Medical Billing Codes and HIPAA: The Relationship Isn't Casual

Newly certified medical coders just getting their feet wet may not think a lot about HIPAA. It is easy to assume that the relationship between the Health Insurance Portability and Accountability Act and medical codes is a casual one. But a quick perusal of the CMS Code Sets Overview tells another story. The relationship is not casual at all.

 

At the forefront is HIPAA compliance. Nearly everyone involved in delivering and paying for medical services is in some way impacted by the legislation. In addition, healthcare providers are understandably strict about HIPAA compliance. They tend to hold medical coders and billers accountable.

 

Getting back to the relationship between medical billing codes and HIPAA, it rests on three key points:

 

Believe it or not, HIPAA actually mandates the use of several coding systems for the purposes of standardization. There are three code sets specifically referenced by it. They are ICD-10 for diagnoses and CPT and HCPCS for medical procedures.

 

You can learn more about the code sets and how they are intertwined with HIPAA by visiting the CMS website. It is a treasure trove of helpful information on code sets and regulatory compliance.

 

The federal government has a vested interest in standardization given the amount of money it spends on healthcare services via Medicare and Medicaid. So it makes a lot of sense to incorporate the code sets into HIPAA language.

 

HIPAA was first launched in 1996. It has undergone several revisions since then, including a 2005 revision that added language dictating how medical claims are stored and transmitted. The end result of that revision was an electronic transmission standard known as HIPAA 5010. The standard ensures secure transmission.

 

How does this relate to medical codes? HIPAA 5010 compliance isn't limited to the final transmission between medical provider and payer. All medical billing data transferred electronically is subject to it. Even coders need to abide by standards to ensure that data is protected.

 

Within the full spectrum of data collected by healthcare providers is data classified as Protected Health Information (PHI) under the law. HIPAA mandates protecting this data by being selective about the types of information healthcare providers can disclose.

 

In terms of medical codes, the codes themselves do not pertain to sensitive information like patient name or address. But the codes are linked to medical events. Therefore, coding and billing practices can be used to trace back to sensitive information.

 

All of this points to one simple fact: every aspect of the medical billing process must be aligned with the HIPAA mandate to protect PHI. Otherwise, a healthcare provider could be found out of compliance. More importantly, patient confidentiality could be compromised.

 

It is clear that the relationship between medical billing codes and HIPAA is not a casual one. The key to maintaining compliance within the medical coding environment is knowledge. Everyone from administrators to middle managers and entry level medical coders has a certain level of responsibility to HIPAA.

 

If you are new to medical coding, you may not fully understand HIPAA and its impact on what you do. Don't sweat it. Follow all the rules you have learned to do your job correctly. As you advance in your career, make the effort to learn as much as you can about HIPAA. Over time, the relationship between the two should become clear to you.

 

As for medical coding veterans, nothing in this post is new. Medical coding and HIPAA have been intertwined for years. It is all part of the game.