HIPAA Compliance Checklist
  • The Administrative Simplification Requirements of the Health Insurance Portability and Accountability Act of 1996 (more commonly known as HIPAA) will have a major impact on health care providers who do business electronically as well as many of their health care business partners. Many changes involve complex computer system modifications. Providers need to know how to make their practices compliant with HIPAA. The Administrative Simplification Requirements of HIPAA consist of four parts:
    • Electronic transactions and code sets
    • Security
    • Unique identifiers
    • Privacy
  • HIPAA does not require a health care provider to conduct all transactions listed under number one electronically. Rather, if you are going to conduct any one of these business transactions electronically they will need to be done in the standard format outlined under HIPAA. Whether or not you contract a third party biller or clearinghouse to conduct any of these transactions for you, it is up to you as the health care provider to see to it that your transactions are being conducting in compliance with HIPAA. The checklist provided below is designed to help you start thinking about what you need to do to prepare for meeting the electronic transactions and code sets requirements.
  • Determine if you are covered by HIPAA
    • If you conduct, or a third party biller or clearinghouse conducts on your behalf, any one of the following business transactions electronically you are most likely covered by HIPAA:
      • Claims or equivalent encounter information
      • Payment and Remittance Advice
      • Claim Status Inquiry/Response
      • Eligibility Inquiry/Response
      • Referral Authorization Inquiry/Response

If you do not conduct any of the above transactions electronically, you are most likely not covered by HIPAA and you do not need to continue with the checklist.

  • Assign a HIPAA Point Person
    • Assign a staff person to be your HIPAA Point Person (HPP), such as your office manager, to keep abreast of HIPAA and what is required of your office.
    • Give this individual the authority, resources, and time to prepare for HIPAA changes.
    • Use this staff person to educate others in your office on the impact of HIPAA on your practice.
  • Familiarize yourself with the key HIPAA deadlines
    • April 14, 2003 - Make sure you are meeting the HIPAA Privacy Rule Requirements.
    • April 16, 2003 - Start testing your software and computer systems internally NO later than this date. Ensure that your software is capable of sending and receiving the transactions you do electronically in the standard HIPAA format.
    • October 16, 2003 - This is the date you must be ready to conduct transactions electronically in the standard HIPAA format.
  • How HIPAA affects what you do
    • Determine if your software is ready for HIPAA. Each health care provider is responsible for making sure the software they use will be compliant with HIPAA according to the key deadlines.
    • Speak with your practice management software vendors, billing agent, or clearing house to assess which items under number one you conduct on paper and which you conduct electronically. Determine what you will need to do differently.
    • Ask your vendor how and when they will be making HIPAA changes and document this in your files.
    • Remind your vendors you must start testing your systems no later than April 16, 2003. Similarly, if you use a third party billers or clearinghouses, remind them of this testing deadline.
  • Talk to the health plans and payers you bill
    • Ask them what they are doing to get ready for HIPAA and what they expect you to do.
    • Ask them if they will have a HIPAA companion guide that specifies their coding and transaction requirements that are not specifically determined by HIPAA (while HIPAA mandates standard transactions, some health plans may not require data elements for every field). For instance, ask your payers for billing instructions on how to code for services that were previously billed using local codes (under HIPAA local codes are eliminated).
    • Ask them whether they will have “Trading Partner Agreements” that specify transmission methods, volumes, and timelines as well as coding and transaction requirements that are not specifically determined by HIPAA. These may also specify how HIPAA compliance testing and certification are to be done.
    • Ask them about testing your software to make sure, for instance, that they will be able to receive a claim you submit with your updated software.
    • If you use software or systems provided by the health plan / payer (such as on-line direct data entry) to conduct transactions, ask whether they intend on continuing to support these systems.

If you are a custodian of patient health records who would like to set up a secure in-house copy service utilizing our paper or digital format copying, please contact our office toll-free at 1-800-737-8840. We are confident that your decision to utilize Matrix Document Imaging, Inc as your in-house copy service will offer you a needed peace of mind regarding HIPAA requirements.


         Contact Us
         Legal Copy
         Center Services
         IT Services
         NEW Services
         High Quality Records
         Order Forms
         View Records
         Online Order
         Client Signup