Dealing with HIPAA changes in 2006

Apr 5, 2006

If you thought your Health Insurance Portability and Accountability Act (HIPAA) of 1996 worries were over, think again. Several U.S. government initiatives this year should keep compliance officers and radiology managers searching for more HIPAA enlightenment.

"Is it over yet? No, not by a long shot," said Patricia Kroken, principal of Albuquerque, NM-based consulting firm Healthcare Resource, during a presentation at the 2005 RSNA conference in Chicago.

Claims attachment standards, national provider identifiers (NPI), new security standards, vendor compliance concerns, and audit preparations represent a few of the HIPAA issues that radiologists will need to address, Kroken said.

Compliance with such rules could make a big difference in your bottom line, concurred Claudia Murray of Provider Practice Analysis, a Baldwin, MD-based healthcare consulting firm specializing in Medicare rules, regulations, and compliance.

"Fraud control equals HIPAA," Murray said during her RSNA talk.

With nearly $6 billion recovered in healthcare fraud since the late '90s, Murray said HIPAA and associated healthcare regulations helped spur "an entire industry of compliance and regulatory study (comprised) of healthcare lawyers and consulting firms."

HIPAA issues should be a priority for radiology administrators and all healthcare providers, echoed Michael Schaff, an attorney with the law firm Wilentz, Goldman, and Spitzer in Woodbridge, NJ. "Consider these issues in your practice."

HIPAA history

In the early 1990s, healthcare industry leaders brainstormed ideas to reduce healthcare costs. They found the essential answer in electronic systems.

With personal information speeding along the Internet, public concern for privacy and security of personal health data grew. However, for such an electronic health system to work, the healthcare industry needed new privacy and reporting standards across the board. In response to these concerns, Congress passed HIPAA in 1996.

"So, how did we get HIPAA? We asked for it. We wanted to move to electronic records. We wanted to improve the system," Kroken said.

Writing privacy rules fell to the U.S. Department of Health and Human Services (HHS). Staff training, the appointment of a privacy officer, and the establishment of formal safeguards became priorities under the HIPAA Privacy Rule. HHS required compliance from all agencies, providers, plans, and clearinghouses by April 2004.

Once organizations put these pieces in place, many believed they'd completed their HIPAA puzzle.

But as Kroken pointed out, HIPAA is a process -- it is not simply completed "so it can sit on a shelf somewhere."

New initiatives coupled with ongoing requirements means that "there's a lot for radiologists to be aware of," Kroken said.

Claims attachment standards

Formalizing electronic records processes for billing and basic patient information may seem like a no-brainer, but what happens when physicians attach labs, x-rays, or CT scans to documents and send them over the Internet?

The Federal Register published a proposal to standardize such electronic attachments last year. Comments on the proposal closed in November 2005.

The claims attachment rules work in tandem with the HIPAA Privacy Rule. They affect healthcare providers who electronically transmit information in connection with transactions normally covered by HIPAA.

The proposed standards include the use of certain transactions, messaging standards, and a new code set when electronically requesting additional information -- and when providing information in response to the request.

"These HIPAA provisions make processing claims and other healthcare transactions much more efficient and in the long run (will help) save millions of dollars," HHS Secretary Mike Leavitt said in a September 2005 press release.

Embracing the NPI change

Today, healthcare providers find themselves with different identifier codes assigned by different health plans -- and sometimes within the same health plan.

Throughout the healthcare industry, providers based their identification numbers on location and type of practice. In the world of instantaneous access to information, such encrypted detail potentially reveals a wealth of knowledge to nefarious users.

In addition, incorrect provider identifiers often lead to inaccurate payments and improper billing practices, costing the healthcare industry millions of dollars. As the sun sets on legacy identification numbers to classify physicians and practices, the dawn of NPIs rises.

NPIs are defined in Section 1173 of the HIPAA Administrative Simplification document, which calls for "a standard unique health identifier for each individual, employer, health plan, and healthcare provider for use in the healthcare system."

