Headlines about "Health plan admin - HIPAA"
Gathered from the web by the editors at BenefitsLink.com.
[Opinion] Bad Medicine, Under Guise of Helpfulness, Big Pharma Wants Your Confidential Medical Records
Excerpt: "[A California] bill, SB 1096, was sponsored by Sen. Ron Calderon (D-Montebello) and would have allowed pharmacies to sell patients' prescription and medical information to third-party entities -- including Adheris, Inc., the bill's main business backer. The ostensible goal behind the bill was to allow Adheris and other similar marketing companies to mail 'reminder' notices to patients so they wouldn't forget to take their medication." (San Francisco Bay Guardian via Consumer Watchdog)
[Guidance Overview] The Genetic Information Nondiscrimination Act of 2008 (PDF)
Excerpt: "As noted in [this bulletin], sponsors of group health plans will not know GINA's full implications until regulations are issued (final regulations must be issued by May 2009). However, amendments to the HIPAA Privacy Rule must be issued within 60 days, and those amendments might require more immediate attention from plan sponsors." (The Segal Group, Inc.)
[Guidance Overview] Genetic Information Nondiscrimination Act Becomes Law (PDF)
4 pages. Excerpt: "Under Title I, employer-sponsored group health plans and health insurers providing group health plan coverage are prohibited from restricting enrollment or adjusting premium or contribution amounts for the group on the basis of genetic information. They may not request, require or purchase genetic information prior to an individual's enrollment in the plan or request or require genetic testing of the individual or a family member for underwriting purposes. However, a plan or issuer that obtains such information incidental to the collection of other information prior to enrollment will not be in violation of the law as long as it is not used for underwriting purposes." (Buck Consultants)
[Guidance Overview] HIPAA Privacy Information for Consumers Now Available in Eight Languages on HHS Website
Excerpt: "HHS has posted HIPAA privacy consumer information on its website in eight languages: English, Chinese, Korean, Polish, Russian, Spanish, Tagalog, and Vietnamese. The information includes two consumer brochures -- 'Privacy and Your Health Information' and 'Your Health Information Privacy Rights,' plus a fact sheet that explains how to file a privacy complaint and a form for filing a privacy complaint." (Employee Benefits Institute of America)
HIPAA Health Information Privacy Consumer Brochures in Eight Languages Released
Excerpt: "The Office for Civil Rights (OCR) has posted on its health information privacy Web site two consumer brochures, Privacy and Your Health Information and Your Health Information Privacy Rights, in eight languages: Chinese, Korean, Polish, Russian, Spanish, Tagalog, Vietnamese and English. Previously the brochures were available in English and Spanish. These brochures educate health care consumers about the HIPAA Privacy Rule." (International Foundation of Employee Benefit Plans)
Google Health Launches to Questions About Privacy
Excerpt: "Google has formally launched its Google Health effort to allow patients access their personal health records no matter where they are, from any computing device, through a secure portal hosted by Google." (eWeek)
[Guidance Overview] Prominent Provisions of the Genetic Nondiscrimination Act
Excerpt: "The Secretary of Labor is provided new enforcement authority. It may impose a penalty against the plan sponsor or issuer for failure to meet the requirements of ERISA §§ 701 and 702 regarding genetic information and discrimination. The permissive penalty is $100 per day for each participant or beneficiary to whom the failure applies. If the failure is discovered by the Secretary before it is corrected, however, a minimum penalty of at least $2,500 per person shall apply (or, where the violations have been more than de minimis, at least $15,000 per person shall apply)." (Deloitte)
[Guidance Overview] Congress Passes Legislation Prohibiting Genetic Discrimination by Health Plans and Employers
Excerpt: "The legislation amends the HIPAA portability rules in ERISA, the PHSA, and the Code, adding new provisions regarding genetic information that will apply to group health plans and insurance issuers offering group health insurance coverage, as well as provisions for insurance issuers in the individual market. It also requires amendments to the HIPAA privacy regulations and prohibits discrimination in the workplace on the basis of genetic information." (Employee Benefits Institute of America (EBIA))
[Guidance Overview] Benefits Quiz from the April 2008 Trucker Huss Benefits Report (PDF)
Pages 1-2 of 10 pages. Excerpt: "The . . . questions are designed to refresh, and to fine tune, your benefits expertise. Some of the answers (which are found on page 8 of this Newsletter) may surprise you." (Trucker Huss)
Congress Inadvertently Legalizes Sharing of Genetic Information Without Patient Consent
Excerpt: "'While authors of the recently passed Genetic Information Nondiscrimination Act of 2008 (H.R. 493) had good intentions, the bill inadvertently legalizes the sharing of genetic information without patient consent,' says Sue Blevins, president of the Institute for Health Freedom (IHF). 'It does so by applying HIPAA regulations to genetic data.'" (PRNewswire-USNewswire via NewsBlaze)
[Guidance Overview] Side-by-Side Comparisons of Current and 'HIPAA 2' EDI Standards Posted on CMS Website
Excerpt: "EBIA Comment: Health plans are required to comply with the EDI standards that apply to all covered entities, as well as some additional requirements specific to health plans. Covered entities (including health plans) and their business associates may find the side-by-side comparisons helpful in assessing the potential impact of the HIPAA 2 changes." (Employee Benefits Institute of America)
[Guidance Overview] Multiemployer Health Plans Must Be Vigilant About HIPAA Security Compliance
Excerpt: "Health plan sponsors should first review and complete all the appropriate remediation steps outlined in their initial HIPAA security risk assessment. The purpose of that initial assessment was to set out a roadmap towards compliance. As a result, if any action items are outstanding, the plan sponsor should address those security gaps immediately." (The Segal Group, Inc.)
[Guidance Overview] HIPAA Security Compliance Requires Ongoing Efforts
Excerpt: "Health plan sponsors should first review and complete all the appropriate remediation steps outlined in their initial HIPAA security risk assessment. The purpose of that initial assessment was to set out a roadmap towards compliance. As a result, if any action items are outstanding, the plan sponsor should address those security gaps immediately." (The Segal Group, Inc.)
[Guidance Overview] CRS Report for Congress: Summary of the Employee Retirement Income Security Act (ERISA) (PDF)
76 pages; April 10, 2008. Excerpt: "The Employee Retirement Income Security Act of 1974 (ERISA) provides a comprehensive federal scheme for the regulation of employee pension and welfare benefit plans offered by employers. ERISA contains various provisions intended to protect the rights of plan participants and beneficiaries in employee benefit plans. These protections include requirements relating to reporting and disclosure, participation, vesting, and benefit accrual, as well as plan funding. ERISA also regulates the responsibilities of plan fiduciaries and other issues regarding plan administration. ERISA contains various standards that a plan must meet in order to receive favorable tax treatment, and also governs plan termination. This report provides background on the pension laws prior to ERISA, discusses various types of employee benefit plans governed by ERISA, provides an overview of ERISA's requirements, and includes a glossary of commonly used terms." (Congressional Research Service, U.S. Library of Congress)
[Guidance Overview] Eligibility Requirement of More Than Twenty Hours of Active Employment Was Not Discriminatory Under HIPAA
Excerpt: "EBIA Comment: Typical pre-HIPAA actively-at-work clauses provided that an employee who was absent on the day that coverage would otherwise begin would not be covered until he or she was back at work. These actively-at-work provisions violate HIPAA's nondiscrimination rules unless employees who are absent due to a health condition are treated as if they were actively at work. On the other hand, as this case illustrates, plans are permitted to enforce nondiscriminatory eligibility conditions, even if they operate to exclude participants who fail to satisfy those conditions because of a health factor." (Employee Benefits Institute of America)
[Guidance Overview] Legal Compliance for Wellness Programs (PDF)
4 pages. (International Foundation of Employee Benefit Plans via Miller & Chevalier Chartered)
Recent Data Breaches Spark Criticism of Medical Privacy Laws
Excerpt: "Recently disclosed data breaches at University of California-Los Angeles Medical Center have led some critics of federal and state medical privacy laws to question whether the laws are strict enough, the Los Angeles Times reports." (California HealthCare Foundation; free registration may be required)
[Guidance Overview] DOL Checklist Offers Key to the Mysteries of Wellness Program Identification
Excerpt: "The U.S. Department of Labor (DOL) recently issued Field Assistance Bulletin (FAB) No. 2008-02, which includes a Wellness Program Checklist, in response to questions concerning what types of programs must be in compliance with the final regulations. The DOL's Wellness Program Checklist takes some of the uncertainty out of this process." (Little Mendelson P.C.)
[Guidance Overview] DOL Checklist Offers Key to the Mysteries of Wellness Program Identification
Excerpt: "The U.S. Department of Labor (DOL) recently issued Field Assistance Bulletin (FAB) No. 2008-02, which includes a Wellness Program Checklist, in response to questions concerning what types of programs must be in compliance with the final regulations. The DOL's Wellness Program Checklist takes some of the uncertainty out of this process." (Little Mendelson P.C.)
[Guidance Overview] Does Your Wellness Program Comply with the HIPAA Nondiscrimination Regulations? (PDF)
3 pages. Excerpt: "On February 14, 2008, the Department of Labor . . . issued Field Assistance Bulletin No. 2008-02 covering: What types of health promotion or disease prevention programs . . . offered by a group health plan must comply with the HIPAA nondiscrimination regulations; and How to determine whether your company's wellness program complies. . . . The bulletin includes a checklist and related analysis, which are summarized [in the target document.]" (Holme Roberts & Owen LLP)
[Guidance Overview] DOL Provides Further Guidance on Wellness Programs
Highlights from the DOL's recently published checklist for wellness plans to be HIPAA-compliant. (JPMorgan; free registration required to access paper)
[Guidance Overview] IRS Joins DOL to Close Wellness Plan Loophole in HIPAA
Excerpt: "The requirement that the supplemental coverage not differentiate among individuals based on any health factor is key. Effectively, IRS and DOL are saying they will not treat supplemental coverage as a HIPAA excepted benefit that is exempt from the HIPAA nondiscrimination rules unless the supplemental coverage itself satisfies the HIPAA nondiscrimination rules. Thus, tying the wellness plan reward to the supplemental coverage will prevent such coverage from being a HIPAA excepted benefit – and the wellness plan will have to satisfy the HIPAA nondiscrimination rules." (Deloitte via BenefitsLink.com)
[Guidance Overview] Eliminating the HIPAA Catch-22 in Clients' Estate Plans
Excerpt: "One major problem created by HIPAA is its impact on planning for incapacity. Most clients have estate plans that provide for someone else to manage their affairs or make health-care decisions for them if they are unable to do so themselves. This would include their successor trustees of revocable or irrevocable trusts, agents under any financial powers of attorney or medical powers of attorney. A common structure is for these powers to spring into effect upon the incapacity of the individual, as determined by a physician's certification. Unfortunately, your physician might consider making such a certification of incapacity to be a prohibited disclosure of private medical information." (Morningstar)
[Guidance Overview] 'Sixty Seconds of Privacy' an E-Newsletter - Storage of Individual Health Records
Excerpt: "Each edition of this e-newsletter addresses one interesting legal development in the area of privacy and data security, in a brief 'question and answer' format. Each edition is intended to be read in about a minute, yet will update you on an important development." (Thelen Reid Brown Raysman & Steiner LLP)
CMS Releases Sample HIPAA Security Interview and Document Request Guidelines for Investigators
Excerpt: "EBIA Comment: Although many of the items in the document list do not come as a surprise, the list provides valuable insight into what might be required in a HIPAA security rule investigation. Covered entities and others who handle ePHI (such as health plans and business associates) may wish to review the checklist to identify whether they have areas of vulnerability." (Employee Benefits Institute of America)
[Guidance Overview] Privacy & Data Security - Employee Sick-Leave and Medical Privacy
Excerpt: "Does your company practice healthy habits when it comes to dealing with your employees' sensitive health information? HIPAA, with its relatively clear privacy rules, doesn't apply to employers acting in their capacity as an employer (as opposed to acting as an agent for a health insurance plan). But a recently filed Ohio case raises issues not only about the duties that employers have with regard to protecting sensitive medical information; it also highlights the need for employers to handle all employee personal data with care." (Troutman Sanders LLP)
[Guidance Overview] CMS Posts HIPAA Compliance Review Information (PDF)
2 pages. The Centers for Medicare & Medicaid Services' Office of E-Health Standards and Services has issued a document to help health plans, health care clearinghouses and certain health care providers understand the types of information that may be requested of them for potential Health Insurance Portability and Accountability Act security rule violations. The document details which personnel may be interviewed and which documents may be reviewed by the contractors responsible for conducting onsite investigations. (Centers for Medicare & Medicaid Services)
[Guidance Overview] IRS Issues Promised Enforcement Safe Harbor for Supplemental Plans Under HIPAA Portability Rules
Excerpt: "The guidance was prompted by concerns that certain insurance products being marketed as excepted supplemental coverage do not actually qualify as such. It should be noted that although this is currently only a safe harbor rule -- plan sponsors, insurers, or others might be able to convince the federal agencies or a court on a case-by-case basis that coverage is excepted even though it does not meet the safe harbor requirements -- the IRS has indicated that the safe harbor standards likely will be incorporated as requirements in future proposed regulations." (Employee Benefits Institute of America)
[Guidance Overview] HIPAA Privacy Check Up
Excerpt: "It may be hard to believe, but the HIPAA Privacy rules have been in effect for nearly five years!! Is it time for a Compliance Check-up? Although the Group Health Plan is the covered entity under HIPAA, many TPAs provide HIPAA Privacy related services on behalf of the Plan Sponsor/Employer." (SunGard Corbel LLC)
[Guidance Overview] State Law Privacy Claims Alleging Unauthorized Release of Individual's Health Information Not Preempted by ERISA
Excerpt: "The court held that the claims against the insurer were not preempted by ERISA because, among other reasons, the claims alleged that the information was sought and disseminated for inappropriate reasons, and not in the course of providing benefits or performing duties under an ERISA plan. The court noted that according to the couple's allegations, the HR director had behaved 'as a rogue administrator, acting entirely outside the scope of its duties under the Plan.'" (Employee Benefits Institute of America (EBIA))
[Guidance Overview] DOL Takes Action on Disclosure of Compensation
Excerpt: "The U.S. Department of Labor ('DOL') recently took two actions that will significantly expand the types of information that must be disclosed by persons who provide services to ERISA-covered employee benefit plans. This Alert describes the DOL actions and offers some preliminary thoughts on the practical implications." (K&L Gates)
[Guidance Overview] DOL Closes Wellness Plan Loophole in HIPAA Nondiscrimination Rules
Excerpt: "The requirement that the supplemental coverage not differentiate among individuals based on any health factor is key. Effectively, DOL is saying it will not treat supplemental coverage as a HIPAA excepted benefit that is exempt from the HIPAA nondiscrimination rules unless the supplemental coverage itself satisfies the HIPAA nondiscrimination rules. Thus, tying the wellness plan reward to the supplemental coverage will prevent such coverage from being a HIPAA excepted benefit – and the wellness plan will have to satisfy the HIPAA nondiscrimination rules." (Deloitte via BenefitsLink.com)
Group Physicals Eyed As Way to Cut Doctor Costs
Excerpt: "New Englanders notorious for valuing their privacy may not know what hit them when Drop-in Group Medical Appointments, or DIGMA, begins at Harvard Vanguard, because the concept is unprecedented here. Skeptics wonder about its implications for privacy and detailed care. But supporters see the idea as a way to make care more cost-effective by helping patients learn from each other in a friendly, support-group-style setting, while expanding the ability of doctors to see more patients even as a national primary care doctor shortage continues." (Boston Business Journal via bizjournals.com; free registration required)
[Guidance Overview] New Rules Impact Some Wellness Programs
Excerpt: "As the popularity of wellness plans continues to surge, so does the need for additional guidance on the legislation that governs such programs. Field Assistance Bulletin No. 2007-04 (FAB 2007-04) was released in response to the development of questionable wellness programs that were marketed as 'supplemental' benefits." (JPMorgan)
[Guidance Overview] E-Discovery Update - Why Self-Funded Employers and TPA's Should Be Planning Now
Excerpt: "Self-funded employers and the third party administrators acquire voluminous stores of electronic data - claims data, claims adjudication protocols and outcomes, eligibility information, banking and financial records, including employer and employee contributions records, payments to vendors, and so on. From a risk management perspective, however, recent surveys indicate only a vague awareness of very real changes in the requirements imposed by electronic discovery rules." (Health Plan Law blog by Attorney Roy F. Harmon III)
Aetna Shows How Insurers Can Protect Genetic Privacy
Excerpt: "Aetna, one of the nation's largest health insurers, has begun offering confidential genetic counseling for certain cancers over the phone and through the Internet. The service is available only to members whose coverage includes in-person genetic counseling, but the program could greatly expand patients' access to their genetic history." (St. Louis Post-Dispatch)
California's Data Breach Notification Law Now Covers Medical and Health Insurance Information
Excerpt: "Going well beyond the requirements of HIPAA and most state health privacy laws, California has amended its existing Database Security Breach Notification Act to require any organization that reasonably believes a breach of a California resident's medical or health insurance information has occurred, to notify that resident." (Pillsbury Winthrop Shaw Pittman LLP)
Overview: New Guidance Affecting Health Plans Offering Wellness Programs (PDF)
Excerpt: "As noted in the Bulletin, under the new DOL guidance, some wellness programs would fail the test for supplemental excepted benefits under the Health Insurance Portability and Accountability Act (HIPAA): those that offer an insured deductible-reimbursement program that reimburses individuals based on whether they meet a health status measure, such as blood pressure, body mass index (BMI), cholesterol and non-tobacco use." (The Segal Group, Inc.)
Overview: CMS Expands HIPAA Security Enforcement (PDF)
Excerpt: "CMS has hired PricewaterhouseCoopers ('PWC') to conduct a series of HIPAA security compliance reviews of organizations against which security complaints have been lodged. The PWC compliance reviews are intended to have an educational component and will supplement random audits, not driven by complaints, conducted by the Department of Health and Human Services Office of Inspector General ('OIG')." (Dechert LLP)
Enhanced Protections for Uses of Health Data: A Stewardship Framework for 'Secondary Uses' of Electronically Collected and Transmitted Health Data (PDF)
71 pages. Excerpt: "This report and its recommendations were developed in response to a request from the Office of the National Coordinator on Health Information Technology to address the benefits, sensitivities, obligations, and protections of uses of health data for quality measurement, reporting, and improvement; research; and other purposes that benefit the health of all Americans and the health care delivery system of the Nation." (National Committee on Vital and Health Statistics)
Technology Raises New Issues for HIPAA Privacy Compliance
Excerpt: "Electronic health records make medical information easily accessible, but the technology also puts the data in the hands of more individuals. Consequently, lawmakers may have to include personal health record vendors as covered entities that have to comply with the privacy rules under the Health Insurance Portability and Accountability Act of 1996, William Braithwaite, president of Washington, D.C.-based Health Information Policy Consulting told attendees at the 15th National HIPAA Summit." (Employee Benefit Advisor; free registration required)
Overview: DOL Establishes an 'Enforcement Safe Harbor' for Supplemental Health Insurance to Be Excepted from HIPAA Compliance
Excerpt: "On a coordinated basis with the Departments of Treasury and of Health and Human Services, the Department of Labor recently established an 'enforcement safe harbor' by which supplemental health insurance will be treated as excepted from certain HIPAA portability requirements if it meets a straightforward four-part test." (Deloitte via BenefitsLink.com)
Overview: HIPAA Safe Harbor for Supplemental Health Insurance
Excerpt: "Employers who sponsor supplemental health insurance plans should review the plan procedures to ensure that the policies either meet the safe harbor or the HIPAA portability provisions. If the plan does not meet either, then the employer should determine whether it prefers to satisfy the safe harbor or the HIPAA provisions and immediately take action to do so." (Littler Mendelson PC)
Overview: DOL Announces Enforcement Safe Harbor for Supplemental Plans Under HIPAA Portability, MHPA, WHCRA, and NMHPA Rules
Excerpt: "EBIA Comment: This guidance was prompted, according to the DOL, by concerns on the part of the three federal agencies enforcing the HIPAA portability rules (the DOL, IRS, and HHS) that certain insurance products being marketed as excepted supplemental coverage do not actually qualify as such. Of the FAB's four criteria, only the second one is specifically found in the HIPAA regulations. The other three reflect the DOL's interpretation of the language of ERISA and the regulations requiring that the policy be both supplemental in nature and similar to Medicare or Tricare supplements." (Employee Benefits Institute of America)
Overview: DOL Guidance on When Supplemental Health Insurance is HIPAA Excepted Benefit (PDF)
2 pages. Excerpt: "The DOL's Employee Benefits Security Administration (EBSA) has issued a Field Assistance Bulletin outlining when supplemental health insurance will be considered excepted benefits under HIPAA. Importantly, the DOL clarifies that the coverage may not differentiate among individuals based on a health factor." (Buck Consultants)
Influential Federal Privacy Committee Proposes Massive Changes in HIPAA's Protections for Personal Health Information
Excerpt: "The nation's top advisory board to the federal government on health care privacy believes the current laws and rules are woefully inadequate and recommends that new legislation be passed to strengthen and expand protections." (REPORT ON PATIENT PRIVACY via AISHealth.com)
Overview: Guidance on HIPAA Portability Rules Relating to Supplemental Coverage
Excerpt: "The new Field Assistance Bulletin establishes an enforcement safe harbor under which supplemental health insurance will be considered excepted benefits for purposes of the health reform provisions in Part 7 of ERISA. Similar supplemental coverage that does not meet the standards for the safe harbor may be subject to enforcement actions by the department." (Business & Legal Reports, Inc.)
New Safe Harbor Limits Supplemental Health Underwriting
Excerpt: "The Employee Benefits Security Administration has issued a batch of guidance that could affect companies that sell supplemental health insurance benefits." (The National Underwriter Company; free registration or paid subscription required)
CRS Report for Congress: Electronic Personal Health Records (PDF)
6 pages. Excerpt: "Electronic personal health records are controversial among privacy advocates and patients, who are concerned about health information privacy and security, and misuse of individually identifiable health information. The extent to which electronic personal health records are protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule is discussed herein. This report will be updated." (U.S. Congressional Research Service)
November 2007 Employee Benefits Update from Reinhart Boerner (PDF)
9 pages. Nice overview for retirement and health plans, including selected compliance deadlines and a discussion of IRS guidance on yield curve and segment rates for calculating pension plan funding and lump sum interest rate. (Reinhart Boerner)
Online DOL Booklet for Individuals: Retirement And Health Care Coverage -- Q&As For Dislocated Workers
Excerpt: "This booklet addresses some of the common questions dislocated workers ask. In addition, there is a brief guide to additional resources at the back. Together, they can help you in making critical decisions about your health care coverage and your retirement benefits." (Employee Benefits Security Administration, U.S. Department of Labor)
Text of Aon's 2007 Year-End Checkup for Benefit Plans (PDF)
15 pages. Excerpt: "This Alert will help identify general year-end administrative and planning issues that could lead to compliance or employee relations problems if not addressed before, or early in, 2008. In addition, we have highlighted recent legislative or regulatory developments that may require plan design or documentation changes, particularly in response to the Pension Protection Act of 2006 (PPA), final Internal Revenue Code (IRC) §409A regulations, and the re-proposed IRC §125 regulations." (Aon)
The links shown above have been gathered from the web by the editors at BenefitsLink.com. Each article's publisher is shown above in parentheses. Opinions expressed in each article are those of the article's publisher, not necessarily those of BenefitsLink.com, Inc. or any web site that displays these headlines in a "frame." You should contact the listed publisher for copyright information about any particular article or to inquire into the right to use the article in any manner.