• E-mail
• Print
• RSS

* Sorting out HIPAA enforcement
* Documenting tests for "high risk" patients
* Pay-per-view article: SNFs: Self-audits can head off trouble

Compliance Monitor, April 28, 2003

Want to receive articles like this one in your inbox? Subscribe to Compliance Monitor!

Sorting out HIPAA enforcement

Q:If two covered entities under the Health Insurance Portability and Accountability Act (HIPAA) determine that they fit the criteria for an organized health care arrangement, but one entity violates HIPAA, what is the liability of the other?

A: The question of liability is not addressed in the regulation itself. You may have to wait for the Office of Civil Rights and the Centers for Medicare and Medicaid Services to enforce HIPAA to see how they will handle these issues. It might be wise for an organized health care arrangement to consult an attorney about the 'hold harmless' clause. Under these managed care contract clauses, providers and health plans generally agree not to hold the other responsible in the event of malpractice or financial insolvency.

There is, however, a larger question for all covered entities, not just organized health care arrangements: If a covered entity has a compliance program in place, and a workforce member commits a violation, who is assessed civil penalties?

If we look at the government's previous enforcement efforts, we can imply that covered entities are at the greatest risk of liability if they do not have a reasonable compliance program in place. But if a covered entity has its workforce in HIPAA compliance, and has documented training, the liability may go to the workforce member who commits the violation.

One tip to keep in mind: Patients cannot sue a covered entity under HIPAA, but they can use the law as evidence of a standard or relationship in an invasion of privacy or breech of confidentiality action.

This question was answered by Marion Neal, President of HIPAASimple.com.

Go to "SNFs: Self-audits can head off trouble" for the rest of this article. The cost is $10. Subscribers to the online version of Health Care Auditing Strategies have free access to this article. Subscribers to the print edition can find it in their April issues.

A $30 steal!

You can read this article—and much more—in the entire April issue of Health Care Auditing Strategies. Your cost: Three stories for only $30! You get a step-by-step guide to effective EMTALA compliance audits, and you'll learn the ABCs of auditing for inaccurate DRG assignments. Choose between a PDF or HTML version for just $30. Online subscribers have free access to this issue. Print newsletter subscribers can find it in their mailboxes.

Q: When a physician performs a lab test because a patient has a symptom or a specific condition, we document the symptom in the patient's medical record. For example, we would put "sore throat" for throat culture. Do you have any suggestions to properly document the reasons for a screening test, such as a pap smear, HIV, Chlamydia or other screening in a an asymptomatic person who is at risk for a disease? Can the physician write "at risk for cervical cancer" as an appropriate reason for the test?

A: Your example of documentation would be sufficient to indicate that the patient is a "high risk" patient and would properly support the reason for the test.

Proper documentation in the medical record will determine if a test billed to Medicare for reimbursement will withstand an audit from your carrier.

Medicare will not pay for "screening tests," with the exception of several tests that are set up based on their frequency, such as pap smears and mammograms. Therefore, if a physician orders a test for screening purposes, but the asymptomatic patient is a high risk patient for the disease in question, then the physician should document enough information in the record to clearly state that the patient is of "high risk status."

This question was answered by Rick Oliver, JD, CHCO, CPC, MT (ASCP), director of compliance at AmeriPath, Inc.

Want to receive articles like this one in your inbox? Subscribe to Compliance Monitor!

• E-mail to a Colleague
• Print
• RSS
• Archive