After several years of wrangling, the deadlines finally are in place and now is the time for healthcare providers, insurers and clearinghouses to finalize their respective plans for implementation and compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
In December, the U.S. House of Representatives and Senate collaborated on a bill — signed into law by President Bush — that sets Oct. 16, 2002 as the deadline for compliance with many HIPAA regulations and standards. The target date does, however, offer some “wiggle room” in the form of a one-year extension for healthcare entities that may not be able to meet some HIPAA criteria.
A word of warning, however. The extension applies only to non-compliance with HIPAA’s rules on transaction standards and code sets. Other HIPAA statutes — such as privacy, security and identifier provisions — still must be in place by October 2002.
Healthcare organizations that need an extension must submit their HIPAA compliance plan with the U.S. Department of Health and Human Services (HHS) by the same Oct. 16, 2002 deadline and detail how and when they will meet HIPAA statutes. HHS neither will accept nor reject the plan. The entity also must tell HHS whether it plans to use a vendor to meet HIPAA standards.
Another key date in the timetable to HIPAA compliance is April 14, 2003. By then, healthcare organizations must begin testing their transaction and code set systems with other healthcare entities to make sure all processes are working correctly.
Advancing HIPAA
The Healthcare Information and Management Systems Society (HIMSS of Chicago) has been an advocate of HIPAA since the proposal’s early days to ensure the security and privacy of patient records and to standardize technologies of transmitting medical and transaction data from one location to another. HIMSS collaborated with the American Health Information Management Association (AHIMA of Chicago) to create the Coalition for Health Information and Policy (CHIP) to help promote HIPAA. Both HIMSS and AHIMA supported the provision for a one-year extension for entities that needed more time to implement HIPAA measures.
Please refer to the February 2002 issue for the complete story. For information on article reprints, contact Martin St. Denis
