Wiki HIPAA rules

ShelleyM

Networker
Messages
50
Location
Arcadia, Florida
Best answers
0
Can someone tell me if we do not have the patient's signature on the HIPAA form, are we able to go ahead and bill his insurance? He did give us his insurance information, we just neglected to get his signature on some forms.
 
The short answer is no; you have to have the patient's signature on the NPP to show that you have been given permission to share their PHI with their insurance and electronic clearinghouses - you could be setting yourself up for trouble if not. You can make a reasonable attempt to get it after the fact, and document your efforts, though...see this article from HHS about it:
"•Covered Direct Treatment Providers must also: ◦Provide the notice to the individual no later than the date of first service delivery (after the April 14, 2003 compliance date of the Privacy Rule) and, except in an emergency treatment situation, make a good faith effort to obtain the individual's written acknowledgment of receipt of the notice. If an acknowledgment cannot be obtained, the provider must document his or her efforts to obtain the acknowledgment and the reason why it was not obtained.
◦When first service delivery to an individual is provided over the Internet, through e-mail, or otherwise electronically, the provider must send an electronic notice automatically and contemporaneously in response to the individual's first request for service. The provider must make a good faith effort to obtain a return receipt or other transmission from the individual in response to receiving the notice.
◦In an emergency treatment situation, provide the notice as soon as it is reasonably practicable to do so after the emergency situation has ended. In these situations, providers are not required to make a good faith effort to obtain a written acknowledgment from individuals.
◦Make the latest notice (i.e., the one that reflects any changes in privacy policies) available at the provider's office or facility for individuals to request to take with them, and post it in a clear and prominent location at the facility.

•A covered entity may e-mail the notice to an individual if the individual agrees to receive an electronic notice. See 45 CFR 164.520(c) for the specific requirements for providing the notice."

http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/notice.html

:)
 
I disagree, the HIPAA regulations state that the patient's authorization is not required for "treatment, payment or healthcare operations". If the patient has provided you with his insurance information you can make the judgement that he wishes you to bill his insurance. Also, when patients sign their insurance applications they are giving permission for the insurance company to obtain information necessary for the payment of claims. What you have to be carefule of in these situations is that you disclose the minimum necessary information, and you are still required to provide the patient with a copy of your Privacy practices. In other words you only disclose information pertinent to this particular claim, not the patient's whole medical history.

The link mentioned above pertains to providing patients with the Notice of Privacy Practices and how information may be disclosed.

Doreen Clark, CPC
 
I disagree, the HIPAA regulations state that the patient's authorization is not required for "treatment, payment or healthcare operations". If the patient has provided you with his insurance information you can make the judgement that he wishes you to bill his insurance. Also, when patients sign their insurance applications they are giving permission for the insurance company to obtain information necessary for the payment of claims. What you have to be carefule of in these situations is that you disclose the minimum necessary information, and you are still required to provide the patient with a copy of your Privacy practices. In other words you only disclose information pertinent to this particular claim, not the patient's whole medical history.

The link mentioned above pertains to providing patients with the Notice of Privacy Practices and how information may be disclosed.

Doreen Clark, CPC

You are correct; I was thinking of something else - CMS-1500 Claim Form requirements:
Patient signature field - CMS 1500 Item 12



Patient's or Authorized Person's Signature

The patient or authorized representative must sign and enter either a 6-digit date (MM | DD | YY), 8-digit date (MM | DD | CCYY), or an alphanumeric date (e.g., January 1, 2008) unless the signature is on file. In lieu of signing the claim, the patient may sign a statement to be retained in the provider,
physician, or supplier file in accordance with Chapter 1, “General Billing Requirements.” If the patient is physically or mentally unable to sign, a representative specified in Chapter 1, “General Billing Requirements” may sign on the patient's behalf. In this event, the statement's signature line must
indicate the patient's name followed by “by” the representative's name, address, relationship to the patient, and the reason the patient cannot sign. The authorization is effective indefinitely unless the patient or the patient's representative revokes this arrangement.

NOTE: This can be Signature on File and/or a computer generated signature. The patient's signature authorizes release of medical information necessary to process the claim. It also authorizes payment of benefits to the provider of service or supplier when the provider of service or supplier accepts assignment on the claim.

Signature by Mark (X) - When an illiterate or physically handicapped enrollee signs by mark, a witness must enter his/her name and address next to the mark.


This may not be applicable here, but this is what I was thinking of when I incorrectly referenced HIPAA. Sorry! :p
 
Top