 News
Archives - 2002 |
 DHHS Preparing
Additional HIPAA Regulations For February 2003 |
| 12/20/2002 |
|
| According to statements from Jared Adair, director of the newly
formed Office of HIPAA Standards, and deputy director Karen Trudel, the DHHS
anticipates publishing the final provider and proposed payer identifier rules
in spring 2003 followed by the publication of the claims attachments rule in
March. |
| CMS Offers
Online HIPAA Electronic Standards Complaint Form |
| 12/9/2002 |
|
| The Centers for Medicare and Medicaid Services (CMS) now offers
an online HIPAA Complaint Form for individuals wanting to submit complaints
about covered entities' who are not in compliance with HIPAA's transaction
standards. CMS is responsible for enforcing HIPAA's electronic transactions and
code set standards. Paper compliants can also be submitted by downloading a
special compliant form. Read the Form |
| DHHS Flunks
Security Exam |
| 11/20/2002 |
|
| The House Government Reform Committee's Government Efficiency,
Financial Management and Intergovernmental Relations Subcommittee headed by
Rep. Stephen Horn (R-Calif.) gave two-thirds of all federal agencies a failing
grade for efforts to secure information systems - a worse showing than last
year attributed to greater awareness of security vulnerabilities. Included on
the was none other than the Department of Health and Human Services, creators
and overseers of HIPAA's Privacy and Security Rules. Read the
article |
| Final Security
Rule To Be Published in December |
| 11/12/2002 |
|
| According to Health Information Management, Vinson &
Elkins, a Houston, Texas law firm, the final Security Rule and final changes to
the Transactions and Code Sets Rule will be published in the Federal Register
on December 27, 2002. The firm claims to have received an e-mail from HHS
Secretary Tommy Thompson projecting the publication date. |
| Democrats
Attempting To Restore Certain Patient Consent Requirements |
| 10/17/2002 |
|
| House Democrats introduced a bill yesterday that would restore
patient consent provisions in the HIPAA Privacy Rule and require health care
providers to notify consumers when they receive payment from drug companies to
send unsolicited marketing material. The bill would also limit how FDA
regulated companies could use or disclose personal medical information. The
bill, called the Stop Taking Our Health Privacy Act (STOHP), was introduced by
Reps. Ed Markey (D-MA), John Dingell (D-MI), Henry Waxman (D-CA), Howard Berman
(D-CA) and Michael Capuano (D-MA). Read the statement of introduction for
the STOHP Act. (24Kbs)or Read the text of the proposed Act.
(226Kbs) |
| Half-Million
Applications for Extensions |
| 10/16/2002 |
|
| The Centers for Medicare & Medicaid Services reported that
it had received more than 500,000 applications for a one-year extension of the
Oct. 15 deadline for complying with HIPAA's Transactions and Code Sets
Standards. Those that did not apply for the extension are now expected to be in
compliance with the regulations. |
| CMS to Enforce
HIPAA Transaction and Code Set Standards |
| 10/15/2002 |
|
| HHS Secretary Tommy G. Thompson announced today that the
Centers for Medicare & Medicaid Services (CMS) will be responsible for
enforcing the HIPAA transaction and code set standards. The HHS Office for
Civil Rights (OCR) will enforce the HIPAA Privacy regulations. CMS and OCR will
work together on outreach and enforcement and on issues that touch on the
responsibilities of both organizations - such as application of security
standards or exception determinations. Health care providers are encouraged to
watch these developments carefully. |
| Privacy Rule
Top Concern of Compliance Officers |
| 10/10/2002 |
|
| HIPAA Privacy Compliance is the biggest issue faced by
compliance officials according to a recent survey. The fifth annual “2002
Profile of Health Care Compliance Officers,” released October 1 by the
Health Care Compliance Association (HCCA) and Indianapolis-based Walker
Information, indicates the top goals are: monitoring and auditing, staff
compliance training, compliance program effectiveness, and of course, HIPAA
compliance. According to the survey results, the trend is clear that compliance
programs are an accepted part of the health care organization’s framework.
