to protect PHI. To do this, covered entities are required to implement access controls, encrypt data, and setup back-up and audit controls for electronic PHI in a manner commensurate with the associated risk.
Identifiers are HIPAA standards that will create a uniform and centralized way to designate an employer, provider, health plan or patient in electronic transactions.
The TCS Rule encompasses the following standard electronic transaction formats for all covered entities -- preponderantly derived from the ANSI X12N standards:
- Health Care Claims or equivalent encounter information (X12N 837);
- Eligibility for a Health Plan (X12N 270/271);
- Referral Certification and Authorization (X12N 278 or NCPDP for retail pharmacy);
- Health Care Claim Status (X12N 276/277);
- Enrollment and Disenrollment in a Health Plan (X12N 834);
- Health Care Payment and Remittance Advice (X12N 835);
- Health Plan Premium Payments (X12N 820); and
- Coordination of Benefits (X12N 837 or NCPDP for retail pharmacy).
The HITECH act extends the HIPAA rules to include Business Associates (such as service providers to the healthcare industry) and to promote various other aspects of HIPAA compliance and information technology standardization. Compliance with HIPAA standards is mandatory.
CounterStrike provides HIPAA assessment, consulting, remediation, and sustainable compliance services, and specializes in helping service providers target the healthcare industry and utilize HIPAA as a tool for expanding their client base.
HIPAA compliance procedures are highly dependent on an organization's risk profile and strategy. Although commonly touted by unaccredited organizations, no official certification process currently exists for HIPAA. For more information please contact us to speak with an experienced professional.