Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management.

Slides:



Advertisements
Similar presentations
Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
Advertisements

What is Business Architecture?. Overview Agility matters today more than yesterday Previous methods for managing change were designed for the needs of.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.
1 Health Insurance Portability and Accountability Act of 1996 IS&C Expo October 16 & 17, 2002 John Wagner Governor’s Office of Technology.
HIPAA Administrative Simplification Final Rule for Transactions Code Sets Stanley Nachimson
Presents: Weekly HIPAA Teleconference Revised
ITEC 6324 Health Insurance Portability and Accountability (HIPAA) Act of 1996 Instructor: Dr. E. Crowley Name: Victor Wong Date: 2 Sept
The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
Information Security Policies and Standards
Statistical Metadata Strategy Elham M. Saleh - Acting Director of Economic Statistics - Director of Technical Resources Central Informatics Organisation.
UC San Diego EH&S Staff Meeting Project 2010 Jan00 meeting notes.doc May 5, 2004 Update on the New Business Architecture EH&S Staff Meeting.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
University of California New Business Architecture Project 2010 Jan00 meeting notes.doc April 15, 2004 Accelerating the New Business Architecture UC Employment.
Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.
Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.
Privileged and Confidential Strategic Approach to Asset Management Presented to October Urban Water Council Regional Seminar.
5 TH National HIPAA Summit HIPAA Vendor Readiness SIEMENS/HDX Presentation 1 November 2002 Don Bechtel HDX Compliance Officer Co-chair WEDI SNIP Transactions.
© 2009 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Career Education Computers in the Medical Office Chapter 2: Information Technology.
Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.
© 2009 The McGraw-Hill Companies, Inc. All rights reserved. 1 McGraw-Hill Chapter 5 HIPAA Enforcement HIPAA for Allied Health Careers.
0 Presentation to: Medical Associations and Societies - Group Meeting Presented by: Department of Community Health (DCH) Medicaid Division June 12, 2013.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –
Presented by Joan Kossow Data Compliance Manager The Changing Face of Claims Processing &
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
IHIMA ICD-10 UPDATE Insert presentation date here Presented by: Presenters name here.
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
An EDI Testing Strategy Rosemary B. Abell Director, National HIPAA Practice Keane, Inc. HIPAA Summit IV April 24-26, 2002.
Ursuline Foley, CIO XLRe June 19 th 2008 eCommerce – Making it Happen !
State of Iowa Enterprise HIPAA Compliance
Health Insurance Portability and Accountability Act (HIPAA)
Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Copyright © 2003 HealthTrio, Inc. 1 Achieving HIPAA and E-Business Objectives in Less than 90 days Ralph A. Korpman, MD CEO, HealthTrio 6 th Annual HIPAA.
September 12, 2004 Simplifying the Administration of HIPAA Security Angel Hoffman, RN, MSN Director, Corporate Compliance University of Pittsburgh Medical.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
The Fifth National HIPAA Summit – October 30, 2002 What to Do Now: Operational Implementation of HIPAA Privacy and Security Training Presented by: Steven.
Connecting the Dots A Practical Approach to Integrating Compliance, Risk and Quality Jody Ann Noon RN, JD Partner Health Care Regulatory Practice.
HIPAA Vendor Readiness Siemens/HDX Audio Telecast July 24, 2002.
HIPAA Transactions Testing Update Kepa Zubeldia, M.D. September 13, 2004.
Health Information Technologies and Health Care Transformation James Golden, PhD Director, Division of Health Policy Minnesota Department of Health February.
Standard Unique Health Identifier for Health Care Providers April 9, th Annual HIPAA Summit Gail Kocher Highmark.
National HIPAA Audioconference: Analysis of the National Provider Identifier Preparing for the NPI Transition January 11, 2006.
An EDI Testing Strategy Rosemary B. Abell Director, National HIPAA Practice Keane, Inc. HIPAA Summit V October 30 – November 1, 2002.
HIPAA Security John Parmigiani Director HIPAA Compliance Services CTG HealthCare Solutions, Inc.
Chapter 8 Auditing in an E-commerce Environment
Systems, Data and HIPAA from a Medicaid Perspective Rick Friedman, Director Division of State Systems Center for Medicare and Medicaid US Dept Health &
ASCA Transaction Extension and Resources to Help Extending Your Compliance Deadline for Transactions & Code Sets April 19, 2002 Steven S. Lazarus, PhD,
1 Administrative Simplification: The Last Word National HIPAA Summit 8 Baltimore, MD March 9, 2004 William R. Braithwaite, MD, PhD “Doctor HIPAA”
Implementing Program Management Standards at Duke Energy.
ICD-10 Operational and Revenue Cycle Impacts Wendy Haas, MBA, RN Dell Services Healthcare Consulting.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
HIPAA Yesterday, Today and Tomorrow? Dianne S. Faup Office of HIPAA Standards Centers for Medicare & Medicaid Services.
Traveling into the Future with the 5010 Implementation Timeline HIPAA COW Spring 2009 Conference Presented by Laurie Burckhardt, WPS EDI Manager.
Shared Services and Third Party Assurance: Panel May 19, 2016.
PRECONFERENCE III Advanced Strategies to Achieve ROI in Implementing HIPAA Karl Ideman, CEO Pool Administrators Inc. September 14, 2003.
Putting people first, with the goal of helping all Michiganders lead healthier and more productive lives, no matter their stage in life. 1.
1 HIPAA’s Impact on Depository Financial Institutions 2 nd National Medical Banking Institute Rick Morrison, CEO Remettra, Inc.
Change Agents Why your Transformational IT Initiative Will Fail Without Them Terri Campbell Sr. Director of Change Leadership.
HIPAA Implementation Strategies for Compliance Professionals
TM Workgroup for Electronic Data Interchange.
HIPAA Transactions and Code Sets Implementation June 6, 2003
TM Workgroup for Electronic Data Interchange.
HIPAA Implementation Strategies for Compliance Professionals
Enforcement and Policy Challenges in Health Information Privacy
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
Presentation transcript:

Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management

Confidential 2 Agenda HIPAA Project Organization Keys to HIPAA Success Accomplishments Clearinghouse Approach Risks/Challenges 2002 Plans

Confidential 3

4 HIPAA -- The Blue Cross Approach Keys to Success Enterprise-Level in Scope Blue Cross and Affiliate Companies Emphasis on Planning & Assessment Alignment with future business and technology strategies Executive Sponsorship Sr. Vice-President (Compliance Officer) Sr. Vice-President (CIO) Involvement on External HIPAA Workgroups Local Level (MHDI, Uniform Billing Committee, Larger Payer/Provider Workgroup) National Level (BCBSA, WEDI, ANSI, etc.)

Confidential 5 Realize cost savings by conducting more business electronically and using Nationally accepted transaction standards Increase quality due to fewer administrative errors Reduce fraud and abuse Guarantee security and privacy of consumer health information Industry Opportunities and Challenges Opportunities Magnitude of undefined HIPAA regulations are unknown Delays in enforcement potentially will have a financial impact Impact to processes and work flows are intra and inter-company Expected benefits and savings are yet to be determined Challenges

Confidential 6 What steps has Blue Cross taken? 2000 Conducted an Enterprise-Level Assessment of Blue Cross Operations Conducted HIPAA Assessment for Blue Cross Affiliates: –Atrium Health Plan, Inc. –Behavioral Health Services, Inc. (BHSI) –Comprehensive Care Services, Inc. (CCS) –First Plan of Minnesota –MII Life, Incorporated Developed a high-level overall HIPAA Implementation Plan

Confidential 7 What steps has Blue Cross taken? 2001 Initiated work on the transactions Selected and implemented translator tool Implemented a Claims Repository for capturing all submitted data Implemented a Plan for Development and Maintenance of Polices for Privacy and Security Finalized and gained approval on new Privacy Policies Established an Implementation Strategy for Affiliates Established Communications Framework Established Local Work Group of large Payers/Providers to develop a coordinated transaction implementation effort within the Minnesota Community

Confidential 8 HIPAA Transaction Support Transactions Selected a new EDI translator (Paper Free) Incorporated into the BCBSM Clearing house Built new Maps:

Confidential 9 BCBSM Clearinghouse BCBSM Internal Processing Affiliate Systems BCBSA Blue Exchange HIPAA Enterprise Transactions External Transactions

Confidential 10 Claims Repository Transactions Built a Claims Repository ­Contains All Data Elements from Submitted Claims Eliminates Info Letters Master Records for Entire Book of Business ­Including Adjustments, Settlements

Confidential 11 Blue Exchange Transactions Next Generation Infrastructure Supporting National Business Implemented: Real Time and Batch Support Near Term Applications ­National Provider Directory ­National Eligibility Eligibility 270/271 Claim Status 276/277 Referral 278 to begin Q3

Confidential 12 Potential Areas of Risk & Management Action Interdependency of Payers/Providers on the implementation of transactions Establish an implementation strategy based on current DHHS schedule and obtain ‘buy-in’ from key provider/payer organizations Leverage HIPAA requirements as foundation for eBusiness strategy Leverage HIPAA privacy regulations in meeting state requirements for confidentiality of patient level information Delays with publication of HIPAA Regulations or changes to existing schedules by DHHS may delay implementation plans and increase costs Collaborate with large payers/providers on an independent HIPAA certification Coordinate a phased implementation schedule to facilitate ‘transition’ to full HIPAA compliance Coordinate a Provider Communication Plan with other payers Establish HIPAA Clearinghouse to assist providers with HIPAA compliance

Confidential 13 Privacy Hired a Privacy Director Privacy Policies Created to Support these Regulations: ­HIPAA ­Gram-Leach-Blyley ­State of Minnesota ­Procedures are being Prepared to Implement the Procedures

Confidential 14 Privacy Challenges Critical issue at the local level Public statements are viewed as policies Conscience shift in how employees perform their job Employee training so that they understand and can apply the content of the privacy policies Employee compliance with policies and procedures to perform their day-to-day jobs

Confidential 15 Security Security Policies are being formulated Implementation Procedures scheduled for completion Q Employee Confidentiality Agreements were reviewed and updated Tivoli Policy Director and Security Manager were purchased All Web access coordinated Through Tivoli Mechanism for secure disposal of Protected Health Information installed Employee training raising awareness of security practices and Procedures

Confidential 16 Blue Cross HIPAA Strategy for 2002 Apply for transaction code set compliance extension as a safety precaution and allowing for flexibility Implement Transaction and Code Set Requirements Implement Blue Cross Clearinghouse capabilities Connectivity and implementation of Blue Exchange Develop and implement Trading Partner migration strategy for HIPAA transaction processing Implement transaction/code sets and privacy requirements for Affiliate operations

Confidential 17 Blue Cross HIPAA Strategy for 2002 Implement Privacy Policies and supporting desk-level procedures Trading Partner Agreements Business Associate Agreements Employee Training Finalize Security Policies

Confidential 18 Questions? Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.