Pub. Date:
American Medical Association
Field Guide To HIPAA Implementation / Edition 1

Field Guide To HIPAA Implementation / Edition 1

by Jan Root, David C. Kibbe
Current price is , Original price is $145.0. You

Temporarily Out of Stock Online

Please check back later for updated availability.

This item is available online through Marketplace sellers.

Product Details

ISBN-13: 9781579472832
Publisher: American Medical Association
Publication date: 07/01/2002
Edition description: SPIRAL
Pages: 266
Product dimensions: 8.92(w) x 11.08(h) x 0.98(d)

Table of Contents

CHAPTER 1 HIPAA Basics: Establishing a Base for the Journey
HIPAA Basics
Four Sets of Standards and a Timeline
HIPAA Privacy Standards
HIPAA Security Standards
CHAPTER 2 Taking the Crazy Out of Billing
How to Use This Chapter
Why Saving Administrative Dollars Is Important to You
What Value Can the HIPAA Transactions Bring Me?
HIPAA Cost Comparison Tool: How Much Money Could You Save?
Claim Payment
Claim Status
Prior Authorization/Referrals
HIPAA Cost Comparison Tool: Increasing Your Net Income
Invest in Your Practice Management System
Improve Your Administrative Processes
Determine Eligibility
Submit Claims
Post Claim Payments
Bringing It All to Life
Discussions with Your Practice Management System Vendor
Discussions with Your E-Connect Vendor
Discussions with Your Major Payers
Discussions with the Practice Owner
Two More "Crazy" Fixers
Testing and Certification
The National Provider Identifier
Is It Easy?
CHAPTER 3 Using HIPAA Transactions and Codes to Improve the Business Side of Your Practice
How to Use This Chapter
Transactions in Their Simplest Form
HIPAA Transactions and Code Set Standards
Efficiencies of Electronic Claim Submission and Payment
Claim/Encounter Transactions: Submission and Payment
Splitting Claims
Crosswalk with the HCFA-1500
Institutional Claim/Encounter: Highlights of Differences
Dental Claim/Encounter: Highlights of Differences
Coordination of Benefits Transaction
Claim Payment (Remittance Advice)Transaction
Eligibility Transactions
Eligibility Inquiry
Eligibility Response
Claim Status Transactions
Claim Status Codes
Claim Status Codes at the Claim and Service Line Level
Referrals and Prior Authorizations
Referral/Prior Authorization Request
Referral/Prior Authorization Response
CHAPTER 4 Getting Started with Privacy Implementation
How to Use This Chapter
Why Are Privacy Practices Important?
HIPAA Privacy-An Overview
Special Challenges for Small or Independent Medical Practices
Developing Your Action Plan
Phase 1: Get Started
Phase 2: Translate the Privacy Rule into Documents Tailored to Your Medical Practice
Phase 3: Educate and Train Physicians and Staff
Phase 4: External HIPAA Implementation
CHAPTER 5 The HIPAA Privacy Rule for the Medical Practice Privacy Official
How To Use This Chapter
Additional Resources
Lesson 1: Origin and Purpose of the HIPAA Privacy Rule
HIPAA Statute Applies Now
Who Is Affected by the Privacy Rule?
Protected Health Information
Covered Entities
New Patient Rights
New Policies and Procedures
New Restrictions on Inform ation Flow
Can Physicians Go "Paper Only" to Avoid the Privacy Rule?
HIPAA Privacy Effect on Others
Effect of Other Privacy Laws on Medical Practices
Lesson 2: Notice of Privacy Practices (�164.502(i), �164.520)
What Is a HIPAA Notice of Privacy Practices?
Group Health Plans and Inmates
Provision of Notice
Obtaining Acknowledgments
Required Content of Notice of Privacy Practices
Revisions to the Notice of Privacy Practices
Joint Notice by Covered Entities
Lesson 3: Patient Rights
Section 1: Further Restriction Requests (�164.522(a))
Section 2: Alternative Communications Requests (�164.522(b))
Section 3: Access to Information (�164.524)
Section 4: Amendment of PHI (�164.526)
Section 5: Accounting of Disclosures of PHI (�164.528)
Lesson 4: New Administrative Requirements (�164.530)
Section 1: Personnel Designations (�164.530(a))
Section 2: Policies and Procedures (�164.530(i))
Section 3: Safeguards (�164.530(c))
Section 4: Documentation (�160.310 and �164.530(j))
Section 5: Training (�164.530(b))
Section 6: Complaints (�164.530(d))
Section 7: Sanctions (�164.530(e))
Section 8: Mitigation (�164.530(f))
Section 9: No Intimidating or Retaliatory Acts (�164.530(g))
Section 10: No Waiver of Rights (�164.530(h))
Lesson 5: Overview of New Restrictions on the Flow of PHI
HIPAA Information Pathways
Lesson 6: Permitted Uses and Disclosures: Treatment, Payment, and Health Care Operations; Opt-Outs; Incidental Disclosures; and Authorizations
Section 1: Treatment, Payment, or Health Care Operations (�164.506)
Section 2: Opt-outs: Opportunity to Agree or Object (�164.510)
Section 3: Incidental Uses and Disclosures (proposed �164.502(a)(1)(iii))
Section 4: Authorizations (�164.508)
Lesson 7: Public-Good Uses and Disclosures (�164.512)
