Presentation is loading. Please wait.

Presentation is loading. Please wait.

Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management.

Published byAlberta Strickland Modified over 9 years ago

Similar presentations

Presentation on theme: "Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management."— Presentation transcript:

1 Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management

2 Confidential 2 Agenda HIPAA Project Organization Keys to HIPAA Success Accomplishments Clearinghouse Approach Risks/Challenges 2002 Plans

3 Confidential 3

4 4 HIPAA -- The Blue Cross Approach Keys to Success Enterprise-Level in Scope Blue Cross and Affiliate Companies Emphasis on Planning & Assessment Alignment with future business and technology strategies Executive Sponsorship Sr. Vice-President (Compliance Officer) Sr. Vice-President (CIO) Involvement on External HIPAA Workgroups Local Level (MHDI, Uniform Billing Committee, Larger Payer/Provider Workgroup) National Level (BCBSA, WEDI, ANSI, etc.)

5 Confidential 5 Realize cost savings by conducting more business electronically and using Nationally accepted transaction standards Increase quality due to fewer administrative errors Reduce fraud and abuse Guarantee security and privacy of consumer health information Industry Opportunities and Challenges Opportunities Magnitude of undefined HIPAA regulations are unknown Delays in enforcement potentially will have a financial impact Impact to processes and work flows are intra and inter-company Expected benefits and savings are yet to be determined Challenges

6 Confidential 6 What steps has Blue Cross taken? 2000 Conducted an Enterprise-Level Assessment of Blue Cross Operations Conducted HIPAA Assessment for Blue Cross Affiliates: –Atrium Health Plan, Inc. –Behavioral Health Services, Inc. (BHSI) –Comprehensive Care Services, Inc. (CCS) –First Plan of Minnesota –MII Life, Incorporated Developed a high-level overall HIPAA Implementation Plan

7 Confidential 7 What steps has Blue Cross taken? 2001 Initiated work on the transactions Selected and implemented translator tool Implemented a Claims Repository for capturing all submitted data Implemented a Plan for Development and Maintenance of Polices for Privacy and Security Finalized and gained approval on new Privacy Policies Established an Implementation Strategy for Affiliates Established Communications Framework Established Local Work Group of large Payers/Providers to develop a coordinated transaction implementation effort within the Minnesota Community

8 Confidential 8 HIPAA Transaction Support Transactions Selected a new EDI translator (Paper Free) Incorporated into the BCBSM Clearing house Built new Maps:

9 Confidential 9 BCBSM Clearinghouse BCBSM Internal Processing Affiliate Systems BCBSA Blue Exchange HIPAA Enterprise Transactions External Transactions

10 Confidential 10 Claims Repository Transactions Built a Claims Repository ­Contains All Data Elements from Submitted Claims Eliminates Info Letters Master Records for Entire Book of Business ­Including Adjustments, Settlements

11 Confidential 11 Blue Exchange Transactions Next Generation Infrastructure Supporting National Business Implemented: Real Time and Batch Support Near Term Applications ­National Provider Directory ­National Eligibility Eligibility 270/271 Claim Status 276/277 Referral 278 to begin Q3

12 Confidential 12 Potential Areas of Risk & Management Action Interdependency of Payers/Providers on the implementation of transactions Establish an implementation strategy based on current DHHS schedule and obtain ‘buy-in’ from key provider/payer organizations Leverage HIPAA requirements as foundation for eBusiness strategy Leverage HIPAA privacy regulations in meeting state requirements for confidentiality of patient level information Delays with publication of HIPAA Regulations or changes to existing schedules by DHHS may delay implementation plans and increase costs Collaborate with large payers/providers on an independent HIPAA certification Coordinate a phased implementation schedule to facilitate ‘transition’ to full HIPAA compliance Coordinate a Provider Communication Plan with other payers Establish HIPAA Clearinghouse to assist providers with HIPAA compliance

13 Confidential 13 Privacy Hired a Privacy Director Privacy Policies Created to Support these Regulations: ­HIPAA ­Gram-Leach-Blyley ­State of Minnesota ­Procedures are being Prepared to Implement the Procedures

14 Confidential 14 Privacy Challenges Critical issue at the local level Public statements are viewed as policies Conscience shift in how employees perform their job Employee training so that they understand and can apply the content of the privacy policies Employee compliance with policies and procedures to perform their day-to-day jobs

15 Confidential 15 Security Security Policies are being formulated Implementation Procedures scheduled for completion Q4 2002 Employee Confidentiality Agreements were reviewed and updated Tivoli Policy Director and Security Manager were purchased All Web access coordinated Through Tivoli Mechanism for secure disposal of Protected Health Information installed Employee training raising awareness of security practices and Procedures

