resourcesABOUT MT AUTHOR GUIDELINES CLASSIFIEDS EDITORIAL CALENDAR MEDIA GUIDE MASSAGE MART SCHOOLS & EDUCATION FEEDBACK
Thinking About Cohen's Kappa
Let's think about some notions of reliability and validity, and about what it means for diagnostic examiners to agree in meaningful ways. Diagnostic tests must obviously be both reliable and valid.
Healing Trauma: Cultivating Resilience and Presence Through Mindfulness, Part 2
In the last issue of Acupuncture Today, the first part of this article introduced the topic of trauma and resilience, and their relationship to the autonomic nervous system response and the concept of the spirit being grounded in the body, and suggested the importance of mindfulness as a tool for healing.
Practicing with Authenticity
To extrapolate from the above quote, patients love healthcare providers they can trust. One way to earn the trust of your patients is by practicing with authenticity. What does that mean, exactly?
The Zen Art of "One Point"
We were always told in our Zen Shiatsu training (by Japanese and Japanese American instructors) that our ultimate aim was to to find that "One Point." To be so focused we could touch just one point to transform Qi throughout a client's body.
Fertility and Poly-Unsaturated Fatty Acids
Starting or expanding one's family is a major milestone. It's something that more and more people seek out health care advice and support for.
An Acupuncturist's View of Medicinal Marijuana
The use of cannabis for medical purposes is very controversial. Use as a panacea by physicians uninitiated to the proper application of herbal medicine, as well as an excuse for recreational use have greatly confused the issue.
Why More Patients Don't Come to Your Office
Every so often, something turns out to be much easier than anticipated. It's like ordering a piece of furniture or a child's toy that comes in 167 pieces.
Help: A Need at Every Level
One of the great gifts of training in acupuncture is the ability to take good care of oneself. I recently had a bout of frozen shoulder — an inflammatory syndrome which can be debilitatingly painful and take years to resolve.
Acupuncture Rising: From Acupuncture Anesthesia to Assisted-IVF, Part 1
Acupuncture's cultural and historical roots go back to the emergence of Chinese civilization. For more than 2,000 years, acupuncture needling has been continuously practiced on the largest population in the world.
Oriental Medicine on the World Stage
"Let me win. But if I cannot win, let me be brave in the attempt." This simple, yet powerful statement was lived out time and time again by so many of the athletes from around the world during the Special Olympics World Games in Los Angeles.
The Short Leg Dilemma
When evaluating a new patient, it is common to note a relative shortening of one leg to the other. Some patients will even tell you they have one, and then pull out the store-bought heel lift they read about online.
We Get Letters & Email
It was with great interest that I read "Trouble in the Wellness Waters?" in the May 1, 2015 issue of Dynamic Chiropractic. I heartily applaud Dr. Hayes for his insightful and informative article.
Do Some Good and Grow Your Business with Cause Marketing
Cause marketing is truly one of the best ways that you can promote your services as a acupuncture professional. Cause marketing refers to a type of marketing where a business partners with a non-profit organization to help bring awareness to a charitable cause.
Getting a YES: An Effective Strategy for Overcoming Patient Objections
Patients make more excuses for declining care from an acupuncturist than perhaps any other type of doctor. Various reasons hold them back from making a commitment to care.
Managed Care Subverts Chiropractic
A study published in the American Journal of Managed Care underscores why so many chiropractic patients go out of network in order to get the care they need: Managed care may be effectively locking them out.
Improving Communication Between AOM and Biomedical Providers
How comfortable do you feel talking to Western medical providers? If you are like me, you may not feel as comfortable as you would like. Some of my interactions with MD's haven't been the fruitful steps toward integrative medicine for which I had hoped.
Do You Have a Post-ICD-10 Strategy?
Post-ICD-10 planning is critically important to the health of a practice, in part because ICD-10 is brand new to providers, payers and related affiliates alike.
