13 COMPLIANCE AND ETHICS
13.3 Health Insurance Portability and Accountability Act
The Health Insurance Portability and Accountability Act (HIPAA, also known as the Kennedy-Kassebaum Bill) was signed into law in August 1996. The legislation improves the portability and continuity of health benefits, ensures greater accountability in the area of health care fraud and simplifies the administration of health insurance.
IntegraNet strives to ensure both IntegraNet and contracted participating providers conduct business in a manner that safeguards patient/member information in accordance with the privacy regulations enacted pursuant to HIPAA. Providers must have the following procedures in effect since April 14, 2003, to demonstrate compliance with the HIPAA privacy regulations.
IntegraNet recognizes its responsibility under the HIPAA privacy regulations to only request the minimum necessary member information from providers to accomplish the intended purpose. Conversely, providers should only request the minimum necessary member information required to accomplish the intended purpose when contacting IntegraNet. However, please note the privacy regulations allow the transfer or sharing of member information, which may be requested by IntegraNet to conduct business and make decisions about care such as a member’s medical record to make an authorization determination or resolve a payment appeal. Such requests are considered part of the HIPAA definition of treatment, payment or health care operations.
Fax machines used to transmit and receive medically sensitive information should be maintained in an environment with restricted access to individuals who need member information to perform their jobs. When faxing information to IntegraNet, verify the receiving fax number is correct, notify the appropriate staff at IntegraNet and verify the fax was appropriately received.
Email (unless encrypted) should not be used to transfer files containing member information to IntegraNet (e.g., Excel spreadsheets with claim information). Such information should be mailed or faxed.
Please use professional judgment when mailing medically sensitive information such as medical records. The information should be in a sealed envelope marked confidential and addressed to a specific individual, P.O. Box or department at IntegraNet.
The IntegraNet voicemail system is secure and password-protected. When leaving messages, providers should only leave the minimum amount of member information required to accomplish the intended purpose.
When contacting IntegraNet, providers should be prepared to verify their name, address and tax identification number or national provider identifier number.