  |
|
|
Benefits in the News > By Subject >Health plan admin - HIPAA |
| View Recent Headlines | Now Viewing Excerpts and Recent Headlines |
|
HIPAA Update: HHS Proposes Adoption of ICD-10 Code Sets and Updated Electronic Transaction Standards Excerpt: "The Department of Health and Human Services (HHS) has released a long-awaited proposed regulation that would replace the ICD-9-CM code sets now used to report health care diagnoses and procedures with greatly expanded ICD-10 code sets, effective Oct. 1, 2011. In a separate proposed regulation, HHS has proposed adopting the updated X12 standard, Version 5010, and the National Council for Prescription Drug Programs standard, Version D.0, for electronic transactions, such as health care claims. Version 5010 is essential to use of the ICD-10 codes." (International Foundation of Employee Benefit Plans) [Guidance Overview] New Guidelines Proposed for HIPAA Transaction Standards Excerpt: "The Department of Health and Human Services has proposed two rules to update transaction standards and code sets for the administrative simplification provisions of the Health Insurance Portability and Accountability Act of (HIPAA). The proposed rules appeared in the August 22 Federal Register." (Wolters Kluwer) [Guidance Overview] HHS Proposes That Electronic Transaction Standards and Updated Code Sets Be in Place Between 2010 and 2011 Excerpt: "EBIA Comment: The electronic transaction standards and code sets, part of HIPAA's administrative simplification provisions, contain rules that must be followed when health plans, other covered entities, and their business associates conduct HIPAA-covered electronic transactions. It can be expected that updates and additions to these transaction standards and code sets will occur periodically as they (and related computer technology) are improved or modified to accommodate changes in the health care and health plan areas." (Employee Benefits Institute of America) Corrective Action Plan and $100,000 Fine Illustrate Tougher HHS Stance on HIPAA Enforcement Excerpt: "For the first time, a covered entity (CE) under the privacy and security rules has made a $100,000 payment to Uncle Sam and agreed to subject itself to three years of monitoring by HHS for losing unencrypted laptop computers and backup data more than two years ago." (AISHealth.com) HHS Office Resolves More Than Half of HIPAA Complaints Without Investigation Excerpt: "An HHS office has resolved more than half of complaints about possible violations of the medical privacy rule issued after the passage of the Health Insurance Portability and Accountability Act without investigation, according to a Des Moines Register review of state and federal records." (Kaiser Family Foundation) [Guidance Overview] HHS Enters into Resolution Agreement With Covered Entity to Settle Potential Violations of HIPAA Privacy and Security Rules Excerpt: "This Resolution Agreement may signal that enforcement efforts are picking up with respect to violations of the HIPAA privacy and security rules. Covered entities (whether providers or group health plans) must be vigilant about ongoing compliance with the HIPAA privacy and security rules -- the price of noncompliance can be hefty fines and penalties as well as the resulting adverse publicity." (Employee Benefits Institute of America) HHS Imposes Corrective Action Plan and First Fines Under HIPAA Privacy and Security Rules Excerpt: "HIPAA, among other things, requires those covered entities that collect protected health information to protect and safeguard such information against loss and theft. Violations of HIPAA are policed and enforced by HHS. Earlier this month, HHS reached a settlement regarding alleged HIPAA violations ('Resolution Agreement') with Providence Health & Services, a health services company located in the western United States." (Troutman Sanders LLP) First-Ever Monetary Settlement Reached for HIPAA Violation (PDF) 2 pages. Excerpt: "On July 17, 2008, the Department of Health and Human Services ('DHHS') announced that it had entered into a Resolution Agreement with Seattle-based Providence Health & Services ('Providence') to settle potential violations of the Privacy and Security Rules. As part of this Agreement to resolve potential violations stemming from lost and stolen computers containing health information, Providence agreed to pay $100,000 and to implement a detailed corrective action plan to 'ensure that it will appropriately safeguard identifiable electronic patient information against theft and loss.'" (Dechert LLP) Providence Health & Services to Pay First HIPAA Fine of $100,000 