Mid-week update

OPM has posted a recent benefits administration letter providing helpful details on the self plus one enrollment type roll out.

Last August 19 marked the 19th anniversary of the Health Insurance Portability and Accountability Act or HIPAA.  HHS still has not released all of the transaction standards, e.g., the claims attachment standard, or code sets, e.g., the patient identifier. Congress has blocked HHS from issuing a patient identifier which is wrongheaded because a patient identifier is needed for interoperable medical records. Also the claims attachment standard may just be a bridge too far.  In any event, the FEHBlog thinks that the industry would have worked out the standards and code sets without a law. But the law remains there and Congress doubled down on that law in the ACA by coopting CAQH's effort to create operating rules for the standard transactions. Today CAQH announced the released of its fourth round of operating rules. By HHS regulation, these CAQH rules will apply to all HIPAA covered entities and business associates.  The operating rules fill in gaps in the transaction standards in a uniform way.

Speaking of HIPAA and the 2009 HITECH Act, CMIO reports that the HHS Office for Civil Rights which enforces the HIPAA Privacy and Security Rules plans to start engaging in proactive desk audits of HIPAA covered entity and business association privacy and security policies and procedures. These audits will supplement the existing practice of auditing HIPAA covered entities and business associates that report large unsecured protected health information breaches in accordance with federal law.

The trade association AHIMA, which supports the ICD-10 implementation, has announced ten metrics that health information management professionals should be monitoring in the immediate wake of the looming ICD-10 code set compliance date next Thursday October 1.  Good idea.