slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Health Insurance Portability and Accountability Act of 1996 (PL 104-191) (HIPAA) Southern Regional Conference On Menta PowerPoint Presentation
Download Presentation
Health Insurance Portability and Accountability Act of 1996 (PL 104-191) (HIPAA) Southern Regional Conference On Menta

Loading in 2 Seconds...

play fullscreen
1 / 47

Health Insurance Portability and Accountability Act of 1996 (PL 104-191) (HIPAA) Southern Regional Conference On Menta - PowerPoint PPT Presentation


  • 345 Views
  • Uploaded on

Health Insurance Portability and Accountability Act of 1996 (PL 104-191) (HIPAA) Southern Regional Conference On Mental Health Statistics November 8, 2000. Do I have to learn something from this ? Well, not if you don’t want to.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Health Insurance Portability and Accountability Act of 1996 (PL 104-191) (HIPAA) Southern Regional Conference On Menta' - lotus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1
Health Insurance Portability and Accountability Act of 1996

(PL 104-191)

(HIPAA)

Southern Regional Conference On

Mental Health Statistics

November 8, 2000

slide2
Do I have to learn something from this?
  • Well, not if you don’t want to.
  • But if you DO pay attention, you COULD leave with an understanding of:
    • What HIPPA is
    • It’s purpose and areas of coverage
    • Status of implementation
    • Some of the problems involved
    • How it might affect you and your agency
  • Plus you’ll get a bunch of acronyms to toss around in meetings when you get back home.
slide3
So what is HIPAA?
  • Health Insurance Portability and Accountability Act of 1996 (PL 104-191)
  • FEDERAL legislation
  • It’s actually an amendment to the Internal Revenue Code of 1986 which should tell you all you want to know
slide4
What’s its purpose?
  • Assure portability and continuity of health care
  • Combat fraud and abuse
  • Promote medical savings accounts
  • Improve Long Term Care access & coverage
  • Simplify the administration of health insurance
slide5
Administrative Simplification

Promote the electronic exchange of healthcare information by establishing standards for its:

  • transmission
  • storage and
  • handling
slide6
“We’re the Private Sector and

we’re here to help you.”

Unknown

slide7
HIPAA standards will regulate:
  • Format
  • Content
  • Privacy
  • Security

ALL health plans, including Medicare and Medicaid, must comply within 2 years of standards adoption (there are exceptions for certain plans based on size).

slide8
A Few Acronyms

The WEDI (Workgroup for Electronic Data Interchange) has created a SNIP (Strategic National Implementation Process) to address HIPAA issues on an industry-wide basis.

The ANSI (American National Standards Institute) has chartered the ASC X12 (Accredited Standards Committee X12) and given it responsibility for cross-industry standards for electronic documents.

slide9
Where are we headed?
  • Electronic Data Interchange (EDI)
    • 1-1.5 million providers
    • 7,000+ hospitals
    • Thousands of health plans
    • Hundreds of other entities involved (third party vendors, clearinghouses, etc.)
    • With EVERYONE doing basic things the same way
slide10
Will it cost money?
  • Need to convert and upgrade systems
  • Need to train staff
  • Start up costs in manuals, materials, etc.
  • Testing
  • Troubleshooting
slide11
So, the answer is:

“Yes Virginia, It WILL Cost Money.”

But HHS, playing the role of Santa Claus, estimates about $30 billion in net savings over a 10 year period, not taking into account ancillary benefits such as new industry springing up to deal with HIPAA problems.

slide12
Administrative Simplification

Standards address basic areas of:

  • Transactions
  • Code Sets
  • Identifiers
  • Security
  • Privacy
slide13

Proposed Transaction Standards

  • Claims & Encounters
  • Enrollment
  • Coordination of Benefits
  • Claim Status
  • Premium Payment
  • Eligibility
  • Referral certification and authorization
  • Payment Remittance Advice
  • Claim Attachment
  • First report of Injury
slide14

