Medicare Compliance & Reimbursement

HIPAA:

7 KEY STEPS FOR HIPAA CONTINGENCY PLANNING

CMS tips its hand as to what it expects from providers who aren't ready for the HIPAA transactions rule. 

The much-dreaded deadline for the Health Insurance Portability and Accountability Act transactions and code sets standard is upon us, and if you're not compliant yet, you're not alone.

That means that many health care providers and plans will be operating under a HIPAA contingency plan to fend off a cash flow disaster - and how long the plans will remain in effect is anybody's guess. But a series of recent guidelines from the Centers for Medicare & Medicaid Services outlines what HIPAA-covered entities need to have done - and need to work on on an ongoing basis - as the health care provider lumbers into HIPAA compliance.

According to CMS, the following elements are key components of a contingency plan:

1) Self Assessment. You should know what business practices are most at risk, and whether the problem lies with you or with a business partner.

2) Risk Identification. For each business practice at risk, assess the potential problems that may result. Stay in close communication with business partners and payers, and document all your interactions. Obviously, you should give most attention to risks that pose the biggest threat to your cash flow.

3) An Action Plan. Pay close attention to human resource needs, CMS recommends, since problem resolution could take a chunk out of your staffers' time.

4) Careful Timing. "Decide what you can do now to avoid problems later," CMS counsels. 

 5) Communication. Document every element of your action plan, the point-person for each activity, and the specific steps that need to be taken. Share the plan with everyone involved.

6) Testing. "Review the strategy with the key players and run through each potential risk and the steps identified to reduce/avoid each risk," the guidelines say.

7) Ongoing monitoring. CMS stresses that a contingency plan should constantly evolve. Review your efforts on an ongoing basis and update your plan as you make progress on some risks and identify new ones to be added to the list.

"Most importantly," CMS says, "keep the lines of communication open between you and your payers and clearinghouse."

To see CMS guidance on HIPAA contingency plans, go to http://cms.hhs.gov/hipaa/hipaa2/general/default.asp#contingency_guide.

Lesson Learned: As with all compliance matters, documentation will be crucial for demonstrating to CMS that you made a good faith effort to come to terms with the HIPAA transactions rule.

Other Articles in this issue of

Medicare Compliance & Reimbursement

View All