HIPAA Compliance Overview
Editor’s Note: Originally posted on 6/18/2014. Updated with OIG’s 12/7/2016 Statement Regarding Gifts of Nominal Value (full text here).
The other day, I found myself in a conversation I have quite frequently with doctors, a conversation that essentially boils down to three pretty big questions: what’s all this fuss about compliance, what’s the big deal with HIPAA compliance in particular, and how doctors are ever supposed to know if they get the whole compliance thing “right” and if they’re ever really done?
Advertisement
It was, as always, a good and very worthwhile talk.
My answer always starts with the most basic, Merriam-Webster’s dictionary definition. It says:
Compliance: the act or process of doing what you have been asked or ordered to do; conformity in fulfilling official requirements (emphasis mine).
It might help to give compliance a visual: imagine it as a cabinet made of many compartments, with each compartment holding a different requirement. Because the healthcare industry is so highly regulated, this cabinet is quite sizeable, and the number of compartments are many. But meeting the requirements of one or some of the compartments without meeting all of them is no more effective than cleaning your plate without cleaning your room back when you were a kid. Either way, if you skip some of the house rules, you’re in trouble.
Consider the compartment labeled “HIPAA Compliance.” HIPAA requires us to protect our patients’ Protected Health Information (PHI). HIPAA, itself an acronym for the Health Insurance Portability and Accountability Act, was passed by Congress in 1996 and protects health insurance coverage for workers and their families while between jobs, establishes standards for electronic health care transactions and addresses the issues of privacy and security of personal health care information.
In another compartment resides OIG Compliance, an agreement that requires practices to police themselves regarding proper documentation and coding, and that requires that we bill with the intent to minimize fraud, waste or abuse. Originally noted in the Federal Register in the year 2000, the Office of the Inspector General defined a seven-step program to be carried out in every individual and small group practice. At that time, it was a “strong suggestion.” Today, as part of the Affordable Care Act, this is now law. You and your practice are legally mandated to follow the seven-step program—not just to stay out of trouble, but because by doing so, you will help eliminate fraud, waste, and abuse and save the country millions of dollars each year.
Open that rather large and messy compartment adjoining, and you’ll find Financial Compliance. This is your practice’s requirement to have a fee system in place that avoids the risks of dual fee schedules and/or inducement. Quite simply, it’s illegal to charge an insurance company a higher fee than the patient who is paying you cash for the same service with the same CPT® code. It’s also illegal to induce federally insured patients by giving them any remuneration in excess of $15 per incident, with a total aggregate of $75 per year.
One more compartment: Employment Compliance. Here’s a whole separate set of requirements, and ones we have an obligation to keep at the forefront of our minds as well. It is incumbent upon us as small business owners to ensure a safe, non-discriminatory working environment and to pay our staff no less than the minimum wage. And that’s just the tip of the Employment Compliance iceberg.
Big cabinet, lots of compartments, and although it is difficult to stay on top of these requirements, there are a number of organizations that dedicate their time and resources to assist you in this process.
Dr. Foxworth is a certified Medical Compliance Specialist and President of ChiroHealthUSA. A practicing Chiropractor, he remains “in the trenches” facing challenges with billing, coding, documentation, and compliance. He has served as president of the Mississippi Chiropractic Association, former Staff Chiropractor at the G.V. Sonny Montgomery VA Medical Center and is a Fellow of the International College of Chiropractic. You can contact Dr. Foxworth at 1-888-719-9990, info@chirohealthusa.com or visit the ChiroHealthUSA website at www.chirohealthusa.com. Join us for a free webinar that will give you all the details about how a DMPO can help you practice with more peace of mind. Go to www.chirohealthusa.com to register today.
