HIPAA Readiness Disclosure Statement

Similar documents
HIPAA Electronic Transactions & Code Sets

HIPAA Transactions: Requirements, Opportunities and Operational Challenges HIPAA SUMMIT WEST

Implementing and Enforcing the HIPAA Transactions and Code Sets. 6 th Annual National Congress on Health Care Compliance February 6, 2003

HIPAA Administrative Simplification Provisions

HIPAA Glossary of Terms

Update: Electronic Transactions, HIPAA, and Medicare Reimbursement

What Regulatory Requirements are Responsible for the Transactions Standards?

HIPAA HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT

HIPAA HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT

INTERMEDIATE ADMINISTRATIVE SIMPLIFICATION CENTERS FOR MEDICARE & MEDICAID SERVICES. Online Guide to: ADMINISTRATIVE SIMPLIFICATION

Glossary of Terms. Account Number/Client Code. Adjudication ANSI. Assignment of Benefits

Texas Children s Health Plan. HIPAA 5010 Compliancy Plan STAR & CHIP. January 4, Version 1.1

Geisinger Health Plan

Chapter 19 Section 2. Health Insurance Portability And Accountability Act (HIPAA) Standards For Electronic Transactions

The benefits of electronic claims submission improve practice efficiencies

COVERED ENTITY CHARTS

HIPAA Definitions.

DEPARTMENT OF HEALTH AND HUMAN SERVICES. Administrative Simplification: Adoption of a Standard for a Unique Health Plan

HTKT.book Page 1 Monday, July 13, :59 PM HIPAA Tool Kit 2017

REPORT 8 OF THE COUNCIL ON MEDICAL SERVICE (I-11) Administrative Simplification in the Physician Practice (Reference Committee J) EXECUTIVE SUMMARY

1 Security 101 for Covered Entities

PART 160_GENERAL ADMINISTRATIVE REQUIREMENTS--Table of Contents. Except as otherwise provided, the following definitions apply to this subchapter:

Interim 837 Changes Issue Brief

Privacy Policy Training

COVERED TRANSACTION means a Transaction for which the Secretary has adopted a standard under HIPAA.

Cutting the Cost of HIPAA Compliance and Realizing the Benefits

CLAIMS Section 6. Provider Service Center. Timely Claim Submission. Clean Claim. Prompt Payment

Oregon Companion Guide

Overview of HIPAA and Administrative Simplification

Standard Companion Guide Transaction Information. Instructions related to Transactions based on ASC X12 Implementation Guides, Version

Debbi Meisner, VP Regulatory Strategy

HIPAA Redux 2013 Kim Cavitt, AuD Audiology Resources, Inc. Expert e-seminar 4/29/2013. HIPAA Redux Presented by: Kim Cavitt, AuD

RULES OF DEPARTMENT OF COMMERCE AND INSURANCE DIVISION OF INSURANCE AND DIVISION OF TENNCARE

ARIZONA HEALTH CARE COST CONTAINMENT SYSTEM (AHCCCS) Companion Document and Transaction Specifications for HIPAA 837 Claim Transactions

Occidental Petroleum Corporation

NPI Utilization in Healthcare EFT Transactions March 5, 2012

NACHA Operating Rules Update: Healthcare Payments

Understanding the Administrative Simplification Provisions of the PPACA

Putting the Standards to work

837I Health Care Claim Companion Guide

5010: Frequently Asked Questions

TRANSACTION STANDARD TRADING PARTNER AGREEMENT/ADDENDUM

P R O V I D E R B U L L E T I N B T J U N E 1,

Minnesota Department of Health (MDH) Rule

Claim Submission. Molina Healthcare of Florida Inc. Marketplace Provider Manual

Effective June 3rd, 2019, Virginia Premier will reject paper claims submitted with incomplete information for required fields.

Moda Health Reimbursement Policy Overview

Subject: Indiana Health Coverage Programs (IHCP) Transition to the National Council for Prescription Drug Programs (NCPDP) Version 5.

HIPAA 5010 Frequently Asked Questions

Chapter 7 General Billing Rules

BCBSKS Prepares for HIPAA Implementation. February 20, 2003 S-03-03

REPORT OF THE COUNCIL ON MEDICAL SERVICE

837P Health Care Claim Companion Guide

Administrative Simplification

NCVHS. May 15, Dear Madam Secretary,

California Division of Workers Compensation Medical Billing and Payment Guide. Version

Standards and Operating Rules for Electronic Funds Transfer and Claims Payment/Remittance Advice. 2010, Data Interchange Standards Association

Copyright Red Raven Productions. Designation X12 Founded in 1979 August of 2000 Transaction Standards

Table of Contents. 1.0 Description of the Procedure, Product, or Service Definitions... 1

Billing and Payment. To register, call UHC-FAST ( ) or your local Evercare provider representative.

