RE: Covered Entity or Not
I would like to ask the group a related, but varied question, regarding hybrid and affiliated entities. Two scenarios: 1) Skilled Nursing facility has attached assisted living, with same ownership (lets say we call this a single legal entity). (Of course, the nursing facility is Medicare/Medicaid certified, and the assisted living is state certified.) Assisted living does not conduct any electronic transactions (all is done on paper), nursing facility does conduct electronic transactions. The two are distinct parts, offering distinct services. Is this a hybrid situation? If so, I assume this should be documented. 2) Same situation, except 2 nursing facilities, and 2 assisted living, separate legal entities, under common ownership as defined by the rule. May the two facilities designate themselves as affiliated covered entities? Should they include the assisted living as part of that designation? Can they avoid designating the assisted living as a covered component or entity? I've got a handle on this Privacy thing, and even the covered entity thing, but have just recently had questions regarding the definition of hybrid and affiliated entities. Seems a little tricky to me, depending upon one's interpretation. Any input will be appreciated. Thanks. -Original Message- From: Scott F Kimbel [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 02, 2003 10:22 PM To: WEDI SNIP Privacy Workgroup List Subject: RE: Covered Entity or Not William, This question always come up in my seminars, my standard answer is, you may not have to legally comply, however HIPAA is meant to be best business practices, it's meant to protect a patients privacy. Think about it this way, on April 15 it's estimated over 10 million Notices of Privacy practice will be sent out or acknowledged. You can bet a single consumer will receive several, all indicating how each particular healthcare provider will protect their personal health information. Maybe they won't care that a particular provider doesn't give them one of these documents, they will probably still hold them to the standard. BTW the definition of in electronic form is as follows (from CMS) In Electronic Form Using electronic media, as that term is defined at 45 C.F.R. 162.103. It includes transmissions over the Internet (wide-open), Extranet (using Internet technology to link a business with information only accessible to collaborating parties), leased lines, dial-up lines, and private networks, and those transmissions that are physically moved from one location to another using magnetic tape, disk, or CD media. Hope this helps, Scott Kimbel Kimbel Morrow and Associates Inc. 866-598-2593 -Original Message- From: William J. Kammerer [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 02, 2003 11:54 AM To: WEDI SNIP Privacy Workgroup List Subject: Re: Covered Entity or Not I believe you - I've heard nonsense interpretations along those lines in the past, too. But I have a solution. In order for my chiropractor to avoid sanctions and penalties for sending his electronic transaction via his computer fax without using the standard X12 format, he can instead fax it to a heavily capitalized clearinghouse with a large IT staff. Since the clearinghouse can operate as a non-covered entity whenever it damn well pleases, it can print out the fax and mail it to the payer for 35¢ plus postage. William J. Kammerer Novannet, LLC. Columbus, US-OH 43221-3859 +1 (614) 487-0320 - Original Message - From: Rachel Foerster [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List [EMAIL PROTECTED] Sent: Sunday, 02 February, 2003 02:32 PM Subject: RE: Covered Entity or Not According to CMS, yes, this scenario would constitute an electronic transaction, and thus be subject to HIPAA requirements. This topic was discussed a few weeks ago on another SNIP list (can't recall which one) and HIPAAlive, I think. Zon Owen responded with a message that attempted to bring insight into CMS' thinking about why this would be electronic transactions - something along the lines of this being computer-to-computer and thus electronic. William, you're good with the archives of these lists - I bet you can find the thread in a heartbeat! Don't yell at meI think this is one of the most ludicrous things amongst myriad HIPAA ludicrous stuff. Rachel Foerster Principal Rachel Foerster Associates, Ltd. Professionals in Health Care EDI 39432 North Avenue Beach Park, IL 60099 Voice: 847-872-8070 Fax: 847-872-6860 eMail: [EMAIL PROTECTED] -Original Message- From: William J. Kammerer [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 02, 2003 11:52 AM To: WEDI SNIP Privacy Workgroup List Subject: Re: Covered Entity or Not So, let's say I'm a part-time chiropractor and I have occasion to send in a dozen or so claims a week. I get tired of hand-filling in the HCFA 1500, so I get a Word document template for the form and key data in, perhaps with the aid of a macro
