sloble@crowleyfleck.com Posted August 27, 2004 Posted August 27, 2004 A 105 MERP is hovering around 50 participants so may be technically subject to HIPAA. It seems silly because it is such a simple, innocent little plan! The only medical info the plan "sees" is the EOB in order to reimburse a portion of the deductible. Deductible reimbursement is the only benefit. I want to take the position that the EOB is not PHI--it is only used to substantiate and pay benefits. Can I do this with a straight face? Privacy is the only HIPAA requirement that is bugging me. I feel like we can get out of the other requirements (creditable coverage, nondiscrimination, enrollment, etc.--due to design and affiliation with the major medical plan). You HIPAA lovers out there... any thoughts or scoldings?
Christine Roberts Posted September 23, 2004 Posted September 23, 2004 If the EOB shows the names of medical care providers, dates of treatment, etc., it is going to be PHI.
GBurns Posted September 23, 2004 Posted September 23, 2004 Why the privacy concern? What problems do you think that it will cause? The participation form should also include an authorization for release of the PHI, assuming that you do feel that the EOB is PHI. Are you concerned that this small plan will need a Privacy Officer etc? George D. Burns Cost Reduction Strategies Burns and Associates, Inc www.costreductionstrategies.com(under construction) www.employeebenefitsstrategies.com(under construction)
Kirk Maldonado Posted September 24, 2004 Posted September 24, 2004 If the service provider is identified on the EOB, I think that there might be a privacy issue if it is a clinic that specializes in treating AIDS patients. Kirk Maldonado
GBurns Posted September 24, 2004 Posted September 24, 2004 Yes, but remember it is the individual himself/herself who is submitting the EOB and therefore knowingly and willingly is making the disclosure of their own PHI (if it is). George D. Burns Cost Reduction Strategies Burns and Associates, Inc www.costreductionstrategies.com(under construction) www.employeebenefitsstrategies.com(under construction)
Steve72 Posted September 27, 2004 Posted September 27, 2004 If the MERP is a "plan" under HIPAA, then it will need to comply with HIPAA. However, informal HHS statements have indicated that, if the program is for reimbursement of expenses only, it will not be a covered plan. Instead, it is an employer function (employers are not covered entities under HIPAA). If, however, the plan makes direct payment to providers, it will need to comply with HIPAA. It sounds like this would be an employer function. However, remember that these are informal statements. There are a lot of areas under HIPAA that need clarification...particularly in the employee benefit plan area.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now