33 terms

HIPAA Compliance and Privacy in Insurance Billing Ch. 2

incidents or practices, not usually considered fraudelent, that are inconsistant with accepted sound medical business or fiscal practices.
under the Heath and Accountibility Act (HIPAA) privacy rule, and individual's formal, written permission identifiable health information for purposes other than treatment, payment, or heath care operations.
authorization form
a document signed by the patient that is needed for use and disclosure of protected heath information that is not included in any existing consent form agreements.
breach of confidential communication
breach means "breaking or violation of a law or agreement." In the context of the medical office it means the unauthorized release of information about the patient.
business associate
a person who, on behalf of the covered entity, performs or assists in the performance of a function or activity involving the use of disclosure of individually indentifiable health information, including claims processing or administration, utilization review, quality assurance, billing, benefit management, practice management, and repricing.
an independent organization that receives insurance claims from the physician's office, performs software edits, and redistributes the claims electronically to various insurance carriers.
code set
any set of codes with their discriptions used to encode data elements such as tablets of terms, medical concepts, medical diagnostic codes, or medical procedure codes.
a process of meeting regulations, recommendations, and expectations of federal and state agencies that pay for health care services and regulate the industry.
compliance plan
a management plan composed of policies and procedures to accomplish uniformity, consistency, and conformity in medical record keeping that fulfills official requirements.
confidential communication
a privileged communication that may be disclosed only with patient's permission.
the state of treating privately or secretly, and not disclosing to other individuals or for public knowledge, the patient's permission.
verbal or written agreement that gives approval to some action, situation, or statement.
consent form
a document that is not required before physicians use or disclose protected health information for treatment, payment, or routine health care operations of the patient.
covered entity
an entitiy that transmits health information in electronic form in connection with a transaction covered by HIPAA. The covered entity may be 1) a health care encourage carrier such as Blue Cross/Blue Shield, 2) a health care clearinghouse through which claims are submitted, or 3) a health care provider such as the primary care physician.
the release, transfer, provision of access to, or divulging in any other manner of information outside th entitiy holding the information.
e-health information management
(e-HIM) a term coined by the AHIMA's ehealth Task Force to describe any and all transactions in which health care information is accessed, processed, stored, and transferred using electronic technologies.
electronic media
the mode of electronic transmission
a willful act by an employee of taking possession of an employer's money.
an intentional misrepresentaion of the facts to decieve or mislead another.
health care provider
a provider of medical or health services and any other person or organization who furnishes bills or is paid for health care in the normal course of business.
individually identifiable health information
any part of an individual's health information including demographic information collected from the individual that is created or received by a covered entity.
Notice of Privacy Practices
Under HIPAA, a document given to the patient at the first visit or at enrollement explaining the individual's rights and the physician's legal duties in regard to protected health information (PHI).
phantom billing
billing for services not performed.
the condition of being scheduled from the presence or view of others.
privacy officer, privacy official
an individual designated to help the provider remain in compliance by setting policies and procedures in place, and by training and managing the staff regarding HIPAA and patient rights; usually the contact person for questions and complaints.
privileged information
data related to the treatment and progress of the patient that can be released only when written authorization of the patient or guardian is obtained.
protected health information
any data that identify an individual and describe his or her health status, age, sex, ethnicity, or other demographic characteristics, whether or not that information is stored or transmitted electronically.
security officer
a person who protects the computer and networking systems within the practice and implements protocols such as password assignment, backup procedures, firewalls, virus protection, and contingency planning for emergencies.
security rule
under HIPAA, regulations related to the security of electronic protected health information(ePHI) that, along with regulations related to electronic transactions and code sets, privacy, and enforcement, compose the Administrative Simplification provisions.
a rule, condition, or requirement
state preemption
a complex technical issue not within the scope of the health care provider's role; refers to instances when state law takes precedence over federal law.
the transmission of information between two parties to carry out financial or administrative activities related to health care.
the sharing, employment, application, utilization, examination, or analysis of individually identifiable health information (IIHI) within an organization that holds such information.