Re: Covered Entity or not
Susan, Well said. Still another kink -- come October, you will have to file your Medicare claims electronically, which makes the loopholes even smaller. IMHO, this makes just about anyoune who does "Health Care" a CE, except for those few providers who do a strictly cash business, and never file a claim with anyone. I kind of expect that in another few years, large numbers of payors other than Medicare will be rejecting paper claims. The opinions expressed here are my own and not necessarily the opinion of LCMH. Douglas M. WebbComputer System EngineerLittle Company of Mary Hospital Health Care Centers[EMAIL PROTECTED] "This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and entity(s) named as recipients in the message. If you are not an intended recipient of the message, please notify the sender immediately, delete the material from any computer, do not deliver, distribute, or copy this message, and do not disclose its contents or take action in reliance on the information it contains. Thank you." - Original Message - From: [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List Sent: Monday, February 03, 2003 09:19 AM Subject: Covered Entity or not Everyone,We can argue all day long whether or not we are a covered entity, but I think it makes good business decision to agree that you are if you send in claims and be done with it.Look at this situation, I don't know if many doctors or support staff realize this: Anytime a claim is sent to Medicare, paper or electronic, it is coverted into an electronic transaction because Medicare forwards it to 2nd insurance companies. So now you are a covered entity. The only way to get out of sending claims to Medicare is not to treat anyone who may have Medicare. Who can afford to refuse to treat a large portion of our society. Another kink- Medicare requires the doctor to file the claim for the patient so don't think you can give the claim to the patient and he files it for you. The loop holes for not being a covered entity is so small, you almost have to practicing in the dark ages to not be a covered entity. I think you just have to resign yourself that if you practice and treat patient whether cash practice or not, you ARE A COVERED ENTITY. At least that is what I am advising our clients, better safe than sorry.Thanks,Susan BowesProfessional Procedures ControlPractice Consulting Firm for the Small PractionerContact info:211 Turner DriveReidsville, NC 27320Phone- 336-578-7461Fax- 336-578-7461 or 336-342-2030---The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
RE: Covered Entity or Not
Fax is considered an electronic transaction by CMS if the document originated as an electronic document in a computer system and is faxed from that computer system. Rachel Foerster Principal Rachel Foerster Associates, Ltd. Professionals in Health Care EDI 39432 North Avenue Beach Park, IL 60099 Voice: 847-872-8070 Fax: 847-872-6860 eMail: [EMAIL PROTECTED] http://www.rfa-edi.com -Original Message- From: Noel Chang [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 01, 2003 8:19 PM To: WEDI SNIP Privacy Workgroup List Subject: Re: Covered Entity or Not Charles, The definition of a covered entity entails more than just filing electronic claims. There are several covered transactions and if you conduct any of them electronically then you are a CE and must comply with HIPAA. For a complete list of covered transactions refer to the Transaction and Code Set Standards. I would also note that the definition of conducting a transaction electronically is often debated. I know HHS has indicated in the preamble to the Privacy Rule that a fax does not count as electronic transmission. Noel Chang -- Open WebMail Project (http://openwebmail.org) -- Original Message --- From: [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List [EMAIL PROTECTED] Sent: Fri, 31 Jan 2003 10:57:47 -0500 Subject: Covered Entity or Not At a meeting yesterday of our parent organization's privacy officers we had a discussion I'd appreciate some feedback on. One of the organizations is a long-term care/retirement facility that indicated they do not bill electronically. Therefore they are not a covered entity. However, after further discussion they indicated they do in fact send via fax and/or email individual identifiable health information to other covered entities (ie hospitals, referral agencies, and referring agencies). Some contended because they did not use EDI, they didn't really need to comply, others indicated they were because they do send PHI via electronic media. Can anyone provide an insight? Thanks. Charles. Charles R. Carnahan, M.Div., M.B.A. Chief Operating Officer CAB Health and Recovery Services, Inc. 111 Middleton Road Danvers, MA 01923 Phone: 978-739-7600 FAX: 978-750-3620 www.cabhealth.org * --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- End of Original Message --- --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services
