It surprised me at how many affected healthcare providers and business partners were still trying to finish the steps that are needed to comply with HIPAA. This is the substance of a primer I prepared on August 16, 2003, exactly two months before the compliance deadline. That was three and a half years ago. The last physician clinic we helped become compliant was in summer 2006. I wouldn’t be surprised if we got several more engagements like that.
This primer covers HIPAA’s key administrative aspects.
One of HIPAA's important objectives is to simplify the administrative requirements of the healthcare industry. The administrative simplification requirements consist of four parts:
Electronic transactions and code sets
Security
Unique identifiers
Privacy
If (you) the healthcare provider or its billing company or clearinghouse transacts business electronically, then all related parties are covered by HIPAA.
Business transactions are any of the following:
Claims
Payment and remittance advices
Claim status inquiries and responses
Eligibility inquiries and responses
Referral authorization inquiries and responses
HIPAA strongly encourages the designation of a “point of contact” in the covered entity. This could be your office manager. This person is responsible for all HIPAA-related activities. You should provide this person with some level of authority, resources, and assistance.
Your office
Ensure that your medical office administrative software is HIPAA-compliant. Check with your vendor.
Clarify the documents that are transmitted electronically and on paper. Determine what needs to be done differently. Under HIPAA, certain data are required that your existing paper forms do not have.
The health insurance payers
If they haven’t done so yet, learn when they will distribute a guide for HIPAA-mandated coding and transaction requirements. Local codes have been eliminated by HIPAA as part of its administrative simplification objective.
Confirm whether they will provide you with partner agreements that specify transmission methods as well as the coding and transaction requirements specified above.
Ensure that they have tested their software for HIPAA-compliance. Ensure that you participated in these tests.
I edited this entry to add this link to the coding system. The next version of the coding system was released after I wrote that entry although the substance is virtually identical.
AN EASY AND COMPREHENSIVE EXPLANATION OF THE OSI MODEL
"All People Seem To Need Data Processing."
"Please Do Not Throw Sausage Pizza Away."
Either way, these are the two mnemonics for the OSI model of the ISO’s standard networking protocols. In the 1990s when I was studying for my various certifications (Novell’s CNE, Microsoft’s MCSE, and Cisco’s CCNA), I learned those two mnemonics. I'd like to pass the knowledge along to the next generation. You might not find this information presented this way anywhere else.
The International Standards Organization (ISO) developed a model to serve as a standard point of reference for networking protocols. It uses seven layers to break down the networking process into seven independent processes. OSI stands for Open Systems Interconnection.
These are the seven OSI layers, listed from the outermost to the innermost layer.
APPLICATION This is where network services and applications reside. These services and applications utilizes the formats established in the Presentation layer.
SESSION This layer serves two functions. First, it establishes and maintains the inter-nodal connections (i.e., connections between nodes). And second, it maintains the logical sequence of message exchanges.
TRANSPORT This layer ensures the reliable delivery of messages. If one portion of the message transmission is lost or garbled, this layer re-transmits the necessary portion.
NETWORK This layer addresses the messages for delivery. It functions like an envelope wrapper for the message. The envelope has the recipient's address and the sender's return address. These are logical addresses that are specific to the networking protocol that is used (e.g., IP). The envelope is known as a datagram.
DATA LINK This layer refers to the specific kind of communication medium being employed. It places the datagram inside the network's delivery vehicle - generically known as a frame. Network delivery frames are specific to the particular kind of communication medium (e.g., Ethernet or Token Ring).
PHYSICAL This describes the actual physical media being employed (e.g., network interface card). This layer often has its own form of addressing in addition to the protocol-specific logical addressing. For example, each Ethernet node (e.g., the network interface card or NIC) has a permanent unique 48-bit hardware address. The first 24 bits identify the device's manufacturer. The second 24 bits identify the specific device. Example of an Ethernet device's hardware address: 08-22-12-32-12-12.
A project manager who spent too much time in the healthcare industry. He likes storage, disaster recovery, business continuity, and data center projects. This is the spillover of tech-related entries from his other blog.
Enter your search term(s) in the field at the upper lefthand corner of this page. If you enter the search term “risk,” all entries containing that word will be found.
TO EXAMINE ANY PHOTO IN DETAIL:
Click on the photo. To return to this page, click on your browser's left-arrow or use your [backspace] key.
IN THIS COLUMN:
1. AUTHOR. click on his photo to see his profile 2. SLIDESHOW. each image is clickable 3. VISITORS. show their locations 4. ARCHIVE. click to expand and see past blog entries 5. TAG CLOUD. visually depicts the contents of this site 6. FEATURES. this guide 7. TRANSLATOR. switch languages 8. TECH NEWS. each item is clickable 8. WEB-WARE. each item is clickable 9. HEALTH POLICY. each item is clickable 10. SCOUTLE. shows blogs similar to this one 11. TECH BOOKS. from amazon.com
IN THE RIGHT COLUMN:
At the end of each entry is a sphere icon. Click on it to show related content.
HIPAA’S ADMINISTRATIVE SIMPLIFICATION REQUIREMENTS
