New regulations make it compulsory for health care providers to comply with the guidelines of the Health Insurance Portability and Accountability Act (HIPAA). Changes to the regulations have taken place earlier; HIPAA was updated in 2013 when new requirements mandated by the Health Information Technology for Economic and Clinical Health Act were introduced.
A Notice of Proposed Rulemaking was issued in December 2020, outlining changes to the HIPAA Privacy Rule. Updates for consideration include changes to protection of information related to mental health and wellness and substance abuse.
Most important for health care providers, access to entire patient records is necessary to be able to make informed decisions regarding the line of treatment and therapy. This is especially significant for patients who cannot be prescribed certain medications, such as opioids in the case of substance recovery patients.
Changes due to COVID-19 pandemic
There are no permanent changes to HIPAA, but new HIPAA regulations include modifications that have been introduced to make it easier for health care providers in their fight against the pandemic. Notices of Enforcement Discretion have been announced in 2020 and in 2021 with penalties and sanctions for certain HIPAA violations waived during COVID-19. The HIPAA Journal has outlined some of these:
#1 Good faith telehealth remote communications
Announced in March 2020, this notice concerns good faith provisions of telehealth services. Potential penalties for HIPAA violations will be waived for virtual care to patients using everyday communication tools to provide telehealth services to patients, even if those tools are not ordinarily considered fully HIPAA-compliant. However, public-facing platforms like TikTok and Facebook Live are still not to be used.
#2 Good faith uses and disclosures of Protected Health Information by business associates for public health and oversight activities
Sanctions and penalties will not be imposed on business associates of HIPAA-covered entities for the duration of the public health emergency. However, this is applicable provided they notify the covered entity of the event within ten days of the disclosure occurring.
#3 Participation in operation of community-based testing sites
Announced in April 2020, penalties and sanctions will not be imposed on covered entities and business associates at drive-through, walk-up, or mobile sites where specimens are collected.
Similarly, waiver of sanctions and penalties will be in place for web-based scheduling of COVID-19 vaccination appointments.
Significance of these changes to the health care provider
For a fast-growing, ambitious DME/HME, daily business operations already involve the need for strong back-end record taking and data-processing before an order can be processed. This translates into the need for trained staff that can handle this documentation in a HIPAA-compliant manner.
The need to stay abreast of changes and developments in HIPAA regulations creates an additional layer of knowledge and training required for this staff. It also requires a larger investment of time for the DME/HME or the need to invest in hiring more dedicated resources for the purpose.
The need for professional HIPAA-Compliant billing
Harnessing professional medical billing is beneficial in multiple ways:
- Reduces or even eliminates worries related to attrition: the investment of time, money, and effort that goes into hiring, training, and retaining staff.
- Eliminates the problem of staff turnover; reliability and consistency comes with professional medical billing.
- Reduced staff turnover leads to improved business continuity.
- Better management of patient records and overall order-taking process.
- Accurate claim application process.
These benefits offered by professional medical billing services empower the DME by allowing them to pursue the larger growth and development goals of scaling up and creating more efficient processes.