Re: Covered Entity or Not
So, let's say I'm a part-time chiropractor and I have occasion to send in a dozen or so claims a week. I get tired of hand-filling in the HCFA 1500, so I get a Word document template for the form and key data in, perhaps with the aid of a macro. Then I use my Fax software on my laptop to send the image of the Word document to the payer. Does that count as an electronic transaction? Does that now make me a covered entity? Will I now get in trouble, facing onerous fines and penalties? That would be a hoot, considering that Clearinghouses think they can (and undoubtedly will) dump claims to paper - even when providers send electronic transactions to them in the first place! The clearinghouse simply says it's not a covered entity for the moment! Where's the justice (or administrative simplification) in all of this? What kind of Bizarro world is this? William J. Kammerer Novannet, LLC. Columbus, US-OH 43221-3859 +1 (614) 487-0320 - Original Message - From: Rachel Foerster [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List [EMAIL PROTECTED] Sent: Sunday, 02 February, 2003 12:10 PM Subject: RE: Covered Entity or Not Fax is considered an electronic transaction by CMS if the document originated as an electronic document in a computer system and is faxed from that computer system. Rachel Foerster Principal Rachel Foerster Associates, Ltd. Professionals in Health Care EDI 39432 North Avenue Beach Park, IL 60099 Voice: 847-872-8070 Fax: 847-872-6860 eMail: [EMAIL PROTECTED] http://www.rfa-edi.com -Original Message- From: Noel Chang [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 01, 2003 8:19 PM To: WEDI SNIP Privacy Workgroup List Subject: Re: Covered Entity or Not Charles, The definition of a covered entity entails more than just filing electronic claims. There are several covered transactions and if you conduct any of them electronically then you are a CE and must comply with HIPAA. For a complete list of covered transactions refer to the Transaction and Code Set Standards. I would also note that the definition of conducting a transaction electronically is often debated. I know HHS has indicated in the preamble to the Privacy Rule that a fax does not count as electronic transmission. Noel Chang -- Open WebMail Project (http://openwebmail.org) - Original Message - From: [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List [EMAIL PROTECTED] Sent: Friday, 31 January, 2003 10:57 AM Subject: Covered Entity or Not At a meeting yesterday of our parent organization's privacy officers we had a discussion I'd appreciate some feedback on. One of the organizations is a long-term care/retirement facility that indicated they do not bill electronically. Therefore they are not a covered entity. However, after further discussion they indicated they do in fact send via fax and/or email individual identifiable health information to other covered entities (ie hospitals, referral agencies, and referring agencies). Some contended because they did not use EDI, they didn't really need to comply, others indicated they were because they do send PHI via electronic media. Can anyone provide an insight? Thanks. Charles. Charles R. Carnahan, M.Div., M.B.A. Chief Operating Officer CAB Health and Recovery Services, Inc. 111 Middleton Road Danvers, MA 01923 Phone: 978-739-7600 FAX: 978-750-3620 www.cabhealth.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
Re: Covered Entity or Not
Charles, You will need to consider each of the affected business transactions, andyou will also need to consider whether or not any of those transactions are done electronically by others, such as billing services, in your behalf. HIPAA does not require that a provider use any of the electronic transaction standards unless they are conducting the associated underlying business processes electronically, with fax* and voice-over-telephone not being considered electronic. For HIPAA purposes, a fax would be considered electronic if it was sent from one computer to another. If that was done as part of one of the defined transactions, then that would make you covered. Similarly, sending information that accomplishes one of those purposes via e-mail, or in a Word document, oras a portable document file (pdf), would be an electronic exchange. Also, keep in mind that we are discussing specific business transactions here; whether or not your exchanges