HITECH 101 for Benefits Consultants (and all BA’s) – Cliff Notes Version

The Industry Radar HITECH Webinar is on Thurs, 1/28 – register here.

I have been in this industry over 30 years and the lack of knowledge I am seeing from the normally savvy and compliance oriented broker community is baffling. I guess yearend and all the angst over healthcare reform has overwhelmed the importance of the HITECH law as it relates to “Business Associates” (aka Brokers and Benefits Consultants among others).

Benefits Consultants always talk about themselves as “trusted advisors” well now Federal  law sees you as one and will hold you to the standards they hold your customers and insurers.

Bottomline – As a broker you are in the middle of client PHI being sent around daily – census, enrollment, E of I, billing, eligibility, claims issue and audits. if you are involved in a breach or violation the financial penalties are nearly irrelevant.

Whether you like the law or even take it seriously makes no difference. You and your firm and all of your employees and your own BA’s are subject to it 2/17/2010 – 38 days from now.

So Congratulations and Welcome to the party! Lets take a quick look at the facts.

Fact – 2/17/2010 all BA’s are now subject to the same privacy and security requirements that their customers and carriers are.

Fact – The law requires that policies, plans and procedures be established and maintained by a BA. Click here to see a “Cliff Notes” review of this.

Fact – Penalties for unprotected PHI will range from $100 to $1.5 M for any breaches and HHS will enforce these.

Fact – “Unprotected PHI” essentially means personal inforamtion on employees that is not “encrypted” when it is exchanged between brokers and their business partners. Do you have a n encryption solution?

Fact – The law allows the state Attorney Generals to prosecute privacy violations now. Imagine the politics of AG’s and the health insurers they love to hammer in this new environment and your firm involved in the middle if a breach involves one of your clients or insurers?

Fact – The law has a  “Tattle” rule which means if your client’s HR or benefits folks send data that is not secured in violation of the law that you – their broker – would have to report them OR face penalties yourself. What a scenario for disaster having to report on a client. Great way to get  fired and lose business.

Fact – A “breach” involving 500 0r more live require that your report it to all local media outlets – ie newspaper, radio, TV et al.  Whether you cause it or more likely just happen to be involved your firm’s name will get all kinds of press.Imagine the fun the blogosphere will have as well….and Twitter and Facebook….You Tube…

If nothing think about the damage to your most important asset – your reputation….from one mistake. As a “Risk Manager” not acting to protect your firm completely is nothing short of crazy.

We have a cost effective, turn key solution that takes care of the policies, paperwork, compliance maintenance and even more important the encryption needed for your daily operations..email me for the details…

See the “Cliff Notes: version of HITECH 101 here.

Explore posts in the same categories: Business