|
 |
| |
By enacting the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Congress mandated the establishment of standards for the privacy and security of individually identifiable health information. GroupOne Healthsource is committed to complying with these national standards to protect individuals' medical records and other personal health information. |
|
| |
As a result of GroupOne's commitment, numerous staff and significant financial resources have been dedicated to researching and thoroughly understanding the HIPAA regulations. Since these regulations are constantly being revised and updated, and some not even finalized, GroupOne continues to update processes to promptly meet the government's requests. In summary, GroupOne is dedicated to the 's journey of achieving HIPAA compliance. |
|
| |
| 1. |
Transactions and Code Sets Requirement:
The Transactions and Code Sets Requirement was first on the priority list. The final date was October 16, 2003. The following procedures were performed. |
| |
a. |
Assessing internal management information system to meet Transaction Standards & Code Set requirements |
i.
ii.
iii.
iv.
v. |
|
Close communication with our software vendor
Completed the operational assessment phase of the implementation strategy
Completed the software development & installation phase
Testing started on April 14, 2003
Completed by Oct 16, 2003
|
| 2. |
Privacy: Privacy was the next concern with the compliance date April 14, 2003. Initial training and ongoing training workshops have been conducted within our organization. Complying with the Privacy sections, Risk Assessments, Protected Health Information (PHI) Data Flow Maps, and Gap Analyses have been performed. In addition, HIPAA Policies and Procedures have been developed and implemented. The following activities were completed with some ongoing: |
| |
a.
b.
c.
d.
e.
f.
g.
|
Conducted Overview HIPAA Training
Ongoing HIPAA Training Workshops
Performed Risk Assessments
Mapped the flow of PHI
Created HIPAA Policies
Documented HIPAA Procedures to meet requirements
Reviewed Business Associate Contracts and provisions |
| 3. |
Security: The final Security rule adopts standards for the security of electronic PHI to be implemented by covered entities. Under the Administrative Safeguards, a covered entity must implement policies and procedures to prevent, detect, contain, and correct security violations. Compliance date is April 21, 2005, with the exception of small health plans that have April 21, 2006 compliance date. GroupOne is in the process of complying with the Security Regulations by performing the following: |
| |
a.
b. |
a. Modifying facilities to meet Physical Workstation Security Requirements (i.e., office dividers around desks containing PHI)
Assessing internal network security and other technical requirements |
| 4. |
Unique Health Identifiers: UNIs are a necessary element to the national standardization of healthcare transaction automation. Under the HIPAA provision are identifiers for employers, providers, health plans, and individuals. Of these the employer, and provider have been finalized, and dealt with internally. The health plan, and individual, along with electronic signature regulations are not finalized at this time however, we continue to monitor the progress toward this end. |
|
|
| |
|
|
| |
After spending countless hours in the study and research of HIPAA, GroupOne Healthsource’s HIPAA Team has developed a line of tools and services that enable us to help covered entities better understand and attain their goals in HIPAA compliance.
|
|
|
| |
Top ^ |
|
|
| |
 |
| |
| “Our days in A/R went from 130 to under 60 in 6 months” |
|
|