"HIPAA RULES AND COMPLIANCE"

SDM Health Insurance Portability and Accountability Act (HIPAA) Terms and Conditions For Business Associates

RECITALS. WHEREAS, this Amendment incorporates the various amendments, technical and conforming changes to HIPAA implemented by the Final Rule; and

Phase III CORE 360 Uniform Use of Claim Adjustment Reason Codes and Remittance Advice Remark Codes (835) Rule version 3.0.

Phase III CORE 380 EFT Enrollment Data Rule version September 2014

Let s get started with the module HIPAA and Data Sharing.

5010 Upcoming Changes: Response Transaction. Based on Version 5, Release 1 ASC X12N X212

835 Health Care Claim Payment/ Advice Companion Guide

emedny New York State Department of Health Office of Health Insurance Programs Pended Claims Report:

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Pharmacy Benefit: Implications for Health Plans, PBMs, and Providers

Sexually Transmitted Disease Treatment Clinical Coverage Policy No: 1D-2 Provided in Health Departments Amended Date: October 1, 2015

MEDICAID WYOMING PRE-ENROLLMENT INSTRUCTIONS 77046

837 Institutional Health Care Claim. Section 1 837I Institutional Health Care Claim: Basic Instructions

Covered Entity Guidance

CMIS. Insurance Specialist (CMIS) Certified Medical CMIS. Understand payer models and rules for accurate claim filing and reimbursement.

Do You Want To Know A Secret? HIPAA s Medical Privacy Regulations

Adult Preventive Medicine Clinical Coverage Policy No.: 1A-2 Annual Health Assessment Amended Date: October 1, 2015.

Cigna ICD-10 Readiness. Click to edit Master title style

HIPAA, 42 CFR PART 2, AND MEDICAID COMPLIANCE STANDARDS POLICIES AND PROCEDURES. Policy Name: HIPAA SIMPLIFICATION DEFINITIONS Policy Number: 5.

Phase III CORE EFT & ERA Operating Rules Approved June 2012

837 Institutional Health Care Claim. Section 1 837I Institutional Health Care Claim: Basic Instructions

WEDI SNIP Claredi EDI Edit Description Claim Type 837P 837I. 1 H10006 Value is too long X X

General Ophthalmological Services Clinical Coverage Policy No: 1T-1 Amended Date: October 1, Table of Contents

HIPAA Security How secure and compliant are you from this 5 letter word?

HIPAA 837I (Institutional) Companion Guide

Electronic Data Interchange. Trading Partner Agreement

STRIDE sm (HMO) MEDICARE ADVANTAGE Claims

HIPAA UPDATE EVERYTHING BUT PRIVACY. Edward F. Shay, Esquire 1

Plan Document: Appendix B

Legislative Update HIPAA/HITECH

The Alignment of Financial Services and Healthcare:

Administrative Guide

DELHAIZE AMERICA PHARMACIES AND WELFARE BENEFIT PLAN HIPAA SECURITY POLICY (9/1/2016 VERSION)

KY Medicaid. 837I Companion Guide. Cabinet for Health and Family Services Department for Medicaid Services. March 28, 2017 KY MEDICAID COMPANION GUIDE

State of Vermont Agency of Human Services, acting by and through its Department of Vermont Health Access, & DXC Technology

Terms used, but not otherwise defined, in this Addendum shall have the same meaning as those terms in 45 CFR and

Refers to the Technical Reports Type 3 Based on ASC X12 version X279A1

Eligibility and Claim Status Operating Rules and HPID (Health Plan ID)

TRICARE Operations Manual M, April 1, 2015 Claims Processing Procedures. Chapter 8 Section 6

CHAPTER 33 HIPAA PRIVACY REGULATIONS

Transcription:

