____________________________________________________
Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) and the Health Information Technology for Economic and Clinical Health ( HITECH ) Act
Physician and Provider Compliance for Privacy Regulations ____________________________________________________
Providers and covered entities will comply with federal / state laws , statutes , and regulations pertaining to our member ’ s protected health information (“ PHI ”), the Health Insurance Portability and Accountability Act of 1996 (“ HIPAA ”) the Health Information Technology for Economic and Clinical Health (“ HITECH ”) Act .
Both covered entities and providers are “ covered entities ” as defined under HIPAA are required to understand and comply with the HIPAA and HITECH Rules .
Activities Allowed Under the HIPAA Privacy Regulations
As allowed by the HIPAA Privacy and Security Rules , covered entities and providers may use or disclose its member ’ s PHI for the purpose of treatment , payment and / or health plan operations (“ TPO ”) without a member ’ s consent or authorization . Below are examples :
1 . Treatment : includes the provisions , coordination , management , consultation , and referral of a member between and among health care providers .
2 . Payment :
• Determination of member eligibility
• Review of health care services and utilization
• Review of various activities of health care providers for payment and / or reimbursement to fulfill Hometown Health ’ s coverage responsibilities and provide appropriate benefits
• To obtain or provide reimbursement for health care services delivered to members
93