Are your privacy practices enough to satisfy your patients? Just because HIPAA privacy enforcement is largely complaint-driven doesn't mean you're out of the woods. Your patients are showing they're willing to speak up when they feel their privacy rights are being violated. During the first five months of Health Insurance Portability and Accountability Act privacy rule enforcement, the HHS Office for Civil Rights has received more than 1,800 complaints, according to OCR Director Richard Camp-anelli. That averages out to more than 15 complaints per business day. Speaking at a hearing before the Senate Special Committee on Aging Sept. 23, Campanelli said OCR already has resolved and closed about 30 percent of those complaints. The closed matters either didn't raise a real privacy issue, didn't involve an actual violation of HIPAA or were resolved "expeditiously and informally - through voluntary compliance - usually after providing some technical assistance," he said. Home care providers can download a copy of the new PC Pricer software from the Centers for Medicare & Medicaid Services Web site. The software "is a personal computer compatible version of the software used in Medicare systems to calculate payments under the home health prospective payment system," CMS notes. The new software, which reflects the payment rate update that took effect Oct. 1, is available at
http://cms.hhs.gov/providers/pricer/. CMS may have granted providers a reprieve on the HIPAA electronic and code set rule that takes effect Oct. 16, but they should still get compliant as soon as possible (see Eli's HCW, Vol. XII, No. 34, p. 269). Providers can get free HIPAA help from CMS, which has its series of HIPAA roundtable conference calls archived on its HIPAA Web site. The most recent call took place Oct. 8. To access the roundtable transcripts, go to
www.cms.hhs.gov/hipaa/hipaa2/events/default.asp#roundtable. One HIPAA item providers don't have to worry about for now is the physician's employer identification number (EIN) or social security number (SSN). Home care providers can use a "dummy" nine-digit number for the item on the HIPAA-compliant 837 format. Requiring a doc's EIN or SSN "places a burden on providers," CMS says in a new HIPAA frequently asked question. "We are aware that some providers are reluctant, or even refuse, to furnish that information when requested to do so for this purpose." While Medicare won't edit for the accuracy of the EIN or SSN, providers should consider using a dummy number as only a temporary contingency plan, a CMS official said in the Oct. 7 Open Door Forum for home health. Providers should work toward obtaining those numbers. Eventually, CMS will assign physicians with National Provider Identifier numbers, which will replace the EIN/SSN HIPAA requirement, it says.
Lawmakers appear to be making [...]