There are different ways to interpret surveys but there seems to be some consensuses that banks need some education.
Survey: Banks Unprepared for HIPAA A new survey indicates banks are not ready to comply with provisions of the Health Insurance Portability and Accountability Act.... http://www.technologyinpractice.com/html/news/NewsStory.cfm?DID=8213 Here is a quote from the survey from www.mbproject.com sited below: 1. Need for more education and official guidance In general, banks require much more education with respect to HIPAA's impact on services provided to the medical segment. Regards, David Frenkel Business Development GEFEG USA Global Leader in Ecommerce Tools www.gefeg.com 425-260-5030 -----Original Message----- From: Rachel Foerster [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 6:20 PM To: [EMAIL PROTECTED] Subject: RE: HIPAA and the Banking System Michelle, I disagree. There is nothing in the law. the privacy rule or the electronic transaction rule that requires this. If you please there is, I'd sure appreciate the cite. Furthermore, a perusal of The Medical Bank Project (www.mbproject.org) clearly indicates that banks are becoming aware of the impacts of HIPAA to them in several areas, e.g., medical payments lock box operations, receipt and processing of both the 820 and 835. Rachel Rachel Foerster Principal Rachel Foerster & Associates, Ltd. Professionals in EDI & Electronic Commerce 39432 North Avenue Beach Park, IL 60099 Phone: 847-872-8070 Fax: 847-872-6860 http://www.rfa-edi.com -----Original Message----- From: Michelle Shores [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 6:04 PM To: [EMAIL PROTECTED] Subject: Re: HIPAA and the Banking System Just an interjection: All PHI needs to be seperate from the payment transaction from the bank. Provider Payment Solutions, Inc. www.pps.md is doing just that. Michelle Shores MergeCare.com ---- [EMAIL PROTECTED] wrote: > Rachel: > > I never kid, as you well know: I'm the most serious, pucker-faced person > around. Payers should be careful where they send 835 EOBs containing > PHI. Wouldn't it be a violation of the Security Rule if a bank - which > is not a covered entity and which most likely has no BA agreement with > the payer - receives an unencrypted EOB as part of a payment order from > that payer? And who's going to get into big trouble? Not the bank, I > suspect, who is not in the healthcare business and was the innocent > recipient of the 835 dripping with PHI. The payer is responsible for > knowing where its PHI is, and is culpable for having passed PHI to a > non-CE or entity with whom it has no BA agreement. > > I'm no HIPAA security whiz, but then nobody would have to be on this > issue if banks didn't try to be all things to all people in the first > place. Even one who is not "an old structured programming mainframe > legacy programmer who was disciplined on modular approaches and > independence of functions" might intuit that payments be separated from > remittances, lest their mingling cause all sorts of havoc. Payments are > orders to your bank to pay someone else, and remittances are sent to the > provider to explain why a payment has been (or will be) made. I suppose > payments and remittances might have something existentially to do with > each other, but wouldn't it be simpler to reconcile payments and > remittances in the A/R system at the provider's end? Even if it isn't > simpler (than for the provider or his software vendor to have both the > dollars and the remittances arrive together), it fortunately isn't my > problem. > > Anyway, banks don't even do the job of Clearinghouse or VAN very well: > the ACH system can't return X12 acknowledgements to the payer via the > payer's bank, which was the original reason X12F Finance doesn't want > 997s to report on IG compliance violations. > > William J. Kammerer > Novannet, LLC. > +1 (614) 487-0320 > > ----- Original Message ----- > From: "Rachel Foerster" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, 22 April, 2002 05:17 PM > Subject: HIPAA and the Banking System > > > William, > > > It's not a question of whether the banks will insist on providing > clearinghouse-type services to their customers.....many are today and > have been for years! The banks just aren't aware of what's heading their > way as a result of HIPAA. > > Certainly you're kidding when you say it's simpler for the providers to > reengineering their systems....what planet are you on! There are > literally hundreds of patient accounting/practice management systems > vendors serving the industry. This would not be a trivial effort! > > Rachel > > -----Original Message----- > From: William J. Kammerer [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 22, 2002 3:29 PM > To: [EMAIL PROTECTED] > Subject: Re: questions on the appropriate way to reply when there > areerror in a transaction request > > > There are two separate issues: > > (1) Payments and electronic funds transfer. The exclusion Sujay refers > to probably applies to the funds transfer and check clearing functions. > Technically, even though minimal PHI is revealed in a payment (either by > check or EFT) - such as possibly the name of the patient-subscriber and > that of the provider - because of the exclusion, banks don't come under > HIPAA privacy rules. > > (2) But if banks inexplicably insist on getting into the Clearinghouse > and VAN business by relaying PHI-laden EOBs, then it stands to reason > they become an entirely different animal (either a covered entity, or a > BA with the need to execute BA agreements with every other bank, > provider or payer they come into contact with). > > Isn't it just simpler all around for payers and providers to reengineer > their applications to (1) just send the EOB to the payee directly or > through a CE like a clearinghouse, and (2) separately order the bank to > transfer funds? > > Don't you remember the little sign that retailers often use to > discourage checks? "We have an agreement with the bank: They don't sell > ice cream, and we don't cash checks." > > William J. Kammerer > Novannet, LLC. > +1 (614) 487-0320 > > > > > ****************************************************** **************** > To be removed from this list, send a message to: [EMAIL PROTECTED] > Please note that it may take up to 72 hours to process your request. > > ====================================================== > The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. > Posting of advertisements or other commercial use of this listserv is specifically prohibited. > > >
