David, You have a good suggestion but unfortunately it is not all that uncommon for government legislation to conflict between federal agencies and departments.
Regards, David Frenkel Business Development GEFEG USA Global Leader in Ecommerce Tools www.gefeg.com 612-237-1966 -----Original Message----- From: David Blasi [mailto:[EMAIL PROTECTED]] Sent: Friday, February 21, 2003 8:16 AM To: WEDI SNIP Privacy Workgroup List Subject: Re: DOL vs. HIPAA I would just add that I hope that if CMS decides to expand on this in a Q&A or in whatever manner they choose that they consult with their counterparts at the DOL. I have made comments several times about the discrepancy between HIPAA and ERISA. It benefits everyone if as much information about how claims were paid are included on an EOB. That is ERISA's goal. Very simply the HIPAA concerns can be addressed by the patient having the EOB sent to an alternative address or requiring that it be addressed to the patient. It is then up to the patient to control their own PHI. A health plan should not be responsible for someone opening another person's mail. >>> "David Ermer" <[EMAIL PROTECTED]> 02/20/03 07:37PM >>> Michele -- I am not aware of any HHS statement in the 12/28/2000 preamble to the effect that diagnosis information must be stripped from the EOB in order to achieve Privacy Rule compliance. I have quoted the relevant preamble statements below my signature. Although HHS has not issued any dictates about the substance of the EOB, it's important to recall that payment communications such as the EOB are subject to the minimum necessary rule. Consequently, if it's not necessary to communicate the diagnosis to achieve the purpose of the communication, then the diagnosis shouldn't be included. Getting to your question, a valid purpose of the EOB is communicate payment information in compliance with with ERISA. Therefore, in my opinion, if ERISA requires disclosure of the diagnosis in a particular situation, e.g, at the appeal stage, the disclosure of the diagnosis on the EOB would fit within the minimum necessary standard. I do agree with you that it would be helpful for DOL to provide official guidance integrating the claims processing rule with the Privacy Rule. Best regards, Dave Ermer P.S. Here are the 12/28/00 preamble statements that I found: Comment: A commenter noted that the definition of "disclosure" should reflect that health plan correspondence containing protected health information, such as Explanation of Benefits (EOBs), is frequently sent to the policyholder. Therefore, it was suggested that the words "provision of access to" be deleted from the definition and that "disclosure" be clarified to include the conveyance of protected health information to a third party. Response: The definition is, on its face, broad enough to cover the transfers of information described and so is not changed. We agree that health plans must be able to send EOBs to policyholders. Sending EOB correspondence to a policyholder by a covered entity is a disclosure for purposes of this rule, but it is a disclosure for purposes of payment. Therefore, subject to the provisions of § 164.522(b) regarding Confidential Communications, it is permitted even if it discloses to the policyholder protected health information about another individual (see below). Comment: Certain commenters explained that third party administrators usually communicate with employees through Explanation of Benefit (EOB) reports on behalf of their dependents (including those who might not be minor children). Thus, the employee might be apprized of the medical encounters of his or her dependents but not of medical diagnoses unless there is an over-riding reason, such as a child suspected of drug abuse due to multiple prescriptions. The commenters urged that the current claim processing procedures be allowed to continue. Response: We agree. We interpret the definition of payment and, in particular the term 'claims management,' to include such disclosures of protected health information. Comment: One commenter requested that we create a standard that all information from a health plan be sent to the patient and not the policyholder or subscriber. Response: We require health plans to accommodate certain requests that information not be sent to a particular location or by particular means. A health plan must accommodate reasonable requests by individuals that protected health information about them be sent directly to them and not to a policyholder or subscriber, if the individual states that he or she may be in danger from disclosure of such information. We did not generally require health plans to send information to the patient and not the policyholder or subscriber because we believed it would be administratively burdensome and because the named insured may have a valid need for such information to manage payment and benefits." Gordon & Barnett 1133 21st St., NW, Suite 450 Washington, DC 20036 202-833-3400 ext 3009 (voice) 202-223-0120 (fax) www.gordon-barnett.com >>> <[EMAIL PROTECTED]> 02/20/03 18:16 PM >>> Looking for some thoughts from all... HIPAA preamble references the ability to send EOBs to the subscriber containing member information as long as the diagnosis is stripped. We view this and felt as though this would extend to diagnosis description, procedure code and procedure description and have been making efforts to change our wording to high level descriptors such as 'lab', 'office visit', etc. The DOL regs however are requiring detailed information regarding why services have been denied. For example, 'gastric bypass surgery not a covered benefit'. How are others reconciling these two Federal regulations? Michele S. Eberle Corporate Privacy Officer The Regence Group ph. 503-553-5069 fax. 503-225-5431 [EMAIL PROTECTED] ======================================================================== === IMPORTANT NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited. Nothing in this email, including any attachment, is intended to be a legally binding signature. --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to leave-wedi-privacy-149 [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