include PHI is not relevant to the coveredness determination. So,let's go down the list: If you do not submit either claims of the equivalent encounter information electronically, you may be OK. But are you sure that no one else, such as a billing service, does any electronic billing or posting for you? If you dispense drugs, are those also billed manually? If the only way that you check on patient eligibilityis by making a phone call, or by mailing a form, you may be OK. But how do you carry out this business process? If you use e-mail, or a web page, you're covered. If the only way that you check onthe status of a previously submitted claimis by making a phone call, or by mailing a form, you may be OK. But how do you carry out this business process? If you use an e-mail or a payer's web page to check this, that's electronic. If the only way that you apply for a referral certification or authorization is by making a phone call, or by mailing a form, you may be OK. But how do you carry out this business process? If you receive all of your payments from health plans on check and all of your explanations of those payments from them on paper, then you may be OK. But does a billing service or a bank do any of your payment processing for you? If so, do they do any of that electronically? If you are not doing any of the previously listed transactions electronically with anyone, then it is highly unlikely that you are using any of the others, but those "others" would include the following: - Enrollment Disenrollment in a health plan. - Payment of premiumsto a health plan. - Coordination of Benefits with a health plan (this is usuallydone between health plans). - Claim Attachments (no rule has been published yet, so it shouldn't be relevant yet). - First Report of Injury (no rule has been published yet, so it shouldn't be relevant yet). So, in summary, none of the HIPAA Administrative Simplification provisions, including privacy and security, will apply to you if you really don't do any of these processes electronically. But you cannot be conducting any of the above transactions electronically, and no one else can be doing any of them in your behalf. And you would still need to manage your privacy and security risks, and many other federal and state laws affect your requirements for those. Hope that helps! - Zon Owen - (808)597-8493 - Original Message - From: [EMAIL PROTECTED]To: "WEDI SNIP Privacy Workgroup List" [EMAIL PROTECTED]Sent: Fri, 31 Jan 2003 10:57:47 -0500Subject: Covered Entity or NotAt a meeting yesterday of our parent organization's privacy officers we had a discussion I'd appreciate some feedback on. One of the organizations is a long-term care/retirement facility that indicated they do not "bill" electronically. Therefore they are not a covered entity. However, after further discussion, they indicated they do in fact send via fax and/or email individual identifiable health information to other covered entities (i.e. hospitals, referral agencies, and referring agencies). Some contended because they did not use EDI, they didn't really need to comply, others indicated they were because they do send PHI via electronic media.Can anyone provide an insight?Thanks.Charles. Charles R. Carnahan, M.Div., M.B.A.Chief Operating OfficerCAB Health and Recovery Services, Inc.111 Middleton RoadDanvers, MA 01923Phone: 978-739-7600FAX: 978-750-3620www.cabhealth.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor
RE: Covered Entity or Not
William, This question always come up in my seminars, my standard answer is, you may not have to legally comply, however HIPAA is meant to be best business practices, it's meant to protect a patients privacy. Think about it this way, on April 15 it's estimated over 10 million Notices of Privacy practice will be sent out or acknowledged. You can bet a single consumer will receive several, all indicating how each particular healthcare provider will protect their personal health information. Maybe they won't care that a particular provider doesn't give them one of these documents, they will probably still hold them to the standard. BTW the definition of in electronic form is as follows (from CMS) In Electronic Form Using electronic media, as that term is defined at 45 C.F.R. 162.103. It includes transmissions over the Internet (wide-open), Extranet (using Internet technology to link a business with information only accessible to collaborating parties), leased lines, dial-up lines, and private networks, and those transmissions that are physically moved from one location to another using magnetic tape, disk, or CD media. Hope this helps, Scott Kimbel Kimbel Morrow and Associates Inc. 866-598-2593 -Original Message- From: William J. Kammerer [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 