The Good Side of HIPAA

The Good Side of HIPAA

Paul Vegoda and Carl Abramson
MalvernGroup

Pete Wenzlick ,
Publisher, HIT Strategies Newsletter

e-mail Pete at jpwenzlick@att.net for a trial subscription to his newsletter, HIT Strategies

You may not believe this, but there is a good side to HIPAA for you, and we have seen it. We now know that preparation for HIPAA compliance presents a window of opportunity for healthcare enterprises. Enormous benefits result when the enterprise examines how work is performed within and across organizational boundaries.

MalvernGroup performs HIPAA Assessments for providers, health plans and clearinghouses. We document and compare our clients' business processes to HIPAA regulations and identify HIPAA requirements and potential business process improvements that result in doing the right things right. We have seen how HIPAA projects can help you to:

Reduce liability,
Improve financial performance,
Improve productivity by eliminating and streamlining old processes,
Improve patients' satisfaction and trust, and
Identify operational, tactical and strategic plan flaws.

Planning: Are you limiting your opportunities?
Steering committees frequently guide the compliance process as if the only result of value is compliance. We have found that communicating an expanded vision and strategy for HIPAA compliance activities leads to higher payback for the effort.

Rewards and appropriate resources should be given to compliance leaders for implementation of projects that are good business decisions for your enterprise. Recruit participation of senior level executives and use their influence to navigate through the inherent politics of change and help to make improved decisions for and during implementation.

Benefits of Process Documentation
Covered entities must document how Protected Health Information (PHI) is handled and safeguarded. We found a lack of process documentation: but when documentation of business processes exists or is created, it provides the basis for analysis. Inefficient and ineffective processes and potential HIPAA violations can then be identified and evaluated for investment.

Documenting how and where PHI is disclosed identifies a variety of non compliant practices. Of course, process documentation also reveals how to extend your current best practices, and identify what and where current practices must be changed.

Opportunities to reduce liability
Litigation can result from the compliance failure of a business associate. Carefully defining contractual obligations to the functions performed by the business associate and the covered entity potentially limits risk.

Alternatively, your organization can reduce risk by rethinking the role a business associate must play in your business processes and your organization can make the adjustments. For example, your enterprise could make the decision not to permit any business associate to make disclosures of PHI without your approval.

Opportunities to improve financial performance
Implementation of standard electronic transactions, treated merely as a technical exercise may only replace selected paper-based processes, leaving old work-arounds and cost-retaining processes in place. These work-arounds perpetuate the number of internal handoffs of information, rework and payments delays in your organization.

Alternatively, you document how patient information is captured, claims are created and submitted and payments are received and posted. Review of the documented processes, rules and policies identifies opportunities for improvement.

Opportunities to improve productivity
Unnecessary resource consumption can be perpetuated by modifying old processes to comply with HIPAA, without assessing potential improvements.
Understanding administrative and caregiver interactions provide you the opportunity to discover ineffective and inefficient processes. These defective processes can be eliminated or improved, corrections for HIPAA compliance identified and best practices adopted and standardized across the enterprise.

Opportunities to improve patient satisfaction and trust
Implementation of the privacy rules increases the burden on your patients. For example, records of disclosures are frequently kept in multiple locations and the patient may have to visit each location to assemble a complete accounting for disclosure.

Enterprise-wide analysis of current procedures involving patients establishes a base-line for HIPAA compliance and improved processes. Then, alternate solutions can be evaluated for implementation to reduce the future burden on patients and the enterprise.

Conclusion:
Your enterprise can simply attain a check mark for compliance...or
you can establish lasting value and accomplish much more if your enterprise is open to improving business processes as part of your compliance efforts.
For more information, please call for our White Paper on "An Integrated Business Approach to Process Improvement and HIPAA Compliance".

About MalvernGroup
MalvernGroup, in addition to its full line of HIPAA services, works with healthcare executives to develop information technology strategies and plans and with its partners, implements complex mission-critical projects.

For more information, please contact us Phone: 610-408-8318 or email:
Paul Vegota and Carl Abramson