As many people are well aware, in 1996 Congress passed The Health Insurance Portability and Accountability Act ( HIPAA ) and President Clinton in turn signed it into law. The major part of this act was to ensure that people who had lost or changed their jobs would still be covered by their present insurance for a set period of time or until they had obtained new insurance. The act ensured that they and their spouses and children would not be left without insurance and exposed to some potentially high medical costs in the interim. Part two of the act is known simply as the Administrative Simplification (AS) guidelines. It is this part of the Health Insurance Portability and Accountability Act that is seeing more changes that could result in penalties and fines for those who do not correctly follow the new procedures that are being adopted.

Part two of the act deals with preventing health care fraud and abuses, simplifies the administration procedures for records and claims, and also makes changes to medical liability concerns. This act has been complicated even further by the Health Information Technology for Economic and Clinical Health Act (HITECH Act), which has significantly widened the range of security and privacy protection that was first enacted under HIPAA. As we have stated, this has not only made the process subject to more rigid procedures, but also expanded the threat of increased legal liability and fines for acts of noncompliance. All this change has been spurred on by the new technologies such as cloud storage and other new mobile devices that have entered the market and must now be accounted for and the information transmitted over them be protected.

So, how is a medical provider supposed to deal with this? Many providers have undertaken training procedures to get their support and clerical staff familiarized with the new rules. This is one way to make sure the medical providers staff stays in compliance and everyone is familiar with the procedures, but it is also very time consuming and expensive. If this is the method a company chooses to keep up with the new legislation, it is also important for the medical provider to consult with its legal advisers to make sure they are doing everything properly; there are problems that can occur here too because often times the legal help is not up to date on the new rules and regulations of HIPAA / HITECH also. It is a tough situation for a medical provider to be in. It is important to note that both large and small medical organizations are having issues following the new guidelines and remaining in compliance.

Is there any other way to handle it? Yes, as a matter of fact, there is. Many medical providers have chosen to hire a so called ‘expert’ third party company to oversee and guide this end of the medical billing and record keeping. Having a third party contractor relieves a lot of the worry of the medical provider, eliminates some costly expenses, and greatly streamlines the compliance and claim process. Not to mention the amount of time and headaches that will be saved by letting an expert third party company help you oversee your project.

So how are these companies able to help the medical providers stay compliant? It all starts with expert advice and the company’s awareness of the rules and procedures of the acts. Most health care providers do not have enough time in the day to keep up on all the rules and regulations to make the paperwork, electronic transactions, and other parts of the acts come together and work; for the third party provider it’s easier because that is their job to know and it’s all they have to concentrate on.

They provide the companies they service with checklists, help the medical providers establish policies and procedures for compliance, and show them how to track their efforts so they make sure they are obtaining the results they desire. They normally will also provide training modules and show you how to track their results so you can prove compliance and your efforts to stay that way.

Of the two choices mentioned above; train and educate your staff yourself or have a third party company help you with this ominous chore, it is much easier, and potentially much more cost-effective, to employ the help of a third party company to avoid the legal liability and potentially huge fines that are now a part of HIPAA / HITECH.

We will address in a future article what you should have in mind when choosing a company to help you with your HIPAA compliance.