HIPAAlert is published monthly in support of the healthcare industry's efforts to work together towards HIPAA security and privacy. Subscribers total nearly 17,000.
**Advertisement**
Bringing the HIPAA classroom to healthcare...Healthcareedu...
the most authoritative, user-friendly online HIPAA Privacy, TCS, and Security education available.
Go to: Healthcareedu.org
1 >> H I P A A n e w
s:
*** CMS Publishes More HIPAA Security Guidance ***
The Centers for Medicare & Medicaid Services (CMS) has posted three new papers in its series of HIPAA Security Educational Papers. The five papers that are currently available are:
The security series of papers provides guidance from CMS on the HIPAA Security Rule. The series will contain seven papers, each focused on a specific topic related to the Security Rule. The papers are designed to give HIPAA covered entities insight into the Security Rule, and assistance with implementation of the security standards. This series explains specific requirements, the thought process behind those requirements, and possible ways to address the provisions. CMS recommends that covered entities read the first paper in this series, “Security 101 for Covered Entities” before reading the other papers, which assume the reader has a basic understanding of the Security Rule.
*** Justice Dept. Limits Prosecutions Under HIPAA Privacy Rule ***
The Justice Department has issued an opinion limiting the government's ability to prosecute people for criminal violations of the HIPAA Privacy Rule. The criminal penalties apply to insurers, doctors, hospitals and other providers, said the Department, however, people who work for a covered entity are not automatically covered by that law and may not be subject to its criminal penalties. The ruling could jeopardize the lone conviction obtained under medical privacy rules that took effect in 2003 and could stop federal prosecutors from pursuing some of the more than 13,000 complaints that have been filed alleging violations of those rules.
Read more.
*** Mandatory Electronic Submission of Medicare Claims Begins in July ***
The Centers for Medicare & Medicaid Services (CMS) has announced that effective July 1, it intends to discontinue its contingency plan allowing providers to transmit non-compliant Medicare transactions. Per CMS Transmittal 450, "paper claims received by Medicare will not be paid" as of July 5, 2005. There are some exceptions to this electronic claim submission requirement. After July 5, you can only submit a non-electronic claim if you are:
- A small provider (a provider billing a Medicare fiscal intermediary that has fewer than 25 full-time employees, or FTEs, and a provider with fewer than 10 FTEs that bills a Medicare carrier);
- A dentist;
- A participant in a Medicare demonstration project in which paper claim filing is required;
- A provider that conducts mass immunizations and may be permitted to submit paper roster bills;
- A provider that submits claims when more than one other payer is responsible for payment prior to Medicare payment;
- A provider that only furnishes services outside of the US;
- A provider experiencing a disruption in electricity and communication connections that are beyond its control; and
- A provider that can establish an “unusual circumstance” exists that precludes submission of claims electronically.
Read CMS' Transmittal 450, "Enforcement of Mandatory Electronic Submission of Medicare Claims" (PDF).
*** Federal Law Requires Destruction of Consumer Data ***
A new federal rule that took effect last week requires all businesses and individuals to destroy private consumer information obtained from credit bureaus and other information providers. The Federal Trade Commission's new rule requires that personal information be burned, pulverized, shredded or destroyed in such a way that the information cannot be read or reconstructed. The rule also applies to electronic files, which must be erased or destroyed, and covers insurance claims and medical information, among others.
Read more.
*** HHS Releases Report on Health Information Exchange; Plans to Advance Health IT with National Collaboration ***
Department of Health and Human Services' (HHS) Office of the National Coordinator for Health IT (ONCHIT) released last week a report summarizing over 500 responses from individuals and private industry on interoperable health information exchange. The report is a compilation of responses to a request for information (RFI) that asked for feedback on how a nationwide health information network (NHIN) could be governed, financed, operated, and supported. A cross-section of industry stakeholders as well as private citizens submitted responses totaling nearly 5,000 pages of information. In order to utilize the federal government's technical and operational expertise on health IT, more than 120 federal officials from over 17 departments and agencies participated in a government-wide RFI review task force led by HHS to analyze the responses from the public-at-large. While the report is an illustrative summary of the RFI responses and does not attempt to evaluate or discuss the relative merits of any one individual response over another, it does provide some key findings.
Meanwhile, HHS Secretary Mike Leavitt announced this week the formation of a national collaboration and four requests for proposals (RFPs) that will aid in developing a national health information network infrastructure that will support the exchange of electronic health records (EHRs). A private-public collaboration called the American Health Information Community (AHIC) will be formed under the auspices of the Federal Advisory Committee Act to provide input and recommendations to HHS on how to make health records digital and interoperable, and assure that the privacy and security of those records are protected. ONCHIT also issued four RFPs on FedBizOpps to create processes for setting data standards, certification, and architecture for an Internet-based nationwide health information exchange, as well as assess patient privacy and security policies.
Read more about the report on nationwide health information exchange.
Read more about the national collaboration and RFPs for interoperability.
**Advertisement**
Over 500 hospitals choose Phoenix Health Systems'
HIPAA Security Policies Templates Suite
Learn more about the Suite's content, pricing, and secure online delivery at:
HIPAAdvisory.com/Wares/Security/
2 >> H I P A A l a t
e s t
NEW in HIPAAction >
E-Health:
Privacy:
Security:
NEW in HIPAA tech >
Application Service Provider:
Radio Frequency Identification:
Copyright 2005, Phoenix Health Systems, Inc. All
Rights Reserved.
Reprint by permission only.
www.phoenixhealth.com 301-869-7300
