The health reforms have not only
affected the way in which healthcare is delivered but also the way in
which information is shared among various professionals and entities in
the health industry. Health Insurance Portability and Accountability Act
(HIPAA) regulations have become more stringent for physicians, and
patient privacy is one of the issues that are emphasized in the health
reforms. Physicians are tackling this increased scrutiny by the
government by adapting various methods in the various core and
departmental processes involved in the delivery of healthcare.
The HIPAA
and the HITECH Act have brought about new changes to the way
physicians’ roles are scrutinized in the country. The privacy guidelines
in the HIPAA Act are exhaustive and physicians need to be aware of
these in order to avoid penalties in the form of cuts or worse.
Moreover, these guidelines regarding patient privacy are not only
applicable to physicians who follow proper EMR or EHR implementations
and the reform guidelines but also to those who choose not to implement
such requirements. Physicians need to disclose only the “minimum
necessary” information needed for the particular purpose to certain
entities. Even oral communication about patient information can be
considered breach of privacy under HIPAA.
HIPAA compliance is not just necessary
for physicians but is also applicable to their staff, on-site or
otherwise. Physician assistants and professionals in other departmental
processes also need to comply with HIPAA guidelines and prevent the
breach of patient privacy by securely utilizing protected health
information (PHI). With physicians using various methods to access and
modify data on EHRs, the HIPAA privacy rules take on a new meaning.
Those on the other end of the tech spectrum who still use paper based
records cannot possibly implement such safeguards for privacy. Therefore
adoption of EMR and EHR systems
that are HIPAA compliant along with recruitment of compliant
professionals in various departmental processes has become crucial to
the well-being of a practice.
Providers are required to give notice of
privacy practices to patients explaining how the health information of
the patient is disclosed and used. Providers cannot reveal PHI to the
patient’s employer unless there is a written permission from the patient
for doing so. Healthcare providers are not allowed to reveal PHI to
family members without receiving permission from the patient. In
addition to these safeguards, there are other types of safeguards to be
implemented such as physical safeguards of workstations and software
used in accessing or modifying PHI. The onus of the protection of
information lies with the physicians or practices and their staff and
with the increasing volume of the information, it becomes necessary for
physicians to hire professionals who are HIPAA compliant.
The departmental processes involved in
the health care delivery system such as medical billing and coding,
transcription, denial management, and revenue cycle management also need
to be HIPAA compliant. Medical billing and coding services
at medicalbillersandcoders.com, which is the largest consortium of
medical billers and coders in the United States, are not only HIPAA
compliant but also offer numerous other value added services such as
consultancy, research and improved denial management.