HIPAA’S ADMINISTRATIVE SIMPLIFICATION REQUIREMENTS

It surprised me at how many affected healthcare providers and business partners were still trying to finish the steps that are needed to comply with HIPAA. This is the substance of a primer I prepared on August 16, 2003, exactly two months before the compliance deadline. That was three and a half years ago. The last physician clinic we helped become compliant was in summer 2006. I wouldn’t be surprised if we got several more engagements like that.

This primer covers HIPAA’s key administrative aspects.

One of HIPAA's important objectives is to simplify the administrative requirements of the healthcare industry. The administrative simplification requirements consist of four parts:

1. Electronic transactions and code sets
2. Security
3. Unique identifiers
4. Privacy

If (you) the healthcare provider or its billing company or clearinghouse transacts business electronically, then all related parties are covered by HIPAA.

Business transactions are any of the following:

1. Claims
2. Payment and remittance advices
3. Claim status inquiries and responses
4. Eligibility inquiries and responses
5. Referral authorization inquiries and responses

HIPAA strongly encourages the designation of a “point of contact” in the covered entity. This could be your office manager. This person is responsible for all HIPAA-related activities. You should provide this person with some level of authority, resources, and assistance.

Your office

1. Ensure that your medical office administrative software is HIPAA-compliant. Check with your vendor.
2. Clarify the documents that are transmitted electronically and on paper. Determine what needs to be done differently. Under HIPAA, certain data are required that your existing paper forms do not have.

The health insurance payers

1. If they haven’t done so yet, learn when they will distribute a guide for HIPAA-mandated coding and transaction requirements. Local codes have been eliminated by HIPAA as part of its administrative simplification objective.
2. Confirm whether they will provide you with partner agreements that specify transmission methods as well as the coding and transaction requirements specified above.
3. Ensure that they have tested their software for HIPAA-compliance. Ensure that you participated in these tests.

I edited this entry to add this link to the coding system. The next version of the coding system was released after I wrote that entry although the substance is virtually identical.

AN EASY AND COMPREHENSIVE EXPLANATION OF THE OSI MODEL

"All People Seem To Need Data Processing."

"Please Do Not Throw Sausage Pizza Away."

Either way, these are the two mnemonics for the OSI model of the ISO’s standard networking protocols. In the 1990s when I was studying for my various certifications (Novell’s CNE, Microsoft’s MCSE, and Cisco’s CCNA), I learned those two mnemonics. I'd like to pass the knowledge along to the next generation. You might not find this information presented this way anywhere else.

The International Standards Organization (ISO) developed a model to serve as a standard point of reference for networking protocols. It uses seven layers to break down the networking process into seven independent processes. OSI stands for Open Systems Interconnection.

These are the seven OSI layers, listed from the outermost to the innermost layer.

APPLICATION
This is where network services and applications reside. These services and applications utilizes the formats established in the Presentation layer.

PRESENTATION
This is where file and file access formats reside; examples of file formats are PostScript, ASCII, Microsoft Word; examples of file access formats are Sun Microsystem's Network Filing System (NFS) or Microsoft's New Technology Filing System (NTFS).

SESSION
This layer serves two functions. First, it establishes and maintains the inter-nodal connections (i.e., connections between nodes). And second, it maintains the logical sequence of message exchanges.

TRANSPORT
This layer ensures the reliable delivery of messages. If one portion of the message transmission is lost or garbled, this layer re-transmits the necessary portion.

NETWORK
This layer addresses the messages for delivery. It functions like an envelope wrapper for the message. The envelope has the recipient's address and the sender's return address. These are logical addresses that are specific to the networking protocol that is used (e.g., IP). The envelope is known as a datagram.

DATA LINK
This layer refers to the specific kind of communication medium being employed. It places the datagram inside the network's delivery vehicle - generically known as a frame. Network delivery frames are specific to the particular kind of communication medium (e.g., Ethernet or Token Ring).

PHYSICAL
This describes the actual physical media being employed (e.g., network interface card). This layer often has its own form of addressing in addition to the protocol-specific logical addressing. For example, each Ethernet node (e.g., the network interface card or NIC) has a permanent unique 48-bit hardware address. The first 24 bits identify the device's manufacturer. The second 24 bits identify the specific device. Example of an Ethernet device's hardware address: 08-22-12-32-12-12.

To be continued...