HIPAA Readiness Disclosure Statement Blue Cross of California and its affiliates have been diligently following the evolution of the Administrative Simplification provisions of the Health Insurance Portability and Accountability Act (HIPAA) since its inception in 1996. Our goal is to ensure our systems, supporting business processes, policies, and procedures can successfully meet the implementation standards and deadlines mandated by the United States Department of Health and Human Services (DHHS). To achieve this goal, we have accomplished the following: Formed an Executive HIPAA Steering Committee Established a HIPAA Program Management Office Completed an impact assessment on business processes and systems Developed and implemented HIPAA Education and Awareness programs Identified specific remediation projects necessary to mitigate actual or potential exposures Assessed the impact the HIPAA requirements may have on our products and services Evaluated business processes and best practices to realize the benefits of Administrative Simplification What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was signed into Federal Law on August 21, 1996 to improve the efficiency of health care delivery. HIPAA mandates standards for Electronic Data Interchange (EDI) transactions and code sets. It establishes uniform health care identifiers for providers, health plans, and employers. Compliance with HIPAA requires the use of ANSI ASC X12N (Version 4010A) transaction standards and implementation guides. It also addresses privacy and security. The final rules for transactions and code sets were published in the Federal Register on August 17, 2000 and the compliance date is October 16, 2002. However, President Bush signed a bill on December 27, 2001 (HR 3323) enabling covered entities to delay compliance with the transactions and codes sets rule by one year until October 16, 2003. To qualify for the extension, covered entities must have submitted a compliance plan to the Secretary of the Department of Health and Human Services by October 15, 2002. Blue Cross of California and its affiliates that are covered entities filed for the extension and met the compliance date of October 16, 2003 for all of the mandated transactions. The final rule for Privacy Standards was published in the Federal Register on December 28, 2000 and modified on August 14, 2002. The compliance date was April 14, 2003. This date was not affected by the extension granted for the final rules for transactions and code sets. In compliance with the rules and regulations for HIPAA Privacy, Blue Cross of California and its affiliates completed HIPAA Privacy remediation by the required date of April 14, 2003. The final rule for Security Standards was published in the Federal Register on February 20, 2003. The compliance date is April 21, 2005. Blue Cross of California and its affiliates are reviewing the rules and regulations for Security and are evaluating the proper processes that need to be in place for compliance. Covered entities that do not comply with HIPAA rules by the applicable dates will be subject to penalties, which are defined under the Enforcement Regulations. The Department of Health and Human Services published an interim final enforcement rule applicable to all HIPAA Administrative Simplification rules in the Federal Register on April 17, 2003. 1 01/28/2004

HIPAA Applicability Under the terms of HIPAA, the rules and regulations apply to covered entities defined to include health plans, health care clearinghouses, and health care providers who transmit any health information in any electronic form in connection with transactions covered under HIPAA, and who receive, maintain, or disclose individually identifiable health information in any form or medium. All covered entities must comply with the standards adopted by HIPAA by the applicable compliance dates. If a provider chooses to conduct a standard electronic transaction with a health plan, the health plan may not refuse to conduct, or delay such transactions. The modes of electronic transmission covered under HIPAA include the Internet, extranets, leased lines, dial-up lines, private networks, and those transmissions that are physically moved from one location to another using magnetic tape, disk, or compact disk media. HIPAA Privacy and Security Privacy o Compliance Required April 14, 2003 o Standards describe who should have access to patient information and circumstances for which patient authorization is required o Health Plans may use or disclose health information that is reasonably necessary for treatment, payment and health care operations o Most other purposes require patient authorization Patients are granted the right to: o Obtain, inspect and correct or amend their health information o Know how their health information is disclosed or used for purposes other than treatment, payment or health care operations, and that they have not specifically authorized o Request that the organization restrict their use or disclosure of protected health information, or communicate with the individual at a different address if disclosure of the information to others could endanger them o Receive notice about an organization s information handling and disclosure practices Security o Compliance Required April 21, 2005 Four categories required to guard data integrity and availability: o Administrative procedures: documented and formal practices to manage the selection and execution of security measures o Physical safeguards: protection of physical computers and equipment, locks, keys and administrative measures to control access to computer systems o Technical security services: processes that are put in place to protect, control and monitor information access o Technical security mechanisms: processes that are put in place to prevent unauthorized access to data that is transmitted over a communications network 2 01/28/2004