02, 2003 11:54 AM To: WEDI SNIP Privacy Workgroup List Subject: Re: Covered Entity or Not I believe you - I've heard nonsense interpretations along those lines in the past, too. But I have a solution. In order for my chiropractor to avoid sanctions and penalties for sending his electronic transaction via his computer fax without using the standard X12 format, he can instead fax it to a heavily capitalized clearinghouse with a large IT staff. Since the clearinghouse can operate as a non-covered entity whenever it damn well pleases, it can print out the fax and mail it to the payer for 35¢ plus postage. William J. Kammerer Novannet, LLC. Columbus, US-OH 43221-3859 +1 (614) 487-0320 - Original Message - From: Rachel Foerster [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List [EMAIL PROTECTED] Sent: Sunday, 02 February, 2003 02:32 PM Subject: RE: Covered Entity or Not According to CMS, yes, this scenario would constitute an electronic transaction, and thus be subject to HIPAA requirements. This topic was discussed a few weeks ago on another SNIP list (can't recall which one) and HIPAAlive, I think. Zon Owen responded with a message that attempted to bring insight into CMS' thinking about why this would be electronic transactions - something along the lines of this being computer-to-computer and thus electronic. William, you're good with the archives of these lists - I bet you can find the thread in a heartbeat! Don't yell at meI think this is one of the most ludicrous things amongst myriad HIPAA ludicrous stuff. Rachel Foerster Principal Rachel Foerster Associates, Ltd. Professionals in Health Care EDI 39432 North Avenue Beach Park, IL 60099 Voice: 847-872-8070 Fax: 847-872-6860 eMail: [EMAIL PROTECTED] -Original Message- From: William J. Kammerer [mailto:[EMAIL PROTECTED]] Sent: Sunday, February 02, 2003 11:52 AM To: WEDI SNIP Privacy Workgroup List Subject: Re: Covered Entity or Not So, let's say I'm a part-time chiropractor and I have occasion to send in a dozen or so claims a week. I get tired of hand-filling in the HCFA 1500, so I get a Word document template for the form and key data in, perhaps with the aid of a macro. Then I use my Fax software on my laptop to send the image of the Word document to the payer. Does that count as an electronic transaction? Does that now make me a covered entity? Will I now get in trouble, facing onerous fines and penalties? That would be a hoot, considering that Clearinghouses think they can (and undoubtedly will) dump claims to paper - even when providers send electronic transactions to them in the first place! The clearinghouse simply says it's not a covered entity for the moment! Where's the justice (or administrative simplification) in all of this? What kind of Bizarro world is this? William J. Kammerer Novannet, LLC. Columbus, US-OH 43221-3859 +1 (614) 487-0320 - Original Message - From: Rachel Foerster [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List [EMAIL PROTECTED] Sent: Sunday, 02 February, 2003 12:10 PM Subject: RE: Covered Entity or Not Fax is considered an electronic transaction by CMS if the document originated as an electronic document in a computer system and is faxed from that computer system. Rachel Foerster Principal Rachel Foerster Associates, Ltd. Professionals in Health Care EDI 39432 North Avenue Beach Park, IL 60099 Voice: 847-872-8070 Fax: 847-872-6860 eMail: [EMAIL PROTECTED] http://www.rfa-edi.com -Original Message- From: Noel Chang [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 01, 2003 8:19 PM To: WEDI SNIP Privacy Workgroup List Subject: Re: Covered Entity
Re: Covered Entity or Not
Charles, The definition of a covered entity entails more than just filing electronic claims. There are several covered transactions and if you conduct any of them electronically then you are a CE and must comply with HIPAA. For a complete list of covered transactions refer to the Transaction and Code Set Standards. I would also note that the definition of conducting a transaction electronically is often debated. I know HHS has indicated in the preamble to the Privacy Rule that a fax does not count as electronic transmission. Noel Chang -- Open WebMail Project (http://openwebmail.org) -- Original Message --- From: [EMAIL PROTECTED] To: WEDI SNIP Privacy Workgroup List [EMAIL PROTECTED] Sent: Fri, 31 Jan 2003 10:57:47 -0500 Subject: Covered Entity or Not At a meeting yesterday of our parent organization's privacy officers we had a discussion I'd appreciate some feedback on. One of the organizations is a long-term care/retirement facility that indicated they do not bill electronically. Therefore they are not a covered entity. However, after further discussion they indicated they do in fact send via fax and/or email individual identifiable health information to other covered entities (ie hospitals, referral agencies, and referring agencies). Some contended because they did not use EDI, they didn't really need to comply, others indicated they were because they do send PHI via electronic media. Can anyone provide an insight? Thanks. Charles. Charles R. Carnahan, M.Div., M.B.A. Chief Operating Officer CAB Health and Recovery Services, Inc. 111 Middleton Road Danvers, MA 01923 Phone: 978-739-7600 FAX: 978-750-3620 www.cabhealth.org * --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- End of Original Message --- --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