The survey also includes data on compensation, benefits, staff size and other
issues. Read the
survey. |
| OCR Releases
New Privacy Rule FAQ & Unofficial Version of Modified Privacy Rule Text
|
| 10/8/2002 |
|
| Yesterday, the Department of Health and Human Services Office
of Civil Rights released new FAQ's about the the final modified HIPAA Privacy
Rule. Read the
FAQ's. |
| CMS Introduces
Health Privacy Accountability Database |
| 10/8/2002 |
|
| The Centers for Medicare & Medicaid (CMS) announced its
plans yesterday to implement an electronic record management system as part of
its compliance with the HIPAA medical privacy rule and the Privacy Act of 1974.
The system, called the Privacy Accountability Database, will track access to
CMS’ health care data, which holds information on more than 74 million
Americans. The system will help CMS administrators protect health information
and monitor disclosure of the information, which is used for reimbursement,
regulatory compliance and to support litigation involving CMS. CMS
administrators plan to have the system in place by the April 2003 HIPAA privacy
rule compliance deadline. Read the announcement in the Federal
Register. |
| HIPAA
Subcommittee Alerts HHS Of Confusion |
| 10/8/2002 |
|
| The Subcommittee on Privacy and Confidentiality of the National
Committee on Vital and Health Statistics (NCVHS) heard from witnesses as part
of its duty monitoring HIPAA implementation. Its initial findings and
recommendations were sent to HHS Secretary Tommy Thompson in a letter dated
September 27, 2002. Many health care providers reported compliance progress.
However, low levels of implementation and the high levels of confusion and
frustration were also reported. Many health care providers nationwide report
having never heard of HIPAA and do not think it applies to them and are
confused by the ambiguous standards. Many State and municipal governments
report budgetary or personnel deficiencies to properly draft their own HIPAA
documents and develop mandated training programs. "The failure of the OCR to
make available sample forms, model language, and practical guidance has left
covered entities at the mercy of an army of vendors and consultants, some of
whose expertise appears limited to misinformation, baseless guarantees, and
scare tactics." Read the
letter. |
| Updating
Sports Injuries Getting Tougher |
| 9/24/2002 |
|
| College injury updates by TV and radio sideline reporters at
college football games are becoming history, reports USA Today. Following a
federal law designed to protect privacy of individuals' health information,
some colleges have begun withholding basic medical information on injured
players, even though the law does not become official until April 14, 2003.
Read the
article. |
| Associations
Urge Banks to File for HIPAA Extension |
| 9/23/2002 |
|
| The American Bankers Association and National Automated
Clearinghouse Association are encouraging banks to air on the side of caution
and file for the one-year extension to HIPAA's Transactions and Code Sets
compliance date of October 16, 2002. They are offering a sample letter for
banks to use in requesting the extension. The letter apparently meets the
filing requirements for the extension. Read the model
letter. |
| House
Committee Approves Bill Requiring Agencies to Analyze Privacy Impact
|
| 9/11/2002 |
|
| The House Judiciary Committee yesterday approved legislation
that would require government agencies to analyze how proposed regulations
would affect personal privacy. The bill, called the Federal Agency Protection
of Privacy Act, would require federal agencies to include a privacy impact
analysis at the time regulations are proposed. The bill, sponsored by
Congressman Bob Barr (R-GA), will now goes to the full House for consideration.
