RE: Covered entities

Mon, 18 Mar 2002 11:13:45 -0800 

I also interpret that the provider must transmit electronically  - or they
are not covered.  I doubt that is what they wanted the law to say - but that
is what it says.  I would hope that will be addressed in the upcoming
clarifications.
Thanks,
Peg McCauley
HIPAA  Program Office
Phone:  309-765-0655
e-mail: [EMAIL PROTECTED]
NOTICE:  This message (including attachments) is covered by the Electronic
Communication Privacy Act (18 U.S.C. sections 2510-2521) and the HIPAA
Regulation (45CRF Parts160-164)or other confidential information.  If you
are not the intended recipient, any retention, dissemination, or copying of
this message is strictly prohibited; please reply to the sender that you
have received the message in error, then delete it.  Thank you!


        -----Original Message-----
        From:   Noel Chang [SMTP:[EMAIL PROTECTED]]
        Sent:   Monday, March 18, 2002 10:45 AM
        To:     [EMAIL PROTECTED]
        Subject:        Covered entities



        Has anyone seen any further clarification from DHHS on who must
comply with the Privacy Rule?
         
        The way I interpret the final rule published in December of 2000,
and the guidelines published in July of 2001, the only health care providers
that must comply are those who electronically conduct one or more of the ten
covered transactions.  I have encountered a specialist who does not accept
any insurance, they are a cash only operation.  As such they do not file any
claims or deal with eligibility, etc.  By my reading they would appear to
not be a covered entity and therefore are not required to comply with the
Privacy Rule. 
         
        I keep seeing information from various sources (not DHHS or OCR,
however) that make very broad statements such as "HIPAA applies to everyone"
or "there are no HIPPAA free records".  I can understand what they mean by
these statements in certain context but I think they are a little too broad
and misleading.  Does anyone else agree that a doctor's office who is not
electronically conducting a covered transaction is therefore not a covered
entity for the purposes of the Privacy Rule?  If you do not agree, can you
cite where is the requirement that such an office comply with the Privacy
Rule?
         
        Thanks,
         
        Noel Chang    

        
********************************************************************** 
        To be removed from this list, go to:
http://snip.wedi.org/unsubscribe.cfm?list=privacy 
        and enter your email address. 


**********************************************************************
To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy
and enter your email address.

Reply via email to