|
Rachel,
Applying just about any encryption algorithm (including a
simple Caesar code) to the SSN would generate an ID that would pass the
California requirements with minimal effort on the payer's part.
(Fixed algorithm, single key for the payer, encrypt/decrypt on
the way in and out of the back end system).
What's their problem? A no-sweat solution has been
available longer than that law has been in existance!
The opinions expressed here are my own and not necessarily the opinion of
LCMH.
Douglas M. Webb Computer System Engineer Little Company of Mary
Hospital & Health Care Centers [EMAIL PROTECTED]
"This electronic message may contain information that is confidential
and/or legally privileged. It is intended only for the use of the individual(s)
and entity(s) named as recipients in the message. If you are not an
intended recipient of the message, please notify the sender immediately,
delete the material from any computer, do not deliver, distribute, or copy this
message, and do not disclose its contents or take action in reliance on the
information it contains. Thank you."
----- Original Message -----
Sent: Saturday, September 20, 2003 03:35
PM
Subject: RE: Insurance cards with no
Insured ID
Chris, the following highlight of this law seems to indicate
that the use of
the SSN is allowed. Printing a SSN on an insurance card is
expressly
prohibited.
Rachel
CALIFORNIA'S NEW SOCIAL SECURITY
NUMBER CONFIDENTIALITY LAW
California's Social Security Number
Confidentiality Law takes effect on July
1, 2002. Identity theft in America
is on the rise, and this new law attempts
to protect against it by limiting
the use of social security numbers by
private entities. Most employers use
social security numbers for reporting
and identification purposes, and this
law may well impact the way you
currently use social security
numbers.
Effective July 1, 2002, "any entity or person," excluding
state and local
governmental agencies, is prohibited from:
Publicly
posting or displaying an individual's social security number;
Printing
an individual's social security number on any card required to
access
products or services provided by the employer. (This includes
social
security numbers on insurance cards, employee identification cards,
security
badges, and similar identification tools);
Requiring an
individual to transmit his or her social security number over
the Internet,
unless the connection is secure or the social security number
is encrypted;
Requiring an individual to use his or her social security number to
access
an Internet Web site, unless a password or unique personal
identification
number or other authentication device is also required to
access the Web
site; and
Printing an individual's social security
number on any materials that are
mailed to the individual, unless state or
federal law requires the social
security number to be on the document
mailed (e.g., mailing I-9 and W-2
forms). Notwithstanding this provision,
applications and forms sent by mail
may include social security
numbers.
The new law has two exceptions applicable to
employers:
It does not prevent the use of social security numbers for
internal
verification or administrative purposes; and
It does not
prevent the use, collection, or release of a social security
number as
required by state or federal law.
The total impact of the new law on
California employers is still not
entirely clear because the law does not
define important terms such as
"application," "form," or "materials" sent
by mail, and "for internal
verification or administrative purposes." It is
also unclear whether the law
applies to ERISA-governed
benefits.
There is a safe harbor provision for employers who have
consistently and
continuously used employees' social security numbers in a
manner that
violates the newly-passed legislation. To qualify for the safe
harbor
provision the employer must:
Engage in the non-conforming
practice continuously and without interruption
(the law's prohibitions
automatically apply if the practices cease for any
reason);
Provide
employees with an annual disclosure, beginning in 2002, informing
the
individual that he or she has the right to stop the use of his or
her
social security number in a manner prohibited by the statute;
Implement an individual's written request to stop the use of his or
her
social security number in a manner prohibited by the law within 30 days
of
receipt of the request, and no fee or charge may be required
for
implementing the request; and
Not deny services to any individual
who makes a written request to stop the
use of his or her social security
number in a manner prohibited by statute.
The safe harbor provision may
not be of significant help for California
employers because employees can
opt out of non-conforming social security
number use any time after July 1,
2002.
We recommend that employers: (1) carefully examine their uses of
employee
social security numbers, (2) identify any non-conforming
practices, and (3)
consider modifying documents or delivery methods. We
note that the use of
social security numbers on the itemized statements
which must accompany
paychecks will remain unaffected since that use is
required by California
law.
Although the outlook remains unclear,
this attempt by the California
legislature to eradicate identity theft and
protect employee privacy will
impact many employers' current uses of social
security numbers.
Please contact John McLachlan if you would like a
complete copy of the new
legislation, have any questions, or wish to
discuss the matter further. He
can be reached at (510) 763-4411 or at [EMAIL PROTECTED].
-----Original
Message-----
From: Christopher Feahr [mailto:[EMAIL PROTECTED]
Sent:
Friday, September 19, 2003 1:12 PM
To: WEDI SNIP Transactions Workgroup
List
Subject: Re: Insurance cards with no Insured ID
You're
saying it's OK for payers in CA to continue using SSN as the primary
means
of identifying patients in their systems... but that the SSN cannot
be
printed on a wallet-card? So we CAN use the numbers to identify people
but we must cease and desist the evil practice of using paper cards to
identify people??
Does the law prohibit only "wallet sized",
ink-on-paper renderings? What
about mag-stripe or bar-coded SSNs on
wallet cards?
Bizarre...
At 12:15 PM 9/19/2003 -0400, William J.
Kammerer wrote:
>I don't think the California law bans using the SSN as
an ID - just
>that it can't be printed on an identification card.
Since most
>everyone knows his own SSN, that shouldn't be much of a
handicap.
>
>If Susan were able to "do" an electronic eligibility
inquiry using the
>name and SSN, and perhaps the adddress, then surely
that same
>information should be suitable for filing a claim, wouldn't
you think?
>
>William J. Kammerer
>Novannet,
LLC.
>Columbus, US-OH 43221-3859
>+1 (614)
487-0320
>
>
>----- Original Message -----
>From:
"Doug Webb" <[EMAIL PROTECTED]>
>To: "WEDI SNIP
Transactions Workgroup List"
><[EMAIL PROTECTED]>
>Sent:
Friday, September 19, 2003 11:47 AM
>Subject: Re: Insurance cards with
no Insured ID
>
>
>William,
>Mainly because of the "I
dunno" response from the insurance company.
>That indicates to me that
they have no idea what the proper ID is. If
>they had come up
with any positive response, working with them would
>be, indeed, the
better option.
>
>They're being a pain, and blaiming HIPAA when
the cause is California
>law banning the use of SSN as ID.
Sometimes, the only way to get some
>payers (most are great guys, but a
few...) to clean up their act is to
>apply pressure from the ones who
are actually paying them (the
>policyholders).
>
>The
opinions expressed here are my own and not necessarily the opinion
>of
LCMH.
>
>Douglas M. Webb
>Computer System
Engineer
>Little Company of Mary Hospital & Health Care Centers [EMAIL PROTECTED]
>
>
>
>
----- Original Message -----
> From: William J.
Kammerer
> To: WEDI SNIP Transactions Workgroup
List
> Sent: Friday, September 19, 2003 10:02
AM
> Subject: Re: Insurance cards with no Insured
ID
>
>
> Doug, why can't Susan file the
claim? The patient surely knows her
>own
> SSN,
so leave off the member ID on the Subscriber NM1, and include
a
> secondary reference to the SSN. Can't insurance
companies find out
>which
> subscriber (or patient)
is being referred to solely by the name and
>the
>
SSN? They have computers, don't they? Why put the patient in the
>middle
> of this?
>
>
William J. Kammerer
> Novannet, LLC.
>
Columbus, US-OH 43221-3859
> +1 (614)
487-0320
>
> ----- Original Message
-----
> From: "Doug Webb" <[EMAIL PROTECTED]>
> To:
"WEDI SNIP Transactions Workgroup List"
> <[EMAIL PROTECTED]>
>
Sent: Friday, 19 September, 2003 10:04 AM
> Subject: Re:
Insurance cards with no Insured ID
>
>
>
Susan,
> 1) Blaming HIPAA for this fiasco is totally
bogus.
>
> 2) "I dunno" is a totally unacceptable
response from the insurance
>
company.
>
> 3) If you can't get a vaild insurance ID,
you can't file a claim. A
>270
> query MAY
reval the proper information. You shouldn't have to do so
>to
> get a valid ID. Bill the patient.
Inform the the insurance company
> that you will do this,
and will give the patient X days to pay before
> being
referred to your collector. The insurance company will
probably
> respond "You can't do that!"; you can respond "We
can and will if you
> don't clean up your
act!"
>
> The opinions expressed here are my own and
not necessarily the opinion
> of
LCMH.
>
> Douglas M. Webb
> Computer
System Engineer
> Little Company of Mary Hospital &
Health Care Centers
> [EMAIL PROTECTED]
>
>
"This electronic message may contain information that is
confidential
> and/or legally privileged. It is intended
only for the use of the
> individual(s) and entity(s)
named as recipients in the message. If
>you
> are not
an intended recipient of the message, please notify the
sender
> immediately, delete the material from any
computer, do not deliver,
> distribute, or copy this
message, and do not disclose its contents or
> take action
in reliance on the information it contains. Thank
you."
>
>
>
> ----- Original
Message -----
> From: Susan
Hollabaugh
> To: WEDI SNIP Transactions
Workgroup List
> Sent: Friday, September 19,
2003 07:17 AM
> Subject: Insurance cards with no
Insured ID
>
>
>
> We have begun receive
patients in our California Imaging Centers who
> present
Insurance cards with no Insured ID.
>
> Here is the
experience as reported from our Director in the
region:
>
> "One Health Plan and Aetna are issuing new
insurance cards without the
> Insurance Identification
Number. I called both insurances to ask why,
> and was told,
"HIPAA". Both are in the process of issuing new cards to
>
ALL members
>
> So I asked, the patient, "what is your
Insurance ID number?". "I
>dunno"
> , was the
answer
>
> So I asked the insurance companies, "are we
to assume that the ID
>number
> is the social
security number?" "I dunno" , was the answer. They would
>
not provide me with the ID number."
>
> How are we
going to bill a patient's insurance company under these
>
circumstances? How are others dealing with this situation? Will
this
> necessitate Eligibility verification? Could we find
the information
>that
> we need that way? If this
extends throughout the market, it will be a
> nightmare for
providers.
>
> EDI Project
Manager
> 8754 Dunstable
Loop
> Bristow, VA
20136
>
>
>
>---
>The WEDI SNIP listserv to
which you are subscribed is not moderated.
>The
>discussions on
this listserv therefore represent the views of the
>individual
participants, and do not necessarily represent the views of the
>WEDI
Board of Directors nor WEDI SNIP. If you wish to receive an official
>opinion, post your question to the WEDI SNIP Issues Database at
>http://snip.wedi.org/tracking/. These listservs should not
be used for
>commercial marketing purposes or discussion of specific
vendor products
>and services. They also are not intended to be
used as a forum for
>personal disagreements or unprofessional
communication at any time.
>
>You are currently subscribed to
wedi-transactions as:
>[EMAIL PROTECTED] To unsubscribe from this
list, go to the
>Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank
>email to [EMAIL PROTECTED]
>If
you need to unsubscribe but your current email address is not the
>same
>as the address subscribed to the list, please use the
>Subscribe/Unsubscribe form at http://subscribe.wedi.org
Christopher
J. Feahr, O.D.
Optiserv Consulting (Vision Industry)
http://Optiserv.com
http://VisionDataStandard.org
Office
(707) 579-4984
Cell (707) 529-2268
---
The
WEDI SNIP listserv to which you are subscribed is not moderated.
The
discussions on this listserv therefore represent the views of the
individual
participants, and do not necessarily represent the views of the
WEDI Board
of Directors nor WEDI SNIP. If you wish to receive an official
opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/.
These listservs should not be used for
commercial marketing purposes or
discussion of specific vendor products and
services. They also are
not intended to be used as a forum for personal
disagreements or
unprofessional communication at any time.
You are currently subscribed
to wedi-transactions as: [EMAIL PROTECTED] To
unsubscribe from
this list, go to the Subscribe/Unsubscribe form at
http://subscribe.wedi.org or send a blank
email to
[EMAIL PROTECTED]
If
you need to unsubscribe but your current email address is not the same
as
the address subscribed to the list, please use the
Subscribe/Unsubscribe
form at http://subscribe.wedi.org
---
The
WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board of
Directors nor WEDI SNIP. If you wish to receive an official opinion, post your
question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/.
These listservs should not be used for commercial marketing purposes or
discussion of specific vendor products and services. They also are not
intended to be used as a forum for personal disagreements or unprofessional
communication at any time.
You are currently subscribed to
wedi-transactions as: [EMAIL PROTECTED]
To
unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank
email to [EMAIL PROTECTED]
If
you need to unsubscribe but your current email address is not the same as the
address subscribed to the list, please use the Subscribe/Unsubscribe form at
http://subscribe.wedi.org
---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-transactions as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
|
