PHP has always recognized the importance of privacy and security of member health information.

Health Insurance Portability and Accountability Act (HIPAA)

PHP has developed a strong corporate HIPAA compliance strategy and is actively working through the implementation process. Our goal is to ensure that we are fully compliant by the required dates. To accomplish that, we are taking all of the actions necessary to assure each of our business processes are reviewed and modified, if necessary, in accordance with HIPAA regulations.

Every PHP employee is receiving on-going HIPAA related training and understands the important role of privacy and security of individual health information. To monitor PHP's ongoing progress, refer to PHP's Status. Status information is updated on a monthly basis.

What is HIPAA?

In 1996, Congress passed the Health Insurance Portability and Accountability Act (HIPAA). This Act established a number of significant regulatory requirements for health plans. Title II of HIPAA deals with, among other issues, the creation of standards for the collection, use, disclosure, and electronic transmission of healthcare information by healthcare providers, health plans, and healthcare clearing houses ("covered entities"). Those provisions are referred to as the "administrative simplification" requirements of HIPAA. Administrative Simplification is a current priority focus of the healthcare industry as compliance dates are fast approaching.

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 contains the following three major provisions:

• Portability
• Medicare Integrity Program / Fraud and Abuse
• Administrative Simplification

The Portability Provisions implemented in 1997, provide available and renewable health coverage and remove the pre-existing condition clause, under defined guidelines, for individuals changing employers and health plans.

The Medicare Integrity Program (MIP) implemented in 1998, guarantees that the Centers for Medicare and Medicaid Services (CMS) has a funding source for integrity activities and expands its authority to hire anti-fraud contractors.

The Administrative Simplification provision will implement standard transaction and code sets, identifiers, security, and privacy rules across the healthcare industry. These requirements are briefly described below.

Administrative Simplification Requirements of HIPAA

The major requirements of administrative simplification are the following:

• Privacy of Health Information
• Security of Health Information
• Electronic Transactions Standards and Identifiers

Privacy of Health Information

The standards of health information privacy govern the use and disclosure of individually identifiable health information by health plans, healthcare providers, and healthcare clearinghouses.

- Back to Top -

Security of Health Information

The security rule is intended to provide safeguards for data storage, protection of information transmission systems, and the establishment of chain-of-trust agreements between covered entireties and their business partners.

- Back to Top -

Electronic Transactions Standards & Identifiers

This rule establishes standards for eight healthcare transactions (healthcare claims or equivalent encounter information; eligibility for health plan; referral certification and authorization; healthcare claims status; enrollment and disenrollment in a health plan; healthcare payment and remittance advice; health plan premium payments; and coordination of benefits) and designates the code sets used for those transactions.

The identifier rules are intended to establish unique identifiers for employers and providers that will be used in electronic healthcare transactions.

- Back to Top