What is HIPAA?
HIPAA is the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA). While it is a broad and complicated law, it was essentially created to:
- protect patients' access to health care coverage when they change jobs
- allow women to receive coverage for reconstructive surgery after a mastectomy
- provide mothers and newborns at least 48 hours in the hospital after delivery
- secure the privacy of patient health information
- enforce uniform standards for exchanging health information
Additional HIPAA information:
Notice of Privacy Practices (pdf) (Effective September 23, 2013)
What does this mean for me?
| Back to top
As a Fallon Health member, what do I need to know about HIPAA?
The HIPAA requirements are there to protect you, the consumer. With respect to health care, HIPAA is meant to simplify communications between health plans and providers—mostly through electronic means. However, you should be aware that HIPAA outlines strict guidelines to ensure the privacy and confidentiality of your PHI (protected health information, such as your name and medical information). These guidelines require that your PHI be used for purposes of treatment, payment and health plan operations, and not for purposes unrelated to health care.
Under HIPAA, Fallon Health must:
- provide a Notice of Privacy Practices to all members (the Notice is issued to all new members with their new member materials and is also available here: Notice of Privacy Practices - pdf).
- make sure that every person or company who works with us protects member information as we do.
- carry out privacy training for all employees, whether they deal with member records or not.
- have consequences in place if member information is used or shared improperly.
| Back to top |
As an employer, how does HIPAA impact my relationship with Fallon Health?
As part of HIPAA Administrative Simplification, Fallon Health will be able to accept standard electronic transactions, such as enrollment (834 format) and premium payments (820 format). If you plan to use electronic transactions, please note that they must be in the standard formats set up under HIPAA. We also recommend that you call 1-866-275-3247, option 6, to test your system before switching over entirely to electronic transactions.
With regard to the HIPAA Privacy Rule, it is Fallon's policy not to disclose member PHI (protected health information, such as member name and medical information) to employers or plan sponsors. Any medical information Fallon Health releases to you will be void of information that would disclose the identity of the member, unless that member has signed an authorization form for that disclosure.
For any exceptions, please discuss with your account executive and understand that if we send individually identifiable information to you, then you must:
- amend enrollment and other benefit forms to include language outlining permitted uses and disclosures of member health information
- certify that steps are being taken to secure the PHI of employees in the health plan
HIPAA does involve other conditions that do not relate to your transactions with Fallon Health. Also, employers' employee welfare plans have their own requirements as covered entities. Please visit the Centers for Medicare & Medicaid Services to learn more.
| Back to top |
As a broker, what is my relationship with Fallon Health under HIPAA?
Under HIPAA, Fallon Health considers you to be an associate of the employer you represent—business associate agreements with Fallon Health are not be required. As an extension of the employer, you are permitted access only to enrollment information if the employer grants you permission.
Note: It is Fallon Health's policy not to disclose member PHI (protected health information, such as member name and medical information) to employers or plan sponsors. Any medical information, including discussing a specific member claim problem, Fallon Health releases to you will be void of any information that would disclose the identity of the member, unless that member has signed an authorization form for that disclosure.
| Back to top |
As a physician or provider, what do I need to know about HIPAA and Fallon Health?
A key HIPAA compliance issue for physicians and other health care providers is the use of electronic transactions.
Those providers using electronic data interchange (EDI) must use standard transactions, such as the 837 for claims. Fallon Health must accept standard transactions, and offers two methods of EDI for this: direct through Fallon Health or via one of our contracted clearinghouses.
If you are interested in submitting electronic health care transactions, please contact us at 1-866-275-3247, option 6, or email us to request to become a trading partner. Click here to start the enrollment process.
If you have any questions concerning testing with Fallon Health, please contact our EDI Coordinators at 1-866-275-3247, option 6.
To help you with the EDI process, we have created several Fallon-specific companion guides to the official implementation guides. They are available for download on the EDI companion guides page.
Another important note regarding HIPAA guidelines is that physicians and other health care providers may release protected health information to Fallon Health for payment and health care operations purposes.
For more information about HIPAA requirements for physicians and providers, visit the American Medical Association's HIPAA resource page.
Fallon Health currently contracts with the following clearinghouses:
- Change Healthcare (formerly known as Emdeon and WedMD)
Call 1-800-845-6592 or
visit their website at www.changehealthcare.com.
- Relay Health (formerly McKesson)
Call 1-800-735-2963, option 3, or
visit their website at www.relayhealth.com.
| Back to top |