First round of HIPAA rules released
First round of HIPAA rules released
Case management will be subject to standards
Case managers should pay close attention to the final Health Insurance Portability and Accountability Act (HIPAA) rules released in late August. This first round of final rules, which applies to the transactions and coding identifier sections of the federal law, lists case management under covered "atypical" services.
HIPAA is a federal law designed to protect the privacy of patient medical records that are transmitted electronically. In October 1999, the Clinton administration issued a draft of its proposed HIPAA regulations and allowed for a 60-day comment period. More than 40,000 interested parties commented on the draft.
The act is divided into three sections: transactions and coding identifiers, security, and privacy. The federal government was expected to issue a final draft of the security and privacy rules before the end of the year, but many experts think that’s unlikely in an election year. (For more on HIPAA and the proposed privacy rules, see Case Management Advisor, June 2000, pp. 93-98.)
Most case management and e-health experts believe the security and privacy sections of HIPAA will apply more directly to daily case management practice. However, others point out that the transactions and coding identifier rules recently released specifically mention case management as a service of health plans and providers covered by the rules; therefore, case managers should at least acquaint themselves with those rules.
What is a code identifier?
This first round of final HIPAA rules mandates the standards used for electronic data interchange (EDI). The EDI standards are like a language, explains Gary Gartner, MD, MS, chief architect and director of ASP operations for Future Healthcare in Chapel Hill, NC. The standards require that the computers of doctors, hospitals, insurance companies, and employers talk the same language, with the same names, or identifiers, and with the same codes for transactions.
The EDI standards consist of a nationally agreed-upon set of codes and identifiers for each transaction transmitted electronically, Gartner notes. A transaction includes a health care claim, a remittance advice, an eligibility inquiry, or a precertification. Both the sending and receiving computer must agree on the meaning of the values of the codes used. If the computer field identifies a provider, hospital, employee, or health plan, both computers must use the same identifier values.
"HIPAA compliance in all three areas will require a great deal of trust and collaboration among trading partners," he adds.
"With the convenience of electronic transmission comes responsibility," says Maureen Cadogan, BSN, RN, CCM, CPHQ, business and information systems project manager for CalOPTIMA, a public Medicaid agency in Orange, CA. "In general, case managers must learn to exercise a greater degree of care in that process. They must make sure that their organizations have adequate guidelines for protecting the privacy of patient health information transmitted electronically. They must also make sure their organizations offer, and they receive, adequate training on any security and privacy policies and procedures their organizations have for HIPAA compliance."
In its response to public comments on its proposed HIPAA transactions and code identifiers rules, the government stated:
We agree with commenters that case management is a health care service since it is directly related to the health of an individual and is furnished by health care providers. Case management will, therefore, be subject to the standards.
If case management is specifically included in the transactions and code identifiers rules, it’s reasonable to assume case management also will be included in the final security and privacy rules. However, experts argue that most of the HIPAA rules are 90% procedure and 10% technology; case managers’ main responsibility for HIPAA compliance is to receive the training offered by their organization and to never waver in following those policies, says David C. Kibbe, MD, MBA, chief executive officer of Future Healthcare in Chapel Hill, NC.
"The majority of responsibility for HIPAA, particularly these first transactions and code identifier rules, does not fall on the end users, such as case managers," notes Gartner. "Payers and providers who transmit claims and referrals must update their system to use the standard transaction and code sets mandated by the HIPAA rules. End users who are using a system to transmit a claim should be able to do so transparently."
Summaries and explanations of the proposed privacy and security rules and the final transaction and code identifier rules are available on-line from several sources, including:
• the Web site of the Health Privacy Project of the Institute for Health Care Research and Policy at Georgetown University in Washington, DC, (www.healthprivacy.org);
• the Web site of the North Carolina Healthcare Information and Communications Alliance in Research Triangle Park, NC, (www.nchica.org );
• the U.S. Department of Health and Human Services (http://aspe.hhs.gov/admnsimp.
In addition, the federal government has identified the following individuals as resources for information on specific areas of the final transactions and code identifier rules:
• Pat Brooks at (410) 786-5318 for information on medical diagnosis, procedure, and clinical code sets;
• Joy Glass at (410) 786-6125 for information on transactions involving health claims or equivalent encounter information, health care payment and remittance advice, coordination of benefits, and health claim status;
• Marilyn Abramowitz at (410) 786-5939 for transactions involving enrollment and disenrollment in health plans, eligibility for a health plan, health plan premium payments, and referral certification and authorization.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.