I think the bottom line was there was no
funding to create a separate enforcement agency so CMS got the nod. OCR is an existing organization that is
staffing up for privacy enforcement.
Regards,
David Frenkel
Business Development
GEFEG USA
Global Leader in
Ecommerce Tools
www.gefeg.com
425-260-5030
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 16, 2002 10:24 AM
To: [EMAIL PROTECTED]
Subject: Re: FW: [HHSPRESS] HHS
RELEASE--HIPAA STANDARDS
Anyone wonder how CMS will police
itself? Mr. King-Shaw is also on record as saying at last year's HIPAA summit,
when pondering the question of who would be the TCS enforcer, "I say
anybody but us. We have enough problems with HIPAA as it is."
Theresa Defino
Editor
Practical Guidance on HIPAA and E-Health
For the Physician Practice
301-738-3721
In a message dated 10/15/2002 8:12:32 PM Eastern Daylight Time, [EMAIL PROTECTED]
writes:
Subj:FW: [HHSPRESS] HHS RELEASE--HIPAA STANDARDS
Date:10/15/2002 8:12:32 PM Eastern Daylight Time
From:[EMAIL PROTECTED]
Reply-to:[EMAIL PROTECTED]
To:[EMAIL PROTECTED]
Sent from the Internet
FYI
David Frenkel
Business Development
GEFEG USA
Global Leader in Ecommerce Tools
www.gefeg.com
425-260-5030
-----Original Message-----
From: US Dept of HHS: Press Releases, Other Info
[mailto:[EMAIL PROTECTED]] On Behalf Of Henneghan, Martha (HHS/OS)
Sent: Tuesday, October 15, 2002 11:35 AM
To: [EMAIL PROTECTED]
Subject: [HHSPRESS] HHS RELEASE--HIPAA STANDARDS
Date: October 15, 2002
For Release: Immediately
Contact: CMS Press Office
(202) 690-6145
Headline: CMS NAMED TO ENFORCE HIPAA TRANSACTION AND CODE SET STANDARDS
HHS Office for Civil Rights To Continue To Enforce Privacy Standards
HHS Secretary Tommy G. Thompson announced today that the Centers for
Medicare & Medicaid Services (CMS) will be responsible for enforcing the
transaction and code set standards that are part of the administrative
simplification provisions of the Health Insurance Portability and
Accountability Act of 1996 (HIPAA).
"HIPAA administrative simplification is going to streamline and
standardize
the electronic filing and processing of health insurance claims, save
money
and provide better service for providers, insurers and patients,"
Thompson
said.
"To accomplish this will require an enforcement operation that will
assure
compliance and provide support for those who file and process health
care
claims and other transactions," Thompson said. "CMS is the agency
best
able
to do this."
CMS will continue to enforce the insurance portability requirements of
HIPAA. The HHS Office for Civil Rights (OCR) will enforce the HIPAA
privacy
standards. CMS and OCR will work together on outreach and enforcement
and
on issues that touch on the responsibilities of both organizations -
such as
application of security standards or exception determinations.
Ruben J. King-Shaw Jr., CMS deputy administrator and chief operating
officer, said CMS will create a new office to bring together its
responsibilities under HIPAA, including enforcement.
"Concentrating these CMS responsibilities in a new office with a single
mission will give us the most efficient operation possible, while
providing
strong support for all our partners in the health care community,"
King-Shaw
said.
The new CMS office will establish and operate enforcement processes and
develop regulations related to the HIPAA standards for which CMS is
responsible. These standards include transactions and code sets,
security,
and identifiers for providers, insurers and employers for use in
electronic
transactions. The office will report directly to the deputy
administrator.
The office also will conduct outreach activities to HIPAA covered
entities
such as health care providers and insurers to make sure they are aware
of
the requirements and to help them comply.
Federal law requires most health plans, clearing houses, and those
providers
that conduct certain transactions electronically to be compliant with
the
HIPAA transactions standards by Oct. 16, 2002, unless they file on or
before
Oct. 15 for a one-year extension. Those who are not compliant and have
not
filed for the extension may be subject to statutory penalties.
(The law gives certain small health plans until Oct. 16, 2003 to
comply).
Enforcement activities will focus on obtaining voluntary compliance
through
technical assistance. The process will be primarily complaint driven
and
will consist of progressive steps that will provide opportunities to
demonstrate compliance or submit a corrective action plan.
**********************************************************************
To be removed from this list, send a message to: [EMAIL PROTECTED]
Please note that it may take up to 72 hours to process your request.
======================================================
The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
Posting of advertisements or other commercial use of this listserv is
specifically prohibited.
