Lesson 7 – HIPAA 101

es logo vector 1 4

HIPAA 101

By this point, you’ve probably seen a few mentions of the Health Insurance Por­tability and Accountability Act (HIPAA). In previous courses, we’ve talked about HIPAA in regards to its regulation of standard transmissions between provid­ers and payers. These standard transmissions include claims, meaning HIPAA regulates a huge portion of the medical billing process.

But what, exactly, is HIPAA? In this course, you’ll find out. In the course follow­ing this one, we’ll show you how HIPAA affects medical billing.

WHAT IS HIPAA   – Created in 1996, HIPAA is an act of Congress that protects the health insurance of workers and their families if they lose their jobs. HIPAA also protects the pri­vacy of children 12 to 18 years of age and establishes a number of regulations for the electronic transfer of healthcare data. This last point is where we’ll spend the most time in our summary, but let’s look at the whole Act in brief first.

HIPAA is divided into five sections, or Titles. For the sake of this course, we’ll focus only on the first two Titles, which are the largest and most far-reaching.

TITLE I  – Title I establishes rules for how group health organizations (like managed care organizations) interact with patients. Title I limits the restrictions a group health organization can put into place based solely on a pre-existing condition.

Title I also limits the amount of time it takes to get coverage for that pre-exist­ing condition. Specifically, once a person has coverage under a group health organization, that person must receive coverage for their pre-existing condition within 12 months (or 18 months in certain circumstances).

Title I also provides protection to individuals and their families when that in­dividual changes or loses their job. If an individual has health insurance under their old job, they are allowed to keep that insurance until the point when their new health care coverage kicks in. There are a few caveats to this, of course, and HIPAA does not provide permanent health insurance. It does, however, ensure that persons out of work can continue their health care coverage while in be­tween jobs.

As you may be able to tell, this Title of HIPAA affects insurance companies and their interactions with patients much more than it does medical billers. Title II is where we’ll see HIPAA affect medical billing more directly.

TITLE II                     When HIPAA was passed, an increasing number of medical transactions werebeing performed electronically. While electronic transactions (like claims) were faster, more cost-efficient, and less error-prone, they also caused some patients and regulators to worry about the privacy of the personal medical records. Title II addresses theses concerns and establishes standards and guidelines for these types of transactions.

HIPAA 101 | 127

TITLE II AND MEDICAL BILLING

PRIVACY AND SECURITY

Title II lays out a set of security guidelines that ensure the safety of both phys­ical and electronic records. These regulations limits who can view medical information, and also dictates how this information is transferred.

Title II also established a set of rules limiting who can distribute your medi­cal information, and when. These rules give patients more control over their medical records, including who can access them and at what times. These rules prevent anyone—including providers, payers, or government agencies—from viewing or distributing a patient’s medical information for anything not related to treatment for the patient. For instance, on a worker’s compensation claim for a broken finger, a biller would not include the patient’s history of heart disease.

Title II and Medical Billing

The passage of HIPAA added an “Administrative Simplification” (AS) to a por­tion of the Social Security Act. With that AS, Title II established a set of regula­tions and guidelines for the electronic transmission of healthcare data, and sets up guidelines for the code sets used in medical billing and coding.

You’ve actually already learned about many of these code regulations: HIPAA formalized the use of ICD codes, CPT codes, and HCPCS codes for use in creating claims.

The goal of the AS was to establish a regular, uniform method of communica­tion for any party involved in healthcare, such as insurance payers, providers, clearinghouses, and government agencies. All bodies covered by HIPAA (and this includes most providers and payers, including Medicare and Medicaid) must adhere to these standards of transactions.

Under Title II, all electronic transactions must be performed as a type of Elec­tronic Data Interchange (EDI). (An EDI is a standardized form of electronic transaction. It’s widely used in all types of commerce. An ATM withdrawal, for example, uses an EDI). For healthcare transactions, providers and payers must use the EDI approved by the Accredited Standards Committee X12 (ASC X12). Currently, that form is the ASC X12 005010. Under ASC X12 005010, each type of medical transaction gets its own code number. A claim, for example, is an X12 837. A health care eligibility inquiry is a 270. We’ll talk a bit more about this in the next course.

That may all sound a little complicated, so let’s break it down a bit. Under Title II, each medical transaction has to adhere to a certain format. HIPAA dictates that those electronic transactions follow the format laid out by the ASC X12.

This form is the ASC X12 005010. Included in that form are various subforms, each of which corresponds to a certain type of medical transaction.

Again, we’ll discuss more of how HIPAA Title II affects medical billing in the next course. Let’s close out this section with a brief overview of what else Title II does.

Title II establishes the mandatory use of National Provider Identifier (NPI) numbers. You should remember NPIs from our discussion of creating medical claims. These NPIs are ten characters long, may be alphanumeric, and are never re-used (except in very particular situations). Like ICD or CPT codes, NPIs pro­vide an efficient universal shorthand for identifying a crucial part of the health­care process.

In addition to establishing the above regulations and rules, Title II also outlines a number of offenses related to healthcare. Title II prescribes the civil and crim­inal punishments for these fraudulent offenses.