Healthcare Training Institute - Quality Education since 1979
CE for Psychologist, Social Worker, Counselor, & MFT!!
Although HIPAA was enacted in part to simplify administrative processes and reduce costs associated with claims transactions, implementation of the act initially will result in increased operating costs for most institutions and individuals. A large portion of these increased costs will be due to consulting and legal fees, additional operations personnel, and information systems development and integration. Once the requisite processes and integrated information systems are in place, however, healthcare organizations should begin to enjoy the intended administrative-simplification benefits of HIPAA.
By contrast, the continuing efforts required to ensure compliance with the HIPAA privacy standards, unlike the efforts to meet the Act's administrative-simplification requirements, represent significant costs to healthcare organizations for implementation and ongoing maintenance of compliance systems and processes that may not necessarily be offset by future savings.
The HIPAA standards also may impede the flow of information because of the limits they impose on access to information. Moreover, the need to comply with the new standards will add complexities to ensuring the free flow of information among certain healthcare professionals and institutions trying to coordinate patient care.
Another difficult challenge involves ensuring the HIPAA compliance of the individuals and business partners and associates with which healthcare organizations often must share patient information (eg, vendors, attorneys, and consultants). It will be very difficult for healthcare organizations to monitor or influence the compliance of these outside entities even though they will have the potential to create compliance problems for the healthcare organizations. To address this concern, healthcare organizations will need to craft written contracts governing privacy issues where none may exist today. Moreover, numerous amendments to existing contracts will have to be effected to ensure compliance. New terms and conditions will have to be negotiated, and legal counsel will need to be consulted.
Among the most difficult issues to be addressed will be the requirements that covered entities provide individuals with effective notice and an accounting of all disclosures and submit to requests by individuals to amend or correct their information. Meeting these requirements could be a herculean administrative task, especially if compliance must extend to e-communications.
Finally, the implications of the proposed standards for e-health companies are particularly significant. Telemedicine, videostreaming, e-connectivity, and other e-health activities would be affected in that e-health companies that provide such services to covered entities are likely to be called upon by those entities to warrant that they are HIPAA-compliant and to enter into written agreements obligating them to abide by HIPAA's requirements.