16 Confidential 16 Blue Cross HIPAA Strategy for 2002 Apply for transaction code set compliance extension as a safety precaution and allowing for flexibility Implement Transaction and Code Set Requirements Implement Blue Cross Clearinghouse capabilities Connectivity and implementation of Blue Exchange Develop and implement Trading Partner migration strategy for HIPAA transaction processing Implement transaction/code sets and privacy requirements for Affiliate operations

17 Confidential 17 Blue Cross HIPAA Strategy for 2002 Implement Privacy Policies and supporting desk-level procedures Trading Partner Agreements Business Associate Agreements Employee Training Finalize Security Policies

18 Confidential 18 Questions? Comments?

Download ppt "Confidential 1 HIPAA Compliance at Blue Cross Blue Shield of Minnesota: A Case Study Tim Wittenburg Director of Corporate Architecture & Data Management."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
What is Business Architecture?. Overview Agility matters today more than yesterday Previous methods for managing change were designed for the needs of.

What is Business Architecture?. Overview Agility matters today more than yesterday Previous methods for managing change were designed for the needs of.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC 29406 843-576-1426 Health Insurance Portability.

Todd Frech Ocius Medical Informatics 6650 Rivers Ave, Suite 137 North Charleston, SC Health Insurance Portability.
1 Health Insurance Portability and Accountability Act of 1996 IS&C Expo October 16 & 17, 2002 John Wagner Governor’s Office of Technology.

1 Health Insurance Portability and Accountability Act of 1996 IS&C Expo October 16 & 17, 2002 John Wagner Governor’s Office of Technology.
HIPAA Administrative Simplification Final Rule for Transactions Code Sets Stanley Nachimson

HIPAA Administrative Simplification Final Rule for Transactions Code Sets Stanley Nachimson
Presents: Weekly HIPAA Teleconference Revised 10-16-02.

Presents: Weekly HIPAA Teleconference Revised
ITEC 6324 Health Insurance Portability and Accountability (HIPAA) Act of 1996 Instructor: Dr. E. Crowley Name: Victor Wong Date: 2 Sept. 2004.

ITEC 6324 Health Insurance Portability and Accountability (HIPAA) Act of 1996 Instructor: Dr. E. Crowley Name: Victor Wong Date: 2 Sept
The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
Information Security Policies and Standards

Information Security Policies and Standards
Statistical Metadata Strategy Elham M. Saleh - Acting Director of Economic Statistics - Director of Technical Resources Central Informatics Organisation.

Statistical Metadata Strategy Elham M. Saleh - Acting Director of Economic Statistics - Director of Technical Resources Central Informatics Organisation.
UC San Diego EH&S Staff Meeting Project 2010 Jan00 meeting notes.doc May 5, 2004 Update on the New Business Architecture EH&S Staff Meeting.

UC San Diego EH&S Staff Meeting Project 2010 Jan00 meeting notes.doc May 5, 2004 Update on the New Business Architecture EH&S Staff Meeting.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
University of California New Business Architecture Project 2010 Jan00 meeting notes.doc April 15, 2004 Accelerating the New Business Architecture UC Employment.

University of California New Business Architecture Project 2010 Jan00 meeting notes.doc April 15, 2004 Accelerating the New Business Architecture UC Employment.
Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.

Why Managers Must Understand IT Managers play a key role –Frame opportunities and threats so others can understand them –Evaluate and prioritize problems.
Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.

Minnesota Law and Health Information Exchange Oversight Activities James I. Golden, PhD State Government Health IT Coordinator Director, Health Policy.
Privileged and Confidential Strategic Approach to Asset Management Presented to October 2004 2004 Urban Water Council Regional Seminar.

Privileged and Confidential Strategic Approach to Asset Management Presented to October Urban Water Council Regional Seminar.
5 TH National HIPAA Summit HIPAA Vendor Readiness SIEMENS/HDX Presentation 1 November 2002 Don Bechtel HDX Compliance Officer Co-chair WEDI SNIP Transactions.

5 TH National HIPAA Summit HIPAA Vendor Readiness SIEMENS/HDX Presentation 1 November 2002 Don Bechtel HDX Compliance Officer Co-chair WEDI SNIP Transactions.
© 2009 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Career Education Computers in the Medical Office Chapter 2: Information Technology.

© 2009 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Career Education Computers in the Medical Office Chapter 2: Information Technology.
Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.

Information Security Governance 25 th June 2007 Gordon Micallef Vice President – ISACA MALTA CHAPTER.

Similar presentations

Ads by Google