Dietary Fat and Prostate Cancer: An Important Update and Review of Mechanisms
K.M. Di Sebastiano and M. Mourtzakis published a review paper examining the role of dietary fat on prostate cancer development and progression late last year that does a stellar job of summarizing the available data on fat and prostate cancer.
Active Care for Ankle Sprains
An ankle sprain is a common injury, since this joint is required to perform complex movements under high forces during normal walking. In fact, 10 percent of all emergency-room visits are ankle-sprain related and an estimated 25,000 ankle sprains occur in the United States daily.
The New Age of Communication
In the age of technology, everyone, including the patient, is seeking faster, easier ways to communicate. With a wealth of social media, blogs, websites and videos, we are constantly barraged with information – to the point of overload.
Troubleshooting: Billing Multiple Fees for the Same Service
I am afraid I may doing something illegal. I have heard I cannot bill different fees for the same service.
A Tribute to a True Chiropractic Leader
President of Texas Chiropractic College (alumnus, class of 1950) and the American Chiropractic Association (ACA) Board of Governors. President of the Texas Chiropractic Association and twice-appointed member of the Texas Board of Chiropractic Examiners.
When Patients Lie (Bribe or Flatter)
Recently, a new patient told me about what I thought was a novel twist on the doctor-patient relationship. She felt she had to lie to her DC to discontinue her treatment.
The Food Conversation: Nutrition and Your Practice
It's morning and your first patient rolls in with a triple espresso steaming in one hand and a frazzled, desperate look in her eye. "You gotta help me, doc, I am constipated unless I drink one of these, and I am exhausted and anxious all the time."
Nuts Reduce Risk of Heart Disease, Cancer and Other Health Problems
Several recent studies suggest regular consumption of nuts may provide a significant degree of protection against certain types of cancer, heart disease, possibly type 2 diabetes and some neurodegenerative diseases.
January, 2003, Vol. 03, Issue 01
Everything You Ever Wanted to Know About HIPAA
An Interview With HIPAA Authority Howard Ross
By Editorial Staff
HIPAA, short for the Health Insurance Portability and Accountability Act, is an important piece of legislation intended to make the American health care system more efficient and productive.Signed into law by President Clinton in 1996, several provisions of HIPAA are just now going into effect, most of them related to insurance, billing procedures, privacy and protection of patient records.
Once fully implemented, HIPAA will have a profound impact on patient information and how it can be accessed and collected. Not only will patients expect providers to protect their privacy, but many third-party payers (such as insurance companies) will require providers to follow HIPAA regulations as part of a standard business agreement. While the idea of hundreds of thousands of health care practitioners suddenly becoming compliant with HIPAA sounds like fantasy, the consequences of not being HIPAA-compliant are quite real; providers can face stiff penalties, including jail sentences and fines of up to $250,000.
What effect will HIPAA have on the massage profession? To get a better understanding of the situation, Massage Today spoke with Howard Ross, a noted health insurance and office management expert.
Massage Today (MT): Many health care practitioners are hearing and talking about HIPAA, but are uncertain about their obligations. Can you give us your background on HIPAA, and your level of authority?
Howard Ross (HR): I have been a health insurance and health management consultant since 1972. For the last three months, I have been working specifically on the issues HIPAA from the standpoint of the management of the practitioner's office relative to HIPAA. My office has been assembling and coordinating all the HIPAA documents available from the public and private sectors, so that we have a decent database of information and briefs.
I'm working with a number of groups, including the Maryland Health Care Commission, which was sanctioned in 1999 as a consortium under a state grant, and also has a contract grant through the Department of Health and Human Services (DHHS) for the assistance and implementation of HIPAA. I'm on the commission's structure committee, which consists of about 30 people.
I'm also on the North Carolina Health Information and Communications Alliance. In both of these relationships, I worked on and assisted in the preparation of the Guide to Privacy Readiness, which was produced by the Maryland Health Care Commission, and a program developed by the Communications Alliance called Early View, which was sold to its member doctors to determine if they were in compliance with policies and procedures.
