  |
 |
 |
 |
 |
 |
E·Z BIS and HIPAA
The Health Insurance Portability and Accountability Act was signed into law in 1996. There are three primary components to the HIPAA legislation:
Transaction and Code Sets Standards
The transaction standards regulate the electronic transmission of health care information and standardize the codes sets (diagnosis codes and service codes) used by health care entities. For E·Z BIS users, the primary area of concern is the transmission of electronic insurance claims. The HIPAA legislation requires that providers who transmit electronic claims to covered entities (health care providers, private health plans, government health plans and health care clearinghouses) do so in the ANSI ASC X12N 837 standard format. However, the legislation also states that "Health care clearinghouses would be able to accept nonstandard transactions for the sole purpose of translating them into standard transactions for sending to customers and would be able to accept standard transactions and translate them into nonstandard formats for receiving customers". Clearinghouses may continue to receive electronic claims in nonstandard formats, provided that they convert them into the ANSI format before relaying them to private health plans and government health plans.
The original deadline for complying with the transaction standards was October 16, 2002. However, in December 2001, the Administrative Simplification Compliance Act (ASCA) extended the deadline to October 16, 2003. In order to qualify for the extension, covered entities must submit a compliance plan by October 15, 2002. E·Z BIS recommends that all providers file for the extension by submitting a compliance plan. This includes practices that are filing claims to clearinghouses. Although the legislation clearly states that nonstandard transactions can be transmitted to clearinghouses, providers filing through clearinghouses are nonetheless required to file for the extension. The fastest and easiest method for submitting a compliance plan is to visit the Centers for Medicare and Medicaid Services (CMS) website at the following address:
http://www.cms.hhs.gov/hipaa/hipaa2/default.asp
E·Z BIS customers who are currently transmitting electronic claims to clearinghouses in NSF format or Print Image format should verify that their clearinghouse will continue to accept electronic claims in non-standard formats (NSF and Print Image) after the October 16, 2002 deadline.
E·Z BIS has developed the ANSI ASC X12N 837 claim format and and is available for sending to E·Z BIS-approved clearinghouses. Most E·Z BIS software users will not need to obtain the ANSI claim feature because NSF and Print Image formats will continue to be accepted by most electronic claim clearinghouses. Those E·Z BIS customers who file electronic claims directly to private or government health plans or for those who file to clearinghouses that will require the ANSI format by October 16, 2003 must obtain the ANSI claim feature prior to that deadline.
Another aspect of the ASCA legislation is that all Medicare health claims must be filed electronically by October 16, 2003. Paper Medicare claim forms will not be accepted as of that date. All E·Z BIS customers who are also Medicare providers must be ready to file claims electronically by October 16, 2003. There is an exception for small providers. (fewer than 10 full-time employees)
The second component of the HPAA legislation covers the protection of patient privacy. It creates national standards to give patients more control over their health information, sets boundaries on the use and release of health records and establishes safeguards that health care providers and others must achieve to protect the privacy of health information. The HIPAA privacy rule takes effect on April 14, 2003.
The HIPAA Security Rule was written and passed into law to help ensure the confidentiality, integrity and availability of electronic protected health information (ePHI). The legislation is specifically designed to cover protected information that is stored on computers and computer media and information that is transmitted over the Internet or by other means. The deadline for compliance with the HIPAA Security Rule is April 20, 2005.
The rule includes safeguards in three categories: Administrative, Physical and Technical. The administrative safeguards cover policies, procedures and practices regarding ePHI. The physical safeguards address physical access to information, such as location of workstations, doors, locks, etc. The technical safeguards require software access control, user authentication, audit controls to track access to protected information, integrity tools and transmission security.
While some of the technical safeguard standards are best handled by computers, hardware devices or operating systems, other mandated requirements must be addressed by office management or billing software applications. E·Z BIS Office now includes those components of the HIPAA Security Rule that are needed for compliance. E·Z BIS Office version 6.2 or higher offers the access control, authentication and audit capabilities that HIPAA requires.
Recent HIPAA Developments
