HIPAA

News Briefs

• On February 16, 2006, the Final Rule on HIPAA Enforcement was published in the Federal Register (PDF). The Final Rule adopts the complete regulatory structure for implementing the civil money penalty authority of the Administrative Simplification part of HIPAA (SSA, section 1176), completing the structure which begun when the Privacy Rule was issued in 2000 and expanded by the interim final procedural enforcement rules issued in 2003. The Final Rule covers the enforcement process from its beginning, which usually starts with a complaint or a compliance review, through its conclusion. A complaint or compliance review may result in informal resolution, a finding of no violation, or a finding of violation. If a finding of violation is made, a civil money penalty will be sought for the violation. The Final Rule becomes effective on March 16, 2006.
  
• Effective October 1, 2005, the Centers for Medicare & Medicaid Services (CMS) will terminate the HIPAA contingency plan for incoming claims. Medicare claims processing contractors will return incoming claims submitted in a non-HIPAA compliant format. Provider instructions will be included in a future Medlearn Matters article. A press release has been posted on the CMS Web site.
• CMS Announces End of HIPAA Contingency Plan for Claims Submissions (PDF)
  

The Academy's Coding and Practice Management Committee is offering the following tools and resources to assist members in becoming HIPAA compliant:

HIPAA Security Manual: A How to Guide for Your Medical Practice

HIPAA Security Manual: "A How to Guide for Your Medical Practice" is available as an online download to Academy members at the discounted price of $100. This manual is designed to be specific for health care practices. This manual generally explains these regulations, provides you with over 140 pages of a step-by-step approach to understanding, implementing and complying with HIPAA Security Rule.

To facilitate compliance with the Security rule, this manual includes detailed checklists, "how to" guides and sample documents to ensure compliance with HIPAA. The manual also contains an overview and a glossary of terms that can be used as training tools for physicians and staff.

HIPAA Privacy Manual: A How to Guide for Your Medical Practice

HIPAA Privacy Manual: "A How to Guide for Your Medical Practice" is available as an online download to Academy members at the discounted price of $89. Those purchasing the online version will receive notice of updates and directions to download the information at their Academy email address of record.

The manual, developed by a leading practice management consultant and nationally recognized health care law firm, is designed to provide your practice with an overview and a step-by-step approach to understanding, implementing, and complying with the HIPAA privacy regulations.

• This product is endorsed by 14 medical academies and 4 state medical societies.
• This resource provides required documentation, training manual for staff and employees, and customizable forms necessary to implement HIPAA regulations.
• Easy to use! Easy to implement!
• Cost effective for any and all audiology practices.
• HIPAA updates provided by email.

Should you have questions regarding ordering of these products, please contact Lisa Miller, Direct of Reimbursement at lmiller@audiology.org.

HIPAA Administrative Simplification—Security Final Rule The Final Rule adopting HIPAA standards for the security of electronic health information was published in the Federal Register on February 20, 2003. This final rule specifies a series of administrative, technical, and physical security procedures for covered entities to use to assure the confidentiality of electronic protected health information. The standards are delineated into either required or addressable implementation specifications.

Sample Forms & Fact Sheets

• OCR Privacy Summary (PDF)
• HIA/Academy-Approved HIPAA Business Associate Agreement (PDF)
• HIPAA 101 (PDF)
• HIPAA Provider Readiness Checklist (PDF)
• HHS Office of Civil Rights Guidance and Frequently Asked Questions

Background Material

• How do I Become HIPAA Compliant?
• HIPAA: What is it and How Does it Affect Audiologists?
• CMS Named to Enforce HIPAA Transaction and Code Set Standards (October 28, 2002)
• How to File a Health Information Privacy Complaint with the Office for Civil Rights
• Guidance on Compliance with HIPAA Transactions and Code Sets After the October 16, 2003 Implementation Deadline  (July 24, 2003) (PDF)
• Letter to Medicare Providers from Tom Scully, Administrator, CMS (July 24, 2003) (PDF)
• CMS HIPAA Information Series for Providers

Resources/Links of Interest

• HIPAA Privacy Rule FAQ
• CMS Web site—Model compliance extension form, Frequently Asked Questions, links to other HIPAA sites, and information on regulations and the law are located here.
• FREE Video—CMS' Meeting the HIPAA Challenge: Implementing the Administrative Simplifications of HIPAA. For free video, e-mail your request to AskHipaa@cms.hhs.gov or call (410) 786-4232.
• FREE Listserve—Sign up to receive notification when proposed or final rules on HIPAA have been published in the Federal Register (The Federal Register is the place where the government, upon passing a law, tells the public how the law will be implemented).
• CMS e-Mail box—Send your questions on HIPAA administrative simplification to askhipaa@cms.hhs.gov.
• CMS HIPAA Hotline—(410) 786-4232—This hotline has been established to help answer your HIPAA administrative simplification questions.
• Privacy-related information—The U.S. Department of Health & Human Services' Office for Civil Rights oversees the privacy requirements. Visit their Web site for more information. Privacy-related questions should be directed to OCRPrivacy@hhs.gov or call 1-866-627-7748.
• Other information on "administrative simplification" requirements of HIPAA—http://aspe.os.dhhs.gov/admnsimp/
• CMS Medicaid HIPAA Web site
• Health Privacy Project —Summaries of state health privacy statutes

The opinions referenced are based on the interpretation by members of the Academy Reimbursement Committee and review of federal regulations. This guidance is provided, without charge, as a service to the profession. Academy members are encouraged to seek legal counsel to ensure compliance and are responsible for their own knowledge of both federal and state policies as it pertains to HIPAA. Neither the Academy, nor any of its officers, directors, agents, employees, committee members or other representatives shall have any liability for any claim, whether founded or unfounded, of any kind whatsoever, including, but not limited to, any claim for costs and legal fees, arising from the use of these opinions.

Prepared by The Academy's Reimbursement Committee, Billing Issues Subcommittee: Sheila Dalzell, Debra Abel, Carmen Brewer, Pam Ison, Paul Pessis