Medical Billing Guidelines

HIPAA Compliance

HIPAA was passed by Congress and signed into law by President Clinton in 1996. Chief among the goals set forth by HIPAA was increased security and accountability when it comes to patient medical information. Specifically, HIPAA established guidelines that healthcare providers and health insurance companies must follow in order to keep a patient’s information secure.

These HIPAA guidelines apply to the gathering, cataloging, and transferring of any and all patient information. For the purposes of medical billing and coding, HIPAA serves to curb fraudulent activity before, during, and after the claims process as well as establishing standards for transferring patient information electronically.

HIPAA is divided into five Titles. The main points of HIPAA that apply most to the duties of a medical billing and coding specialist can be found in Titles I and II of the act, which are outlined below.

Title I: Healthcare Access, Portability, and Renewability

Title I of HIPAA addresses health insurance policies within the confines of a person’s employment. Under Title I, HIPAA sets guidelines for what an employer can and cannot do with an employee’s healthcare plan as provided by the employer. Specifically, Title I protects health insurance coverage for employees and their dependents by making healthcare plans available to those who have either lost their job or those who are in the process of switching employers.

Title I protects employees by modifying and improving the Consolidated Omnibus Reconciliation Act of 1985 (COBRA). Title I of HIPAA extended healthcare benefits already offered by COBRA, including extending the duration of benefits of disabled persons eligible for COBRA from 18 to 36 months. Title I also allowed dependents of a person covered under COBRA to continue to receive the same healthcare coverage as they did when that person was employed with health benefits.

Title I also addresses how health insurance companies treat patients with pre-existing conditions. Before HIPAA, a person with a pre-existing condition might have trouble finding a healthcare plan that covers their medical expenses because commercial insurance companies would consider them too risky to cover. Under Title I, insurance companies are limited in how many restrictions they can put into place in their healthcare plans for people with pre-existing conditions.

For medical billing and coding professionals, Title I is important because it ensures that more people are eligible for health insurance. Because of the laws set forth in Title I, you will process claims that involve patients covered by COBRA or those with pre-existing conditions that still receive coverage thanks to this act.

Title II: Preventing Medical Healthcare Fraud and Abuse, Administrative Simplification, and Medical Liability Reform

Title II addresses many more concerns relevant to the medical billing and coding field, namely, security and privacy requirements for handling a patient’s medical records and methods to simplify the billing and processing of claims. In addition, it establishes guidelines for electronic recordkeeping and electronic transactions between parties in the healthcare system.

Title II also stipulates how healthcare providers and insurance companies should avoid fraudulent activity. The law puts the Officer of the Inspector General (OIG) of the Department of Health and Human Services (DHHS) in charge of investigating and if necessary prosecuting those who commit fraud. Your responsibilities as a medical billing specialist will be discussed in the next section of this lesson.

The Privacy Rule

Title II expands security and privacy measures within the healthcare system with the creation of the Privacy Rule and the Security Rule. The Privacy Rule addresses how insurance companies and providers can handle patient information by regulating how they disclose the information to each other and to other entities that may require medical data. Under the Privacy Rule, medical billing and coding specialists must be careful not to share a patient’s Protected Health Information (PHI) with parties that aren’t covered entities (providers, insurance companies, etc.) as stipulated by Title II. A patient’s PHI includes the following data:

• The patient’s medical record, including present and past medical conditions or illnesses and treatments received for them
• The location and type of healthcare provider wherein the patient received care
• Any and all fees paid by the patient or a patient’s insurance company to cover healthcare expenses rendered by a provider

The Security Rule

The Security Rule, on the other hand, establishes the rules for protecting a person’s information and also explains how those rules can be enforced if necessary. The security rule explains how covered entities must collaborate to protect patient medical information. Part of this collaboration involves the creation of computerized physician order entry (CPOE) systems and electronic healthcare records (EHRs) that medical billing and coding specialists use everyday to file and process claims. The Security Rule also requires that any technologies developed by covered entities to facilitate their administrative work must be secure and up to standards established by HIPAA.

Title II also creates unique identifiers for providers, employers, and patients in an attempt to optimize communication between entities in the healthcare system and universalize the billing process. This is done in accordance with the Electronic Data Interchange (EDI) Rule set forth in Title II. The unique identifiers created for the EDI are either individual numbers or code sets assigned to covered entities for the use of electronic transactions and should have equal value and meaning for any medical billing specialist. Some of the unique identifiers include the following sets:

• The National Standard Employer Identifier Number (EIN) for tracking employers
• The National Provider Identifier Number (NPI) for tracking providers such as private clinics, hospitals, and nursing facilities
• The National Health Plan Identifier Number (HPID) for tracking participating health insurance companies

For medical billing and coding purposes, the standards set forth under Title II are important because they optimize the claims process. The format and transaction of electronic claims in particular is simpler and more secure now than ever before thanks to Title II of HIPAA.

