HIPAA Isn't a Shield Against
Third-Party Payor Audits
A frequent question of physicians, medical practices and other providers I represent is whether the HIPAA Privacy Rule prohibits them from providing third-party payors with access to medical records for the purposes of an audit. In other words, does HIPAA prevent third-party payors from conducting post-payment audits?
The Privacy Rule, which provides a foundation of federal protection for private health information, sets important boundaries on the release of medical records to third parties. The Rule prohibits a health care provider from disclosing protected health information without an authorization by the patient, unless this prohibition would interfere with patient access to, or the quality of, health care. An underlying premise of the Rule is that access to treatment and efficient payment for health care is essential to the effective operation of the health care system, and that certain health care operations are essential to support treatment and payment. Read full article
Withholding Information From Health Plans --
What Does HIPAA Say?
If a patient asks you not to report treatment to his or her health plan, are you prepared to carry out that request?
HIPAA privacy regulations have always given individuals the right to request restrictions on how health care providers use or disclose their information, but until recently, health care providers have always had the discretion to say "no" to these requests.
If you are a health care provider, however, the HITECH amendments to HIPAA include a new right: When a patient receives treatment and pays for that treatment entirely out of his or her own pocket, the patient may request that you not share information about the treatment with the patient's health plan -- and you must honor that request. Read full article
Private Payor Audits of Health Care Providers:
Know Your Rights
The recent focus on Recovery Audit Contractor (RAC) audits and health care reform has not distracted private third party payors, including Blue Cross Blue Shield of Michigan (BCBSM), from their usual audit practices. Post payment audits by private payors are alive and well in Michigan.
What Triggers An Audit?
The biggest mystery in the audit process is its origin. Often, no discernable reason ever emerges as to why a provider has been selected for an audit. However, over the years, we have been able to identify some general circumstances that often lead to an audit. I have outlined three of them here. Read full article