HIPAA Privacy Rule - What must employers know for section 105 reimbursement plans

9:28 PM
HIPAA Privacy Rule - What must employers know for section 105 reimbursement plans -

If an employer uses a section 105 Medical the refund plan to tax-free to reimburse employees for personal health insurance premiums or medical expenses, they should ensure that they comply with the HIPAA Privacy Rule.

HIPAA_Privacy

A portion 105 Medical Reimbursement Plan ( "§ 105 Reimbursement Plan") is a self-funded health plan and is governed by HIPAA Privacy Rules. § 105 plans include integrated HRAs, used for reimbursing deductible and medical expenses and healthcare reimbursement plans (HRPs), used for premium refund.

To a § 105 reimbursement plan setting processing staff to manage claims Protected Health Information (PHI) receives, which is protected by HIPAA. Employers, civil penalties of up to $ 100 per subject injury can not fulfill.

Let's take. A closer look at the HIPAA Privacy Rule and how it affects the employer when a section to manage 105 Refund Schedule

What is the main purpose of the HIPAA Privacy Rule for reimbursement plans?

, the HIPAA Privacy Rule creates national standards to protect individuals' medical records and other personal health information.

  • There are more control over their health information patient.
  • It sets limits the use and disclosure of patient records.
  • It established appropriate safeguards that health care providers and others need to reach in order to protect the privacy of health information.
  • is violated, accountable, including with civil and criminal penalties that can be imposed if they violate privacy rights of the patient.

and there is a balance, when public responsibility disclosure of certain types of data supported - for example, to protect public health

for patients -. it means being able to make informed decisions when care and reimbursement for the care of looking for based on how personal health information is used.

  • It allows patients to find out how their data is used, and certain details of their information that has been made.
  • There generally limited release of information to a minimum reasonably required for the purpose of disclosure.
  • It is generally patients the right to a copy of their own health records and request corrections to consider are and receive.
  • It empowers individuals to control certain uses and disclosures of their health information.

The rule protects from unauthorized disclosure all personally identifiable health information (Protected Health Information or PHI), relating to services for consumers of health care.

What is considered "personally identifiable health information" for reimbursement plans

health information is considered to be personally identifiable if it relates to a specific identifiable person ?; It usually includes the following, whether in electronic, paper or verbal format:

  • health claims or encounter information health, such as documentation of visits to the doctor and the doctors and other providers personnel took notes ;
  • healthcare payment and remittance advice;
  • Coordination of care health;
  • healthcare claim status;
  • enrollment and disenrollment in a health plan;
  • The authorization for a health plan;
  • health plan premium payments;
  • Referral certification and authorization;
  • First Report of Injury;
  • health claims attachments.

What repayment plans a covered unit in view?

The Privacy Rule, healthcare clearinghouses, and healthcare providers for health plans apply. It applies only to the extent to employers that they will work in one or more of these capacities somehow. § 105 plans are self-insured health plans.

As an employer is a covered unit with repayment plans?

Normally, an employer only deal with overcast units not really be one. However, if an employer a self-insured health plan for employees provides (eg § 105 plan) or acts as an intermediary between its employees and health care providers, it will find the kind of PHI handling that by the HIPAA Privacy Rule protected ,

What must employers do to protect when a refund plan administered employee PHI?

offer employers a section 105 Refund plan must PHI privacy practices accepted in writing and designate a data protection officer. You must provide to use a method for employees to lodge complaints and for dealing with complaints. Finally, they must take all necessary measures to see that PHI not decisions is used for the production of employment or benefits.

What do the written privacy procedures must include?

Have a written privacy practices of the employer for a section plan must provide guarantees for the management of PHI, physical security of this information, and electronic and other types of technical safety include 105 refund. The procedures should include the designation of a data protection officer and an explanation of the complaint and resolution process.

What penalties apply to violations of privacy rule requirements?

There are civil penalties of $ 100 per violation can, but the penalties per person multiple injuries in terms of a single individual.

, the maximum civil penalties are $ 25,000 a year, are "stacked" when there are per default. So if two standards have been violated in relation to a person, the possible penalties of up to $ 50,000 could be mounted. Criminal penalties (up to a $ 250,000 fine and ten years in prison) for "knowingly and improperly" disclosing information or to obtain information under "false pretenses", reserved with higher penalties designed for injury for financial gain or "malicious damage be "imposed.

In addition, of course, state laws may impose additional penalties for the same offense, and most states would also allow common-law suits for wrongful acts as violations of privacy and infliction of emotional distress, among other causes action. In November 04, a federal court a former employee of a Seattle clinic Washington Cancer sentenced to 16 months' imprisonment under the criminal penalty provisions of HIPAA, after he admitted a patient of birth and SSN information fraudulently used, obtain four credit cards, in the name and the charge of the patient about $ 9,000 in merchandise.

What guarantees can an employer in place enforce compliance of HIPAA to guarantee?

Because of HIPAA and other compliance rules (ERISA, ACA, IRS, COBRA, etc.), most employers use a third party administrator to set up the appropriate planning documents and process applications for reimbursement ( "claims"). With the help of a third party, such as a compatible health reimbursement software provides the necessary guarantees HIPAA comply and avoid the fines.

For more information on the Privacy Rules HIPAA can be found on HHS site (http://www.hhs.gov/ocr/hipaa/).

What questions have your plans on HIPAA and § 105 refund? Leave a comment.

Small Business Guide to Section 105 Medical Reimbursement Plans

Previous
Next Post »
0 Komentar