VIRGINIA DEPARTMENT OF MENTAL HEALTH, MENTAL RETARDATION AND SUBSTANCE ABUSE SERVICES - PowerPoint PPT Presentation

1 / 29
About This Presentation
Title:

VIRGINIA DEPARTMENT OF MENTAL HEALTH, MENTAL RETARDATION AND SUBSTANCE ABUSE SERVICES

Description:

VIRGINIA DEPARTMENT OF MENTAL HEALTH, MENTAL RETARDATION AND SUBSTANCE ABUSE SERVICES. Miranda Turner, Director of Risk and Liability ... Privacy Preemption ... – PowerPoint PPT presentation

Number of Views:121
Avg rating:3.0/5.0
Slides: 30
Provided by: CBR70
Category:

less

Transcript and Presenter's Notes

Title: VIRGINIA DEPARTMENT OF MENTAL HEALTH, MENTAL RETARDATION AND SUBSTANCE ABUSE SERVICES


1
VIRGINIA DEPARTMENT OF MENTAL HEALTH, MENTAL
RETARDATION AND SUBSTANCE ABUSE SERVICES
  • Miranda Turner, Director of Risk and Liability
    Affairs Dave Burhop, Agency CIO
  • September, 10, 2001

2
What is HIPAA?
  • Regulations
  • Standards
  • Administrative Simplification
  • Increased Industry Focus On Privacy And Security
  • Federal Mandate

3
Why do we have HIPAA?
  • Reduce Healthcare Costs
  • Reduce Healthcare Fraud
  • Technology

4
Who Must Comply?
  • Covered Entities
  • Organizations That Capture Patient Identifiable
    Electronic Data
  • Providers
  • Healthcare Plans
  • Clearing Houses

5
HIPAA Regulations
  • Transactions/Code Sets
  • Privacy
  • Security
  • Identifiers

6
Transaction/Code Set Standards
  • Transactions
  • Healthcare Claim Or Encounter (837)
  • Healthcare Claim Status (276)
  • Claim Payment And Remittance Advice (835)
  • Eligibility For A Health Plan (270-271)
  • Referral Certification And Authorization (277)
  • Enrollment/Disenrollment In Health Plan (834)
  • Premium Payments (820)
  • First Report Of Injury (148)

7
Transaction/Code Sets Standards
  • Code Sets
  • ICD 9
  • CPT 4
  • HCPCS
  • Final Ruling On Transaction/Code Sets 8/15/2000
  • Compliance Deadline 10/15/2002

8
HIPAA Privacy Rule
  • Applies To Protected Healthcare Information (PHI)
  • Does Not Prohibit The Exchange Of PHI For
    Treatment, Payment or Healthcare Operations (TPO)
  • Deals With What Needs To Be Protected

9
HIPAA Privacy Rule (continued)
  • Privacy Rule Impacts
  • Business Associate Contracts
  • Trading Partner Agreements
  • Human Resources
  • Consents/Notifications/Authorizations
  • Uses And Disclosures
  • Healthcare Operations

10
HIPAA Privacy Rule (continued)
  • Individual Access And Complaint Process
  • Statutory/Regulatory Comparison And Analysis
  • Final Ruling on 4/14/01
  • Compliance Deadline 4/14/03

11
HIPAA Security Rule
  • Final Rule Pending HHS Approval
  • Deals With How Privacy Can Be Ensured
  • Draft Rule Impacts
  • Access Controls
  • Audit Trails
  • Minimum Disclosure
  • Encryption/Digital Signatures/PKI

12
HIPAA Security Rule (continued)
  • Background Checks
  • Physical Security
  • Security Incident Procedures
  • START NOW!

13
HIPAA Identifier Standards
  • Final Rule Pending HHS Approval
  • Draft Rule Impacts
  • Employer ID
  • Patient ID
  • Provider ID
  • Payor ID
  • Final Rule Is Months, Perhaps Years, Away

14
Who Created The Standards
  • X12
  • HHS
  • WEDI
  • SAMHSA
  • Office For Civil Rights

15
HIPAA Privacy Rule Sanctions
  • Civil Penalties - 25,000 Per Incident
  • Criminal Penalties
  • 1 To 10 Years Prison Time
  • 50,000 - 250,000 In Fines
  • Significant Penalties For Non-Compliance
  • Enforcement By Office For Civil Rights

16
Definition of Treatment
  • The provision, coordination, or management of
    health care and related services by one or more
    health care providers including
  • the coordination or management of health care by
    a health care provider with a third party
  • consultation between health care providers
    relating to a patient
  • the referral of a patient for health care from
    one health care provider to another

17
Definition of Payment
  • The activities undertaken by
  • A health plan to obtain premiums or to determine
    or fulfill its responsibility for coverage and
    provision of benefits under the health plan
  • A covered health care provider or health plan to
    obtain or provide reimbursement for the provision
    of health care

18
Definition of Healthcare Operations
  • Carrying out the following activities of the
    covered entity to the extent that the activities
    are related to covered functions and activities
    of an organized health care arrangement in which
    the covered entity participates
  • QA Activities
  • Qualifications of health care professionals

19
Definition of Healthcare Operations(continued)
  • Underwriting and premium rating
  • Medical review, legal services and auditing
    functions
  • Business planning and development
  • Business management and general administrative
    activities (i.e., customer service)

20
Definition of Consent
  • That which is given, via a signed form, by a
    patient/client allowing identifiable data to be
    used for treatment, payment, or healthcare
    operations within the covered entity or the
    covered entitys business associate(s).

21
Definition of Authorization
  • That which is given, via a signed form, by a
    patient/client for purposes other than treatment,
    payment, or healthcare operations within the
    covered entity or the covered entitys business
    associate(s) e.g., research, marketing, etc.

22
Definition of Uses
  • Patient/client identifiable information that is
    used within the covered entity or the covered
    entitys business associate(s).

23
Definition of Disclosure
  • As permitted by the signed consent or
    authorization, patient/client identifiable
    information that is willfully given by the
    covered entity or the covered entitys business
    associate(s).

24
Issues
  • What is the HIPAA defined relationship between
    DMHMRSAS and the CSB?
  • What is the difference between consent and
    authorization?
  • How much will all this cost?
  • What methods will best achieve compliance?
  • How do state laws impact the regulations?

25
Consent Exceptions
  • The following are situations in which consents
    are not required
  • Indirect treatment relationship
  • Inmates
  • Required by law to treat
  • Substantial barriers to communicate
  • Emergency treatment (must obtain a consent as
    soon as reasonably practicable after treatment)

26
Privacy Preemption
  • HIPAA will preempt state laws relating to the
    privacy of individually identifiable information
    except for those that are contrary to and more
    stringent than the federal HIPAA requirements.

27
More Stringent Than
  • Disclosure more limited use or disclosure
    (except if to HHS or to the individual)
  • Info to the patient re use, disclosure, etc.
    greater amount of information
  • Any other matter GREATER PRIVACY FOR THE
    INDIVIDUAL

28
Resources
  • HIPAA Comply web site
  • www.HIPAAcomply.com
  • WEDI web site
  • www.wedi.org
  • EFECT web site
  • www.efect.org
  • EHNAC web site
  • www.ehnac.org

29
Resources
  • DHHS Administrative Simplification
  • aspe.dhhs.gov/admnsimp/index.htm
  • DHHS Data Council Web Site
  • aspe.dhhs.gov/datacncl/
  • NCVHS Web Site
  • ncvhs.hhs.gov
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "VIRGINIA DEPARTMENT OF MENTAL HEALTH, MENTAL RETARDATION AND SUBSTANCE ABUSE SERVICES" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!