Proposed Transaction Formats I

  • ASC X12N 837 X096
    • Institutional Claims (replaces UB 92, NF forms)
  • ASC X12N 837 X097
    • Dental
  • ASC X12N 837 X098
    • Professional Services (Replaces HCFA 1500)
  • ASC X12N 835 X091
    • Health Care Claim Payment Advice (no suspended claims)
slide15

Proposed Transaction Formats II

  • ASC X12N 276/277
    • Claims status request and response
  • ASC X12N 270/271 X092
    • Eligibility Inquiry and Response
  • NCPDP v5.1 or batch v1.0
    • Retail pharmacy eligibility, PA, claims, etc.
  • ASC X12N 278 X094
    • Used to request PA and to respond to request.
slide16

Proposed Transaction Formats III

  • ASC X 12N 820 X061
    • Premium payments to health plans for insurance
  • ASC X 12N 834 X095
    • Electronic benefit enrollment primarily for managed care
slide17

Code Sets

  • ICD-9-CM: Diseases, injuries, impairments, other health problems, causes of above.
  • ICD-9_CM, Vol. 3: Procedures for prevention, diagnosis, treatment, and management.
  • National Drug Codes (NDC): Drugs and biologics.
  • Code on Dental Procedures and Nomenclature: Dental.
  • HCPCS and CPT4: Physician and other health care services
  • HCPCS: Substances, equipment, and supplies used.
slide19

Proposed Identifiers

  • Provider
  • Employer
  • Health Plan
  • Individual
slide20
Provider ID
  • Physicians currently have a “UPIN” (Unique Physician Identifier Number).
  • Under HIPAA EVERY individual provider will need to have one.
  • Original proposal 8-position alpha numeric
  • Final expected to be 10 digit numeric
  • NO embedded intelligence
  • Due out January, 2001 (pending $ for national registry)
slide21
Employer ID
  • Who gets one?
    • Person or organization for whom an individual performs or performed any service as the employee of that person or organization.
  • What will it look like?
    • Still pending, but due out January 2001. Latest proposal is 9 digit IRS-issued EIN.
slide22
Health Plan ID
  • All Health plans will get one, but there is still discussion of “what is a health plan?”.
  • What will it look like?
    • Unknown but 9 digit numeric identifier has been proposed. Due out February, 2001.
slide23
Security and Privacy
  • NOT the same thing under HIPAA.
    • PRIVACY refers to policy to determine what is disclosable, to whom, and under what circumstances.
    • SECURITY deals with tools and processes to be put in place to insure privacy in the electronic world.
slide24
Security
  • Applies only to information stored or transmitted electronically.
  • Divided into 4 main areas:
    • Administrative Procedures
    • Physical safeguards
    • Technical security services
    • Technical security mechanisms.
  • Standards due out January, 2001
slide25
Administrative Procedures
  • Chain of trust partner agreement
  • Contingency plan
  • Information access controls
  • Training
  • Termination procedures
slide26
Physical Safeguards
  • Must have an assigned security officer
  • Media controls
  • Physical access controls
  • Security awareness training
slide27
Technical Security SERVICES
  • Access control
  • Audit Controls
  • Authorization controls
  • Entity authentication
slide28
Technical Security MECHANISMS
  • Does not require a SPECIFIC technology.
  • Communications/network controls
    • Message authentication, alarms, audit trails, entity authentication, event reporting.
  • Electronic Signature
    • Not currently required
    • Any one used must comply with HIPAA standard
    • Cryptographically-based digital standard.
slide29
Privacy