OIG Compliance

The OIG operating through the DHHS works to ensure that covered entities act within the confines of privacy and security laws established in HIPAA and related federal healthcare legislation. One of the OIG’s main duties relative to the medical billing and coding industry is the prevention of fraudulent activity among covered entities. As a medical billing and coding specialist you must be vigilant about potential activity that may be viewed as fraudulent by the OIG.

Some of the most common fraudulent practices that the OIG deals with include:

• Unbundling codes: Unbundling is a fraudulent practice of submitting separate claims to an insurance provider for services that could fit on a single bill. Providers send separate claims so that the various CPT/ICD-9 codes on each claim are “unbundled” from one another thereby maximizing their payment from insurance companies.
• Upcoding: Upcoding occurs when providers assign higher CPT/ICD-9 codes than necessary to explain a patient’s condition or services they received. For instance, a provider might upcode for extra tests that weren’t performed on a patient just to get more money from an insurance company.
• Undercoding: Undercoding is the opposite of upcoding, when a provider intentionally leaves out codes for healthcare services rendered. Providers may undercode in an attempt to avoid investigation by the OIG.
• Falsifying medical records: Falsifying medical records is perhaps the most egregious fraudulent activity committed by a healthcare provider. In this case, providers falsify a patient’s medical records, including histories of their conditions, descriptions of treatment, and payment histories for self gain. Providers and any staff guilty of falsifying medical records will be subject to prosecution by the OIG and other parties that may want to press charges.

If the OIG suspects that a provider or an insurance company is committing fraud on their claims, they may conduct an audit. The OIG has the authority as an acting party of the DHHS to enforce laws found to be broken by any covered entity. As a medical billing specialist it is in your utmost interest to adhere to the federal healthcare laws and regulations to avoid getting in trouble with the OIG. Check out the DHHS for more information about OIG compliance.

Understanding the Healthcare Reform Act of 2010

The most important aspect of the Healthcare Reform Act of 2010 for medical billing and coding purposes is its overall expansion of the healthcare system and its attempt to cover more Americans. These efforts to extend coverage will require many more people to become skilled medical billing and coding professionals simply to keep up with healthcare demands. Specifically, the law is estimated to enroll an additional 30 million Americans in various healthcare programs. As healthcare eligibility increases among the American populace, so too will the number of healthcare claims needed to be filed and processed. The most relevant effects of the bill are listed below.

Increased Protections for People Enrolled in Medicare

The Healthcare Reform Act is designed to increase healthcare access, including to those people who should already have access to care under current federal healthcare laws. The new law makes many preventive care services covered under Medicare at little to no cost to enrollees. Preventative services such as annual wellness visits and preventive screenings for conditions like cancer, diabetes, and HIV will now be covered for Medicare enrollees.

These increased protections and available services will help millions of Americans to receive necessary healthcare, but it will also result in many more claims per year to be filed with Medicare administrative contractors (MACs) across the country.

Mandatory Electronic Medical Records and Transactions

The most important component of the Healthcare Reform Act for medical billing specialists is the requirement that all providers use EHR systems by the end of 2015. This means that providers who deal with mostly paper claim forms will need to reorganize their billing department to handle electronic transactions. Those electronic transactions will need to meet the security and privacy standards required by HIPAA (like those established with the privacy and security rules) and other healthcare legislation.

The push towards EHR is also designed to minimize administrative burdens for medical billing coding specialists and other provider staff who deal with medical information. The Healthcare Reform Act of 2010 includes a number of suggestions for reducing this administrative burden aside from mandatory EHR, including the implementation of new recordkeeping software. These practices will ultimately make your job as a medical billing and coding specialist much easier and optimize the healthcare experience for all parties involved.

Healthcare administrative technologies change all the time, and providers can no longer delay learning how to work with them. The Healthcare Act of 2010 merely expedited the process of bringing all providers, insurance companies, and other covered entities into the healthcare digital age. There will be a huge demand for trained medical billing and coding specialists who can assist in this transition from paper claims filing to claims filed exclusively over digital networks.