HMSA’s HIPAA Compliance
We monitor HIPAA regulations and compliance issues and participate
in health care industry discussions on an ongoing basis to ensure
HMSA’s continued compliance.
Key regulations and compliance dates are listed below:
||The current 4010A1 standard format of electronic transactions of certain administrative or financial information is being replaced with a new 5010 version.
||Jan. 1, 2012
|National Provider Identifier
||A national, standard identifier for health care providers. The National Provider Identifier (NPI) is required for all electronic transactions governed by HIPAA.
||May 23, 2007
||Safeguards for protected health information (PHI) including storage, maintenance, transmission and access.
||April 20, 2005
|Electronic Health Care Transactions & Code Sets
||A standard format for electronic transmission of certain administrative or financial information. National standards for coding medical procedures, prescription drugs and diagnoses.
||Oct. 16, 2003
||Policies and procedures for authorization, notice of privacy practices, members’ rights, minimum necessary uses and disclosures of PHI. HMSA Membership Notice
||April 14, 2003
National Provider Identifier (NPI)
HMSA has modified our systems to
accommodate the use of NPI in HIPAA-covered transactions, such as claims, remittance
advices and eligibility inquiries.
HMSA’s security policies, procedures and practices are consistent with the HIPAA security
regulations and generally accepted industry practices. We continue to assess our information
security program and make improvements as necessary.
Electronic Health Care Transactions & Code Sets
HMSA uses HIPAA-standard formats for all electronic health care transactions
governed by HIPAA.
HMSA’s policies meet HIPAA Privacy regulations and our privacy policies include:
- Notifying members about their privacy rights and how their information can be used.
- Implementing privacy policies and procedures to assure member rights to privacy.
- Employee training on privacy policies and procedures.
- Designating an individual responsible for seeing privacy policies and procedures are adopted and followed.
- Securing records with confidential member information and providing access only to those who need them.
HMSA’s Privacy Office oversees activities related to our members’ confidential information
and works with members exercising the rights under HIPAA Privacy regulations.