RE: Covered Entity or Not
A provider is a covered entity under HIPAA if the provider sends any of the HIPAA mandated transactions electronically. Once a provider sends one of these transactions, he/she is in and must comply with the privacy and security requirements of HIPAA as well as those for the electronic transactions. If a provider does not send any of the HIPAA electronic transactions (using EDI or via a direct data entry system OR through an agent such as a billing service), the provider is not a HIPAA covered entity and is not required to abide by the privacy standards. Use of a fax to send information does not qualify as using a HIPAA electronic transaction. Strange as it may seem, such a provider can send protected health information by fax or e-mail (shudder) and the HIPAA cops can't get him. However, who is to say what vulnerability there might be from litigation if such a provider does not observe the standard of care that HIPAA privacy regulations have established for the healthcare industry? Joan Joan Boyle HIPAA Compliance Manager The TriZetto Group, Inc. Voice: 970-627-1675 Fax: 970-627-1677 [EMAIL PROTECTED] *** Confidentiality Notice *** This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, January 31, 2003 8:58 AM To: WEDI SNIP Privacy Workgroup List Subject: Covered Entity or Not At a meeting yesterday of our parent organization's privacy officers we had a discussion I'd appreciate some feedback on. One of the organizations is a long-term care/retirement facility that indicated they do not bill electronically. Therefore they are not a covered entity. However, after further discussion they indicated they do in fact send via fax and/or email individual identifiable health information to other covered entities (ie hospitals, referral agencies, and referring agencies). Some contended because they did not use EDI, they didn't really need to comply, others indicated they were because they do send PHI via electronic media. Can anyone provide an insight? Thanks. Charles. Charles R. Carnahan, M.Div., M.B.A. Chief Operating Officer CAB Health and Recovery Services, Inc. 111 Middleton Road Danvers, MA 01923 Phone: 978-739-7600 FAX: 978-750-3620 www.cabhealth.org * --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
Re: Covered Entity or Not
The answer is in the covered entity definition found at 160.103 Covered entity means...A health care provider who transmits any health information in electronic form in connection with a transaction covered by this subchapter So the transmission must be in connection with a standard transaction (e.g. claims, eligibility, encounter, claims status, referal certification and authorization, etc.) Regards, lhc Leah Hole-Curry, JD FOX Systems, Inc. 602.708.1045 Information transmitted is confidential and may be proprietary to FOX Systems, Inc. It is intended only for the person or entity to which it is addressed. Anyone else is prohibited from disclosing, copying, or disseminating the contents or attachments. If you receive this in error, please notify sender immediately, or us at www.foxsys.com and delete from your system. [EMAIL PROTECTED] 01/31/03 08:59 AM At a meeting yesterday of our parent organization's privacy officers we had a discussion I'd appreciate some feedback on. One of the organizations is a long-term care/retirement facility that indicated they do not bill electronically. Therefore they are not a covered entity. However, after further discussion they indicated they do in fact send via fax and/or email individual identifiable health information to other covered entities (ie hospitals, referral agencies, and referring agencies). Some contended because they did not use EDI, they didn't really need to comply, others indicated they were because they do send PHI via electronic media. Can anyone provide an insight? Thanks. Charles. Charles R. Carnahan, M.Div., M.B.A. Chief Operating Officer CAB Health and Recovery Services, Inc. 111 Middleton Road Danvers, MA 01923 Phone: 978-739-7600 FAX: 978-750-3620 www.cabhealth.org * --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
