HIPAA Myths and Realities for Physician Practice Managers Presented by Shana Wolfe, CHC Corporate Compliance Officer, Washington County Health System Co-chair of HIPAA Task Force May 14, 2002
Administrative Simplification? Health Insurance Portability and Accountablity Act of 1996
THE ADMINISTRATIVE SIMPLIFICATION PART OF HIPAA HAS 3 PURPOSES: To safeguard patient confidentiality To promote electronic (computer-to- computer) standardized healthcare transactions Maintain the security of healthcare information in electronic form
MYTH VS. REALITY What does HIPAA require of the physician practice that I manage? What do we need to do first? What resources are available to help us? How much will all this cost? What are the penalties for non-compliance? Are there any benefits in HIPAA?
HIPAA SECTIONS Privacy Security Transactions and Code Sets National Identifiers –Provider –Health Plan –Employer –Individual
MYTH If we only file paper claims, we don’t have to worry about HIPAA. It only applies to offices that file electronic claims and we’re too small.
REALITY If your office uses a third-party claims processor or billing agent, chances are that they file your claims electronically. Medicare will soon require all claims to be filed electronically.
MYTH Labs and other test providers won’t be able to fax results to our office anymore. We won’t be able to fax referrals or reports anymore. And forget about using the Internet!
REALITY Nothing in HIPAA outlaws fax or internet communications. Eliminating the use of fax machines and other technologies could slow patient care. Exercise reasonable security.
MYTH We won’t be able to call patients’ names in our waiting room because that will violate HIPAA. We’ll have to assign them numbers or give out pagers.
REALITY Address your patients with respect and friendliness. Don’t disclose any healthcare information in the waiting area or at the reception desk. Use common sense.
MYTH We will have to eliminate the use of sign-in sheets because patients will be able to see other patient’s names when they sign in at the front desk.
REALITY HIPAA doesn’t specifically prohibit sign-in sheets or other office processes that contain patient names. Again, use common sense. Don’t include patient conditions or physician names.
MYTH Under HIPAA, we won’t be able to send reminder postcards, and we won’t be able to confirm patient appointments by phone. Our no-shows will go through the roof!
REALITY If you advise patients in your Notice of Privacy Practices that you will send postcards or make reminder phone calls, you can continue this practice appropriately.
MYTH We’ll have to get rid of the chart holders outside the exam rooms, or keep them under lock and key, because patients will be able to see health information.
REALITY Chart holders are not specifically mentioned in HIPAA regulations. Even office “whiteboards” for scheduling purposes are OK. Just use common sense and discretion.
MYTH Under HIPAA, we won’t be able to call in prescriptions or schedule procedures without the patient’s consent. And how will our physicians discuss a case with the patient’s other doctors?
REALITY HIPAA did have some “quirks” that could have made these processes difficult. But changes have been proposed to ease these routine tasks. Discussions about patient care are always acceptable.
MYTH We’ll have to soundproof our exam rooms and front office area so patients can’t overhear discussions about other patients. This could get expensive!!
REALITY HIPAA doesn’t require soundproof rooms or whispered conversations. Use common sense--keep your voice down, and let patients know that you value their privacy.
MYTH Patients will be able to see their charts any time they want to, and they can even change things if they request it. We’ll need to add staff to deal with all the interruptions!
REALITY Depending upon your state, patients may have already had these rights. And you don’t need to change existing records. Patients can add their own statements, or you can explain why things are correct.
MYTH We’ll probably have to replace our entire computer system and get new billing software. And even if we don’t, it’s going to be expensive to test our claims and pay a clearinghouse.
REALITY Take time soon to talk to your computer advisor or the company that developed your billing software. Ask them what they’re doing about HIPAA and what it might cost.
MYTH This HIPAA stuff is so complicated that we’ll need to hire a lawyer to get us on track. There’s no way we can understand it all, much less do what we need to do on time.
REALITY HIPAA is manageable. Take advantage of your professional resources, like MGMA, and check out the Maryland Health Care Commission website for good information.
WHAT SHOULD WE DO? Learn as much as you can about HIPAA from readily available sources (see list of useful websites in the handouts) Contact your computer consultant and/or software vendor SOON. (see sample letter) Consider filing for a one-year extension to comply with the transaction standards. The deadline is October 15, (see the CMS/HCFA website)
WHAT SHOULD WE DO? Consider getting the free HIPAA software from the Maryland Health Care Commission for education and planning purposes. It has lots of good examples. Network with others in your situation. Make a plan with timelines and share the load. DON’T PANIC -- You can manage this!
THANK YOU! Any questions?