Chapter 3: Regulatory Requirements Flashcards
BAA
business associate agreement
e-PHI
electronic protected health information
HIPAA
Health Insurance Portability and Accountability Act
MOU
memorandum of understanding
SLA
service-level agreement
breach notification rule
Requires covered entities to notify affected individuals, the HHS secretary, and possibly the media when protected health information (PHI) has been breached
business associate agreement (BAA)
A contract used between healthcare entities and third parties to establish a mutual understanding of safeguards of e-PHI.
covered entity
Health Insurance Portability and Accountability Act (HIPAA) is designed to protect health information used by health insurance plan providers, healthcare clearinghouses, and healthcare providers. These three entities are classified as covered entities. Basically, a covered entity is anyone or any organization required to submit to HIPAA rules.
electronic protected health information (e-PHI)
HIPAA protects the electronic information that can be used to identify an individual. e-PHI is information created, used, or disclosed about a patient while providing healthcare.
eligible provider
Hospitals or professionals participating in incentive programs must meet meaningful use criteria to be eligible to receive incentive money.
enforcement rule
Establishes penalties for violations to HIPAA rules and procedures following a violation, such as investigations and hearings.
Health Insurance Portability and Accountability Act (HIPAA)
A law created in 1996 to provide a standard set of rules that all covered entities must follow to protect patient health information and to help healthcare providers transition from paper to electronic health records.
healthcare clearinghouse
A business that receives healthcare information and translates that information into a standardized format to be sent to a health plan provider. A healthcare clearinghouse is sometimes called a billing service. Basically, a healthcare clearinghouse is a middle person that processes healthcare information.
ICD 9
HIPAA mandated a standard format for electronic provider and diagnostic codes. The current standard has limitations that restrict the full use of EMR/EHR software.
ICD 10
HIPAA mandated a standard electronic format for provider and diagnostic codes. The new standard is intended to grow with the functional needs of the healthcare industry. The http://www.cms.gov website offers more details about ICD-10.