Health Information Compliance Alert

HIPAA Transactions SNIP SAYS TCS COMPLIANCE PLANS SHOULD BE A SNAP

Published on Tue Jan 01, 2002

PDF

While health care organizations must submit a compliance plan to the Department of Health and Human Services if they want to take advantage of the recently enacted delay of the Health Insurance Portability and Accountability Act transaction and code sets standard deadline, they need not kill themselves to produce an exhaustive document.

So says a legislative history and statement of intent for the delay legislation (H.R. 3323) recently released by the House Ways and Means Committee. The compliance plan is meant to be “a
minimal reporting requirement,” the committee says, that provides “summary information regarding the work to be completed for the covered entity to be compliant” with the transaction and code set
standards.

That’s good news to covered entities that feared the asking for a delay would be almost as burdensome as the original rule. The pressure to design and implement software systems and to work through trading partner arrangements by October 2002 would have been too much, says Paul Litwak, a health care attorney in Virginia Beach, VA.

“The one-year extension passed by the House and Senate will better enable the healthcare community to build, test and successfully implement the new transactions and code sets required by HIPAA,” Blue Cross and Blue Shield Association President Scott Serota said in December. And now that it looks like HHS isn’t demanding too much from covered entities’ compliance plans, health care organizations can
breathe even easier.

The statement from the Ways and Means committee urges HHS not to penalize providers that don’t choose to take advantage of the delay but “must send non-compliant transactions because
their trading partners have filed for the extension.”

Automatic Approval?

The document also points out that HHS isn’t required to approve the compliance plans — though the agency must issue reports outlining solutions to problems commonly identified in the plans it receives. In addition, while HHS must produce a model form for the compliance plans — which are due Oct. 16, 2002 — covered entities are free to use an alternate format for the plans if they choose.

But before a health care organization tries to come up with its own format, it may want to take a look at the HHS model. The Strategic National Implementation Process, an organization formed by the Workgroup for Electronic Data Interchange, has just prepared recommendations and a model form for a delay request that, if approved by HHS, would take the term “minimal requirement” very seriously.

“We have made it very clear in our recommendations that we are looking for HHS to keep this as simple as possible,” says Robert Tennant, a SNIP co-chair. “It’s just a paperwork burden anyway. There’s nothing in 3323 that calls on HHS to do anything with these compliance forms. So, who’s even going to look at them? Nobody, basically.”

SNIP is recommending that HHS automate the delay request requirement. Under their plan, when a covered entity submits the delay form via e-mail, HHS would generate an automatic response
with something akin to a confirmation number that the delay had been approved.

“We’ve met with [HHS] and they seem very pleased with the direction we’re heading,” Tennant tells Eli. The model form “complies with what the legislation asks for — but at the bare minimum. We wanted to keep it very simple.”

Why so simple? “Our concern that every hour of manpower spent on processing these delays can’t be spent on finishing the remaining rules,” says Tennant.

Furthermore the authors of SNIP’s recommendations were very aware that not everyone who fills out a model form is an expert on HIPAA. “You’ve got to think that everybody from EDI experts at Aetna to some dentist in Topeka will be filling this thing out — so it has to be a one-size-fitsall type of thing,” explains Tennant.

Editor’s note: For more information on WEDI recommendations, go to www.wedi.org.

Health Information Compliance Alert

HIPAA Transactions SNIP SAYS TCS COMPLIANCE PLANS SHOULD BE A SNAP
While health care organizations must submit a compliance plan to the Department of Health and [...]

Information Security IT CONTINGENCY PLANS NEED 21ST CENTURY MAKEOVERS
Health care organizations need to do a better job thinking about the unthinkable and dust [...]

HIPAA Privacy MINIMUM NECESSARY STANDARD WILL CAUSE CULTURE SHOCK
Coming to grips with the minimum necessary standard of the Health Insurance Portability and Accountability [...]

State Courts COURT SAYS COMPUTER DATA IS PUBLIC RECORD
Legal action in New Hampshire may have some significant things to say about the right [...]

HIPAA LITIGATION:
HHS STRIKES BACK AGAINST PRIVACY RULE LAWSUIT
Last August, the Association of American Physicians and Surgeons filed suit in U.S. District Court [...]

E-Health LILLY SETTLES PROZAC.COM COMPLAINTS
The company responsible for one of the most high profile unauthorized disclosures of health information [...]

State Courts FED REGS DON'T PROTECT ALCOHOL RECORDS
Think twice before signing a disability insurance application giving the insurer the right to all [...]

HIPAA ID Rules IDENTIFIER RULES STILL ON THE BACKBURNER
While the delay to the Health Insurance Portability and Accountability Act transaction and code sets [...]

Studies & Surveys CODE SET SOFTWARE ALMOST READY, SAY VENDORS
Software providers appear to be on track to meet the October 2002 deadline for compliance [...]

Point of Care Testing DON'T LET HANDHELD METERS WALK AWAY
Now is the time for health care providers to close the gap between their HIPAA [...]

Health Information News DRIVERS' LICENSES SET TO GO NATIONAL
The debate over national ID cards that erupted following the September 11 attacks may end [...]

View All