As the next health care privacy compliance deadline looms for Duke University Health System, officials said DUHS is already essentially equipped with a computerized system to safely transfer patient information.
Beginning Oct. 16, transactions between hospitals and insurance companies will be made electronic under the "transactions and code sets" requirement of the Health Insurance Portability and Accountability Act, a 1996 federal law aimed at protecting patient privacy. The goal of this requirement is to standardize the information exchanged and to make the transactions more secure.
Roman Perun, assistant director for information systems at the Private Diagnostic Clinic, said currently, when patient information is sent to insurance carriers to determine if a treatment is to be covered, insurance companies or other payers request necessary data in a variety of disparate formats. Under the transactions and code sets clause of HIPAA, however, Perun said everyone will abide by a uniform standard.
He added that Duke is very close to being prepared for the change and is more prepared than the payers of medical bills. "The payers have concerns of handling the volumes that hospitals would submit," Perun said. "So we continue to test that [their new systems] can handle the data and volume."
Britt Crewse, associate vice president and chief compliance and privacy officer of DUHS, said the Health System has spent hundreds of thousands of dollars training its staff on the new rules and ensuring the privacy of transactions.
DUHS also has had to devote time and resources to track any disclosures of patient information for reasons other than treatment or payment purposes--a violation under HIPAA. Crewse said a database has been established to track these disclosures, and financial penalties and potential jail time exist as punishments if disclosures have been made inappropriately.
The next set of HIPAA regulations to be instituted will be security standards, which will go into effect in 2005, Crewse said. He added that Duke was "pretty much" compliant but emphasized that Duke's patients did not and were not going to witness any significant changes with each deadline for HIPAA compliance.
Kevin Schulman, director of the Center for Clinical and Genetic Economics, said hospitals across the nation have not made the "massive" investments that HIPAA could have ultimately required.
"The mechanism [for the transactions and code sets] will be in place, but what we're going to end up with is a system that is not going to be too much different than the previous system," he said. "It will not be an electronic e-commerce system for data processing," as had been the original vision for moving online to reduce the high administrative costs.
Schulman attributed the lack of an all-encompasing electronic system to both hospitals and health plans facing too much cost. "Duke will have some capabilities in that area, but nowhere near what people had thought the [system] would be like," Schulman said.
DUHS has also seen some indirect consequences of the first HIPAA regulation instituted in April, which clarified how patient information could be used and what rights patients had for their medical record. Steven Rum, vice chancellor for development and alumni affairs at Duke University Medical Center, pointed to changes in the procedures used to garner donations. "We used to do mass mailings to grateful patients," he said. "We don't do that any more because of HIPAA."
Rum added that the change would not produce a significant loss in capital. The mass mailings reaped only between $75,000 to $90,000 yearly, which was not considerable in the context of the $75 million DUMC raises every year.
"Unlike many hospitals we don't do a lot of communication with patients at the low end--we don't spend a lot of time investing in programs that will generate $50 to $100 contributions," he said. Instead, the focus will be on the higher end, when grateful patients self-identify themselves, Rum said.
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.