Any company as a covered entity of HIPAA 837 needs to take certain precautions when outsourcing any aspect of their operations that deal with personnel health information (PHI.)
All kinds of forms that people are asked to sign at a doctor's office are nothing but HIPAA 837 privacy
forms. It does not end with privacy and disclosure forms, utmost care has to be taken while handling
private medical information. This information includes claims, patient history files, and enrollment files.
The Health Insurance Portability and Accountability Act (HIPAA 837) was enacted in 1966 and has made
quite an impression on the world of digital document imaging and forms processing. Any company as a
covered entity of HIPAA 837 needs to take certain precautions when outsourcing any aspect of their
operations that deal with personnel health information (PHI.) There are two main components to HIPAA
837 that deal directly with the claims processing and outsourcing of document imaging. First being
Privacy issues and secondly Administrative Simplification.
Whenever dealing with a Document Imaging Service provider one should always ask them about their
HIPAA 837 policies and procedures. Every one of their employees needs to sign an agreement stating
they are aware they are handling people's PHI.
Under the privacy rule of HIPAA 837 there is a security rule which has three parts:
1. Administrative safeguards: for organization to comply with the HIPAA 837 acts.
2. Physical safeguards: guard against inappropriate access to PHI data.
3. Technical safeguards: Any organization engaged in the handling of PHI must control access to
computer systems containing PHI.
The primary goal of the Administrative Simplification portion of HIPAA 837 is to simplify and streamline
the administration of health care.