By By Paul Keane
Publisher
A new regulation going into effect Monday will make an impact on healthcare providers and the patients they treat. And while most of the changes will be subtle and cause only a little bit of extra paperwork, providers want the public to be aware of what will happen beginning Monday.
The privacy section of the Health Insurance Portability and Accountability Act (HIPAA) will take effect on Monday, meaning all healthcare providers from hospitals to doctors and pharmacists to dialysis units must now make patients aware of their privacy policies. For patients, that basically means signing an additional consent form and becoming educated on what information can be shared about themselves.
In a nutshell, all patient information will be restricted from being shared except in three specific cases:
While agreeing that many of the measures are good ones that will eventually have a positive effect, some healthcare providers are concerned about what it may do to smaller operations.
Jim Justice, owner of Greenlawn Pharmacy and a former president of the State Pharmaceutical Association, said there will be some delays caused by the additional and that smaller businesses could be hurt.
"It's going to take longer to do business now," he said. "There's going to be so much documentation, and we're going to have to ask people to be patient while we work through these new systems.
"And it's costing so much to put these new measures into place. The health plans are saying 'Here's an extra dollar per prescription so that you can cover these costs,' so we're having to cover the investment. It's just the cost of doing business."
In addition to printing privacy policy forms to give to patients and purchasing new software to handle the new procedures, Greenlawn and many other healthcare providers have had to purchase special HIPAA manuals, normally produced by various healthcare associations. The one that Greenlawn purchased cost more than $300.
Greenlawn Pharmacy has placed Cheryl Wooten, who heads the Home Health Services of the company, as its HIPAA compliance officer. She pointed out that most of the regulations tied into this legislation will be good for both providers and patients in the long run.
"When all the regulations are in place, we'll all have one number to identify us with insurance companies," she said. "Instead of us having a Medicaid number, a Blue Cross/Blue Shield number and all types of other numbers for each insurance carrier, we will have one number. Employers will also have one number to identify them, and that will help streamline the process.
"This will also help employees that are changing jobs. They will eventually have some portability with their insurance, and that is a good thing. Most of these changes will be good, but it's causing additional paperwork and some delays in the early going."
Both Justice and Wooten admitted to having attended numerous training seminars and meetings over the past 16 months in regards to HIPAA. He hopes that everyone in the healthcare profession is "up to speed" and ready to implement the changes come Monday.
"It's sure going to change the tenor of everything," he said. "It's affecting every healthcare provider in the country, and I hope that everyone realizes what is needed and what has to be done starting Monday."
Greenlawn is installing some electronic signature devices that will eventually allow customers to sign once for both the consent forms and the HIPAA forms.
"We've been having people sign for records for tax purposes and other needs for quite some time now," Justice said. "But it used to be a simple release, and now it is two pages long.
"During one of our training sessions for our company, one of our pharmacists asked when we were going to have time to fill prescriptions since we were going to filling out so much paperwork."
The law that takes effect Monday will also change the way patients can obtain information. No longer will a spouse be allowed to obtain information about a husband or wife, and employers will be limited in what they can obtain. Parents will still be able to obtain information on minor children, though.
Healthcare providers will also have to be careful about what information they may accidentally disclose. Say, for instance, that a neighbor of a pharmacist walks into a drugstore and the pharmacist asks him how his high blood pressure is going. Starting Monday, in the technical sense, that would be a violation punishable by fines and possible imprisonment. Civil penalties – i.e., malpractice lawsuits – would not apply under the legislation, but stiff penalties and reprimands can be administered to violators of the practices.
Rick Owens, director of the business office and business services at Atmore Community Hospital, is the HIPAA compliance director for the local hospital. He said some common sense measures should eliminate any accidental disclosures.
"The privacy rule is only part of the total package of legislation, but it is the one that affects us the most," Owens said. "This is not unlike what the banking industry went through a few years ago, when they were handing out privacy policy forms to every customer when they made a deposit or conducted other business at the bank.
"As a corporation, we are trying to approach this from a practice standpoint. We've talked to staff members about being aware of their surroundings, talking in a soft voice when discussing a patient and to turn papers face down when in a common work area so that others can't read the patient forms and charts. We've also taught staff members to do simple things like turn on their screen savers or turn their monitors off when they have to walk away from their desks or have to work with a fellow employee or patient at their desk. This keeps people from inadvertantly seeing patient information."
ACH Administrator Bob Gowing said he's already seen some slight backlash from the new regulations.
"It can be problematic from a logistics standpoint," Gowing said. "Just the other day, we had someone call the emergency room and ask about a patient. They said they were a member of the family and needed to know what the status of the patient was. We were not able to give out any information, even to confirm or deny that the patient was there, and the caller got very upset.
"We hope that people will understand that we have to comply with the law, and that protecting the patient's identity is first and foremost."
That includes covering up or blocking out any type of materials that could identify a patient. That means an x-ray with the normal listing of patient name and other information could be temporarily blocked out in order to protect the indentity of the patient.
"Anything that can identify a patient is now protected," Owens said. "Patient confidentiality is nothing new to our profession, but now we're putting in some additional measures to further protect that confidentiality. We're still able to exchange information for the care of the patient and normal business operations, but other elements are going to be strictly protected."
The hospital, too, has put in new measures to meet HIPAA standards. In the past, patient documents were shredded. Now, though, they are placed in a secured lock box and picked up by an independent firm, which tracks it all the way through proper disposal and destruction.
"We've found that while that measure cost us a little bit of money, it is actually going to save us money in the long term," Gowing said. "It used to be that we would have to have an employee take the time to shred each document, then you had the problem of the equipment breaking or needing to be maintained. Now, they just slide it into a locked box that they have no access to, and they spend less time on document destruction and more time on patient care."
Gowing added that while some smaller healthcare providers may feel a crunch from the initial investment, things could have been much worse.
"It could have been very cost prohibitive for everyone," Gowing said. "But with the government and various committees and boards listening to the healthcare and insurance profession, they made some modifications to the original legislation and have made it more tolerable from a financial standpoint."
Owens said once the entire program is implemented by sometime in 2005, the healthcare profession should benefit from the regulations.
"What the program is trying to do in the long term is put everyone on a level playing field as far as communicating is concerned," he said. "There will be universal diagnostic and billing codes, and each providers will have one number that will apply to all health insurance providers. That should help us in the way of speeding up insurance claims, reimbursements and in treating the patient."
And the patient is the bottom line, Gowing said.
"To a degree, you're going to see the normal type of information exchange more restricted," he said. "But the intent of this is to protect the patient.
"I think these restrictions would have come about with or without the technology advances we've made in the last few years. You would be surprised what people can learn about you through the Internet, but I think these restrictions and protections would have happened with or without that technology. There are so many companies out there that are so competitive and want these patient lists to market their products, they need to be protected. "
Owens echoed those sentiments.
"We need to benefit from this technology, but we've got to put a protective shell around all the information."