HIPAA FAQ
- HIPAA Overview
Here you'll find a general overview of HIPAA and how the law affects you as an agent. - What is the Health Insurance Portability and Accountability Act of 1996?
HIPAA is legislation enacted by the federal government to reduce health care fraud and abuse, guarantee the confidentiality of health information, among others. - Who must comply with HIPAA?
HIPAA applies to health insurance carriers, group-sponsored health plans, health care providers, health-care clearing houses, among others. - Who do the limitations on exclusions for pre-existing conditions apply to under HIPAA?
The limitations on exclusions for pre-existing conditions apply to employees and dependents covered by any group health plan. - What are the deadlines for HIPAA compliance?
As a covered entity, Blue Cross Blue Shield of Michigan and Blue Care Network are fully compliant with the final HIPAA rules. - What is a plan sponsor?
A plan sponsor is an employer or organization that offers a group health plan to its employees or members. - How does crediting for a pre-existing condition waiting period work under HIPAA?
Previous coverage under a prior carrier is credited against our pre-existing condition exclusion period if the gap between when coverage ended and the new coverage doesn't exceed 63 days. - How do you know if an employee had prior group coverage?
Proof of prior coverage will be necessary; the member should contact his/her prior health plan to request a certificate of creditable coverage. - Where can I get more information about HIPAA?
For your convenience, we've included additional links to HIPAA information.
- What's the HIPAA privacy rule?
The HIPAA privacy rule governs the confidentiality and privacy of protected health information, also referred to as PHI. - What does privacy protect?
HIPAA specifically addresses protecting the privacy of protected health information. - What information can be released to a plan sponsor?
We do not release personal health information, or PHI, to area and industry underwritten groups or their plan sponsors, other than enrollment information about their employees. - What type of information contained in privacy reports is released?
We may provide aggregate health information showing how the plan members have utilized the health plan. - Who are your privacy officers?
Learn who the privacy and security officers are for both Blue Cross Blue Shield of Michigan and Blue Care Network. - How do I request the HIPAA policies and procedures on privacy compliance?
See our privacy practices for additional information. - Does the HIPAA Privacy rule affect only covered entities?
HIPAA requires that covered entities make their business associates, like agents, also comply with the Privacy Regulations. - Do members of a self-funded group have the same privacy rights as members of a fully insured group?
The only difference is BCBSM is considered a business associate of a self-funded group health plan. - Do you have policies and procedures for ensuring the privacy of PHI and compliance with HIPAA privacy regulations?
We have long been committed to handling member PHI with the utmost care and highest standards for maintaining privacy and confidentiality. - Do you consider premium statements to contain PHI as defined by HIPAA?
We consider premium statements to contain PHI. - Do you limit discussion for third-party inquiries in any manner?
All disclosures to third parties are conditioned on verification of the requestor's identity and authority to access the member's PHI.
- What's the HIPAA security rule?
The Security rule establishes requirements to ensure the confidentiality, integrity and availability of electronic protected health information. - How are the Security Standards different from the HIPAA Privacy rule?
The Security Rule addresses specific administrative, physical and technical safeguards. - Do you intend to eliminate the use of the Social Security Number as an identifier?
We started to eliminate the use of Social Security numbers in 2004 for those states with an early compliance law.
- What are business associates?
Business associates are defined as persons or entities that are not members of our workforce and perform functions or services on our behalf that involve use or disclosure of PHI. - How can an agent or consultant acting on behalf of a group receive PHI?
An agent or consultant acting on behalf of an ERS/ASC group can receive reports containing PHI. Learn how. - If you are a Business Associate of a plan, are you willing to execute the business associate contract or a similar contract?
For most of our underwritten contracts, we operate as an Organized Health Care Arrangement (OHCA), so a business associate agreement is not required.
Twitter
Facebook
Google+
A Healthier Michigan
