Privacy Updates For The Alternative Practice


by JStacy - Date: 2009-11-19 - Word Count: 603 Share This!

Just when we thought the hullabaloo over the Health Insurance Portability and Accountability Act (HIPAA) had calmed down and we all figured out what we needed to do in order to comply, along comes the Health Information Technology and Clinical Health Act (HITECH), which is part of the American Recovery and Reinvestment Act of 2009 (the "Stimulus Act") signed into effect by President Obama on February 17, 2009. HITECH will make significant changes to HIPAA in five key areas, all of which will affect the alternative practice to some extent.

The first change will come in the form of business associates now being held accountable for protection of protected health information (PHI) by adhering to the business associate agreement into which they have entered, as well as to comply with the security rules related to administrative, physical and technical safeguards. What this means to your practice is that you need to ensure that your business associates understand their role, and further understand that there are now civil and criminal penalties that can be imposed against business associates for their failure to comply. Your business associates are any vendors or outside consultants that have access to your patients' PHI.

HITECH puts forth a requirement that you notify your patients in the event that their PHI has been inadvertently disclosed as the result of being unsecured. The interim final regulations regarding the security breach provisions of HITECH that became effective on September 23, 2009 (although they will not be fully enforced before February 22, 2010), set out that providers will need to determine a "harm threshold" for each disclosure of PHI in order to determine whether or not a notification to the affected party is necessary. The best protection against having to make such a notification to your patients is to ensure that your automated systems come with protections against such disclosures built right in, and that your medical billing software and medical office software was developed by people who consider these requirements and keep up with the changes in the law.

The section of HITECH that grants patients some additional rights under HIPAA states that providers may not share information with a patient's insurance carrier, if the patient pays the full cost of the rendered service and makes such a request. Providers were not previously obligated to honor such a request. Additionally, a provider will be responsible to provide the patient with an accounting of all disclosures made electronically of that patient's PHI for the past three years, although this requirement will change depending on when a practice implements an electronic medical record system. For instance, if your practice purchased an electronic medical record system on or before January 1, 2009, then this provision of HITECH will become effective January 1, 2014, but if you purchased your EMR system after January 1, 2009, this provision will kick in on January 1, 2011, or the date that you buy your system, whichever is later. Finally, on February 17, 2010, those providers maintaining electronic records will be required to provide copies of those records to patients in electronic form.

The final key point of HITECH deals with how covered entities and others can be penalized for not adhering to the regulations, and the penalties can be harsh. The best way to protect your practice from ever reaching the point of needing to know about such penalties is to ensure that you have medical scheduling software, medical billings programs, and/or medical office management software that comes with built-in safeguards such as role-based logins, and log files that create an audit trail of what information has been where.

Related Tags: electronic medical billing software, medical scheduling software, medical billings programs

Your Article Search Directory : Find in Articles

© The article above is copyrighted by it's author. You're allowed to distribute this work according to the Creative Commons Attribution-NoDerivs license.
 

Recent articles in this category:



Most viewed articles in this category: