What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996, providing the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs. HIPAA also reduces health care fraud and abuse. It mandates industry-wide standards for health care information on electronic billing and other processes. Lastly, it requires the protection and confidential handling of protected health information. 

Be Committed to HIPAA

Any third-party vendor that comes into contact with or creates PHI through the work that it undertakes on behalf of the covered entity is known as a business associate (BA). Before granting access to any level of personal health information (PHI) to a BA, both the hospital and the third-party vendor must enter into a contract, also known as a business associate agreement (BAA), that details commitments to HIPAA compliance and provides assurances relating to the safeguarding of PHI. If any facility or a third-party vendor fails to comply with this process, they can expect significant financial and reputational damage. 

If a third-party vendor is working with your hospital or health-related facility and is handling PHI, seek reassurance that they recognize and understand that they are a BA and therefore equally responsible for complying with HIPAA rules and regulations. It is important to understand that it is not enough for third-party vendors to simply state that they are HIPAA compliant. A request for evidence of their HIPAA compliance and administrative capabilities is recommended. In addition, ask them to review their HIPAA policies and procedures or conduct a risk assessment before committing to working together. 

It’s All About the Agreement

Hospitals and other health-related facilities should never disclose PHI to any third-party vendor unless a signed BAA exists between the parties. A third-party vendor that is HIPAA compliant will not hesitate to sign a BAA that outlines all the terms as required by HIPAA. 

Always be sure to take your time reading the contents and take notes of any additional terms and conditions that are present but not required by HIPAA. Additionally, if your vendor will need to disclose your facility’s PHI to a subcontractor, make sure your BAA requires them to obtain a sub-contractor BAA from their own vendors which include the same security and privacy requirements as exist in the original BAA. HIPAA obligations need to trickle all the way down from health facility to vendor to subcontractor to sub-subcontractor, and on and on,  to ensure true compliance.

Understand How Your Third-Party Vendor Protects and Stores PHI

It is extremely important to understand how your third-party vendor securely collects, stores, processes, and transfers PHI. By being proactive, hospitals and health-related facilities can avoid financial and reputational damage. 

At The Midland Group, we believe that keeping sensitive information confidential and accessible is of the utmost importance.  We continue to use great care in evaluating and selecting the best data security partners with which to work. When you choose to partner with The Midland Group for your services, you can rest assured knowing that your patients’ information is protected with the best data theft defense solution, complete with numerous security certifications. To learn more about The Midland Group’s data security system, click here. 

The post How to Make Sure Your Third-Party Vendor is HIPAA Compliant appeared first on The Midland Group.

In the context of third-party billing, we believe that it is extremely important for providers to obtain reimbursement for their services within a reasonable amount of time. We also understand the necessity for third-party payers to have the chance to thoroughly scrutinize their responsibility in the payment of the claim and decide if the services provided are truly necessary.

According to the golden rule for third-party billing, there is no obligation to guarantee coverage or any other liability in the event that coverage lapses due to the third party’s failure to submit payment by the due date. Simply put, if a charge is not documented, you can not bill for it. When it comes to private payers, it is important to understand your third-party payer contract so as to avoid any lapses in reimbursement. 

Seven Tips To Understand Your Third-Party Payer Contract

• Know your rights. To avoid delays in payments that would cost you, be sure that you understand your rights when speaking about a contract and request a better explanation of the insurance provider’s payment schedule language if you don’t understand. 

• Define payment period for clean claims. Always make sure that there is a clause that holds the health plan responsible for paying any claims within a specific period of time. Without this clause, there is no obligation on the part of the health plan to pay the claim within a reasonable amount of time. During this step, make sure you ask for clarification on what a payer deems as a clean claim and if there are additional requests for information that is considered reasonable. 

• Define payment period for unclean claims. Make sure that you have a firm definition of the timeframe in which the health plan can return a claim as unclean. This will help avoid the health plan from holding unclean claims to delay any payments. The contract should also specify how much time will be allowed to review this additional information before any payments are made. 

• Address claims considered “not to file.” Your contract should require the health plan to acknowledge receipt of an electronic claim within 24 hours of receiving it. Failure to be acknowledged, the health plan should be contracted and the claim resubmitted. If the health plan states that they never received a claim, you will be able to provide documentation of the original file date and require that they pay within the guidelines that were stated in the contract. 

• Identify penalties. List what penalties are to be addressed when the health plan does not pay according to prompt-payment guidelines. State that participating provider discounts be waived and the health plan will be liable for 100% of billed charges plus interest. If not attainable, the health plan should be obligated for payment of the claim plus pre-set interest. 

• Protect your payment. Your contract should specify that all payments made are considered final unless the provider receives a written request within a specified period of time after receipt of payment. 
• Perform regular reviews. Always be sure to review your contracts regularly as most contracts have an automatic annual renewal. Check with your state regarding prompt-payment laws and request appropriate addendums to your contract before renewing.

Now What?

Providers are becoming better educated in the reimbursement process and state legislation. That’s why it’s crucial that you work with your third-party payers to help negotiate fair and equitable contracts. The Midland Group specializes in Third-Party Billing for Healthcare. As a third-party billing specialist, The Midland Group will submit, process, and collect all third-party liability claims necessary to collect as much revenue as possible for the hospital and to reduce the patient’s personal financial burden. Our trained medical billing professionals can help you optimize your billing system to increase revenue and improve the patient experience. Book your free assessment today to see how you can maximize all potential revenue surrounding all types of liability claims.​

The post 7 Ways To Understand Your Third-Party Payer Contract appeared first on The Midland Group.