Excerpt: "Providence Health & Services agreed to pay $100,000 to resolve HIPAA privacy and security allegations, in the first such monetary settlement since the privacy rules took effect in 2003. The U.S. Department of Health and Human Services (HHS) had received more than 30 privacy and security complaints against Providence for its widely publicized losses of laptops and other sensitive items in 2005 and 2006." (Thompson Publishing Group Inc.) CMS Officials Provide Informal Views on HIPAA Security Issues Excerpt: "The Joint Committee on Employee Benefits (JCEB) of the American Bar Association has reported on its May 5, 2008 Q&A session with officials from the Centers for Medicare and Medicaid Services (CMS)." (Employee Benefits Institute of America) [Opinion] Bad Medicine, Under Guise of Helpfulness, Big Pharma Wants Your Confidential Medical Records Excerpt: "[A California] bill, SB 1096, was sponsored by Sen. Ron Calderon (D-Montebello) and would have allowed pharmacies to sell patients' prescription and medical information to third-party entities -- including Adheris, Inc., the bill's main business backer. The ostensible goal behind the bill was to allow Adheris and other similar marketing companies to mail 'reminder' notices to patients so they wouldn't forget to take their medication." (San Francisco Bay Guardian via Consumer Watchdog) [Guidance Overview] The Genetic Information Nondiscrimination Act of 2008 (PDF) Excerpt: "As noted in [this bulletin], sponsors of group health plans will not know GINA's full implications until regulations are issued (final regulations must be issued by May 2009). However, amendments to the HIPAA Privacy Rule must be issued within 60 days, and those amendments might require more immediate attention from plan sponsors." (The Segal Group, Inc.) [Guidance Overview] Genetic Information Nondiscrimination Act Becomes Law (PDF) 4 pages. Excerpt: "Under Title I, employer-sponsored group health plans and health insurers providing group health plan coverage are prohibited from restricting enrollment or adjusting premium or contribution amounts for the group on the basis of genetic information. They may not request, require or purchase genetic information prior to an individual's enrollment in the plan or request or require genetic testing of the individual or a family member for underwriting purposes. However, a plan or issuer that obtains such information incidental to the collection of other information prior to enrollment will not be in violation of the law as long as it is not used for underwriting purposes." (Buck Consultants) [Guidance Overview] HIPAA Privacy Information for Consumers Now Available in Eight Languages on HHS Website Excerpt: "HHS has posted HIPAA privacy consumer information on its website in eight languages: English, Chinese, Korean, Polish, Russian, Spanish, Tagalog, and Vietnamese. The information includes two consumer brochures -- 'Privacy and Your Health Information' and 'Your Health Information Privacy Rights,' plus a fact sheet that explains how to file a privacy complaint and a form for filing a privacy complaint." (Employee Benefits Institute of America) HIPAA Health Information Privacy Consumer Brochures in Eight Languages Released Excerpt: "The Office for Civil Rights (OCR) has posted on its health information privacy Web site two consumer brochures, Privacy and Your Health Information and Your Health Information Privacy Rights, in eight languages: Chinese, Korean, Polish, Russian, Spanish, Tagalog, Vietnamese and English. Previously the brochures were available in English and Spanish. These brochures educate health care consumers about the HIPAA Privacy Rule." (International Foundation of Employee Benefit Plans) Google Health Launches to Questions About Privacy Excerpt: "Google has formally launched its Google Health effort to allow patients access their personal health records no matter where they are, from any computing device, through a secure portal hosted by Google." (eWeek) [Guidance Overview] Prominent Provisions of the Genetic Nondiscrimination Act Excerpt: "The Secretary of Labor is provided new enforcement authority. It may impose a penalty against the plan sponsor or issuer for failure to meet the requirements of ERISA §§ 701 and 702 regarding genetic information and discrimination. The permissive penalty is $100 per day for each participant or beneficiary to whom the failure applies. If the failure is discovered by the Secretary before it is corrected, however, a minimum penalty of at least $2,500 per person shall apply (or, where the violations have been more than de minimis, at least $15,000 per person shall apply)." (Deloitte) [Guidance Overview] Congress Passes Legislation Prohibiting Genetic Discrimination by Health Plans and Employers Excerpt: "The legislation amends the HIPAA portability rules in ERISA, the PHSA, and the Code, adding new provisions regarding genetic information that will apply to group health plans and insurance issuers offering group health insurance coverage, as well as provisions for insurance issuers in the individual market. It also requires amendments to the HIPAA privacy regulations and prohibits discrimination in the workplace on the basis of genetic information." (Employee Benefits Institute of America (EBIA)) [Guidance Overview] Benefits Quiz from the April 2008 Trucker Huss Benefits Report (PDF) Pages 1-2 of 10 pages. Excerpt: "The . . . questions are designed to refresh, and to fine tune, your benefits expertise. Some of the answers (which are found on page 8 of this Newsletter) may surprise you." (Trucker Huss) Congress Inadvertently Legalizes Sharing of Genetic Information Without Patient Consent Excerpt: "'While authors of the recently passed Genetic Information Nondiscrimination Act of 2008 (H.R. 493) had good intentions, the bill inadvertently legalizes the sharing of genetic information without patient consent,' says Sue Blevins, president of the Institute for Health Freedom (IHF). 'It does so by applying HIPAA regulations to genetic data.'" (PRNewswire-USNewswire via NewsBlaze) [Guidance Overview] Side-by-Side Comparisons of Current and 'HIPAA 2' EDI Standards Posted on CMS Website Excerpt: "EBIA Comment: Health plans are required to comply with the EDI standards that apply to all covered entities, as well as some additional requirements specific to health plans. Covered entities (including health plans) and their business associates may find the side-by-side comparisons helpful in assessing the potential impact of the HIPAA 2 changes." (Employee Benefits Institute of America) [Guidance Overview] Multiemployer Health Plans Must Be Vigilant About HIPAA Security Compliance Excerpt: "Health plan sponsors should first review and complete all the appropriate remediation steps outlined in their initial HIPAA security risk assessment. The purpose of that initial assessment was to set out a roadmap towards compliance. As a result, if any action items are outstanding, the plan sponsor should address those security gaps immediately." (The Segal Group, Inc.) [Guidance Overview] HIPAA Security Compliance Requires Ongoing Efforts Excerpt: "Health plan sponsors should first review and complete all the appropriate remediation steps outlined in their initial HIPAA security risk assessment. The purpose of that initial assessment was to set out a roadmap towards compliance. As a result, if any action items are outstanding, the plan sponsor should address those security gaps immediately." (The Segal Group, Inc.) [Guidance Overview] CRS Report for Congress: Summary of the Employee Retirement Income Security Act (ERISA) (PDF) 76 pages; April 10, 2008. Excerpt: "The Employee Retirement Income Security Act of 1974 (ERISA) provides a comprehensive federal scheme for the regulation of employee pension and welfare benefit plans offered by employers. ERISA contains various provisions intended to protect the rights of plan participants and beneficiaries in employee benefit plans. These protections include requirements relating to reporting and disclosure, participation, vesting, and benefit accrual, as well as plan funding. ERISA also regulates the responsibilities of plan fiduciaries and other issues regarding plan administration. ERISA contains various standards that a plan must meet in order to receive favorable tax treatment, and also governs plan termination. This report provides background on the pension laws prior to ERISA, discusses various types of employee benefit plans governed by ERISA, provides an overview of ERISA's requirements, and includes a glossary of commonly used terms." (Congressional Research Service, U.S. Library of Congress) [Guidance Overview] Eligibility Requirement of More Than Twenty Hours of Active Employment Was Not Discriminatory Under HIPAA Excerpt: "EBIA Comment: Typical pre-HIPAA actively-at-work clauses provided that an employee who was absent on the day that coverage would otherwise begin would not be covered until he or she was back at work. These actively-at-work provisions violate HIPAA's nondiscrimination rules unless employees who are absent due to a health condition are treated as if they were actively at work. On the other hand, as this case illustrates, plans are permitted to enforce