| The Health Insurance
Portability and Accountability Act (HIPAA)
passed by Congress in 1996 set new regulations
for protecting the confidentiality of
patient healthcare information. These
regulations require NRS and out clients
to: |
- Protect
the confidentiality of patient healthcare
information. The “protected
health information” (PHI) of
patients must
be identified and remain confidential
from the point it is recorded by a
client, transferred for billing purposes,
used by NRS
to file insurance claims or mail invoices
and stored by NRS and/or a client
for record keeping purposes.
|
- Not disclose
PHI unless permitted to do so. PHI
and related healthcare information
can only be used for the purposes
of filing insurance claims, mailing
invoices and conducting legitimate
business operations related to financial
transactions, record keeping and the
administration of a medical billing
system. All other uses of PHI must
be
approved by the patient prior to the
release of such information.
|
- Allow patients
to view and amend PHI if requested.
NRS and its clients must establish
a record keeping system that
allows patients to view and (in some
cases) amend their PHI. Amending the
PHI of a patient is permitted under
certain circumstances, but can be
denied in others. In all cases, the
patient has a right to view their
PHI along
with a record of other parties who
had access to such information.
|
- Report disclosures
of PHI, if they occur. NRS and/or
our clients must report inadvertent
or purposeful disclosures of
PHI to the patient, if they occur.
Such disclosures may involve civil
or criminal penalties.
|
- Provide accountability
for PHI practices. NRS and our clients
must provide accountability for business
practices, record
keeping and information management
related to the use or storage of PHI
to the Federal Department of Health
and Human Services (HHS), if requested.
|
| |
| To meet these requirements,
NRS and our clients enter into a “Business
Associate Agreement,” that outlines
the responsibilities of each organization
with respect to HIPAA. This agreement
defines the role of each organization
and details the responsibilities of
both NRS and its clients in complying
with the HIPAA regulations. |
| |
| For more details
on the “Business Associate Agreement”
and/or HIPAA Privacy please contact
your account manager. |