NPIs ensure that each provider owns one unique identifier for transactions with all health plans. Each provider must apply for a NPI number by visiting its Web site.

"This is one of those things where the government tells you it's going to be easy, relatively painless," Kroken said. "And this really is. Go do it."

If you have a new NPI, don't ditch your old legacy number yet. Providers and other organizations must update their legacy information systems, administrative processes, reference files, and forms to ensure continuity between old provider identifiers and the new NPIs.

Some systems will require major overhauls to accommodate the new standard. Health plans, clearinghouses, and software vendors may have to perform software conversions to meet the requirements.

Vendor compliance concerns

Radiology facilities must ensure compliance with HIPAA regulations as well as the HIPAA compliance of vendors with whom it contracts. "This can be a very cumbersome process," Schaff said.

For example, if a radiology facility contracts with a billing agency, that facility must have a business associate (BA) agreement with the billing agency. The BA agreement must require the billing agency to protect the radiology facility's patient health information by abiding by specific restrictions on the use and disclosure of such information.

The agreement must also require that any subcontractors of the billing agency agree to the same restrictions on the use and disclosure of patient health information to which the billing agency has agreed.

Generally, the radiology facility is not required to monitor or oversee how its business associates and its subcontractors protect the privacy of patient health information. However, if the radiology facility discovers a violation of the BA agreement, it must take reasonable steps to cure the breach.

Depending on the nature and scope of the breach, corrective action may require termination of the arrangement with the billing agency. Failure by the radiology facility to correct such breaches could subject it to severe penalties and litigation.

"You need to make sure all the parties are complying with their respective obligations to ensure that the patient health information is protected," Schaff said.

Security standards

Keeping health records secure -- electronic or paper -- remains a challenge for radiology professionals and industry leaders across the healthcare continuum.

Many administrators have expressed concern about proposals for an electronic signature standard.

Several forms of electronic signatures exist today, ranging from biometric devices to digital signature, according to the Federal Register. However, to satisfy the legal and time-tested characteristics of a written signature, an electronic signature must do the following:

  • Identify the signatory individual.
  • Ensure the integrity of a document's content.
  • Provide for nonrepudiation (i.e., strong and substantial evidence that will make it difficult for the signer to claim that the electronic representation is not valid).

Currently, only the digital signature meets those criteria.

HHS postponed final ruling on electronic signatures and additional details are pending. For more information regarding the pending security standards, visit the agency's Web site.

Audit preparations

Keeping up with HIPAA audits may seem like just another task, but Kroken says it's important to keep your HIPAA policies up-to-date and your staff trained about the HIPAA changes.

"Things creep around in an office. You want to make sure they are where they say they are," Kroken said.

By Melissa Varnavas
AuntMinnie.com contributing writer
April 6, 2006

This article originally appeared in the Radiology Administrator's Compliance & Reimbursement Insider, a monthly newsletter published by HC Pro that is designed specifically for radiology administrators. For a free trial subscription, please click here.

