The HIPAA privacy standard establishes requirements for disclosing what the HIPAA privacy law calls Protected Health Information (PHI). PHI is any information on a patient about the status of their health, treatment, or payments. It can include name, social security number, address, birth date, insurance ID, telephone number, etc. This information is pretty broad and can be just about anything related to a patient’s medical history.
Authorization for Disclosure
Most protected information is necessary for providers and insurance companies to process a claim. Anyone requiring PHI is required to obtain the patients authorization prior to disclosing any of this information. However the HIPAA privacy standard does not require health care providers to get authorization to use patient information for submitting claims to insurance. Most providers play it safe and have patients sign an authorization to use this information for processing insurance claims, and letting them know what their rights are regarding release of their health information.
Rights to Limit Disclosure
People have the right under HIPAA privacy laws to keep their information from being disclosed to others. When this individual information is disclosed, it must be treated confidentially by all who view or use this information. Patients have a right to request their information be corrected if they feel it is inaccurate.
For individuals who do restrict access to their PHI, it’s a good idea to get their signature on a consent saying they accept financial responsibility. This way if an insurance claim is not paid because the payer cannot access the patients information, the patient bears financial responsibility.
Penalties for Violation
Violating the HIPAA privacy standard can result in costly penalties. The penalties are:
What constitutes a violation? The Department of Health and Human Services says the health care provider must use appropriate administrative, technical, and security measures to protect health information. This could be interpreted in any number of ways however I think the intent is that the health care provider use common sense and make a concerted defensible effort to protect a patients information.
How does this affect communications with patients such as sending out reminder postcards and leaving messages for a patients?
Examples of HIPAA Privacy Violations
Here's some typical examples of HIPAA privacy standard breach where patient information is compromised:
When Your Information Can Be Shared
Your health information can only be shared in a way that does not interfere with your health:
Complaints of Violation
If someone believes HIPAA law privacy is not being followed, they can complain to the Department of Health and Human Services (DHHS) office for Civil Rights. There are reports that DHHS has quite a backlog of complaints, and resolution may not be very expedient. Most complaints are reportedly resolved because no violations were found or the agency provided guidance to resolve the problem.
In summary the HIPAA privacy law allows individuals more access to their medical records and how this information is disclosed. The HIPAA privacy standard also establishes the responsibilities of providers and insurance companies when using PHI for treatment and payment of health care.
Mar 31, 18 09:47 AM
Besides networking .. visiting their offices, how else can you attract their business? When you close the collections month, how do you bill the physicians?
Mar 31, 18 09:36 AM
I have a potential client that is requested claim scrubbing resolutions (only corrections on claims submission errors) and insurance verification on the
Mar 31, 18 09:28 AM
The provider that I bill for just advised that he has a new tax ID. What is the process for this change? Would every insurance company need to be contacted?
Copyright 2018 All-Things-Medical-Billing.com