Windows XP Won’t Be HIPAA Compliant Starting April 8
You may have heard that Microsoft announced that it will stop supporting Windows XP on April 8, but it’s possible that the news didn’t particularly resonate with you since your XP system is running quite well. However, the news could have significant reverberations from a HIPAA standpoint.
As you’re probably aware, your computer system (whether it’s XP, Vista, or another operating system) periodically updates its security protocols to ensure that hackers cannot access your private files. But if Microsoft stops issuing security updates for XP, that means your system is vulnerable to breaches, which are the nemesis of HIPAA.
According to the Health Insurance Reform Security Standards Final Rule, you “are required to maintain reasonable and appropriate administrative, physical, and technical safeguards to ensure the integrity and confidentiality of the information and to protect against any reasonably anticipated threats or hazards to the security or integrity of the information and unauthorized use or disclosure of the information.”
To be able to prove that you have taken such safeguards, you need to demonstrate that you protected all of the information in your computer system, which could be difficult when you’re using an unsupported operating system.
Takeaway: If your protected health information is on a Windows XP system, start changing it over now so you’re compliant by April 8.
This HIPAA Breach Lasted 4 Years
You know that it’s illegal for your employees to snoop around in patient files when they don’t have a medically necessary reason to be looking — but one health system employee took such an infraction to the extreme. A licensed practical nurse (LPN) at a large medical group in Virginia inappropriately accessed nearly 1,000 patients’ social security numbers and medical histories from their EHRs over a four-year period, the Hampton Roads, Va. Daily Press reported recently.
The company discovered the breach during a random audit in November, after which the health system began contacting the patients who were affected.
If nothing else, this latest news should serve as a reminder of how important it is for you to create strict patient privacy policies, train your staff on how to follow them, and audit/monitor the records often to ensure that your employees are carefully following the HIPAA rules. To view the HIPAA audit protocols, visit www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/protocol.html.
CMS Grants ‘CLIA-Waived’ Status to 9 Lab Tests
Part B practices will benefit from six new lab tests now classified as “CLIA-waived,” according to a Jan. 10 MLN Matters article on the topic.
According to article MM8560, the Centers for Medicare & Medicaid Services (CMS) will now consider the following tests CLIA-waved. You’ll have to append modifier QW (CLIA-waived test) to most of these codes, which include the following services, among others:
G0434 (Drug screen, other than chromatographic…) for SCI International Inc. New Choice At Home Drug Test: Marijuana (Strip Format), the Alere iCup DX 14 (Cassette Dip Card format), the American Screening Corporation Discover Drug Test Cards, and the American Screen Corporation Discover Multi-Panel Drug Test Cups.
82465 (Cholesterol, serum or whole blood, total) for the Infopia USA, LipidPro Professional Lipid Profile and Glucose Measuring System and the Jant Pharmacal Corp. LipidPlus Professional Lipid Profile and Glucose Measuring System.
To read the article in its entirety, visit www.cms.gov/Outreach-and-Education/Medicare-Learning-Network-MLN/MLNMattersArticles/downloads/MM8560.pdf.
Home Health Medicare Claims Processing System Glitches Cleared Up
A number of home health claims processing errors should plague you no more, now that the latest Medicare claims system release is in. But beware of one overpayment snafu that continues.
For example: The system was having problems matching RAPs to their final claims when a duplicate RAP was submitted, HHH Medicare Administrative Contractor CGS says on its FISS Claims Processing Issues webpage. But now a solution was implemented with the January 2014 release, CGS confirms.
Other problems addressed by the release were that final claims were processing with no RAPs, demand denial claims were inappropriately rejecting as duplicates against the RAP, and RAPs were inappropriately rejecting or suspending with MSP codes, CGS adds.
Unresolved: Overpayment amounts showing in the ‘adjustment to balance’ field on the standard paper remittance advice or as adjustment reason code 90 on the electronic remittance advice (ERA) is an ongoing problem, CGS indicates.
“Providers should track the dollar amount associated with the overpayment and the RA/ERA paid date, as future recoupment is anticipated,” the MAC says on its site. “CGS does not recommend reporting this overpayment on a credit balance report.”
Manual Changes, Education Call Shed Light On Change In Improvement Standard
If you’re trying to get a handle on what the Jimmo settlement agreement means for your home health agency, you’ve got some more tools to help you figure it out.
Reminder: Last January, the U.S. District Court for the District of Vermont gave a final approval on a settlement with the Department of Health and Human Services (HHS) in the class-action lawsuit Jimmo v. Sebelius. Under the settlement, HHS agreed to clarify that Medicare covers home health, therapy services and SNFs regardless of whether the beneficiary’s condition is expected to improve — known as the “improvement standard.”
CMS finally has issued Medicare manual updates incorporating the Jimmo clarifications. And CMS held an MLN Connects National Provider Call on the topic right before Christmas. An explanation of the manual updates is in an MLN Matters article at www.cms.gov/Outreach-and-Education/Medicare-Learning-Network-MLN/MLNMattersArticles/Downloads/MM8458.pdf and the call transcript is at http://www.cms.gov/Outreach-and-Education/Medicare-Learning-Network-MLN/MLNMattersArticles/index.html.