nondiscriminatory eligibility conditions, even if they operate to exclude participants who fail to satisfy those conditions because of a health factor." (Employee Benefits Institute of America) [Guidance Overview] Legal Compliance for Wellness Programs (PDF) 4 pages. (International Foundation of Employee Benefit Plans via Miller & Chevalier Chartered) Recent Data Breaches Spark Criticism of Medical Privacy Laws Excerpt: "Recently disclosed data breaches at University of California-Los Angeles Medical Center have led some critics of federal and state medical privacy laws to question whether the laws are strict enough, the Los Angeles Times reports." (California HealthCare Foundation; free registration may be required) [Guidance Overview] DOL Checklist Offers Key to the Mysteries of Wellness Program Identification Excerpt: "The U.S. Department of Labor (DOL) recently issued Field Assistance Bulletin (FAB) No. 2008-02, which includes a Wellness Program Checklist, in response to questions concerning what types of programs must be in compliance with the final regulations. The DOL's Wellness Program Checklist takes some of the uncertainty out of this process." (Little Mendelson P.C.) [Guidance Overview] DOL Checklist Offers Key to the Mysteries of Wellness Program Identification Excerpt: "The U.S. Department of Labor (DOL) recently issued Field Assistance Bulletin (FAB) No. 2008-02, which includes a Wellness Program Checklist, in response to questions concerning what types of programs must be in compliance with the final regulations. The DOL's Wellness Program Checklist takes some of the uncertainty out of this process." (Little Mendelson P.C.) [Guidance Overview] Does Your Wellness Program Comply with the HIPAA Nondiscrimination Regulations? (PDF) 3 pages. Excerpt: "On February 14, 2008, the Department of Labor . . . issued Field Assistance Bulletin No. 2008-02 covering: What types of health promotion or disease prevention programs . . . offered by a group health plan must comply with the HIPAA nondiscrimination regulations; and How to determine whether your company's wellness program complies. . . . The bulletin includes a checklist and related analysis, which are summarized [in the target document.]" (Holme Roberts & Owen LLP) [Guidance Overview] DOL Provides Further Guidance on Wellness Programs Highlights from the DOL's recently published checklist for wellness plans to be HIPAA-compliant. (JPMorgan; free registration required to access paper) [Guidance Overview] IRS Joins DOL to Close Wellness Plan Loophole in HIPAA Excerpt: "The requirement that the supplemental coverage not differentiate among individuals based on any health factor is key. Effectively, IRS and DOL are saying they will not treat supplemental coverage as a HIPAA excepted benefit that is exempt from the HIPAA nondiscrimination rules unless the supplemental coverage itself satisfies the HIPAA nondiscrimination rules. Thus, tying the wellness plan reward to the supplemental coverage will prevent such coverage from being a HIPAA excepted benefit – and the wellness plan will have to satisfy the HIPAA nondiscrimination rules." (Deloitte via BenefitsLink.com) [Guidance Overview] Eliminating the HIPAA Catch-22 in Clients' Estate Plans Excerpt: "One major problem created by HIPAA is its impact on planning for incapacity. Most clients have estate plans that provide for someone else to manage their affairs or make health-care decisions for them if they are unable to do so themselves. This would include their successor trustees of revocable or irrevocable trusts, agents under any financial powers of attorney or medical powers of attorney. A common structure is for these powers to spring into effect upon the incapacity of the individual, as determined by a physician's certification. Unfortunately, your physician might consider making such a certification of incapacity to be a prohibited disclosure of private medical information." (Morningstar) [Guidance Overview] 'Sixty Seconds of Privacy' an E-Newsletter - Storage of Individual Health Records Excerpt: "Each edition of this e-newsletter addresses one interesting legal development in the area of privacy and data security, in a brief 'question and answer' format. Each edition is intended to be read in about a minute, yet will update you on an important development." (Thelen Reid Brown Raysman & Steiner LLP) CMS Releases Sample HIPAA Security Interview and Document Request Guidelines for Investigators Excerpt: "EBIA Comment: Although many of the items in the document list do not come as a surprise, the list provides valuable insight into what might be required in a HIPAA security rule investigation. Covered entities and others who handle ePHI (such as health plans and business associates) may wish to review the checklist to identify whether they have areas of vulnerability." (Employee Benefits Institute of America) [Guidance Overview] Privacy & Data Security - Employee Sick-Leave and Medical Privacy Excerpt: "Does your company practice healthy habits when it comes to dealing with your employees' sensitive health information? HIPAA, with its relatively clear privacy rules, doesn't apply to employers acting in their capacity as an employer (as opposed to acting as an agent for a health insurance plan). But a recently filed Ohio case raises issues not only about the duties that employers have with regard to protecting sensitive medical information; it also highlights the need for employers to handle all employee personal data with care." (Troutman Sanders LLP) [Guidance Overview] CMS Posts HIPAA Compliance Review Information (PDF) 2 pages. The Centers for Medicare & Medicaid Services' Office of E-Health Standards and Services has issued a document to help health plans, health care clearinghouses and certain health care providers understand the types of information that may be requested of them for potential Health Insurance Portability and Accountability Act security rule violations. The document details which personnel may be interviewed and which documents may be reviewed by the contractors responsible for conducting onsite investigations. (Centers for Medicare & Medicaid Services) [Guidance Overview] IRS Issues Promised Enforcement Safe Harbor for Supplemental Plans Under HIPAA Portability Rules Excerpt: "The guidance was prompted by concerns that certain insurance products being marketed as excepted supplemental coverage do not actually qualify as such. It should be noted that although this is currently only a safe harbor rule -- plan sponsors, insurers, or others might be able to convince the federal agencies or a court on a case-by-case basis that coverage is excepted even though it does not meet the safe harbor requirements -- the IRS has indicated that the safe harbor standards likely will be incorporated as requirements in future proposed regulations." (Employee Benefits Institute of America) [Guidance Overview] HIPAA Privacy Check Up Excerpt: "It may be hard to believe, but the HIPAA Privacy rules have been in effect for nearly five years!! Is it time for a Compliance Check-up? Although the Group Health Plan is the covered entity under HIPAA, many TPAs provide HIPAA Privacy related services on behalf of the Plan Sponsor/Employer." (SunGard Corbel LLC) [Guidance Overview] State Law Privacy Claims Alleging Unauthorized Release of Individual's Health Information Not Preempted by ERISA Excerpt: "The court held that the claims against the insurer were not preempted by ERISA because, among other reasons, the claims alleged that the information was sought and disseminated for inappropriate reasons, and not in the course of providing benefits or performing duties under an ERISA plan. The court noted that according to the couple's allegations, the HR director had behaved 'as a rogue administrator, acting entirely outside the scope of its duties under the Plan.'" (Employee Benefits Institute of America (EBIA)) [Guidance Overview] DOL Takes Action on Disclosure of Compensation Excerpt: "The U.S. Department of Labor ('DOL') recently took two actions that will significantly expand the types of information that must be disclosed by persons who provide services to ERISA-covered employee benefit plans. This Alert describes the DOL actions and offers some preliminary thoughts on the practical implications." (K&L Gates) [Guidance Overview] DOL Closes Wellness Plan Loophole in HIPAA Nondiscrimination Rules Excerpt: "The requirement that the supplemental coverage not differentiate among individuals based on any health factor is key. Effectively, DOL is saying it will not treat supplemental coverage as a HIPAA excepted benefit that is exempt from the HIPAA nondiscrimination rules unless the supplemental coverage itself satisfies the HIPAA nondiscrimination rules. Thus, tying the wellness plan reward to the supplemental coverage will prevent such coverage from being a HIPAA excepted benefit – and the wellness plan will have to satisfy the HIPAA nondiscrimination rules." (Deloitte via BenefitsLink.com) Group Physicals Eyed As Way to Cut Doctor Costs Excerpt: "New Englanders notorious for valuing their privacy may not know what hit them when Drop-in Group Medical Appointments, or DIGMA, begins at Harvard Vanguard, because the concept is unprecedented here. Skeptics wonder about its implications for privacy and detailed care. But supporters see the idea as a way to make care more cost-effective by helping patients learn from each other in a friendly, support-group-style setting, while expanding the ability of doctors to see more patients even as a national primary care doctor shortage continues." (Boston Business Journal via bizjournals.com; free registration required) [Guidance Overview] New Rules Impact Some Wellness Programs Excerpt: "As the popularity of wellness plans continues to surge, so does the need for additional guidance on the legislation that governs such programs. Field Assistance Bulletin No. 2007-04 (FAB 2007-04) was released in response to the development of questionable wellness programs that were marketed as 'supplemental' benefits." (JPMorgan) [Guidance Overview] E-Discovery Update - Why Self-Funded Employers and TPA's Should Be Planning Now Excerpt: "Self-funded employers and the third party administrators acquire voluminous stores of electronic data - claims data, claims adjudication protocols and outcomes, eligibility information, banking and financial records, including employer and employee contributions records, payments to vendors, and so on. From a risk management perspective, however, recent surveys indicate only a vague awareness of very real changes in the requirements imposed by electronic discovery rules." (Health Plan Law blog by Attorney Roy F. Harmon III) Aetna Shows How Insurers Can Protect Genetic Privacy Excerpt: "Aetna, one of the nation's largest health insurers, has begun offering confidential genetic counseling for certain cancers over the phone and through the Internet. The service is available only to members whose coverage includes in-person genetic counseling, but the program could greatly expand patients' access to their genetic history." (St. Louis Post-Dispatch) California's Data Breach Notification Law Now Covers Medical and Health Insurance Information Excerpt: "Going well beyond the requirements of HIPAA and most state health privacy laws, California has amended its existing Database Security Breach Notification Act to require any organization that reasonably believes a breach of a California resident's medical or health insurance information has occurred, to notify that resident." (Pillsbury Winthrop Shaw Pittman LLP) Overview: New Guidance Affecting Health Plans Offering Wellness Programs (PDF) Excerpt: "As noted in the Bulletin, under the new DOL guidance, some wellness programs would fail the test for supplemental excepted benefits under the Health Insurance Portability and Accountability Act (HIPAA): those that offer an insured deductible-reimbursement program that reimburses individuals based on whether they meet a health status measure, such as blood pressure, body mass index (BMI), cholesterol and non-tobacco use." (The Segal Group, Inc.) Overview: CMS Expands HIPAA Security Enforcement (PDF) Excerpt: "CMS has hired PricewaterhouseCoopers ('PWC') to conduct a series of HIPAA security compliance reviews of organizations against which security complaints have been lodged. The PWC compliance reviews are intended to have an educational component and will supplement random audits, not driven by complaints, conducted by the Department of Health and Human Services Office of Inspector General ('OIG')." (Dechert LLP) Enhanced Protections for Uses of Health Data: A Stewardship Framework for 'Secondary Uses' of Electronically Collected and Transmitted Health Data (PDF) 71 pages. Excerpt: "This report and its recommendations were developed in response to a request from the Office of the National Coordinator on Health Information Technology to address the benefits, sensitivities, obligations, and protections of uses of health data for quality measurement, reporting, and improvement; research; and other purposes that benefit the health of all Americans and the health care delivery system of the Nation." (National Committee on Vital and Health Statistics) Technology Raises New Issues for HIPAA Privacy Compliance Excerpt: "Electronic health records make medical information easily accessible, but the technology also puts the data in the hands of more individuals. Consequently, lawmakers may have to include personal health record vendors as covered entities that have to comply with the privacy rules under the Health Insurance Portability and Accountability Act of 1996, William Braithwaite, president of Washington, D.C.-based Health Information Policy Consulting told attendees at the 15th National HIPAA Summit." (Employee Benefit Advisor; free registration required) Overview: DOL Establishes an 'Enforcement Safe Harbor' for Supplemental Health Insurance to Be Excepted from HIPAA Compliance Excerpt: "On a coordinated basis with the Departments of Treasury and of Health and Human Services, the Department of Labor recently established an 'enforcement safe harbor' by which supplemental health insurance will be treated as excepted from certain HIPAA portability requirements if it meets a straightforward four-part test." (Deloitte via BenefitsLink.com) Overview: HIPAA Safe Harbor for Supplemental Health Insurance Excerpt: "Employers who sponsor supplemental health insurance plans should review the plan procedures to ensure that the policies either meet the safe harbor or the HIPAA portability provisions. If the plan does not meet either, then the employer should determine whether it prefers to satisfy the safe harbor or the HIPAA provisions and immediately take action to do so." (Littler Mendelson PC) Overview: DOL Announces Enforcement Safe Harbor for Supplemental Plans Under HIPAA Portability, MHPA, WHCRA, and NMHPA Rules Excerpt: "EBIA Comment: This guidance was prompted, according to the DOL, by concerns on the part of the three federal agencies enforcing the HIPAA portability rules (the DOL, IRS, and HHS) that certain insurance products being marketed as excepted supplemental coverage do not actually qualify as such. Of the FAB's four criteria, only the second one is specifically found in the HIPAA regulations. The other three reflect the DOL's interpretation of the language of ERISA and the regulations requiring that the policy be both supplemental in nature and similar to Medicare or Tricare supplements." (Employee Benefits Institute of America) Overview: DOL Guidance on When Supplemental Health Insurance is HIPAA Excepted Benefit (PDF) 2 pages. Excerpt: "The DOL's Employee Benefits Security Administration (EBSA) has issued a Field Assistance Bulletin outlining when supplemental health insurance will be considered excepted benefits under HIPAA. Importantly, the DOL clarifies that the coverage may not differentiate among individuals based on a health factor." (Buck Consultants) Influential Federal Privacy Committee Proposes Massive Changes in HIPAA's Protections for Personal Health Information Excerpt: "The nation's top advisory board to the federal government on health care privacy believes the current laws and rules are woefully inadequate and recommends that new legislation be passed to strengthen and expand protections." (REPORT ON PATIENT PRIVACY via AISHealth.com) Overview: Guidance on HIPAA Portability Rules Relating to Supplemental Coverage Excerpt: "The new Field Assistance Bulletin establishes an enforcement safe harbor under which supplemental health insurance will be considered excepted benefits for purposes of the health reform provisions in Part 7 of ERISA. Similar supplemental coverage that does not meet the standards for the safe harbor may be subject to enforcement actions by the department." (Business & Legal Reports, Inc.) New Safe Harbor Limits Supplemental Health Underwriting Excerpt: "The Employee Benefits Security Administration has issued a batch of guidance that could affect companies that sell supplemental health insurance benefits." (The National Underwriter Company; free registration or paid subscription required) CRS Report for Congress: Electronic Personal Health Records (PDF) 6 pages. Excerpt: "Electronic personal health records are controversial among privacy advocates and patients, who are concerned about health information privacy and security, and misuse of individually identifiable health information. The extent to which electronic personal health records are protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule is discussed herein. This report will be updated." (U.S. Congressional Research Service) November 2007 Employee Benefits Update from Reinhart Boerner (PDF) 9 pages. Nice overview for retirement and health plans, including selected compliance deadlines and a discussion of IRS guidance on yield curve and segment rates for calculating pension plan funding and lump sum interest rate. (Reinhart Boerner) |
|
URL of this page: http://benefitslink.com/buzz/subjects/healthplanadminhipaa.html · This page last modified: Monday, September 8, 2008 · Webmaster: Dave Baker (click) · © 2008 BenefitsLink.com, Inc. (contact the webmaster for reprint permission) · Linking: Feel free to link directly to this page, even without specifically crediting BenefitsLink ® as its source. Glad you're here! · Privacy Policy |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