“Americans deserve to know how government regulations will impact their
personal privacy, and this legislation reforms the regulatory process make sure
that occurs,” Barr said today. “This bill will not only make the
federal government more accountable to the American people, but it will also
serve to slow the growing erosion of citizens’ privacy rights.”
|
| Banks Urged to
Apply for Compliance Extension |
| 9/11/2002 |
|
| American Bankers Association and the National Automated
ClearingHouse Association (NACHA) are encouraging banks to seek a one-year
extension to the HIPAA transactions compliance date. The HIPAA Transactions
Rule applies to all healthcare providers, plans and “healthcare
clearinghouses” as well as their third-party “business
associates.” According to the Department of Health and Human Services
(HHS), banks could be considered “healthcare clearinghouses” if they
process certain payments (e.g., provide lockbox services) or other transactions
for doctors, pharmacies, hospitals, etc. that include personally identifiable
“protected health information” (PHI). HHS has not yet determined
whether certain bank payment processing activities make banks subject to the
HIPAA rule. Nonetheless, the compliance deadline for the HIPAA Transactions
Rule of October 16, 2002 is looming, and HHS expects banks to take action. HHS
will extend the compliance deadline for one year for banks and other parties
that file an extension letter with the agency by October 15. To make this
easier for banks, ABA and NACHA have created a sample letter that says the bank
promises to be in compliance by October 16, 2003, if HHS determines that banks
are subject to HIPAA. View the ABA/NACHA Model HIPAA Deadline
Extension Letter for Bankers. |
| Senator
Introduces Bill for Stricter Drug Marketing Rules |
| 9/9/2002 |
|
| In response to the final HIPAA privacy rule, Sen. Bill Nelson
(D-FL) has drafted legislation intended to stop drugstore chains from using
consumers' records without consent for pharmaceutical marketing. "This loophole
lets drug companies and pharmacies mine and secretly profit from your most
private medical information," said Nelson. "Instead of allowing further erosion
of our privacy standards, we should be strengthening medical privacy
protections." Specifically, Nelson's bill would require that consumers' give
explicit consent before pharmacies could cull health information for drug
companies that pay them to market their products. The bill does not interfere
with health-care providers' sharing information for patients' treatment. Last
year, Nelson introduced a bill to keep insurance companies, banks and other
financial institutions from sharing health-related and financial information
about consumers without their explicit consent. |
| Kennedy To
Seek Amendment of Privacy Rule |
| 8/27/2002 |
|
| According to a spokesperson from Ted Kennedy's press office,
the Massachusetts Senator will attempt to amend HIPAA's Privacy Rule when
Congress convenes in September. Previously Kennedy said he would introduce
legislation to reinstate the consent requirement if it wasn't included in the
final rule. Kennedy said in March that eliminating the privacy rule's consent
requirement would "gut the cornerstone" of the privacy regulation and put the
interests of corporate America before those of American families. With
apparently little support on the hill for Kennedy's view, some experts doubt
his efforts will prove successful. Unless Kennedy can reinstate the consent
requirement, the modifications to the Privacy Rule become law on October 14,
2002. |
| California
Senate Expands Medical Privacy to Drug Firms |
| 8/21/2002 |
|
| The California Senate approved legislation that would hold
pharmaceutical companies to the same standards of privacy for patients' medical
information as physicians, health insurance companies and pharmacists. The bill
would amend the existing Confidentiality of Medical Information Act, which
currently only applies to health care providers and health plans, to include
pharmaceutical companies. |
| California
Senate Expands Medical Privacy to Drug Firms |
| 8/21/2002 |
|
| The California Senate approved legislation that would hold
pharmaceutical companies to the same standards of privacy for patients' medical
information as physicians, health insurance companies and pharmacists. The bill
would amend the existing Confidentiality of Medical Information Act, which
currently only applies to health care providers and health plans, to include
pharmaceutical companies. |
| Privacy Rule
Modifications Criticized by Privacy Advocates |
| 8/19/2002 |
|
| According to published reports the new Privacy Rule
modifications are being strongly criticized by health care privacy groups
including The Citizens' Council on Health Care, the Institute for Health
Freedom, the American Psychoanalytic Association, and the Health Privacy
Project. The objections are especially focused on the adoption of rules which
eliminate consent requirements previously required in the original privacy rule
and new loopholes for marketing purposes. |
| Kennedy Heads
Dem's Attempt to Amend Latest Final Privacy Rule |
| 8/16/2002 |
|
| Sen. Edward Kennedy (D-Ma.) and other House Democrats are
considering a legislative response to the final HIPAA Privacy Rule published in
the Federal Register on August 14, 2002 and scheduled to become law on October
14, 2002. The Bush administration's modifications to HIPAA's Privacy Rule has
some Democratic members of Congress in a tizzy, especially over the
administration's elimination of the patient prior consent requirement which
would have required patients' written consent for use or disclosure of personal
health information before treatment, payment or health care
operations. |
| Final Privacy
Rule Published in Federal Register |
| 8/14/2002 |
|
| The final HIPAA Privacy Rule was published in the Federal
Register today. Unless Congress repeals or modifies it, it will become law on
October 14, 2002. |
| Leagues Gain a
Measure of Relief From Privacy Laws |
| 8/14/2002 |
|
| Buried deep in the 412-page HIPAA Final Privacy Rule are a
couple of paragraphs that could provide enormous relief to major sports
leagues. The final rules appear to provide wriggle room - if not outright
exclusion - for professional sports teams, which are mentioned on Pages 50 and
51 of the document. "Professional sports teams are unlikely to be covered
entities" under the law, according to the Department of Health and Human
Services (HHS) in response to a comment written on behalf of the Cincinnati
Bengals. "Even if a sports team were to be a covered entity, employment records
of a covered entity are not covered by this rule." The document goes on to
state, "nothing in this rule prevents an employer, such as a professional
sports team, from making an employee's agreement to disclose health records a
condition of employment." Read the NY Times Article
|
| Industry
Pleased with Final Privacy Rules, Patient Advocates Not |
| 8/10/2002 |
|
|
The final HIPAA Privacy Rule issued Friday offers weaker safeguards than those
sought by consumer advocates, according to an article in the Washington Post.
The Rules require a host of new protections, including guaranteeing that people
may inspect their medical records and correct mistakes, find out who else has
looked at them, and seek penalties against anyone who misuses the information.
But they omit a requirement that patients' written permission must be obtained
before their personal health information can be handled by doctors, hospitals,
pharmacies and insurance plans - infurating consumer groups and many
Congressional critics. Read the Washington Post
article |
| A
"Prescription" for California Privacy Rights |
| 8/6/2002 |
|
| Californians should enjoy a presumption of privacy when they
get a prescription filled, according to Assemblywoman Carole Migden, D-San
Francisco. Migden is pushing legislation (AB2191) that would extend medical
privacy restrictions (now applied to doctors, health insurers and pharmacists)
to pharmaceutical companies. Read the
Article |
| Energy &
Commerce Committee Object To Proposed Changes |
| 7/24/2002 |
|
| A
letter from the House Energy and Commerce Committee was sent to HHS Secretary
Thompson on July 23rd questioning the Administration's proposed changes to the
medical privacy rule, including the removal of the consent requirement,
expansion of allowable disclosure of PHI for marketing purposes, and the
creation of a broad loophole through which drug companies could access patient
health records without patient permission. Reps. Waxman, Dingell, and four
others wrote arguing in favor of maintaining the consent requirements for
treatment, payment, and operations, and stating they may seek public hearings
on the subject. Read the Letter
(Attention: Large File - 997Kb.) |
| ER Patients'
Privacy at Risk in Reality TV |
| 7/17/2002 |
|
| Lights, camera, heart attack: Medical "reality" TV shows have
some doctors worried about patient privacy. The Journal of the American Medical
Association reports that emergency room doctors are calling for improved
protection of patient privacy in the face of growing numbers of TV shows that
literally film life-and-death trauma in the nation's emergency rooms. In
particular, they say, filming emergency room patients should be forbidden.
Read the
Article |
| Privacy
Officer Is Possibility at Security Department |
| 7/9/2002 |
|
| The New York Times reports that the Bush administration said
this week that it was open to the idea of installing a chief privacy officer in
a new Department of Homeland Security to make sure it weighed issues of
confidentiality and the secure handling of personal information. Read the
Article |
| AHA Urges More
Changes To Proposed Transaction and Code Set Modifications |
| 7/9/2002 |
|
| While expressing support for many of the proposed transaction
and code set modifications, the American Hospital Association requested further
changes in a July 1 letter to HHS Secretary Tommy Thompson. The AHA claims that
requiring facilities to use provider taxonomy codes for institutional claims
would force hospitals to implement massive new system changes and incur costs
that could never be recovered. Read the
Letter |
| Free Prozac
in the Junk Mail Draws a Lawsuit |
| 7/6/2002 |
|
| A
Broward County woman who received an unexpected trial pack of once-a-week
Prozac in the mail filed suit against her doctors, the Walgreen Co. pharmacy
chain and drug manufacturer Eli Lilly & Co. for invading her privacy and
other alleged violations of Florida law. Read the
Article |
| Baseball
Leagues Seek Relief From HIPAA |
| 7/4/2002 |
|
| A
Cincinnati law firm, working on behalf of the Cincinnati Bengals, recently
filed a two-page comment on the law with the federal Department of Health and
Human Services in an attept to get baseball exempted from the HIPAA
regulations. The filing recommends specific guidelines that would exempt
professional sports teams from certain HIPAA requirements which could otherwise
have an adverse affect on professional sports. Read the
Article |
| Final Privacy
Rule Coming in August |
| 6/23/2002 |
|
| John Hoff, HHS deputy assistant secretary, told attendees at
the Association for Electronic Health Care Transactions (AFEHCT)'s recent
Washington Policy Forum that in August the Department of Health and Human
Services will publish the (revised) final HIPAA Privacy Rule with modifications
to the current Privacy Rule. Read the Article or Read the Proposed
Modifications |
| Kennedy Backs
Internet Transactions |
| 6/18/2002 |
|
| Sen. Edward Kennedy (D-Mass.) on June 18, 2002 introduced
legislation to encourage the use of Internet technology in health care and
mandate computerized physician order entry systems for writing prescriptions.
The legislation, also dubbed eHealth Act, would set standards for health care
financial transactions and offer grants to help providers afford information
technology. Read the
Article |
| Federal Judge
Throws Out HIPAA Lawsuit |
| 6/17/2002 |
|
| A
federal judge has dismissed a lawsuit filed by a physicians group and U.S.
(Texas) Rep. Ron Paul alleging that the HIPAA Privacy regulations give the
government "virtually unrestricted access" to patients' medical records. The
Association of American Physicians and Surgeons, Paul, (R-Surfside), and three
patients sued the U.S. Department of Health and Human Services last year. Read the Article |
| Security Rule
Without Privacy Rule - No Way Says Expert |
| 6/14/2002 |
|
| According to Health Data Management, health care providers must
implement significant portions of the proposed HIPAA Security Rule to be fully
compliant with the HIPAA Privacy Rule which has an April 14, 2003 compliance
date for all health care providers. Thomas Walsh, principal consultant at CTG
HealthCare Solutions, Cincinnati states, “You can have security without
privacy, but you cannot have privacy without security. By default, you need
some minimum security in place by April 14th 2003.” Walsh spoke at the
Healthcare Information and Management Systems Society’s (HIMSS) Summer
Conference this week in Las Vegas. He gave attendees a HIPAA Security Readiness
checklist of 36 tasks, some of which should be completed now and others which
should be in progress. Read Walsh's Readiness
checklist. |
| Law May Forbid
Leagues to Say if Player Is Hurt |
| 6/11/2002 |
|
| Under the HIPPA regulations, sports officials may be prevented
from disclosing a player's medical information without consent. If so,
everything from gambling to bidding during free agency could be affected. Rob
Manfred, the chief labor lawyer for Major League Baseball, said that while the
law might be useful in other businesses, "it doesn't make sense that the New
York Yankees can't tell their fans about the condition of their star
pitcher."Read The New York Times
Article |
| Senate
Committee Approves Online Privacy Bill |
| 5/20/2002 |
|
| The Online Personal Privacy Act (Senate Bill 2201 sponsored by
Chairman Ernest F. Hollings) was approved by the Senate Commerce Committe. The
bill requires Internet companies to obtain permission from consumers before
collecting and sharing medical and financial records, and other sensative
information. The legislation also would preempt state privacy laws and allow
consumers to sue companies that mishandle their personal data. A second vote on
the bill is required before being sent to the full Senate.
Read The Washington Post
Article Read The Full Text |
| Stealth
Database Venture Assigns IDs To Unsuspecting Prescribers |
| 5/15/2002 |
|
| Even though the the National Provider Identifier is still in a
holding pattern, the National Council for Prescription Drug Programs (NCPDP),
an ANSI-accredited standards development organization, has begun assigning ID
numbers to prescribers without their knowledge, according to a
report in Modern Physician. Read All About
It |
| Security
Regulation Slated For August - Transaction and Code Set Revisions Coming In
June |
| 5/13/2002 |
|
| According to the Department of Health and Human Services (HHS),
health care providers can expect to see the final security rule this summer.
HHS released its "Semi-annual Regulatory Agenda" in the May 13 Federal
Register, predicting publication of the final rule in August, along with
notices of proposed rulemaking for claims attachments and health plan
identifiers. HHS also plans to publish the final employer identifier rule in
June, along with modifications to the transactions and code sets rule. HHS did
not provide dates for further changes to the privacy rule.
Read The Text
Read The Full
Text |
| Zoo Refuses to
Release Animal's Medical Records Citing Privacy Concerns |
| 5/6/2002 |
|
| Thousands of people have peered in on the National Zoo's
PandaCam to see Tian Tian and Mei Xiang cavorting. But don't ask to see their
medical records. You won't get them. The Smithsonian Institution's National Zoo
has taken the position that viewing animal medical records would violate the
animal's right to privacy and be an intrusion into the zookeeper-animal
relationship. Read All About
It |
| Results
Released From Second Year HIPAA Survey |
| 4/22/2002 |
|
| The health care industry is continuing to take the necessary
organizational steps to comply with the new HIPAA Privacy Rule, according to
the second HIPAA Readiness Survey conducted by the Health Care Compliance
Association. Of the 253 respondents, 75% were from hospitals, 13% from
physician offices or clinics, 5% from home health, and 4% from university-based
facilities. 26% of respondents indicated that Executives have received five or
more hours of training, 11% indicate that Staffs have received more than five
hours of education - a four percent increase from last fall; and 6% (up from
3%) report that Directors have received five plus hours of training about the
new medical record privacy rule. Read The Complete
Survey |
| Survey Claims
Written Consent Is An Unnecessary Burden |
| 4/18/2002 |
|
| The American Hospital Association, in a recent survey, claims
that 86% of respondents think that asking a patient to sign a 10-page legal
document when they see a doctor or nurse, or pick up a prescription is an
"unnecessary burden." The American Hospital Association released the results in
a written statement to the Senate Health, Education, Labor and Pensions (HELP)
Committee on April 16. The survey polled more than 900 consumers on proposed
privacy changes to HIPAA. Other results claim that 84% of respondents believe
that time in a doctor's office should be spent on patient care, not paperwork.
Read All About
It |
| Survey Claims
Health Care Industry Still Not HIPAA Ready |
| 4/18/2002 |
|
| Health Data Management reports health care organizations have
made progress in recent months to become HIPAA compliant, but many health care
providers won't meet existing deadlines. According to a survey conducted by the
Gartner Group, a leading survey company based in Stamford, Ct., as of the end
of the 2001 less than 30% of health care providers have even assessed their
status with the final transactions and code sets rule which (until a recent
extension) was due to become effective in October of 2002. According to the
survey, many health care providers believe that their suppliers, vendors and
clearinghouses will somehow make them compliant. |
| One-Year
Extension Now Available For Standard Transactions and Code Sets |
| 4/15/2002 |
|
| The Centers for Medicare and Medicaid (CMS) recently published
the HIPAA Model Compliance Extension Form (consisting of 26 questions) which
can be used by health care providers to request a one-year extension to the
October 16, 2002 compliance date for standard transactions and code sets. The
electronic submission option of the form is now available and can be accessed
at CMS' Electronic Health Care TCS Standards Model Compliance Plan page. All
health care providers who intend to submit the plan are urged to do so
electronically. Each electronic submission will receive an online confirmation
number, which will serve as acknowledgment of the extension. CMS will not
acknowledge receipt of paper submissions. The 'Bottom Line' is this: All health
care providers have an opportunity for a one year extention for the HIPAA
Standard Transactions and Code Sets requirements. Once (properly) filed, the
the extention is automatic. To receive the extention health care providers must
submit their application by October 15, 2002. Health care providers who intend
to be compliant with the Standard Transactions and Code Sets rule by October
16, 2002 are not obligated to file, or do, anything. To
get a printable extension form for submittal by regular mail,
click here. (Be patient
- it's 250kb). To submit your extension form online, please
click here and follow the
instructions. |
| Survey: Banks
Unprepared for HIPAA |
| 4/6/2002 |
|
| A
new survey indicates banks are not ready to comply with provisions of the
Health Insurance Portability and Accountability Act. Many banks, in fact, do
not understand the law directly affects their services to health care
providers, according to survey results. "The banking industry never took HIPAA
seriously until very recently," says John Casillas, founder of The Medical
Banking Project, Nashville, Tenn. Read All About It |
| Sen. Kennedy
Not Pleased with Privacy Rule Changes |
| 4/2/2002 |
|
| According to Sen. Edward M. Kennedy (D-MA), eliminating the
privacy rule's consent requirement would "gut the cornerstone" of the privacy
regulation and put the interests of corporate America before those of American
families. "The Administration knew that medical records privacy was too hot to
touch when they first came into office, so they let the Clinton rule stand. But
now, when they think the American people are not closely watching, they have
once again put the agenda of the insurance industry and medical corporations
ahead of the agenda of the American people," said Kennedy. "There were some
legitimate concerns about the operation of the consent rule in some specific
situations, such as the case where a relative was asked to pick up a phoned-in
doctor's prescription. But those exceptions could easily have been addressed
without bringing down the whole rule." Kennedy added, "I intend to hold
hearings on this issue.and I will be introducing legislation to reverse this
ill-considered action." Read The
Article |
| Physician
Group Urges Elimination of Business Associate Provisions |
| 3/8/2002 |
|
| In a March 5 letter, a group of physician organizations told
Department of Health and Human Services (HHS) Secretary Tommy Thompson that the
Business Associate provisions are unfair and will create additional and
unreasonable burdens, costs, liabilities, and hassles on the medical community.
If the HHS is not willing to eliminate the provisions from the final privacy
rule, they should be substantially amended, the letter said. The American
College of Cardiology, American Society of General Surgeons, and Society of
Critical Care Medicine were among the organizations that signed the letter. The
group suggested the following changes: a) Provide that an entity is either a
covered entity or a business associate, but not both. b) Allow contracts that
covered entities currently have with business associates to be "grand-fathered"
so that they need not be renegotiated until they expire. c) Provide covered
entities with the option to require their business associates to provide
assurances by certification, in lieu of a contract, that they understand their
obligations with respect to privacy of health information and will comply with
the business associates provisions of the rule. d) Clarify the knowledge
requirement under the rule and limit the responsibility of a covered entity to
act upon information that a business associate may have materially breached or
violated its obligations under the contract or certification. e) Eliminate the
duty of covered entities to mitigate harmful effects caused by a use or
disclosure of protected health information made by their business associates.
