Special Series: HIPAA Compliance

Early response key to HIPAA compliance

Handle documentation on day one

[Editor’s note: On April 14, 2003, the new Privacy Standard of the Health Insurance Portability and Accountability Act (HIPAA) went into effect. In the following three articles, we will take a look at different strategies occ-med professionals have employed to come into compliance with the new law.]

Compliance with the new privacy standard of HIPAA can be achieved much more easily and smoothly with some simple planning and pro-active responses, says Frank Tafelsky, OTR, MS, MBA, program manager for Munson Occupational Health and Medicine in Travers City, MI.

Using simple, standard releases created in-house, Munson has patients authorize the sharing of medical information immediately upon their first visit — regardless of the reason for the visit — which, says Tafelsky, helps avoid potential problems down the road. (The privacy standard outlines a set of rights for all patients with respect to the privacy of, access to, and control over their personal health information.)

"The release basically says that you are authorizing us to share the medical information obtained from your visit with your employer and other medical professionals," he explains.

An occ-med concern

The new privacy standard is particularly significant for occupational health facilities, says Tafelsky. "As an occ-med clinic, we are frequently asked to supply information to employers and other medical personnel, attorneys, and anyone else who may potentially need this information," he explains. "For all of those disclosures outside of workers’ comp, we would have to keep a list of who those disclosures were made to. By having these releases of information, we will avoid that."

Another big issue for occ-med clinics is the employer services they perform, such as drug screenings, physicals, or fit-for-duty exams, Tafelsky continues. "Even for a simple TB test, you would need to record a release of medical information on a form, so by having the releases signed on the front end, you avoid all that."

Munson has a designated individual whose responsibility it is to ensure that release of information forms will be following HIPAA standards. "The HIPAA forms have to be signed," says Tafelsky.

Even workers’ comp affected

While many occupational health professionals assert that HIPAA does not apply to generic workers’ comp visits, Tafelsky insists that it really does.

"Let’s say you came in for a workers’ comp injury — a torn knee," he proffers. "Let’s say it gets fixed, and 10 years down the road you have another knee injury playing softball. The question, is where does workers’ comp come in? Maybe nowhere, but the physician will want those records to be sure, and I can’t give them to him if the patient hadn’t signed a release of information. With our procedure, you will never have a question about whether you need an authorization to release information about medical care because of HIPAA."

Ultimately, says Tafelsky, HIPAA will make information flow more freely and will result in substantial savings for providers. "We will save money because down the road there will be a decrease in the amount of paperwork you need to have in place, so you’ll save on staff time for releases of information and other related avenues," he says. "In the future, the increased use of the electronic medical record will be extremely important, and HIPAA will support that as well."

[For more information, contact:

Frank Tafelsky, OTR, MS, MBA, Program Manager, Munson Occupational Health and Medicine, 1105 Sixth St., Travers City, MI 49684. Telephone: (231) 935-9179.]