HHS Privacy Rule Modifications Benefit Healthcare Accounts Receivable Process and Consumers? Continued Access to Affordable Healthcare

On August 9, the U.S. Department of Health and Human Services (HHS) released the final version to the Privacy Rule segment of the Health Insurance Portability and Accountability Act (HIPAA). The final version, published in the August 14, 2002, Federal Register, includes modifications that will help to ensure quality and privacy in all aspects of the healthcare accounts receivable process.

Throughout the past year, ACA International, The Association of Credit and Collection Professionals (ACA), worked diligently with HHS to ensure that the voice of the credit and collection industry was heard – proposing that without immediate modification, the Privacy Rule would create an unstable relationship between healthcare providers and their business associates who perform claims, billing and collection activities, and insurance companies responsible for payment of services.

“Without modification to the Privacy Rule, the free flow of patient billing and claims information within a secure environment would have seriously impeded the healthcare industry?s ability to provide the highest level of quality healthcare to all Americans in a cost-effective and efficient manner. Fortunately, the hard work of many ACA members and staff, the face-to-face meetings and the hours upon hours of phone calls with key HHS contacts appear to have benefited both the healthcare industry and consumers,? said Rozanne Andersen, ACA?s General Counsel and Senior Vice President of Legal and Government Affairs.

While upholding the privacy protections embodied in HIPAA to ensure the confidentiality of consumers? protected health information, ACA?s proposed modifications were intended to generally minimize some of the unintended consequences which would have resulted had the Privacy Rule not been modified and to allow healthcare providers to offer high quality healthcare to all Americans.

Under ACA?s proposed modifications, all covered entities and their business associates are required to ensure the safe, secure and private use of each patient?s protected health information with or without the consent of the patient. Andersen explained, ?ACA believes that forcing consumers to knowingly consent to the use and disclosure of their personal information at the time they are seeking medical treatment would be burdensome and unreasonable.? For this reason, ACA proposed that the requirement to obtain a patient?s consent prior to the use and disclosure of protected health information for purposes of treatment, payment and healthcare operations should be eliminated from the final Privacy Rule. Second, the final Privacy Rule indicates that protected health information may be used and disclosed by covered entities and their business associates to perform payment activities on their behalf and on behalf of other covered entities.

?The second modification obtained was absolutely critical,? Andersen said. ?Without the modification, both healthcare providers and professionals who perform billing, claims, collection and outsourcing services would be prohibited from updating patient files with accurate information received from other covered entities with whom they have a business associate relationship when conducting payment activities.?

ACA and its members are committed to working with consumers, the healthcare industry and HHS to ensure protection of consumers? rights to understand and control how their health information is used and disclosed. The final Privacy Rule is scheduled to take effect April 14, 2003. For more information, visit the U.S. Department of Health and Human Services Web site at www.acainternational.org.