How HIPAA Violations Affect the Medical Billing Process for Patients with AIDS - Coursework Example

How HIPAA Violations Affect the Medical Billing Process for Patients with AIDS HIPAA and Confidentiality The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides guidelines as to how patients’ health information and identifying personal data is exchanged between providers and third parties (HRSA, 2010). The discussion of how to keep confidential medical records secure is an ongoing controversy and the increase in the rise of identity theft continues to present challenges for the medical industry and businesses alike. In this paper a discussion of what HIPAA is suppose to do, what happens in instances when patient confidentiality is violated, and how breeches and violations of confidentiality affect certain groups of patients namely those with Acquired Immune Deficiency Disorder (AIDS). H. I. P. A. A. Professional groups such as lawyers, accountants, doctors, psychologists, nurses and other specialty groups are governed by ethical canons of conduct regulating their behavior and influencing how they interact with patients and handle confidential information (Washburn, 2001). The practices of securely maintaining patient information along with guidelines addressing topics that are permissible in conversation between professionals are areas of growing concern. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is an attempt to secure and protect the privacy of patients’ medical history, diagnoses, treatments, and financial information. The Act establishes a set of national standards as to how medical records are shared electronically (HRSA, 2010). By using specific technological processes and procedures patient information can be exchanged safely via written correspondence, facsimile, or verbal communication. The rise in identity theft is one of the motivating reasons for the passage of the Act; the implementation of HIPPA is to ensure and to protect the public from unauthorized disclosure of personal information with the potential of being illegally used by third parties (Office of Civil Rights, 2010). Additionally whereas securing the privacy of patients is of paramount concern, Erlen (2004) recognizes the need for a national standard to protect the privacy and security of certain health information, but stresses the need for the development of communication technology with healthcare delivery of medical records into an integrated system (p. 411). Her assertion implies that the need for securing personal data is as equally important as the development of a system that protects and uses technology to refine the processes of transferring information between providers. HIPAA allows for the reduction in the competing forces of securing privacy and using technology simultaneously to reduce medical costs and make the exchange of patient information seamless and secure (Erlen, 2004, pp. 410-411). Confidentiality and the Medical Billing Process In general the practice of billing for medical services is done through a third party, namely a medical billing services or a special unit within a medical practice specializing in insurance claims processing. Uniformity in how insurance claims and requests for payment were processed prior to the passage of HIPAA in 1996 was haphazard and without continuity; the Act provides specific guidelines in which billing units and services must comply, otherwise the companies are subject to penalties and fines for non-compliance and jeopardizing the safeguarding of patient confidentiality (Confidentiality, 2010). Specifically HIPAA governs how patient information is exchanged through electronic resources using codes as a means of protecting the privacy of patients’ information from unscrupulous use. The codes are specific for medical billing and designed in such a way that in the event of a theft or a computer is compromised the stolen information would be of little use without the knowledge to translate or interpret the data. Whereas nurses, doctors, and others involved in the medical profession are sworn to secrecy by signing employment documents asserting compliance with the regulations occasionally unethical behavior occurs whether by oversight or intent. The Social, Ethical, and Legal Ramifications of Violations Medical workers have a social responsibility as members of the profession to ensure services are performed in an ethical and legally sanctioned method. The relationship between provider and patient is one built on trust (Erlen, 2004, p. 412); therefore it is in the best interest of providers to implement internal procedures to safeguard that trust. By initiating precautions to reduce the possibility of breeches in trust or violations under the regulations of HIPAA the rights of individuals are not knowingly violated. Nurses in particular due to the intimacy of their relationship with patients must exercise sound judgment and ethical practices ensuring confidentiality as the first line of contact in medical offices (Erlen, 2004, p. 413). The Hippocratic Oath taken by physicians and other practitioners states, “The physician should not reveal confidential information without the express consent of the patient, subject to certain exceptions which are ethically justified because of overriding considerations. The patient should be able to make this disclosure with the knowledge that the physician will respect the confidential nature of the communication” (AMA, 2010). AIDS and Patient Privacy HIPAA does not specifically address the needs of patients with AIDS as a protected class or group however because of public perception regarding the disease extra precautions are taken to ensure privacy. In a study by LaTanya Sweeney an assistant professor of Public Policy and Computer Science at Carnegie Mellon University, she highlights how accessible information is and how with the right knowledge to de-code the electronic transmissions of medical records identification of AIDS patients is easily obtainable (Washburn, 2001, p. 24). In the example Sweeney captures medical data and decodes the prescriptions of medications to identify the medical conditions; then this information is cross referenced with the public records of the Department of Motor Vehicles identifying the name, address, and other pertinent information of the patients. The example demonstrates the accessibility of information is readily available for those with the knowledge of where to look and the importance of finding solutions to possible breeches and violations of privacy and confidentiality. Washburn (2001) asserts that certain medical information has the potential of having devastating affects when used improperly. He cites how certain medical information such as psychiatric records, sexual histories, drug and alcohol abuse histories, genetic testing, and others (AIDS) is information that should be held in confidence (p. 27). Conclusion The Health Resources and Services Administration (HRSA) is the regulatory agency that oversees administration of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Office of Civil Rights along with the Department of Health and Human Services (DHHS) monitor compliance and issues penalties and sanctions for non-compliance (HRSA, 2010). Safeguarding the privacy of patient information is a growing concern, however with the use of technology and the creation of methods of transmitting data confidentiality can be maintained. The importance of understanding and knowing how to apply the regulations of HIPAA are essential in maintaining a socially responsible, ethical, and legal medical practice. References American Medical Association. Code of Medical Ethics. Retrieved 18 December 2010 from http://www.ama-assn.org/ama/pub/physician-resources/medical-ethics/code-medical- ethics/opinion505.shtml Confidentiality: What Is Its Role in Medical Billing? (2010). Retrieved 14 December 2010 from http://www.medicalbillingandcoding.org/blog/confidentiality-what-is-its-role-in- medical-billing/. Erlen, J. (2004). HIPAA -- clinical and ethical considerations for nurses... first of two papers. Orthopaedic Nursing, 23(6), 410-413. Retrieved from EBSCOhost Database. Retrieved 17 December 2010 from http://web.ebscohost.com.ezproxy.apollolibrary.com/ehost/detail?hid=122&sid=46c25a5 e-a959-4a95-8591f7ae2c64ca9d%40sessionmgr114&vid=7&bdata=JnNpdGU9Z Whvc3QtbGl2ZQ%3d%3d#db=rzh&AN=2005037696- Health Resources & Services Administration. (2010). Retrieved 15 December 2010 from http://www.hrsa.gov/servicedelivery/hipaa.html. Office of Civil Rights. (2010). Retrieved 16 December 2010 from http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html Washburn, E. R. (2001). Medical Privacy: From the 4th Amendment to HIPAA. Physician Executive, 27(5), 22. Retrieved 17 December 2010 from EBSCOhost Database. http://web.ebscohost.com.ezproxy.apollolibrary.com/ehost/pdfviewer/pdfviewer?hid=122 &sid=41434b89-6bc0-4257-8450-b48b0196cc90%40sessionmgr115&vid=4. Read More