As HIPAA Compliance Looms, Related Tech Products Proliferate
By
Federal privacy regulations designed to give patients guaranteed access to their medical records and more control over how their protected health information is used and disclosed are due to go into effect in April of next year.
The privacy provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), apply to health information created or maintained by health care providers who engage in certain electronic transactions, health plans and health care clearinghouses, according to the Department of Health and Human Services.
A number of software makers have developed products that aim to make health care providers HIPAA compliant.
One of those products is Mercators Healthcare Integration Package Version 2.1, by Mercator Software, Wilton, Conn.
Senior Vice President David Raye of Mercator says the product "allows organizations to share data among different types of systems."
Mercator does this by modifying a companys disparate back-end systems all to be HIPAA compliant, Raye says.
When this is done, an employee putting a claim through the system can retrieve information from numerous back-end systems, all of which will automatically be HIPAA compliant, Raye explains.
Mercator "brings a common language to all the back-end systems," he notes.
Steve Mariconda, director of Mercators Solutions Unit, says the initial process is to deploy the standards-based part of the software into the clients computer systems environment.
"Without having our product, this would have to be done manually," Mariconda notes.
Employees who use the tool neednt be skilled programmers, he adds. The system employs a graphic tool in a prepackaged format, meaning an employee simply "drops and drags" information he or she needs to use to the HIPAA-compliant system.
"Once everything is deployed, it runs itself," Mariconda says. "It watches for transactions and when something comes in, its processed automatically."
Mercator "saves a tremendous amount of time and money," he says, because of "the efficiency and flexibility it creates in the business logic.
"There are a lot fewer exceptions or transactions put in a pend state," he continues. Things flow through better, theres more efficiency and you can process claims faster."
Mercator runs on all versions of Windows, as well as Windows NT and Unix, and it supports the IBM mainframe, the company says.
Raye estimates it takes between 12 and 18 months to assess, implement, test and get the product up and running.
A range for the cost of the HIPAA deployment is from $250,000 to $1 million, depending on the size, nature and complexity of the organization, Mercator officials say.
"The core system itself is less, depending on how many licenses youre buying and the extent of services you may be buying," Raye says. The average sales price of a Mercator license is from $250,000 to $300,000.
Mercator is resident software, meaning it sits on a computers hard drive, and is not obtained through an application service provider (ASP).
Another product that seeks to fill the HIPAA requirement need is HIPAA Rx, sold by WorkSmart MD, Daytona Beach, Fla.
Jayson Meyer, who works in business development at WorkSmart, says the product is a do-it-yourself kit for small- to medium-size health care providers. It tutors users about HIPAA, identifies HIPAAs impact within the providers organization and puts the providers requirements in place, he explains.
"It provides a formal gap analysis of exposures, as well as solution options and associated costs," Meyer says. "It also provides a strategic plan that will direct the budgetary process and implementation activities and prioritization of required tasks ranked by criticality of completion."
HIPAA Rx is designed for any medical office, Meyer says. Specifically, those who use it include doctors, dentists, chiropractors, mental health practitioners, some hospitals and assisted living facilities.
The product aims to help clients standardize the way health information is sent electronically, in order to conform to HIPAA requirements, Meyer says.
"HIPAA creates one national standard all insurance companies have to accept, HIPAA Rx helps put the systems in place in the right format," Meyer says.
It does that by being a "consultant in a box," he claims.
"Most of it is operational in nature," says Meyer. "It has to do with policies and procedures and behavioral things. It takes them through a step-by-step compliance plan. Theres a demo, a piece of software that walks them through phases.
"It helps them develop policy and procedure and things you have to do under HIPAA," he continues. "It does organizational training and helps offices meet privacy and security controls."
The product does this in part by limiting, according to HIPAA guidelines, the ways doctors can use or disclose patient information outside of treatment. For example, the HIPAA guidelines affect how much patient information can be given to a lawyer for the purpose of a lawsuit involving that patient, Meyer says.
"Before the doctor uses patient information for other than payment or treatment, there is a procedure that HIPAA Rx helps them do," he explains.
"A very easy-to-use interface helps them identify the things they need to change to become HIPAA-compliant," he notes. "Then there is a training video that trains staff [and] helps them meet HIPAA requirements."
Training on the product in an office of about 10 employees takes about three months, if the office has an individual dedicated to the project, he says.