Miscellaneous / Hipaa Compliance

Hipaa Compliance

This essay Hipaa Compliance is available for you on Essays24.com! Search Term Papers, College Essay Examples and Free Essays on Essays24.com - full papers database.

Autor:  anton  13 December 2010
Tags:  Compliance
Words: 791   |   Pages: 4
Views: 698

The Health Insurance Portability and Accountability Act (HIPAA), became law in 1996. It requires health care providers, insurance companies and others involved in health care transactions to provide security on any system containing personal health information, store and transmit that information according to standardized rules, and place an automatic audit on files to help keep track of who should have access to them and whether those access rules have been violated. HIPAA complaints and violations that aren't fixed quickly are subject to a fine of between $100 per incident or a maximum of $25,000 per year for violation of a specific rule.

Administrators at the University of Colorado found a way to comply HIPAA to protect the integrity of electronic patient records. In addition to meeting the Privacy requirement of HIPAA, they needed a system to deal with their staff of medical professionals who move from computer to computer throughout their shifts. To be better equipped to achieve compliance, the hospital chose to use technology via a combination of a system called pcProx Sonar along with a software named eXactACCESS. When someone walks away from a workstation, a sonar device installed on the computer detects the change, and causes the computer to lock. Also, authentication via a user PIN is required. As a result, the integrity of the patient data is greatly enhanced. Doctors and nurses must pass their badge across the reader and then type their PIN. "Security access and work data is routed through eXactACCESS, bringing them right to their administrator-defined portion of the network. It allows them to log off one machine and onto another without any interruption in workflow, and their work is preserved just as they left it" (Unknown).

Health care fraud is another serious compliance issue with which the federal government continues to deal. Also an outgrowth of HIPAA, the Social Security Act section 1128C(a) of the Act created the Health Care Fraud and Abuse Control Program (HCFAC), a program to combat fraud and abuse in health care.

The Act requires that the monies recovered from health care investigations be deposited in the Medicare Trust Fund. All funds deposited in the Trust Fund as a result of the Act are available for the operations of the Trust Fund.

According to the Department of Health and Human Services and The Department of Justice Health Care Fraud and Abuse Program Annual Report for FY 2004,

"the Federal Government won or negotiated approximately $605 million in judgments and settlements.. The Medicare Trust Fund received transfers of more than $1.51 billion during this period, and an additional $99 million in federal Medicaid money was similarly transferred to the Centers for Medicare and Medicaid Services (CMS). The HCFAC account has returned over $7.3 billion to the Medicare Trust Fund since the inception of the program in 1997" (Monetary results n.d, 2005).

There are many examples of Medicare fraud. Some include: incorrect reporting of diagnoses or procedures to maximize payment, billing for services not furnished, alteration of medical documentation, billing non covered services as covered. Punishment for fraudulent and abusive activity can range from provider education and a request for overpayment, to assessment of Civil Monetary Penalties of up to $10,000 per service billed and/or criminal prosecution.

In one of the largest settlements reached by the Department of Justice(DOJ), "Gambro Healthcare agreed to pay more than $350 million in criminal fines and civil penalties to settle allegations that it submitted false claims"(Department of Justice, 2004). To ensure future compliance, Gambro established a Corporate Compliance Program which included policies and procedures, an education and training component, mechanisms for ongoing monitoring and auditing of operations to assess compliance, mechanisms for employees to anonymously report incidents of noncompliance, disciplinary actions for individuals violating compliance policies and procedures, and oversight of the compliance program by Compliance Officers and a Compliance Committee. In addition they submitted to a Corporate Integrity Agreement (CIA) with the Office of Inspector General (OIG) which in addition to the requirements set forth by the Corporate Compliance Program, mandated that Gambro periodically submit a variety of reports to the OIG for a period of 5 years.


Department of Justice. (December 2, 2004). Gambro Healthcare agrees to pay over $350 million to resolve civil & criminal allegations in Medicare fraud case. [Press release]. Retrieved January 38, 2006 from http://www.usdoj.gov/opa/pr/2004/December/04_civ_774.htm

Monetary results. (n.d.). 2005. The Department of Health and Human Services and the Department of Justice health care fraud and abuse program annual report for FY 2004. Retrieved July 28, 2006 from http://www.usdoj.gov/dag/pubdoc/hcfacreport2004.htm

Unknown. 2006. Network Access Compliance in the Cards. Security: For Buyers of Products, Systems & Services. May 2006, Vol. 43 Issue 5, p26May 2006. Retrieved July 27, 2006 from the EBSCOHost website.

Get Better Grades Today

Join Essays24.com and get instant access to over 60,000+ Papers and Essays

Please enter your username and password
Forgot your password?