINICAL RESOURCE GROUP, INC. CHIROPRACTIC ADMINISTRATIVE MANUAL

TO GET STARTED, COMPLETE THE ENROLLMENT FORM AND FAX IT TO Patient Benefit Investigation...Complete Section 1

FAST BREAK : HEALTHCARE BLOCKCHAIN Jonelle Saunders and Jake Harper March 28, Morgan, Lewis & Bockius LLP

ADVANTAGE PROGRAM WAIVER SERVICES PROVIDER

Summary of HIPAA Privacy Rule

COLUMBIA UNIVERSITY INSTITUTIONAL REVIEW BOARD POLICY ON THE PRIVACY RULE AND THE USE OF HEALTH INFORMATION IN RESEARCH

Agreement of Financial Responsibility & Assignment of Benefits and Release of Information

CMIS. Insurance Specialist (CMIS) Certified Medical CMIS. Understand payer models and rules for accurate claim filing and reimbursement.

Compensation Paid by Healthcare Providers

CHAPTER 4 SECTION 4 SPECIFIC DOUBLE COVERAGE ACTIONS TRICARE REIMBURSEMENT MANUAL M, AUGUST 1, 2002 DOUBLE COVERAGE

PATIENT APPLICATION FORM

Disclaimer LEGAL ISSUES IN PHYSICAL THERAPY

Notice of Privacy Practices

6/14/2012. Introduction Presentation: Betsy Nicoletti, M.S., CPC Kareo Special Offer: Tadd Dombart, Account Executive, Kareo Questions

APPLICATION FOR ASSISTANCE

Best Practices for Ensuring Patient Access to Care: Appeals and Authorizations KELLI BACK, ATTORNEY AND APMA CONSULTANT

NeedyMeds

CHAPTER 33 HIPAA PRIVACY REGULATIONS

POLICY STATEMENT: DEFINITIONS:

104 Delaware Health Care Claims Database Data Access Regulation

Project Number Application D-2 Page 1 of 8

Use Amgen Assist for help with:

Array ACTS Enrollment Instructions

CLAIMS SETTLEMENT PRACTICES & DISPUTE RESOLUTION MECHANISM

Today s Date (mm/dd/yyyy):

Patient Guide to Billing and Insurance

Transcription:

Page 1 of 7 HIPAA Policy No. 4A Minimum Necessary/Need to Know Policy and Procedure Policy: 4.1 Uses and Disclosures restricted to minimum necessary information Except for uses and disclosures related to treatment of the patient (and other exceptions discussed below in paragraph 4.4), the provider must make reasonable efforts to limit the amount of patient information used within the organization or disclosed to others to that which is minimally necessary to accomplish the intended purpose of the use or disclosure. 4.2 Uses Within the Organization For uses of information within the organization, the provider must identify all employees by category who need access to protected health information and identify the type of protected health information to which each category of employee needs access. Employees who are involved in treatment of the individual will be given access to the entire medical record (subject to an understanding that access is on a need to know basis). Access to patient information by non-treatment providers will be determined based upon the following grid: Role (type of employee) Patient Name, Demographics, Scheduling information Receptionists x x Billing/financial and insurance information Laboratory Tests/Results Billing personnel x x x Office manager x x x x Front office staff x x x x Finance x x Medical Notes (e.g. physician notes, nurses notes) Training x Case by case Case by case Case by case

Page 2 of 7 4.3 Uses and Disclosures to Third Parties For requests that the provider receives on a routine or recurring basis, see additional specific policies (4B and 4C). Requests that do not occur on a routine basis must be reviewed individually to determine the minimum amount of information that must be disclosed to achieve the stated purpose of the disclosure, based upon the following criteria: Determine whether the requestor was specific about the type of information that is needed (e.g., demographics, financial/billing, physician notes, laboratory results). If the requestor was not specific, ask the requestor specifically what information is needed and why. If the requestor requests the entire medical record, ask the requestor to justify why the entire medical record is needed. Employees should not disclose an entire medical record until satisfactory justification is provided by the requestor. Determine whether the requestor a person who can be relied upon (as set forth in paragraph 4.5 below). If the requestor is a person whose representations can be relied upon, then the employee may disclose the requested information. If the requestor is not a person whose representations can be relied upon, and the employee has any question regarding the appropriateness of the scope of the request, the employee should ask the Privacy Officer for approval to disclose the information. 4.4 Exceptions to minimum necessary requirements The minimum necessary restriction does not apply under the following circumstances: When the disclosure is made to a provider for the purpose of treatment When the patient requests his or her own information When the patient signs an authorization for the disclosure When a disclosure is made because it is required by law, including those disclosures required by the HIPAA regulations (See HIPAA Policy No. 3B). 4.5 Requestors who can be relied upon to determine minimum necessary information When making a permissible disclosure to a public official the provider may rely on the public official s representations regarding the amount of information needed. When making a disclosure to another covered entity (e.g. a provider, health plan or clearinghouse) the provider may rely on the requestor s representations regarding the amount of information needed. The provider may rely upon the professional judgment of a business associate to determine what information is needed for the performance of professional services (for example, an accountant or attorney).

