Urology Coding Alert
HIPAA Regulations Still Apply to BBAs, Even Across Borders
Question: Our practice uses a small cloud services provider (CSP) based in Canada to store information. Does the Health Information Portability and Accountability Act (HIPAA) still apply to our business arrangement since the vendor is outside the U.S.? Maryland Subscriber Answer: Yes, HIPAA regulations still apply to this relationship. All of the rules about electronic protected health information (ePHI), including the need for business associate agreements (BAAs), are still in effect even when the partnering vendor is not based in the U.S. Expert opinion: “Be aware that Office for Civil Rights warns of increased risk to ePHI processed or stored outside of the US, especially if the server is in a country where cybersecurity risk is high,” says Grant Elliott, CEO of Ostendio and co-founder and President of the Health Care Cloud Coalition (HC3). “More cloud service providers are touching ePHI every day,” Elliot continues. “While the OCR provides sample Business Associate Contract provisions as they relate to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules, it doesn’t state specifically how the contracted parties can be sure that the provisions are followed.”
Related Articles
Urology Coding Alert
- Coding 101:
Get Answers to Your Common Questions about Voiding and Irrigation
Turning to 51700 isn’t always the correct tactic. Coding for bladder voiding or irrigation is [...] - Compliance:
Faced With Concurrent Care? Follow These Tips for Smooth Submissions
Hint: Much of your success hinges on documentation. Concurrent care of a patient can lead [...] - You Be the Coder:
Reporting an Uncomplicated Foley Switch
Question: Would 51702 be appropriate to use for an uncomplicated exchange of a Foley catheter [...] - Reader Question:
Choose Between 54410 and 54411 for Inflatable Penile Prosthesis, IPP, Reservoir Removal
Question: Does CPT® include a code for removal of only an IPP reservoir? Or is [...] - Reader Question:
Think of 'Foreign Body' as Originating Elsewhere
Question: What is a good definition for foreign body in relation to coding? Is it [...] - Reader Question:
'Unobtainable' Can Be Factored into the History Decision
Question: A patient injected himself with a silicon agent into the scrotum. We were not [...] - Reader Question:
Steer Clear of Reporting 52000 With 51701
Question: Are we allowed to report 52000 and 51701 on the same claim? Louisiana Subscriber [...] - Reader Question:
Add 74420 to Claim if Insurer will Allow with a Cystoscopy and Retrograde pyelogram
Question: I am coding for left ureteral stent removal, retrograde pyelogram, and ureteroscopy with stone [...] - Reader Question:
Learn Your G Modifiers for ABN Success
Question: I’m working on a claim for a Medicare patient that includes an advance beneficiary [...] - Reader Question:
Follow Location to Correct TCM Code
Question: I’m still trying to get a grip on the transitional care management codes. What types [...] - Reader Question:
HIPAA Regulations Still Apply to BBAs, Even Across Borders
Question: Our practice uses a small cloud services provider (CSP) based in Canada to store [...] - Reader Question:
'Negative' ROS Systems Don't Lead to 'Complete'
Question: Can we count a “complete” ROS when the surgeon includes a statement such as [...]
