New HIPAA regulations for Business Associates go into effect February 17, 2010 and most chiropractors qualify as covered entities subject to these new rules.
This means chiropractors will have to have a new Business Associate agreement in place to be compliant with the recently changed provisions under the privacy and security rules that impact named covered entities and business associates.
“The first question a chiropractor will ask is: “Am I a covered entity?” Put simply, if you conduct transactions in electronic form, you are a covered entity,” said Strategic Chiropractor CEO, Dr. Tom Necela. A practicing chiropractor, Necela now uses his experience both as a chiropractor, a former Insurance Claims Analyst and Certified Professional Medical Auditor to work with chiropractic practices to improve their business and minimize their audit exposure through better documentation, coding, billing and compliance.
Examples of covered entities include chiropractic practices that bill electronically and maintain electronic patient records. Plus, if a chiropractic office uses a third party medical billing service, that firm is considered a business associate. Other examples of business associates include electronic clearinghouses, transcriptionists and accountants.
The bottom line of this new ruling is to protect access to the Protected Health Information (PHI) of patients.
To comply with the Business Associate Agreement update chiropractors should:
• Make a list of current business associates and vendors
• Identify entities with whom the practice shares PHI
• Draft new legal agreements for business associates to comply with the new rules
• Update HIPAA privacy & security policies
Source: Department of Health and Human Services