Page 3 of 7 4.6 Verification of Requestor Employees will verify the identity of a requestor if the employee does not know the requestor. 4.7 Application of the minimum necessary rule where provider is the requestor HIPAA requires the provider to restrict requests for information to the minimum necessary to achieve the intended purpose of the requested disclosure. Requests for protected health information should be made subject to the following criteria: Requests should be as specific as possible with respect to the amount of information needed. Requests should not be for entire medical records unless absolutely necessary. If the information is being requested for treatment purposes, the entire medical record may be requested. Employees should be prepared to provide justification for the scope of the request. Procedure: 1. Non-treatment providers should review the above grid regarding levels of access, set forth in paragraph 4.2. All employees will sign a security/need to know agreement (HIPAA Toolkit Form L), agreeing that they will not use information other than that which is necessary to perform their job function. If employees believe that they have a need to access additional information, they should contact the Privacy Officer. 2. When an employee receives a request for information, he or she should first determine whether this is a routine request that has its own specific policy (for example, Policies 4B and 4C). If so, the employee should refer to the specific policy. 3. If the request for information is not routine, the employee should use the criteria set forth in paragraph 4.3 to determine whether the disclosure should be made as requested. 4. If the identity of the requestor is not known, the employee should verify the identity. 5. If an employee makes a request for information from another covered entity, the request should be specific and limited in scope consistent with the criteria set forth in paragraph 4.7. Authorities: 45 CFR 164.502(b) 45 CFR 164.514(d) 45 CFR 164.514(h)

Page 4 of 7 HIPAA Policy No. 4B Minimum Necessary/Need to Know Policy and Procedure Disclosures to Health Plans Policy: 4.1 Disclosures Specifically Required by Health Plans Information may be provided to third party payers (e.g., Medicare, Medicaid, and commercial insurers) as required by contracts and/or subscriber agreements with the payer. The provider can rely upon a health plan s representations regarding the information that is needed for a claim, including representations that are contained in a policy, a provider agreement, or in a health plan newsletter or bulletin. For example, to the extent that the health plan makes representations that the information is necessary, the following information may be provided as part of a claim to a health plan: Date(s) of service Patient demographic information Information regarding the patient s insurance contract number, plan number, group number, etc. Diagnosis and/or procedure codes Information regarding medical history Referral or pre-certification information Other information requested by the health plan 4.2 Unspecific Requests by Health Plan There may be situations when a provider must make a disclosure of protected health information that has not been specifically requested by the third party payer. For example, the provider may need to determine what information should be submitted to support a claim or defend an audit. In these situations, the provider must determine what information is minimally necessary to achieve the results for which the information is being requested. Information beyond that which is minimally necessary should not be disclosed. For example, if a particular date of service is being questioned, it may be necessary to submit excerpts from the date of service in question, as well as information from previous or subsequent visits that support medical necessity, plan of care, etc. Although the entire medical record should not be routinely submitted, it may be where necessary.

Page 5 of 7 Procedure: 1. For the purposes of claims submission, information required or requested by the health plan should be submitted. 2. Employees can rely upon representations from health plans regarding the information that is required. 3. If the provider needs to submit additional information, employees should determine what information is necessary to support the service in question. 4. If an employee has a question as to the amount of information that should be provided for a certain disclosure, he or she should consult with the Privacy Officer.

Page 6 of 7 HIPAA Policy No. 4C Minimum Necessary/Need to Know Policy and Procedure Disclosures to Billing Companies Policy: 4.1 Disclosures to Billing Company The billing company is a business associate of the provider and is performing professional services on behalf of the provider. To the extent that the billing company represents that the requested PHI is necessary to perform these professional services, the provider may rely upon these representations. For example, some of the information that may be routinely provided to the billing company, based upon representations that this information is necessary to perform the professional services includes: Date(s) of service Patient demographic information Information regarding the patient s insurance contract number, plan number, group number, etc. Diagnosis and/or procedure codes Information regarding medical history Referral or pre-certification information Other information necessary to submit a claim on behalf of the provider 4.3 Requests for additional supporting information Besides submitting claims on behalf of the provider, there may be situations where the billing company assists the provider in providing justification for services or appealing denied claims. For example, the billing company may assist the provider in determining what information should be submitted to support a claim or defend an audit. In these situations, the provider may rely upon the billing company s representations regarding what information is necessary to support the claim. However, the provider should work with the billing company to determine the minimum amount of information that needs to be submitted to the billing company and, ultimately, to the insurance company. Information beyond that which is minimally necessary should not be disclosed. For example, the provider should not routinely provide the billing company with access to entire medical records, but may do so where it is necessary. The protocols discussed in policy 4B should be shared with and followed by the billing company.

Page 7 of 7 Procedure: 5. For the purposes of claims submission, the provider should only provide that information that is needed based upon the billing company s representations. 6. Employees can rely upon representations from the billing company with respect to the information that is required for the billing company to perform its services. 7. The billing company should be given a copy of the protocols set forth in Policy 4B to follow when submitting information to health plans on behalf of the provider. 8. If an employee has a question as to the amount of information that should be provided to the billing company, he or she should consult with the Privacy Officer.

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback