RSS
people
Jul 08 2010

Wellness Program : Employee Privacy.

As scary as they seem at first glance, complying with HIPAA’s privacy rules could be relatively painless.

Contrary to common belief, the rules – with a few key exceptions – apply only to a fraction of the medical information Benefits handles.

As long as the business remains legally “hands off” of employee’s private health information, you can dodge most of the health insurance portability and accountability act (HIPAA) bullet.

For health insurance portability and accountability act (HIPAA) privacy purposes, your firm is considered “hands off” even when you obtain de-identified personal information, aggregate claims data and routine enrollment info.

Bottom line – When your organization’s heath programs are fully insured and the claims administered through a TPA, the insurance organization – not your firm – bears the brunt of the HIPAA privacy compliance responsibility.

One major exception –  medical cafeteria plans. In most cases, you have two compliance options –

• Process reimbursement requests first through your TPA, with the TPA making sure the claim qualifies under the terms of the cafeteria plan before your firm reimburses it, or

• Develop a written cafeteria plan privacy policy, issue a notice to workforce, appoint a privacy officer and amend your plan documents.

Rarely affects FMLA

Many individuals  - including healthcare providers – misunderstand how health insurance portability and accountability act (HIPAA) affects medical certifications for FMLA leave.  The key – health insurance portability and accountability act (HIPAA) only applies to personal information that filters through your health plan, not certifications obtained from a physician.

Under FMLA, you’re permitted to obtain the minimum information you need to approve and administer leave. Likewise, HIPAA doesn’t apply to most workers’ comp, return-to-work notices or disability claims.

Even so, it pays to be careful how you ask for and use the information. Other state and federal privacy laws often protect the same types of info individuals  assume falls under HIPAA.

Following procedures

The HIPAA privacy rules are heavy on paperwork and procedure.

But since your firm follows  the info-gathering process spelled out in your medical plan documents, the HIPAA privacy rules ought to present few major obstacles.

This entry was written by Wellness Program and posted on July 8, 2010 at 4:21 am and filed under Employee Wellness, Wellness Program. Bookmark the permalink. Follow any comments here with the RSS feed for this post.

Leave a Reply