Related Reading

HIPAA enforcement Final Rule published, February 17, 2006

Hitting the ceiling over HIPAA-required walls, December 6, 2005

HIPAA compliance efforts wilt in summer survey, August 24, 2005

CMS sets final date for HIPAA TCS compliance, August 5, 2005

HIPAA compliance still a distant goal as deadline looms, April 1, 2005

Copyright © 2006 HC Pro

Latest in Practice Management
Asrt Be Seen Campaign 2024
State of the RT profession more palpable than ever
April 24, 2024
Register today for a FREE webinar May 8 at 12 Noon EDT
Sponsored
Register today for a FREE webinar May 8 at 12 Noon EDT
April 24, 2024
Breast Screening Van 400
Mobile health screening model lowers costs, promotes sustainability
April 22, 2024
Asrt Be Seen Campaign 2024
What's brewing in RT and RRA legislation, policy, and standards?
April 22, 2024
Related Stories
Pdf Icon
Practice Management
Deficit Reduction Act of 2005 puts radiology through the grinder
2006 02 13 15 01 52 706
Imaging Leaders
Hospital for Special Surgery's Pavlov discusses orthopedic radiology's future
2005 05 03 16 08 07 706
Practice Management
M.B.A. education for physicians: cross-training options
IMV’s Oncology in Diagnostic Imaging Market Outlook Report
Sponsor Content
IMV’s Oncology in Diagnostic Imaging Market Outlook Report
More in Practice Management
State of the RT profession more palpable than ever
By Liz Carey
As the ASRT prepares to announce changes to its professional-entry pathways and practice standards at its June meeting in Orlando, FL, Board President Brandon Smith said the state of the field is "more palpable than ever."
April 24, 2024
Asrt Be Seen Campaign 2024
Radiologists can take steps toward environmental sustainability
By Amerigo Allegretto
Radiology departments can take proactive steps to promote environmental sustainability.
April 23, 2024
Screenshot (1150)
Mobile health screening model lowers costs, promotes sustainability
By Amerigo Allegretto
A new cancer screening service model can reduce costs and improve environmental sustainability for breast cancer screening and other screening exams.
April 22, 2024
Breast Screening Van 400
What's brewing in RT and RRA legislation, policy, and standards?
By Liz Carey
A range of federal and state legislation and other developments in the works could have a significant impact on radiologic technologists (RTs) and registered radiology assistants (RRAs).
April 22, 2024
Asrt Be Seen Campaign 2024
Pisano speaks with AuntMinnie.com on new ARPA-H leadership role
By Amerigo Allegretto
Etta Pisano, MD, spoke with AuntMinnie.com on leading the Advancing Clinical Trials Readiness initiative, part of ARPA-H.
April 18, 2024
Screenshot (1143)
AdvaMed urges Congress prioritize R&D tax credit
By AuntMinnie.com staff writers
Medical technology trade association Advanced Medical Technology Association (AdvaMed) is urging Congress to pass a tax provision to change how small businesses deduct their research and development expenses.
April 17, 2024
Us Flag
ACR lays off 11% of workforce
By Kate Madden Yee
The American College of Radiology (ACR) has reduced its workforce by 11%, according to a statement released by the organization.
April 16, 2024
Acr Logo 2023 400
MICI Q2 2024: Radiology administrators remain optimistic about growth
By Kate Madden Yee
Radiology administrators are confident that diagnostic and interventional radiology will continue to grow as a profit center, according to The MarkeTech Group's Medical Imaging Confidence Index (MICI) report for the second quarter of 2024.
April 15, 2024
Graph Arrow Up
Radiologists experience modest pay increase
By Will Morton
Radiologist have jumped up a spot in earnings among the top 10 specialists in the U.S., according to a Medscape survey.
April 12, 2024
Cash
NIH: Occupational radiation dose to RTs needs careful monitoring
By Kate Madden Yee
Occupational doses to radiologic technologists imparted by assistance with fluoroscopically-guided interventional procedures are generally low, but they do need careful monitoring, a team of National Institute of Health (NIH) researchers has found.
April 12, 2024
Radiation Logo
UltraCon: Work-related MSK disorders tied to sonographer burnout
By Amerigo Allegretto
Work-related musculoskeletal (MSK) disorders are tied to work-related burnout among sonographers, according to research highlighted April 10 at UltraCon.
April 11, 2024
Jennifer Bagley from the University of Oklahoma Health Sciences Center presents results at UltraCon suggesting that work-related musculoskeletal disorders are tied to burnout among sonographers.
HAP secures New Jersey revenue cycle services contract
By AuntMinnie.com staff writers
Healthcare Administrative Partners (HAP) announced it will take over all core revenue cycle services on behalf of New Jersey-based Health Village Imaging.
April 10, 2024
Keyboard Key Billing Management
Page 1 of 1166
Next Page