by Find-A-Codeā¢
Feb 15th, 2023
As a professional medical coder or biller, you have certain obligations to the federal HIPAA rules designed to protect sensitive patient information. The rules are not as complicated for you as they are for some other entities within the healthcare space, but that does not mean that compliance is any less important. To that end, do you know the four primary tenets of HIPAA compliance?
The HIPAA was enacted by Congress some years ago to account for patient privacy concerns within a changing healthcare landscape. The legislation, combined with electronic health records, ensures patients are protected against their personal information being shared with unauthorized parties. Your job as a medical coder or biller gives you access to such information. As such, you are required by law to protect it.
HIPAA rules are simultaneously simple and complex. An individual's understanding of the rules largely rests in how they are applied to that person's daily work. All the rules can be encapsulated in the following four tenets:
Tenet #1: Privacy
Above all else, HIPAA compliance is about privacy. All healthcare entities and other guardians of sensitive patient information are expected to protect individual privacy at all costs. All electronic protected health information (ePHI) must be kept private. This information includes:
- personal information
- billing information
- physical or mental health details
- details of conversations with providers and staff
- medical charts and prescription records.
Any and all ePHI information you deal with in medical coding or billing must remain private. If you are not sure how to maintain privacy, it is your responsibility to learn.
Tenet #2: Security
Not only are affected workers required to keep protected information private, but they are also required to keep it secure. This suggests a number of things. First, protected information may not be shared with any unauthorized persons or those who might otherwise be authorized except for the fact that they are not directly involved in the patient's care.
In addition, the software and hardware healthcare workers utilize must be equipped with the latest security protocols protecting against data breaches. In fairness, this particular issue lies more with employers than employees.
Tenet #3: Enforcement
Where there are rules there are means of enforcing those rules. As such, strict enforcement is the third tenet of HIPAA compliance. Employers must have their own enforcement rules in place to make sure employees do things correctly. When healthcare organizations do not enforce the rules internally, they can expect to be subject to federal enforcement.
Both Washington DC and the states take HIPAA compliance seriously. When enforcement actions are taken, they tend to be significant. It is far better for employers and employees to always do things by the book.
Tenet #4: Reporting
Finally, HIPAA compliance mandates that healthcare organizations immediately report data breaches. What are normally referred to as HIPAA breach notifications aren't just the first step. Affected organizations must also investigate and report how such breaches occurred, as well as how future breaches will be avoided.
Data breaches run the gamut from misplaced medical data to accidental disclosures to outright cyberattacks. No breach is a small breach to regulators. Immediate compliance with HIPAA rules mitigates the damage caused by data breaches.
Fortunately for medical billers and coders, their obligations to HIPAA compliance are not as complex as other healthcare entities. Nonetheless, compliance isn't an option. If you are involved in medical coding and billing and lack sufficient understanding of your compliance obligations, make an effort to learn as much as you can about the regulations. Do not get caught in a position of having violated the rules – either ignorantly or knowingly.
Quick, Current, Complete - www.findacode.com