I believe the patient can REQUEST any information in the DRS be changed,
regardless of date. (You may be thinking of the accounting of disclosure,
which does have a pre 4/15/03 exception.)
However, you are NOT OBLIGATED to accept an amendment. If you cannot
corroborate it, I would deny it and
We are a large multi-specialist clinic and we are in the process of doing a
risk assessment for requesting picture ID for each visit. Can you let me
know:
Do you currently request picture ID at check in?
Do you keep a copy of it, electronic or paper?
Why do you or do not request positive ID?
In
regs 164.520 it states"No later than the date of the first service delivery, including service
delivered electronically, to such
individual after the compliance date for
the covered health care
provider;So it is a combo of the
two of them. Receive NPP and sign acknowledgement no later
I respectfully disagree regarding the information being kept separate
regarding the INSURANCE CARDS. With different plans, different rules,
etc... this is a major player with the clinicians, especially nurses, who
are scheduling tests, precerts, etc... They have to know what kind of plan,
which
Ken,
I think you need to analyze how the pharmacy is legally set up at your
hospital. We also have a pharmacy on-site, and while we treat it as any
other department internally, it legally is a separate company. We
documented an Affiliated Covered Entity (ACE) between the two and listed
this in
Title: Glacier
Lee, weplace it inside of the
patient'smedical records so when we see the patient again, we can hand it
to them and get a new address. Note that the unreturned mail isNOT
part of our Designated Record Set, since it is a duplicate of a part of the
DRS. (billing, lab results,
So each of you will have your own NPP, policies, etc... You will track all
separately?
-Original Message-
From: Shelly Wilson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 1:24 PM
To: WEDI SNIP Privacy Workgroup List
Subject: RE: Tracking for Accounting of Disclosures
Our
I need some feedback regarding how others CEs are handling the following
scenario:
We are a clinic that has an HMO. Technically, it is a department of the
clinic, but we have separate ourselves into two different CEs. In the past,
we have allowed the HMO staff to have access to our database and
We are
working on having an authorization that will cover these "gray areas". It
will follow the guidelines with HIPAA and allow us to share information with
anyone the patient wishes to be involved in their care. It will only be
valid for a year, and the patient will be able to revoke it
I strongly agree also. If there is no BAA in place, or not a well written
one in place, it is the CE who will be audited and suffer the consequences
under HIPAA and the OCR. we will also suffer the consequences in the press
if one of our vendors has a huge faux-pas with PHI that the CE has
We will be RECORDING it as a voice mail
message (our system handles over 12 minutes!) and having an extension, with
access on both the local line and 800 line. We are also
having a privacy (800 number) hotline set up and both numbers will be listed on
business cards. Business cards will be
11 matches
Mail list logo