HIPAA Transaction Standards o Compliance Required October 16, 2003 for organizations that filed a compliance plan The transactions that are required to use the HIPAA standards under this regulation are: Transaction Name ASC X12 Transaction NCPDP Transaction Health Claims and Equivalent Encounter Information 837 NCPDP 5.1/Batch 1.1 Enrollment and Disenrollment in a Health Plan 834 Eligibility Inquiry/Response for a Health Plan 270/271 NCPDP 5.1/Batch 1.1 Health Care Payment/Remittance Advice (EFT/ERA) 835 Health Plan Premium Payments 820 Health Claim Status 276/277 Referral Certification and Authorization 278 NCPDP 5.1 Coordination of Benefits 837 NCPDP 5.1/Batch 1.1 *Electronic Attachments 275/HL7/LOINC * Final Rules Pending HIPAA Code Sets Under HIPAA, a code set is any set of codes used for encoding data elements, such as tables of terms, medical concepts, medical diagnosis codes, or medical procedure codes. Code sets for medical data are required for data elements in the administrative and financial health care transaction standards adopted under HIPAA for diagnoses, procedures, and drugs. The following code sets have been adopted as the standard medical data code sets: The combination of Health Care Financing Administration Common Procedure Coding System (HCPCS), as updated and distributed by the DHHS and Current Procedural Terminology, Fourth Edition (CPT-4), as updated and distributed by the American Medical Association for physician services and other health related services. International Classification of Diseases, 9 th Edition, Clinical Modification (ICD-9-CM), Volumes 1 and 2 (including the Official ICD-9-CM Guidelines for Coding and Reporting), as updated and distributed by the DHHS. International Classification of Diseases, 9 th Edition, Clinical Modification (ICD-9-CM), Volume 3 Procedures (including the Official ICD-9-CM Guidelines for Coding and Reporting), as updated and distributed by the DHHS. Drug and Biologic Codes-National Drug Codes (NDC) are the standard medical data code sets for drugs and biologics for retail pharmacy transactions. There are no identified standard medical code sets in place for non-retail pharmacy transactions. Dental Procedures and Nomenclature, as updated and distributed by the American Dental Association, for dental services. 3 01/28/2004

HIPAA Identifiers Following are the HIPAA identifiers: Employer Identification Number (EIN): The nine-digit Tax Identification Number assigned by the IRS - Compliance is required July 30, 2004 National Provider Identifier (NPI): A ten-position numeric identifier for all health care providers - Compliance is required May 23, 2007 Health Plan Identifier (PAYERID): not yet announced but likely to be a ten-digit number assigned to all health plans for the routing of electronic transactions* * Final Rules Pending Blue Cross of California Industry Involvement Blue Cross of California and its affiliated companies have been involved in HIPAA and have worked extensively with the following organizations: WEDI (Workgroup for Electronic Data Interchange) * WEDI SNIP (WEDI s Strategic National Implementation Process) EHNAC (Electronic Healthcare Network Accreditation Commission) ANSI (American National Standards Institute) ICE (Industry Collaboration Effort) Co-Chair NCPDP (National Council of Prescription Drug Programs) * Blue Cross of California holds Board positions How to Prepare for HIPAA Steps Towards Compliance: - Understanding of how HIPAA applies to your organization o Basic understanding of HIPAA o Assess if transactions and code sets comply to HIPAA requirements o Privacy and Security o Required training for staff -Vendor and/or clearinghouse selection for electronic transactions -Coordinating implementation with payers and/or clearinghouses -Keeping abreast of new rules and regulations, and changes in the existing rules and regulations 4 01/28/2004

Education Opportunities: - Industry Participation - Association participation - Provider tool kits - HIPAA workshops - Web site information There is a wealth of information being published to keep the health care community informed of what is happening on the HIPAA front. The following helpful HIPAA Web sites are available for assistance with HIPAA implementation: Public Resources: -ASC X12N Version 4010A Transaction Implementation Guides: http://www.wpc-edi.com/hipaa -Text Of Administrative Simplification Law And Regulations: http://aspe.os.dhhs.gov/admnsimp -Centers For Medicare and MediCaid Services: http://www.cms.gov -National Uniform Claims Committee: http://www.nucc.org -National Council Of Prescription Drug Programs: http://www.ncpdp.org -National Council on Vital and Health Statistics: http://aspe.os.dhhs.gov/admnsimp -HIPAA Strategy and Project Plan: http://www.hipaainfo.net - See Articles Section -WEDI Strategic National Implementation Process: http://snip.wedi.org HIPAA Privacy: -Office of Civil Rights: http://www.hhs.gov/ocr/hipaa/ -Boundary Information Group: http://www.hipaainfo.net -HIPAA Alert: http://www.hipaadvisory.com -Medical Group Management Association (MGMA): http://www.mgma.com Tools For Organizations: -HIPAA Tool Kit For Small Group & Safety Net Providers/ Implementing the Federal Health Privacy Rule in California: http://www.chcf.org -HIPAAdocs Corporation: http://www.hipaadocs.com -WEDI SNIP White Paper-Small Practice Implementation: http://snip.wedi.org -Early View-Tool for HIPAA Self Assessments: http://nchica.org -ICE HIPAA Provider Guidance Document: http://www.iceforhealth.org/library HIPAA Training: -FYI-Net.com Education: http://www.fyi-hipaa.com -CMS: http://www.eventstreams.com/cms/tm_001/database/register.asp - http://www.hipaaaudioconferences.com - http://www.hipaasummit.com - http://www. HIPAAColloquium.com - http://www.trainforhipaa.com - http://www.hcmarketplace.com 5 01/28/2004

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback