Anesthesia Coding Alert
Remember You Can't Buy HIPAA Compliance
Question: Our office recently purchased encryption software that claims to be “100-percent HIPAA compliant.” What exactly does that mean? And is total compliance even possible? New Jersey Subscriber Answer: Every healthcare service provider – and every vendor who hopes to gain their business – knows that HIPAA compliance is of utmost importance. You should also know that health information that is properly encrypted is exempt from the HIPAA Breach Notification Rules. That’s why you’ll find that nearly every vendor of an encryption product that targets your practice will claim that their product is HIPAA compliant Unfortunately, however, you cannot buy HIPAA compliance. If a third-party firm says its encryption product is “HIPAA compliant,” that company is simply telling you that the product fulfills the HIPAA encryption guidelines for stored data and data over networks. Just because an encryption product meets HIPAA’s data encryption guidelines does not mean that you’re ultimately complying with the HIPAA Security Rule simply by using the product. In terms of encryption, the Security Rule standard states that you must “implement a mechanism to encrypt and decrypt electronic protected health information” (ePHI). What to do: This standard is “addressable,” meaning that you must carefully analyze your organization’s operations to determine what type of encryption product is “reasonable and appropriate” for your business. You must base your analysis on a variety of factors related to your organization, such as: Bottom line: Whether your organization is a small physician office or a large healthcare system, you must document why you believe that a selected encryption product is appropriate for your operations, and maintain adherence to the compliance standards using internal checks and balances.
Related Articles
Anesthesia Coding Alert
- Code Update:
Don't Let the Latest CCI Edits Slip Past Your Notice
Hint: Pay special attention if you report pain management services. The latest Correct Coding Initiative [...] - ICD-10:
Get a First Look at Diagnosis Changes for 2020
Every code can help justify your anesthesia provider’s service. The initial information about updates to [...] - Compliance:
HHS Switches Up Your Potential HIPAA Breach Penalty Fees
Big changes to annual limits are being implemented. In an announcement that shocked providers across [...] - You Be the Coder:
Know How to Choose Between 01992 and 01936
Question: Is it appropriate to report 01992 with 01936, or are they inclusive of each other? [...] - Reader Question:
Management Code 01996 Can Go With Continuous Block Codes
Question: One of our providers asked a question about the daily management codes associated with a [...] - Reader Question:
Verify Intrathecal Block's Purpose Before Coding
Question: Our anesthesiologist administered a single injection intrathecal block during a patient’s inguinal hernia repair. The [...] - Reader Question:
Remember the Requirements for Moderate Sedation
Question: Our physicians do not normally use moderate sedation, so I’m not accustomed to reporting those [...] - Reader Question:
POS 11 Is a Legitimate Place for Anesthesia Services
Question: My anesthesiologist has been asked to perform anesthesia in an office surgical suite which would [...] - Reader Question:
Remember You Can't Buy HIPAA Compliance
Question: Our office recently purchased encryption software that claims to be “100-percent HIPAA compliant.” What exactly [...]