I'm on a committee of the Workgroup for Electronic Data Interchange (WEDI) out of Virginia, a large consortium of different types of organizations, including insurance companies and electronic data facilities. They are the ones who have created the majority of the work. They are also under a DHHS contract and created the ASCX Electronic Data Interchange standards for claims submission process, and the other eight claims standards that were created by HIPAA. They've also created the Strategic National Implementation Process (SNIP). In a subcommittee of the SNIP, we created a small practice implementation discussion draft (SPIDD), which we have now disseminated over the last month or two to members of SNIP. I'm also on a subcommittee for Georgetown and Columbia universities, which have DHHS grants for implementing HIPAA.
MT: Can you give us a brief overview of HIPAA and its general objective?
HR: HIPAA was passed by Congress in 1996, and was meant to make insurance portable for employees changing jobs. People were losing their health care benefits when going from one employer to another. There needed to be a law to prevent loss of benefits, since each state had a different set of laws on how pre-existing conditions affected new policies. They changed pre-existing condition clauses and created an accountability section. There are four things that a practitioner needs to be concerned about:
MT: What are the really big issues to worry about?
HR: The first two of these provisions (national standards and identifiers) are just going to happen to the practitioner; they [DHHS] have created eight different kinds of national standards for submitting insurance information electronically. These are electronic:
If you do any of these eight things electronically, you qualify as a "covered entity" under HIPAA.
MT: At what level is the health care provider liable when privy to patient information under HIPAA?
HR: Faxing, for example, falls under the security and privacy provision of the act. The cost of administering health care is currently 25 cents on every dollar. When Congress worked on this, it asked, "What are some of the ways we can simplify administration and cut costs?" One solution was a design such that each insurance company doesn't have different claim forms or other qualifications, and no company can request a different claim form, or request to verify eligibility one way as opposed to another. With this plan, they basically standardize the submission process.
MT: For massage therapists to take advantage of this, will they have to be under HIPAA jurisdiction?
HR: You are a covered entity if you utilize any one of the eight standards mentioned earlier. I don't usually worry about things like national HIPAA standards, because once practitioners submit something that is wrong, they will get the claim back unpaid, saying that it doesn't fit in with the correct standards - either that, or you're running a free clinic! Whether it's in paper or electronic form, it won't make a bit of difference to the insurance company.
The national HIPAA standards also include some coding issues. Everybody will use the CPT codebook, the ICD-9 diagnosis codebook and the federal medical devices codebook. Since October 16, practitioners have no longer been able to use what's called a "local code." If they fail to comply with these standards, they will find out real quickly (what the penalties are)!
On national identifiers, every practitioner will be given:
As far as the provision of privacy, this is related to the HIPAA concern over patient rights. You are in control of confidential patient information, and starting April 14, 2003, this privacy law goes into effect. Here is a brief introduction to those rights:
Among the many forms the massage therapist must use is an authorization form that must be signed by the patient any time information is given out about the patient for purposes other than billing. This also applies to insurance companies, attorneys in P.I. cases or anybody dealing with outgoing or incoming patient paperwork (for example, with specific timelines for using the information). There will be a "Request to View Patient Records" form and forms for patients to request and amend those records, as well as those for denial of requests and disagreement of denials.
MT: Can you address some of the things a practitioner might be liable for in an office under HIPAA?
HR: The therapist, whether considered a "covered entity" or not, must maintain privacy, because the privacy issue isn't going to go away. Therapists must make sure they have established policies and procedures, and are training their staff to protect patient privacy. Two examples are computer monitors with patient information on them, or the recent question answered by the DHHS and OCR concerning public sign-in sheets that can state a patient's name, but not a condition. Also, charts and records left on the door of a practitioner's office are permissible, but come with the responsibility of the staff making sure those records are not left in the hands of those unauthorized to see them.
