LAWS AND REGULATIONS It is of the utmost importance to stay informed with all current state and federal laws, rules, and regulations which impact licensure as well as the practice of medicine.
i
HIPAA does the following:
• Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs
EMTALA
In 1986, Congress enacted the Emergency Medical Treatment & Labor Act (EMTALA) to ensure public access to emergency services regardless of ability to pay. Section 1867 of the Social Security Act imposes specific obligations on Medicare-participating hospitals that offer emergency services to provide a medical screening examination (MSE) when a request is made for examination or treatment for an emergency medical condition (EMC), including active labor, regardless of an individual’s ability to pay. Hospitals are then required to provide stabilizing treatment for patients with EMCs. If a hospital is unable to stabilize a patient within its capability, or if the patient requests, an appropriate transfer should be implemented.
• Reduces health care fraud and abuse
• Mandates industry-wide standards for health care information on electronic billing and other processes; and • Requires the protection and confidential handling of protected health information.
HIPAA
HIPAA is the acronym for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996.
HIPAA has set various guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing and sharing any electronic medical data to keep patient data secure. Lack of compliance to the HIPAA security standards could lead to large fines and in extreme cases even loss of medical licenses.
Several steps can be followed by medical practices to ensure compliance to HIPAA standards:
• Run a complete risk assessment of the medical practice. Some medical practices adopted electronic health recording systems before there were clear guidelines on what these systems should contain. This means that a medical practice could be using electronic systems which are not compliant with HIPAA standards. To ensure HIPAA compliance a risk assessment should be done on the current systems using HIPAA standards and guidelines to highlight areas in which compliance is not enforced. A risk assessment against HIPAA guidelines exposes areas in which changes are needed. • Prepare for disaster before it occurs. All the data handled by a medical practice should be safe both from loss and corruption. One of the main ways of ensuring that data is not lost in case of any mishaps is backing up of medical data regularly. Data should be backed up in an offsite location such that in case of incidents such as fires in the medical premises the data backup is not destroyed, as well. Antivirus programs should also be installed in all computers to ensure that data is not corrupted or destroyed by computer viruses. • Have an ongoing employee training program. Any system is only as strong as its weakest link and in most cases untrained employees are the weakest links in medical practices. A medical practice could have a very secure encryption system, but if the employees don’t use their passwords to securely access records and files the encryption system is rendered useless, and anyone can gain access to these records. Medical practices
28 La State Med Soc NEW PHYSICIAN’S GUIDE
Made with FlippingBook Digital Publishing Software