f) Clarify the provisions that would require business associates to "make
available" protected health information in accordance with certain patient
rights provisions so that the administrative burdens and responsibilities on
physicians and other covered entities are limited. "Another concern with the
Business Associates provisions that must be addressed by HHS is the
unreasonable burdens and liabilities placed on physicians and other covered
entities for the wrongdoing of their business associates. We appreciate that
HHS would like to extend the reach of the privacy rule to entities not covered
under HIPAA. However, out of basic fairness, physicians and other covered
entities should only be responsible for their own noncompliance with the
provisions of the rule," said the group. Read The
Article |
| Patients'
Rights Support May Be Down |
| 2/22/2002 |
|
| Public sentiment may be shifting away from a patient bill of
rights, according to two new polls on health care opinions among Americans. A
poll conducted by Harris Interactive found that 37% of Americans believe
enacting a patients' bill of rights is extremely important, ranking it below
support for a Medicare prescription drug benefit (48%) and strengthening the
public health care system (42%). A second survey, by Ayres McHenry &
Associates and commissioned by the American Assn. of Health Plans, found that
almost two-thirds of those surveyed felt it was time for Congress to "move on"
from HMO reform to other issues, such as controlling costs and covering the
uninsured. |
| Consortium To
Develop Electronic Clinical Guideline Infrastructure |
| 2/20/2002 |
|
| A
consortium of health care providers and software companies has been awarded a
$9.2 million federal grant to develop a "universal framework" for electronic
clinical guidelines that will be compatible with any clinical information
system. Under the three-year grant from the U.S. Dept. of Commerce's National
Institute of Standards and Technology, the consortium will develop a
standard-based "language" for representing clinical guidelines. It also will
seek to develop software to convert the guidelines into a uniform electronic
format, and a framework that physician groups and providers can use at the
point of care regardless of their size. Burlington, Vt.-based IDX Systems
Corp., which sells practice management software, will lead the consortium and
help with software development. Apelon Inc., Ridgefield, Conn., will focus on
integrating medical vocabularies into the framework, and other members --
Intermountain Health Care in Salt Lake City, Mayo Clinic, Rochester, Minn.,
Stanford University, Stanford, Calif., and University of Nebraska Medical
Center, Omaha -- will provide clinical and academic expertise. |
| Physicians
Protest Privacy Rule Loophole |
| 2/11/2002 |
|
| New standards would allow use and disclosure of health
information for certain marketing purposes without a patient's consent.Read The
Article |
| HIPAA
Extension Legislation Signed |
| 1/2/2002 |
|
| On December 27, 2001, President Bush signed into law H.R. 3323,
the Administrative Simplification Compliance Act (now known as Public Law
107-105). This law provides for a one year extension of the date for complying
with the HIPAA standard transactions and code set requirements (to Oct 16,
2003) for any covered entity that submits to the Secretary of Health and Human
Servcices a plan of how the entity will come into compliance with the
requirements by October 16, 2003. The plan must be submitted by October 15,
2002 and shall be a summary of (A) An analysis reflecting the extent to which,
and the reasons why, the person is not in compliance. (B) A budget, schedule,
work plan, and implementation strategy for achieving compliance. (C) Whether
the person plans to use or might use a contractor or other vendor to assist the
person in achieving compliance. (D) A timeframe for testing that begins not
later than April 16, 2003. The law also requires the Department to develop and
promulgate a model compliance form for the plan by March 31, 2002, and to allow
for compliance plans to be submitted electronically. Please note that this
legislation kept in place the compliance deadlines for the Privacy Rule (April
14, 2003 for all covered entities except small health plans; April 14, 2004 for
small health plans). The Department will be providing the details of the model
form and submission procedures at a later date. The law also requires that, by
Oct 16, 2003, providers stop submitting paper claims and submit claims
electronically to Medicare. There are waivers for certain small providers or if
there is no method for electronic submission of claims available. CMS will
provide further details about these requirements through the regulatory
process. Read The Bill |
|
