HIPAA Privacy Rules Will Cause Headaches For Brokers
By
Washington
Insurance brokers face a myriad of new recordkeeping and notification requirements arising from the recently issued health privacy rules that could affect their ability to service their clients, the Council of Insurance Agents and Brokers says.
"Our members are very concerned," says Nicole Allen, director of government affairs for the Washington-based Council. "They dont know how the rules will affect their group health insurance business and their ability to shop policies and provide solutions."
Joel Wood, Council senior vice president of government affairs, adds that while just about every industry lobbyist would like to see Congress pass some overarching rationalization of the different privacy rules, that doesnt seem to be in the cards.
When privacy is considered on Capitol Hill, he says, it is usually not with the idea of correcting unintended consequences. Rather, Wood says, any likely legislation would probably make things even more punitive.
The Council, he says, will work through the administrative process at the Department of Health and Human Services to try to get brokers as much relief as possible.
The problem, Allen says, is that the HHS privacy regulations, mandated by the Health Insurance Portability and Accountability Act, were not written with intermediaries in mind.
Moreover, she says, many of the practical problems with the regulations probably will not emerge until brokers have had to spend some time living under them.
Therefore, Allen says, it is not fully clear yet what type of clarification will be needed.
The HIPAA privacy regulations will not take effect until April 14, 2003, she says, but brokers need to begin working immediately on setting up compliance systems.
One issue facing brokers, she says, is an administrative requirement that all covered entities must designate someone to serve as a privacy compliance officer responsible for receiving complaints and inquiries about privacy policies and practices.
Currently, Allen says, most brokers do not designate anyone as the privacy compliance officer.
In addition, she notes, the regulations limit disclosure of information for certain legitimate purposes, such as claims and billing, to the "minimum necessary" to accomplish the purpose.
However, Allen says, the term "minimum necessary" is very fuzzy and brokers could face problems tracking claims.