Home Health & Hospice Week

Industry Notes:

HIPAA Privacy Complaints Pour In By The Hundreds

Are your privacy practices enough to satisfy  your patients? Just because HIPAA privacy enforcement is largely complaint-driven doesn't mean you're out of the woods. Your patients are showing they're willing to speak up when they feel their privacy rights are being violated. During the first five months of Health Insurance Portability and Accountability Act privacy rule enforcement, the HHS Office for Civil Rights has received more than 1,800 complaints, according to OCR Director Richard Camp-anelli. That averages out to more than 15 complaints per business day. Speaking at a hearing before the Senate Special Committee on Aging Sept. 23, Campanelli said OCR already has resolved and closed about 30 percent of those complaints. The closed matters either didn't raise a real privacy issue, didn't involve an actual violation of HIPAA or were resolved "expeditiously and informally - through voluntary compliance - usually after providing some technical assistance," he said. Home care providers can download a copy of the new PC Pricer software from the Centers for Medicare & Medicaid Services Web site. The software "is a personal computer compatible version of the software used in Medicare systems to calculate payments under the home health prospective payment system," CMS notes. The new software, which reflects the payment rate update that took effect Oct. 1, is available at http://cms.hhs.gov/providers/pricer/. CMS may have granted providers a reprieve on the HIPAA electronic and code set rule that takes effect Oct. 16, but they should still get compliant as soon as possible (see Eli's HCW, Vol. XII, No. 34, p. 269). Providers can get free HIPAA help from CMS, which has its series of HIPAA roundtable conference calls archived on its HIPAA Web site. The most recent call took place Oct. 8. To access the roundtable transcripts, go to www.cms.hhs.gov/hipaa/hipaa2/events/default.asp#roundtable. One HIPAA item providers don't have to worry about for now is the physician's employer identification number (EIN) or social security number (SSN). Home care providers can use a "dummy" nine-digit number for the item on the HIPAA-compliant 837 format. Requiring a doc's EIN or SSN "places a burden on providers," CMS says in a new HIPAA frequently asked question. "We are aware that some providers are reluctant, or even refuse, to furnish that information when requested to do so for this purpose." While Medicare won't edit for the accuracy of the EIN or SSN, providers should consider using a dummy number as only a temporary contingency plan, a CMS official said in the Oct. 7 Open Door Forum for home health. Providers should work toward obtaining those numbers. Eventually, CMS will assign physicians with National Provider Identifier numbers, which will replace the EIN/SSN HIPAA requirement, it says.

Lawmakers appear to be making [...]
You’ve reached your limit of free articles. Already a subscriber? Log in.
Not a subscriber? Subscribe today to continue reading this article. Plus, you’ll get:
  • Simple explanations of current healthcare regulations and payer programs
  • Real-world reporting scenarios solved by our expert coders
  • Industry news, such as MAC and RAC activities, the OIG Work Plan, and CERT reports
  • Instant access to every article ever published in Revenue Cycle Insider
  • 6 annual AAPC-approved CEUs
  • The latest updates for CPT®, ICD-10-CM, HCPCS Level II, NCCI edits, modifiers, compliance, technology, practice management, and more