|
|
|
|
Marian, In the registration systems that I have seen for multi specialty clinics, which are a fair number from different vendors, my recollection is that insurance information, as you described, resides in a module which is a subset of the information that many or all users are able to access. Some systems do restrict this due to role based access rules, but generally, it is available to all. Keep in mind that these systems, which are used by the workforce which have been trained to adhere to the covered entity's policies and procedures are also expected to safeguard this information. So if this patient, Mrs. A had listed in her insurance information data that she had: Insurance #1 - General Health Insurance Insurance #2 - General Mental Health Insurance Insurance #3 - Specialty Cancer Health Insurance ...to know that Mrs. A has a specific type of insurance does not necessarily equate to the registration desk knowing whether or not Mrs. A has received services under these policies. Now if the OB/GYN desk saw that Mrs. A had in my supplement to your example, mental health insurance coverage AND THEN went into the mental health module or screens of the clinic's medical record keeping system to see what types of services may have been covered by this insurance...now we have a problem. The good thing is that more and more clinic based systems would limit the OB/GYN desk to those modules and data related to OB/GYN care and therefore, even if there was an attempt, Mrs. A mental health related care would not be accessible by OB/GYN. BUT...this is not always the case and sometimes there are overrides that staff can use when they are moving from one health care service category to another. ------------------------------------------- Frank Ruelas Principal HIPAA College Casa Grande,AZ -------------------------------------------
Show Original Message
-------------------------------------------
Original Message:
Sent: 07-20-2012 05:19 PM
From: Marian Hughlett
Subject: enterprise wide access to behavioral insurance provider info
In an electronic registration system for a single multi-specialty practice group, is it typical for behavioral health insurance provider information to be visible to system users across all specialty units?
For example, Mrs. A is a patient of the cardiology group, the OB-GYN group, and also receives substance abuse counseling from the psychiatry group. The proposed patient registration system stores insurance and demographic information for all patients at the "enterprise-wide" level (not the same as the medical record system) where anyone responsible for verifying insurance, scheduling appointments, etc., can have access to the insurance info of ALL practice group patients.
In this scenario, the OBGYN registration desk might see that Mrs. A has an insurance carrier known to cover substance abuse programs in addition to her health insurance provider which covers her annual OB-GYN exam.
Could this pose a problem not just under HIPAA (minimum necessary) but for state laws which may protect "information" used to identify substance abuse treatment programs?
If so, I would appreciate any confirmations and if not, I would like to better understand any points of education that might be shared.
Thanks!
-------------------------------------------
MarianHughlettCHC, CHRC
-------------------------------------------
|
|
|