Protect the privacy of individually identifiable health information maintained or transmitted in connection with certain administrative and financial transactions

slide30
HIPAA says that congress will enact privacy legislation for healthcare by 8/99………but if they fail, it becomes HCFA’S job.
  • Congress failed and HCFA issued proposed regulatory text November 3, 1999
slide31
If you’re interested in privacy, you can go to this website:

http://erm.aspe.hhs.gov/ora_web/plsql/erm_rule.rule?user_id=&rule_id=228

slide32
What’s covered under privacy?
  • Electronically transmitted or maintained information only at the current time
  • Includes when electronic information is printed or discussed orally
  • Covers the information ITSELF and is not restricted by the media on which it is kept so privacy applies to the original paper version also
slide33
Who is subject to rules?
  • Health plans, including Medicare and Medicaid
  • Health care providers
  • Clearinghouses
slide34
Basic Requirements
  • Designate a privacy official
  • Document policies and procedures
  • Train employees at least every 3 years
  • Develop and enforce sanctions for non-compliance
  • Establish a grievance process
slide35
Other Privacy Notes
  • Disclosure applies to individually identifiable health info. that SOMETIME DURING ITS LIFE has been electronic
  • Agencies must have policies to disclose a minimum amount necessary for whatever the task at hand is
  • Business partners must also comply. YOU are responsible for THEIR mistakes.
slide36
That’s HIPAA in a big nutshell.

Now, how does it affect you?

slide37
No local codes for Medicaid
  • Currently one of the biggest concerns of Medicaid and SHOULD be big concern of MH Authorities
  • What are “local codes”? Codes that allow providers to bill and be paid for non-traditional services, many unique to a single state.
slide38
Why do we need them?
  • As an example, in RI we generate about $12 million for local code X0342 which is our PACT model program. If there is no Medicaid CODE for this program:
    • We can’t BILL or PAY for it.
    • Our XIX agency doesn’t know which state account to tap for the state share.
    • The MH agency can’t track spending, determine which client received which specific service, etc.
slide39
What’s happening in this area?
  • NASMD formed NMEH (National Medicaid EDI HIPAA Workgroup)
  • The group solicited local codes from all states. As of a month or so ago, they had gotten in a mere 27,000
  • NY and CA are now working to crosswalk these and come up with maybe 1,000 common ones which HHS will be asked to add
  • Trust me when I tell you that MH specific ones are not likely way up on the list
slide40
State MH Program Directors, State DD Directors, and State Medicaid Directors met within the last week or so and have an agreement that Medicaid Directors will share MH and DD specific codes collected with the other groups.
  • This will allow more specific work in the field, but will NOT garner the thousands of OTHER codes in place for non-Medicaid services.
slide41
Anything else?
  • NASMHPD is actively trying to educate Commissioners on the subject.
  • NASMHPD is joining with other national groups to proactively work on the hill.
  • NGA wrote to Donna Shalala asking her to define the implementation period as beginning only after all relevant regulations have been finalized. Given the furor over client UID, this could take a while.
  • Individual states are all working on schemes to mitigate the effects.
slide42
Privacy and Security
  • Been to privacy/security training lately?
  • Leave any files with client/patient names on them on your desk or unlocked somewhere in your office overnight and have they EVER touched the electronic system?
  • Send patient names, SSN, etc. in email? As a file attachment? By fax? Meet security/privacy standards?
  • Scrutinize data that you DO send out to insure that you give absolute MINIMUM necessary to accomplish the task?
  • Wanna talk to the HIPAA police?
slide43
In the words of an old philosopher:

It ain’t over till it’s over.

slide44
If you’re a SMHA that relies on any Medicaid billing, your state Medicaid agency has been working on this “stuff” for a while. Get back and get in your two-cents or you WILL suffer the consequences.
  • If you’re a state paying FFS, the burden falls on you and it will fall quickly so get back and get working.
  • And even if you don’t PAY FFS, the privacy and security requirements will apply to you just the same if you use a computer.
  • If you’re in private practice, or work for a community agency, you need to at least stay up to date on what you’re going to be required to do.
slide47
Questions?

Ron Tremper

RI Dept MHRH

rtremper@mhrh.state.ri.us