There is also a "chain of trust," which applies to those contracted with a provider to send and receive patient records. Such contractors are covered entities, business associates, and all must meet the same requirements for privacy and security as if they were covered entities.
MT: In other words, if therapists don't comply, they can be denied payment.
HR: That could be one of the outcomes, but I'm not going to say that this is automatic. An insurance company is required under the gigantic federal law to make people business associates. You can rest assured they're not going to pay a therapist who's not a business associate.
MT: So one way or another, the practitioner must comply with the HIPAA privacy provisions.
HR: Yes. The associated business is under the chain of trust contract; even a company such as a janitorial service may have to sign a statement of confidentiality or a chain of trust form.
Let's say you faxed something out, and it went to the wrong person. The patient files a complaint, and it goes to OCR. Representatives come to your office. You show how your equipment proves that the fax went to the right phone number, and that you have authorization on a patient disclosure form to use a fax or e-mail. You have only made a mistake, and you won't be fined or penalized. Without that manual that is specific to you or your office (and if it looks like a "boiler-plated" manual, the OCR and DHHS won't consider it applicable to your office), this complaint could result in a fine or worse. We saw this in the past, when a number of offices copied manuals, and they found that no work was done to make the manual applicable.
MT: It looks as if the practitioners are going to have to go after this proactively.
HR: One important thing to remember about this is that if you read too much into it, it becomes extremely complicated. Once you put into writing what is necessary, you don't have a lot of work to do. If a step-by-step procedure is written, one doesn't have to worry. For the small practitioner, manuals can be less than 100 pages. Requirements for matters such as privacy will just boil down to a simple procedure, involving such things as firewalls to protect computer systems and passwords to protect information. Common sense says that one doesn't have to tear an office up and buy thousands of dollars' worth of equipment.
Many people have asked me about information transmitted through copy machines, fax machines and computers, and we have adopted all these in our practices. Some computer viruses are specifically designed to enter and find patient names and diagnoses. The massage profession doesn't know much about this; it doesn't know about the pharmaceutical companies attempting to obtain names and addresses of patients, and the marketing that goes on in that area. Yet, that is a large issue, and one of the main reasons that HIPAA's privacy and security will go into effect. Your systems are vulnerable; the diagnoses of your patients are vulnerable. Once the diagnosis can be tied to your patient's name and address, you have a problem.
We have more laws protecting credit information than laws protecting patient diagnosis information. Now you're seeing the first law for patient protection. Instead of having patchwork state laws do it, we have a baseline federal law. This is going to be implemented locally, allowing states to individually implement it, with the states' rules generally being tougher than those of HIPAA. An example of this is the time deadline for giving a patient a copy of records, which is five days in California, but 30 days under HIPAA. Of course, the five-day deadline would apply in this case.
MT: What about security issues?
HR: Inside the security provision, the act requires that four issues be addressed:
The last issue is one that many practitioners get really bogged-down in, but as a small practitioner, you have a very limited set of resources that need to be dealt with. There is no specific implementation of security in HIPAA, but I feel that by the end of this year we will see an implementation date for HIPAA security requirements. You really can't have the privacy without the security.
MT: Thank you for the information. We anticipate a large number of responses and questions from your interview. Would you be willing to answer questions from our readers in another article?
HR: I will be glad to answer any questions from your readers, and provide a consortium of others available to readers.
Editor's note: Readers with HIPAA-related questions may submit them to . We will compile your questions, and have Mr. Ross answer them in a future article.
Join the conversation
Comments are encouraged, but you must follow our User Agreementcomments powered by Disqus
Keep it civil and stay on topic. No profanity, vulgar, racist or hateful comments or personal attacks. Anyone who chooses to exercise poor judgement will be blocked. By posting your comment, you agree to allow MPA Media the right to republish your name and comment in additional MPA Media publications without any notification or payment.