Working in billing for customer service where we receive call after call to discuss a patient's bill. If we do not ask the relationship of the caller to the patient is that a hippa violation?
Working in billing for customer service where we receive call after call to discuss a patient's bill. If we do not ask the relationship of the caller to the patient is that a hippa violation?
Are you discussing their medical treatment or diagnoses ?
No. We do not discuss what the patient is being billed for. Just answer if it has been sent to insurance, if it is a deductible etc.
It's not a violation unless someone sneaks in a call who is not part of the medical provider community. If you take calls all day long, you should be able to spot such a call.
If you are not in management, I wouldn't worry about it. There's only so much time you want to spend asking who someone is, and if someone is lying, how will you know anyway? You won't. If it concerns you, ask what company policy is.
It's HIPAA, not HIPPA, and it's a law that was enacted to deal with electronic transmission of medical date among medical providers. Yes, a phone call is part of that, but a minor part compared to computers.
By law you MUST verify who you are talking too, and have permission to divulge sensitive information. I am sure you have a policy and procedure in place you must follow and if YOU do not follow that procedure, then you risk dismissal, and or some other punitive action against you, by your employer.
If you work for a medical practitioner, then they should provide HIPAA training or policies to each employee. Ask your supervisor about it. When in doubt keep your mouth shut.
As tal and scott both alluded to- Health providers are required by HIPAA law to develop the policies and procedures that ensure their firm's compliance with the specific HIPAA standards.
From: Summary of the HIPAA Privacy Rule
"Privacy Policies and Procedures. A covered entity must develop and implement written privacy policies and procedures that are consistent with the Privacy Rule.64
Privacy Personnel. A covered entity must designate a privacy official responsible for developing and implementing its privacy policies and procedures, and a contact person or contact office responsible for receiving complaints and providing individuals with information on the covered entity's privacy practices.65 "
All times are GMT -7. The time now is 10:27 AM. |