AAO-HNSF Certificate Program for Otolaryngology Personnel

aoa news

T he following general codes of conduct will reasonably ensure that the chance of incidental disclosures is minimized. This list is not exhaustive. It should serve to help create a culture that fosters the protection of individually identifiable health information from inappropriate use and disclosure. n Minimize the risk of others overhearing • Speak in lowered tones • Talk apart from others when sharing patient history information (PHI) n Do not use patient names in public places (hallways, elevators). n Do not leave patient charts, or other sources of PHI in places that are accessible to unauthorized individuals. Privacy Protection Codes of Conduct

HIPAA

Tips 3

n Remove papers containing PHI from fax machines or copiers in a timely manner. Give the information to the appropriate person. n Place patient charts facing wall in box outside room. n Escort non-employees in areas where PHI might be accessible. • Pharmaceutical Reps wait in waiting room until physician is available. n Limit information disclosed on answering machines to the minimum necessary. n Limit information disclosed to patient’s family members, friends, or other persons regarding an individual’s care, even when the individual is not present.

n Limit information disclosed when calling out patient name in waiting room. n Make sure that computer monitors cannot be viewed by unauthorized individuals. n Never share your login id and/or password. The Health Insurance Portability and Accountability Act is here to stay. Any checklists and established standard operating procedures that can be developed to assist physicians and staff in complying are efforts well spent.

another view of HIPAA

Today a health care provider may do business with a number of health plans, each with its own version of forms, code sets, or identifiers required for payment. The Health Insurance Portability and Accountability Act (HIPAA) sets out to change that. Under HIPAA all health plans are required to use the standards set forth in this regulation. The standards established by HIPAA will enable administrative efficiency all across the healthcare industry. Physicians’ offices will have more time for patients and spend less time on paperwork. We will have standard data, which will yield better data; and better data will yield better information. This in turn will yield better health outcomes for all of us. All covered entities must comply with the HIPAA privacy regulations. It is true that if you are a 100% paper office, you are not a “covered entity” and thus do not have to comply with the HIPAA rules. But is that a good business decision? We live in a competitive market. The organizations that embrace HIPAA as a business opportunity and prepare their organization for the future of health care will be able to realize the benefits. Other industries have gone through their own standardization processes. For example, the banking and grocery industries have embraced technology and standardization to streamline their costs. There was a time when we had to wait in line for a bank teller to process all of our transactions, but now we can use the telephone, computer, or A TM for access to our accounts 24 hours a day, 7 days a week. We are also capable of processing transactions from any banking institution, not just the one where we first opened our account.

Do you recall when the stock clerks worked all night to fill the grocery shelves with priced items, and the cashier had to type in the price of each item into a cash register? Then when we checked-out we received a generic receipt. Now every item is identified by a bar code and is scanned for an itemized receipt. In fact the grocery stores have streamlined the process to the point that we can checkout ourselves via the V-SCAN-it stations. These changes have proved to provide customers greater benefits while saving the industry’s service providers money in the long run. In both of these industries and many more, the use of electronic standards have revolutionized the way business is conducted. Implementing HIPAA will require the health care industry to change many long used and familiar business processes. Change is difficult for most people, and HIPAA is about change. A change of this magnitude will not happen overnight. It will take time, hard work, communication and possibly investment capital. It is a fact that we live in a competitive market, so I encourage you to consider HIPAA as the first step in preparing your organization for the future of healthcare. Can you afford not to? Cathy Benoit, MBA

CBenoit@cms.hhs.gov HIP AA Coordinator Centers for Medicare & Medicaid Services — Atlanta Regional Office

Printed with permission

12 MAY 2003

Oto’s Scope