The Importance of HIPAA Compliance
3 min readWhen it comes to medical coding and billing, HIPAA compliance is vitally important. According to medical coding experts at Findacode.com, an online database for medical coding and billing, claims that are non-compliant may be delayed or even outright rejected by insurance companies, therefore affecting revenue, and ultimately having a negative impact on patient care.
Why is Accurate Coding So Important?
Medical coders document a patient’s entire journey through the medical system, from the initial consultation right through to any surgical procedures and hospital stays. Every aspect of that journey must be translated into code in order for the medical facility to bill the insurance company and be reimbursed. It is not just the actual treatments and surgeries that are billed, though; it is the time spent on diagnosis, any equipment used, medicines, administrative tasks, and time spent in hospital. Everything must be coded correctly so that the invoice can be passed and paid.
If medical coding is inaccurate, it is likely that payments from the insurance company will be at the very least rejected for resubmission. It could mean that the insurance company will only pay a part of the invoice, or indeed reject it completely. If inaccuracies continue, the medical facility will be left with a cashflow shortage and piles of paperwork to rectify.
What is HIPAA Compliance?
HIPAA (Health Insurance Portability and Accountability Act) compliance means meeting the rules and regulations set down by this act. Failure to comply is a federal offence. There are many aspects to HIPAA compliance, and it revolves around the protection of patient data. Those companies or entities that deal with PHI (protected health information), must have the necessary measures in place to keep this information safe.
The aim of HIPAA compliance is to protect personally identifiable information and keep it safe from theft and fraud. Sensitive patient information may not be disclosed without the patient’s consent or knowledge, except: in the case of organ donation, where the patient is a victim of assault or domestic violence, where there are administrative and judicial proceedings taking place, or when it involves workers’ compensation.
To be HIPAA compliant, a medical provider must have security measures in place to protect electronic data. They will need to be able to safeguard this information against possible breaches and security threats.
Examples of Non-Compliance
Medical providers that do not protect or encrypt their patients’ data are guilty of HIPAA noncompliance. Violations of the HIPAA often occur due to insufficient staff training. All patient records must be kept in a secure location and staff must always know where these records are. Leaving patient files unattended is a breach of the HIPAA.
Untrained medical and administrative staff might not realize that talking in public about PHI can be a breach of the HIPAA, as can discussing it on social media.
Another breach is the incorrect disposal of old medical records. This type of information must be permanently destroyed to prevent it from being used fraudulently. Shredding and burning of physical records and electronic wiping of unrequired information is vital.
What are the Consequences of HIPAA Noncompliance?
There are different tiers of HIPAA noncompliance and the penalties for each depend on the level of negligence perceived. A tier 1 violation is where the medical provider did not nor could have known about the violation. The penalty typically ranges from $1,000 to $50,000 per violation. The maximum penalty for violations in one year is capped at $1.5 million. Tier 4 violations are classed as willful neglect and penalties start at $50,000 per violation. If violations continue, the responsible persons could be given a jail sentence.