I was thinking about electronic disclosure of payment information to
employers, subscribers, and patients via web sites. But each payor could
exercise the same control over that as they would with the mailing address
for the paper EOB. So maybe this is not a problem.
Thanks,
-Chris
At 04:40 PM 8/3/01 -0600, David Blasi wrote:
>Maybe I'm missing something here. 835 transactions will be going to
>health care providers and not members. PHI will not be on the financial
>institution piece of the 835 and I don't think there is a big concern that
>the health care provider should not receive PHI back in that portion of
>the 835. The 835 transmission is separate from the member EOB process for
>a health plan.
>
>If we're talking pure member EOB, per the privacy rule, each plan is
>required to disclose its privacy policy in its SPD. The privacy policy
>will describe how to give notice of special handling for PHI, including
>information on EOB's, just like any other direction on how to file a
>claim. Effectively, a health plan is allowed to determine how it will
>accept requests for limitations on use of PHI and whether they will be
>accepted at all. If clearly described in the SPD, this does not have to
>be on a claim by claim basis. Rather, it will be a formal notice to the
>plan, "Send all Jane Doe EOB's to xx address and not to yy
>address." This is already in place for QMCSO's to send EOBs to custodial
>parents. Building the functionality in an 837 or 835 may not be a waste
>of effort, but I don't think this is a requirement under the
>rule. Handling privacy differently on a claim by claim basis is a
>nightmare that I don't think HHS intended to impose on us.
>
>Am I missing something?
>
>
> >>> "Christopher J. Feahr, OD" <[EMAIL PROTECTED]> 08/03/01 04:17PM >>>
>yuk! (I'm sorry I asked...)
>I suppose that several fields could be added to every transaction to
>indicate whether the patient or the patient's legal representative had made
>some special request about disclosing information. Or a general "privacy
>attachment" could be created to contain any conceivable special privacy
>request, and then a single flag in the main transaction could indicate
>"special privacy handling... see attachment".
>
>-Chris
>
>At 03:50 PM 8/3/01 -0500, Susan Warren wrote:
> >That's a really good question, how exactly do we communicate these
> >situations with each other, and do we have to? My first impression would
> >be that the individual would have the responsibility to make the same
> >request to anyone that would touch their PHI. But that is quite a burden
> >on the idividual. On the other hand, expecting all the covered entities
> >to communicate this request among each other is an even larger burden -
> >one where a covered entity (and who knows which one) would have to assume
> >the risk involved with missing a critical link.
> >
> >On the same line, but a little off the subject, I am also curious how we
> >are supposed to tag data in which the individual requested an amendment to
> >their PHI that wasn't granted. Doesn't the rule say that we always have
> >to tag that data and link it to the individual's disagreement?
> >
> > >>> "Christopher J. Feahr, OD" <[EMAIL PROTECTED]> 8/3/01 3:35:13 PM >>>
> >It sounds like the particular methods for receiving and implementing these
> >special requests about disclosure are left up to the disclosing party...
> >just so they accommodate them whenever they arise? Would there be any
> >obligation to pass these special requests along to others who would have
> >the right (under normal circumstances) to disclose the information to other
> >parties? Is there any field in the 835 to indicate that payment
> >information for this payee requires "special handling"?
> >
> >Thanks,
> >-Chris
> >
> >At 03:18 PM 8/3/01 -0400, Ken Hoover wrote:
> > >Yes, that was part of my question. I believe Susan answered it with her
> > >statement:
> > >
> > >"You will have to allow for a "Confidential Communication" method -
> > >if an individual reasonably requests that their information be sent to
> > >another address because it could potentially cause them harm - but I don't
> > >see this being the norm."
> > >
> > >Is this "Confidential Communication" part of the existing HIPAA
> regulations?
> > >Or some other type of law?
> > >
> > >Ken
> >
> >Christopher J. Feahr, OD Vision Data Standards Council
> >Executive Director http://visiondatastandard.org
> >Cell/Pager: 707-529-2268 [EMAIL PROTECTED]
>
>Christopher J. Feahr, OD Vision Data Standards Council
>Executive Director http://visiondatastandard.org
>Cell/Pager: 707-529-2268 [EMAIL PROTECTED]
>
>
>**********************************************************************
>To be removed from this list, send a message to: [EMAIL PROTECTED]
>Please note that it may take up to 72 hours to process your request.
>
>
>
>
>**********************************************************************
>To be removed from this list, send a message to: [EMAIL PROTECTED]
>Please note that it may take up to 72 hours to process your request.
Christopher J. Feahr, OD Vision Data Standards Council
Executive Director http://visiondatastandard.org
Cell/Pager: 707-529-2268 [EMAIL PROTECTED]
**********************************************************************
To be removed from this list, send a message to: [EMAIL PROTECTED]
Please note that it may take up to 72 hours to process your request.