Section 1: Required by Law (�164.512(a))
Section 2: Public Health Authority (�164.512(b)(1)(i))
Section 3: Child Abuse or Neglect (�164.512(b)(1)(ii))
Section 4: Victims of Abuse, Neglect, or Domestic Violence (�164.512(c))
Section 5: Food and Drug Administration (�164.512(b)(1)(iii))
Section 6: Communicable Disease (�164.512(b)(1)(iv))
Section 7: Employee Workplace Medical Surveillance (�164.512(b)(1)(v))
Section 8: Health Oversight Activities (�164.512(d))
Section 9: Judicial and Administrative Proceedings (�164.512(e))
Section 10: Law Enforcement (�164.512(f))
Section 11: Coroners and Funeral Directors (�164.512(g))
Section 12: Cadaveric Organ, Eye, or Tissue Donation Purposes (�164.512(h))
Section 13: Research (�164.512(i))
Section 14: Avert a Serious and Imminent Threat to Health or Safety (�164.512(j))
Section 15: Specialized Government Functions (�164.512(k))
Section 16: Disclosure for Workers' Compensation (�164.512(l))
Lesson 8: Minimum Necessary (�164.502(b) and �164.514(d))
Implementation Requirements-Uses
Implementation Requirements-Disclosures
Requests by Others for PHI
Medical Practice's Own Requests for PHI
Specific Justification for Entire Medical Record
How Much Is Minimum Necessary?
Lesson 9: Business Associates (�164.502(e); �164.504(e))
Business Associate Standard: Disclosure to Business Associates
Business Associate Exceptions
Permitted Contract Provisions
Covered Entity as Business Associate
Oversight of Business Associate
Grandfathering of Certain Written Contracts with Business Associates
Lesson 10: Other Special Requirements
Section 1: Special Requests by the Individual (�164.502(h); �164.522(a) and (b))
Section 2: Verification Requirements (�164.514(h))
Section 3: Special Categories of Individuals
Section 4: Marketing (Privacy Rule: �164.514(e); (Proposed Modifications: �164.508(a)(3))
Section 5: Fundraising (�164.514(f))
Section 6: Health Plan Underwriting-Benefits Not Placed with Plan (�164.514(g))
Section 7: Disclosures by Whistleblowers (�164.502(j)(1))
Section 8: Disclosures by Workforce Members Who are Crime Victims (�164.502(j)(2))
Section 9: Special Multiple Entity and Function Rules
Section 10: Psychotherapy Notes
Lesson 11: Other Laws, Preemption, and Enforcement
Section 1: Other Laws
Section 2: Preemption
Section 3: Enforcement
Lesson 12: Privacy Implementation
CHAPTER 6 Getting Started with HIPAA Security
How to Use This Chapter
Security Is a Process
Two Major Changes
Not a Cookbook
How Much Security Is Enough?
Implementing the Security Rule
How to Use the Worksheets
Document What You Do Today
Formulate Draft Policy and Procedure
Two Precautions
The Security Matrix
Step 1: Appoint a Security Manager/Official [Matrix: (B)(1)]
Step 2: Conduct a Security Risk Analysis [Matrix: (A)(10)(i)]
Step 3: Review/Write Personnel Policies and Procedures [Matrix: see worksheets that follow]
Step 4: Review/Write Computer and Equipment Policies and Procedures [Matrix: see worksheets that follow]
Step 5: Review How PHI Data Flows in Your Office�Make a Map [Matrix: (A)(4)]
Step 6: Review/Write Security Incident Procedures [Matrix: (A)(9)(i, ii)]
Step 7: Review/Write Contingency Plans [Matrix: (A)(3)]
Step 8: Combine Your Security Policies and Procedures into One Document [Matrix: (A)(10)(iv)]
Step 9: Ask Your Legal Counsel to Review Your Security Documents
Step 10: Review/Initiate Regular Security Training [Matrix: (A)(7)(vi), (A)(12), (B)(6)]
Step 11: Begin (and Continue) Risk Management [Matrix: (A)(10)(ii, iv), (A)(8)(i)]
Questions That Remain
Certification [Matrix: (A)(1)]
Chain-of-Trust Agreements [Matrix: (A)(2)]
Electronic Signatures
CHAPTER 7 Getting Started with HIPAA Computer Security
How to Use This Chapter
Why Computer Security Is Important
The Nature of the Threat
Security and Privacy
Computer Vulnerabilities
Your Medical Practice's Information System Components
Exercise 1: Create an Inventory of Information System Components
Data Criticality
What Data Are Critical to Your Practice?
Exercise 2: Data Criticality Analysis
Physical Security and Computer Access Issues
Who Has Physical Access?
Who Has Permission and Authority?
Vendors and Support Personnel
Contingency Planning and Data Backup
Backup Methods and Issues
Data Disposal
Authentication and the Problem of Digital Identity
How Computers Assure Identity
Tips on Password Management
Strong Authentication Using Digital Certificates
The Uses of Encryption in Medical Office Security
E-mail Encryption
Network and Communications Controls
Computer Viruses
Audit Trails
Chain of Trust and Business Partner Relationships
Performing a Security Gap Analysis
Appendix A: Transactions
Appendix B: Privacy
Appendix C: Security
Glossary of Selected HIPAA Definitions from 45 C.F.R. �160.103 and �164.501

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews