Author: Demuro, Paul

Source: AHIMA Convention

Publication Date: October 10, 2001

I. Preemption of State Laws

The general rule is that a standard, requirement, or implementation specification adopted under HIPAA that is contrary to a provision of state law preempts or supersedes the provision of State law. 45 CFR §160.203.

Contrary, when used....

Author: Dennis, Jill Callahan

Source: Journal of AHIMA

Publication Date: April 2008

The privacy rule is just six, but gaps in its coverage have already widened. Now some organizations are recommending that the rule—or something like it—expand to cover any organization that handles personal health information in any form.



Six years ago....

Author: Dennis, Jill Callahan

Source: Journal of AHIMA

Publication Date: February 2001

The HIPAA-mandated privacy officer role offers a new opportunity for HIM professionals. What skills are required, and what needs to be done first? This article answers these questions.
As healthcare organizations roll out their plans for HIPAA implementation, many HIM profession....

Author: Derhak, Mike

Source: In Confidence (newsletter)

Publication Date: September 02, 2003

Inappropriate sharing of protected health information. Sending intimidating e-mails. Browsing inappropriate Web sites. Downloading unauthorized Web content. Software, music, or video piracy. These are just a few examples of internal security breaches companies may face. According to the 2003....

Author: Derlink, Amy L; Schembari, Elaine

Source: Journal of AHIMA

Publication Date: March 2012

Responding to an audit can be hectic and stressful, but HIM professionals must remember to hold external record reviewers accountable to good privacy and security practices.

When you visit the hair salon, take an exercise class, or sit across from a financial planner, you expect them....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: April 2015

The spiders of time have been hard at work on the US healthcare privacy and security rules, to the point that their place in health IT interoperability has become fogged and is inhibiting their proper role in the meaningful exchange of health information, according to Lucia Savage, JD, th....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: February 2012

The HIPAA transaction standards-meant to streamline financial and administrative transactions-have instead devolved into a kind of free-for-all. Now the first operating rules are in hand to standardize use of the standards and gain the efficiencies originally intended.

When it....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: August 2010

Provisions within the HITECH Act require that covered entities notify individuals if their protected health information is breached. However, the current regulation allows an exemption if the risk of harm is slight. Assessing risk can be subjective, and privacy officers have been working to cr....

Author: Dimick, Chris

Source: Journal of AHIMA - website

Publication Date: March 2011

Note: this article has been updated to reflect changes implemented through the HITECH Act.

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: September 2010

The calendar is marching steadily toward October 2013, when all healthcare organizations must begin submitting claims using the ICD-10-CM and ICD-10-PCS code sets. Much needs to be done in making the transition, and healthcare organizations should have taken major steps in their preparation al....

Author: Dimick, Chris

Source: AHIMA regulation analysis | Journal of AHIMA

Publication Date: March 2013

At 138 fine-print pages, the final rule detailing the HITECH Act’s modifications to HIPAA privacy and security requirements is not a quick or easy read. But it is an important read since the content of the Federal Register post drastically impacts HIM professionals and their business....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: August 2009

In California, teasing apart state and federal breach notification laws highlights the challenges organizations everywhere face in determining their responsibilities under ARRA’s new privacy regulations.

Within healthcare organizations, the temptation for some staff can be great: wh....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: April 2012

It has been a decade since the first privacy officers took their jobs in response to the HIPAA privacy rule. A slew of changes since then have added more responsibility, required more skills, and demanded more time of them than anyone could have imagined.

When Nancy Davis, R....

Author: Dimick, Chris

Source: Journal of AHIMA

Publication Date: February 2010

The movement to give patients better access to and control of their health information is giving HIM a new customer: the patient. That requires a shift in both operations and culture.

HIM, MEET THE new patient.

While a simple release of information on paper might have once....

Author: Dinh, Angela K.

Source: Journal of AHIMA

Publication Date: September 2009

In 2008 the Centers for Medicare and Medicaid Services (CMS) conducted 10 HIPAA security assessments in covered entities (CEs) nationwide. CMS’s stated purpose was not to identify flaws but to gain a true understanding of industry compliance with the HIPAA security rule.

CMS co....

Author: Dinh, Angela K.

Source: External - used with permission

Publication Date: May 02, 2008

This article, written by an AHIMA HIM Practice Director and published in the Journal of Healthcare Compliance (May/June 2008) offers six tips to help organizations stay current, strive for compliance, and prepare for the future.

Author: Dixon-Lee, Claire

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
Code Sets: Improving the Quality of Coded Data
Presented by Claire Dixon-Lee, PhD, RHIA Future of Code Sets
Data Content Standardization Data Elements including formats and definitions Code Sets and values
Maximum defined data set Computer-....

Author: Dougherty, Michelle

Source: In Confidence (newsletter) | AHIMA Q and A

Publication Date: February 02, 2003

Question: I am a long-term care (LTC) consultant. An attorney for a facility I contract with stated the organization does not have to provide a notice of privacy practices to the residents in the facility on April 14, 2003, when the privacy rule becomes effective. Only newly admitted resident....

Author: Dougherty, Michelle

Source: Journal of AHIMA

Publication Date: November 2002

You've attended seminars, read articles, outlined systems, and developed forms for implementing the privacy rule, but there is still one step left--actually writing the policies and procedures. For many practitioners, policies and procedures are important but are often put off, then forgotten.....

Author: Dougherty, Michelle

Source: Journal of AHIMA

Publication Date: November 2001

Q: Where can I find the updated data elements and data definitions for the Uniform Hospital Discharge Data Set (UHDDS)?

Q: Where can I find an easy-to-use glossary for terms in the HIPAA regulations?

Michelle Dougherty (michelle.dougherty@ahima.org) is an HIM practice manager....

Author: Dougherty, Michelle

Source: AHIMA practice brief | Journal of AHIMA

Publication Date: November 2001

This practice brief has been retired. It is made available for historical purposes only.

Author: Dougherty, Michelle

Source: Journal of AHIMA

Publication Date: October 2001

If we could look into a crystal ball and see into the future, it would be much easier to prepare for HIPAA, particularly the electronic transaction standards. Because of the rarity of crystal balls these days, we must rely on other predictors at our disposal, such as the white paper issued by t....

Author: Dougherty, Michelle

Source: Journal of AHIMA

Publication Date: April 2002

In recent months, anthrax outbreaks and concern over bioterrorism threats have created a greater need for the US to have a system to monitor and report public health information in a timely manner. The Centers for Disease Control and Prevention (CDC) are developing standards for a new approach....

Author: Dougherty, Michelle; Hughes, Gwen

Source: Journal of AHIMA

Publication Date: September 2001

Q: My facility's records contain a variety of psychiatric documentation including therapists' notes from their treatment sessions with patients. How can I determine what requires special protection under HIPAA? Do I need to separate some of the documentation from the medical record? C....

Author: Downing, Katherine

Source: Journal of AHIMA

Publication Date: April 2014

On January 25, 2013, the US Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) published the long-awaited HITECH-HIPAA Omnibus Final Rule in the Federal Register. As anticipated, the Omnibus Rule includes some of the most significant changes to patient priva....

Author: Downing, Kathy; Lucci, Susan; Lerch, Diane M

Source: AHIMA practice brief

Publication Date: October 2013

Editor's note: This update replaces the November 2010 practice brief "HIPAA Privacy and Security Training."


On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited Health Insurance Portability and Accoun....

Author: Downing, Kathy; McLendon, Kelly

Source: Journal of AHIMA

Publication Date: November 2013

Accounting of disclosures (AOD) is one "patient right" listed within the HIPAA Privacy Rule. Since the rules were implemented in 2003, AOD has been a topic of much discussion but has not generated much regulatory action from the US Department of Health and Human Services' (HHS) Office for....

Author: Downing, Kathy; McMillan, Mac

Source: Journal of AHIMA

Publication Date: October 2013

The American Recovery and Reinvestment Act (ARRA) of 2009, in section 13411, requires the US Department of Health and Human Services (HHS) to conduct periodic audits to ensure covered entities and business associates are meeting HIPAA compliance requirements.


The findings of....

Author: Downing, Kathy; Odia, Godwin

Source: AHIMA practice brief

Publication Date: November 2013

Editor’s note: This update supplants the 2009 practice brief “Redisclosure of Patient Health Information.”


Redisclosure is the act of sharing or releasing health information that was received from another source (e.g., external facility or provider) and made part....

Author: Dunn, Rose T

Source: External - used with permission

Publication Date: May 02, 2003

This worksheet has been developed to provide guidance on components to consider in developing the basis for a reasonable, cost-based charge for the Accounting for Disclosure (164.528). This worksheet is not intended to be all inclusive. Users are encouraged to discuss inclusions to this analysis with their facility’s cost accountant.

Author: Dunn, Rose T

Source: Journal of AHIMA

Publication Date: May 2003

The privacy rule allows a covered entity to charge a cost-based fee for providing an accounting of disclosure (AOD). Has your organization determined these costs? Calculating the actual costs may be more involved than you think. This article will discuss the requirements for setting the fee an....

Author: Dunn, Rose T

Source: Journal of AHIMA

Publication Date: January 2003

Author: Dunn, Rose T

Source: Journal of AHIMA

Publication Date: November 2010

Release of information will get easier as health IT advances. But for now, it can be a labor-intensive effort requiring more expenses than many outside the process may realize.

Healthcare organizations may perform their release of information function internally with employed st....

Author: Dunn, Rose T; Rose, Angela Dinh; Wieland, LaVonne R.

Source: AHIMA practice brief

Publication Date: November 2013

Editor’s note: The following article supplants information contained in the October 2002 “Required Content for Authorizations to Disclose” Practice Brief.


The HIPAA privacy rule became effective April 14, 2003, and established standards for information disclosure....

Author: Emerson, Mary

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
HIPAA Identifier Update

Presented by Mary Emerson, HCFA

SCOPE OF IDENTIFIER STANDARDS
Standard Unique Health Identifiers and allowed uses for Health Care Provider Health Plan Employer Individual

PROVIDER IDENTIFIER NPR....

Author: Firouzan, Patricia Anania; McKinnon, James

Source: Perspectives in Health Information Management

Publication Date: April 2004

Abstract


A 20-question survey was sent in the mail to HIM directors in Pennsylvania healthcare facilities to solicit feedback regarding implementation issues of the HIPAA privacy rule requirements. Questions focused on gathering basic demographic data, information on HIM involveme....

Author: Fodor, Joseph

Source: Journal of AHIMA

Publication Date: January 2004

As electronic health records (EHRs) become more commonplace in healthcare, changes, adjustments, and improvements will be inevitable. When designing, implementing, upgrading, or remediating an EHR system, your organization’s implementation team should consider the impact of complying wit....

Author: Frawley, Kathleen A.; Asmonga, Donald D.

Source: Journal of AHIMA

Publication Date: October 1998

On August 12, the Department of Health and Human Services (HHS) published the notice of proposed rule making on standards for the security of individual health information and electronic signature use by health plans, healthcare clearinghouses and healthcare providers. These standards are part....

Author: Frawley, Kathleen A.; Asmonga, Donald D.

Source: Journal of AHIMA

Publication Date: September 1998

On July 6, 1998, the Department of Health and Human Services (HHS) published a white paper on unique health identifiers for individuals. Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), HHS Secretary Donna Shalala is required to adopt standards that suppor....

Author: Fuller, Sandra R.

Source: Journal of AHIMA

Publication Date: October 1999

When the final security standards related to HIPAA are published later this year, the race to implement them will be on. Are you prepared? The author offers a handy set of guidelines.
The wait is almost over for the final security standards required by the Health Insurance Portability an....

Author: Fuller, Sandra R.

Source: Journal of AHIMA

Publication Date: February 2001

As children, most of us stood against a door frame while our parents recorded our height and the date on the wall. These marks climbed each year as reminders of the changes we were experiencing. When relatives visited, we proudly showed off our progress to adulthood.

These....

Author: Gallagher, Lisa; Yale, Ken

Source: In Confidence (newsletter)

Publication Date: August 02, 2003

The HIPAA privacy rule requires that a covered entity (CE) institute appropriate administrative, technical, and physical measures to reasonably safeguard the privacy of protected health information (PHI). In order to keep information “private,” it must be kept safe or secure. Therefore, logic....

Author: Gallagher, Patrick; Pavoni, Mary Mike

Source: In Confidence (newsletter)

Publication Date: April 02, 2003

HIPAA laws have strengthened patients’ rights concerning access to their private medical information while at the same time making them more aware of their rights. Consequently, more patients are going to be requesting an accounting of disclosures (AOD) in the future.
According to secti....

Author: Gellman, Robert

Source: Journal of AHIMA

Publication Date: October 2006

In the past year there have been some surprising twists in the interpretation of HIPAA’s criminal penalty. This article reviews current views of the penalty and considers the effect on sanctions for healthcare workers who fail to comply with health privacy policies.
The Statute and....

Author: Giannangelo, Kathy

Source: Journal of AHIMA

Publication Date: October 2005

With the clock ticking down to the HIPAA national provider identifier compliance deadline, HIM professionals should start thinking about the next HIPAA standard on the horizon, claims attachments. While not one of the original eight administrative transactions approved for use in the healthcar....

Author: Giannangelo, Kathy

Source: Journal of AHIMA - Coding Notes

Publication Date: October 2004

Coding professionals in acute care hospitals know that ICD-9-CM code modifications are implemented every October 1. This year, however, changes taking place will have far-reaching effects. The reason? The diagnosis portion of ICD-9-CM named under HIPAA has become the standard code set for repo....

Author: Gorton, Elisa R.; Lantis, James R. Jr.; Lemery, Chrisann

Source: External - used with permission

Publication Date: May 07, 2008

Health care providers have begun to raise concerns regarding what they perceive to be conflicts between requests for information, using language such as "any and all", and the HIPAA mandate to provide only the "minimum necessary." (Health Plan & Provider Report, BNA)

Author: Gradle, Brian D.

Source: Journal of AHIMA

Publication Date: September 2002

While HIM professionals work to implement HIPAA, courts across the nation continue to hear cases that could affect this work. Namely, these are cases related to state privacy laws.


HIPAA's "preemption" framework provides that state laws that are not contrary to HIPAA or that p....

Author: Gradle, Brian D.

Source: In Confidence (newsletter)

Publication Date: August 02, 2003

If you were to ask health information managers for a one-word response to HIPAA, the majority of the replies would likely be “privacy.”However, simply because the compliance date for the final security rule (which was published by the government in February and applies to electronic informati....

Author: Grant, Karen G.

Source: HIPAA Conference 2000

Publication Date: March 14, 2000

2000 HIPAA Conference Presentation
Organizing the Effort
Presented by Karen G. Grant, RHIA, Corporate Director, Health Information Services, Partners HealthCare System Goals
To maintain a secure and continuously available technology infrastructure for Partners HealthCare System Compl....