HIPAA Compliant Medical Billing Software - What You NEED to Know

What is HIPAA, and why you need to use HIPAA compliant medical billing software...

In 1996, as a response to protect patients, the United States Congress enacted the Health Insurance Portability and Accountability Act, otherwise known as HIPAA.

Congress designed this Act, still in full effect, to regulate the medical industry. This includes:

  • insurance providers
  • medical providers
  • and patients

HIPAA protects insurance coverage limitations, ensures patient privacy and security, and helps to prevent healthcare fraud, waste, and abuse.

HIPAA dissected

Medical symbol

There are two main parts to the HIPAA legislation: Title I and Title II.

Title I: Health Care Access, Portability, and Renewability.

Deals with the limits to which an insurance provider can withhold coverage from an individual due to a preexisting condition or other circumstance.

This part of the HIPAA legislation is not usually a concern for medical offices, since it deals mostly with insurance companies.

If you encounter a patient that's having problems with their insurance company, you should refer them to their employer's HR department or state department of insurance.

Title II: Preventing Healthcare and Medical Billing Fraud and Abuse, Administrative Simplification and Medical Liability Reform.

Deals with the practices of healthcare providers, medical coders and billers, and other office personnel. This part of the HIPAA legislation enacts many specific rules and regulations on the way a health care office is run, claims are billed, and patient information is shared.

Medical offices are usually most concerned about the Title II enactments of HIPAA, as they deal directly with the way medical offices are run on a daily basis.


HIPAA helps patients keep their privacy

Before HIPAA was implemented, there were no strict regulations on how to deal with patient privacy issues.

Patient privacy used to consist of the trust that the patient had in the doctor, as well as the doctor's professional responsibility to keep what happens in the doctor's office confidential.

After HIPAA was implemented, however, the idea of patient privacy was more strictly defined.

It was enforced with legal consequences, and strict regulations were put into place. Many of these regulations have to deal with the way medical offices share, store, and access private patient data.

Due to the regulations put into place with HIPAA, medical office personnel have to undergo specialized training and sign statements in which they confirm that they understand the new regulations.

Many of these regulations are so complex, however, that a lot of medical offices have differing interpretations of how to keep patient data private.

For instance, some medical offices may choose not to fax any patient data, seeing it as a breach of HIPAA. Other medical offices may need signed fax releases from authorized personnel, to ensure the data goes to the right place.

Not only did HIPAA change the way that medical offices run on a daily basis, it made the implementation of high-security HIPAA compliant medical billing software necessary.

Unless you're using software designed before 1996, however, this shouldn't be a problem. All newer medical software has the necessary privacy requirements.

Other regulations

Patient being treated

HIPAA has also changed the way individual medical offices transmit data to insurance plans and other medical offices through Electronic Data Interfaces (EDI).

These are online information transfer systems that allow protected patient information to be shared.

Medical offices use medical billing clearinghouses on a daily basis for a number of things. Claims are sent, benefits and eligibility is verified, and claim status is checked, all through EDI transactions.

HIPAA has implemented specific rules and regulations for the transfer of information through these EDI transactions, including protecting patient information and privacy.

A further regulation is the HIPAA 5010 code set. Because of its complexity, it hasn't been implemented yet, but it's most important requirement will be made mandatory in 2013, with the implementation of the new ICD-10 diagnosis code sets.

One of the more fundamental changes to the healthcare system because of HIPAA was the implementation of the National Provider Identifier.

It used to be the case that each medical provider would have an individual identification number for each insurance company. This would mean that one provider could have up to ten or twenty different provider numbers!

The National Provider Identifier (NPI), however, is one ten-digit number. It is uniquely assigned to an individual provider to identify that doctor to the insurance company.

When the NPI requirements came into effect in 2007, it caused a bit of a headache for both medical offices and insurance companies. But as of now, the kinks have worked themselves out, and NPI numbers are a common part of a medical billing practice.

As a medical biller or coder, you'll need to be very familiar with your provider(s) NPI numbers.

HIPAA continues to be a changing piece of legislation, with the addition of the HITECH ACT (Health Information Technology for Economic and Clinical Health ACT) in 2009, which enacted new privacy requirements, specifically aimed at technological security improvements.

Medical billers and coders, as well as the rest of the medical office personnel, are all required to comply with all HIPAA regulations, under threat of legal consequences.

Don't worry though - most medical offices have already learned how to comply with HIPAA rules. It's become an ingrained part of their daily practice, and HIPAA compliant medical billing software is standard.


For Independents

If you're starting your own medical billing business, it's important to make sure you're compliant.

In this case, there are a number of HIPAA compliance specialists who can help you make sure you're doing everything right.

The way your office deals with HIPAA on a daily basis will depend on your practice's interpretation of the rules.

Because of HIPAA, new employees need a little bit more training. This teaches them how to protect patient privacy and understand the new requirements.

The rest of the changes, such as those made to HIPAA compliant medical billing software packages, EDI transactions, and insurance companies, is usually behind the scenes.

On the whole, HIPAA regulations haven't affected much of the way a medical office works. If it hasn't already, it will become a part of your daily life in the medical office.

If you found this page useful, please click "Like"! Thanks.