PRIVACY ARTICLES: a series of articles written about privacy for individual publication or for group publication

LETTERS TO EDITOR

Please Explain the Role of the HIPAA Privacy Officer!

Dear Editor,

Our nursing home has just appointed a fraud and abuse compliance officer to oversee the development and implementation of our compliance program. Do we now need to appoint a HIPAA Privacy Officer? Please, give us a break!

Down for the Count

Dear Down for the Count,

Don’t give up yet! In answer to your question, yes, your facility needs a Privacy Officer in addition to a Fraud and Abuse Compliance Officer. The Health Insurance Portability and Accountability Act requires such a role. In some situation the two compliance officers might be the same person. Most likely not, however. You already have your job description for the fraud and abuse compliance officer in place, no doubt. If not, please visit our web site as well as the accompanying article entitled "Privacy Officer Role" for additional information. As an overview, the Privacy Officer shares many similarities with the Fraud and Abuse Compliance Officer. For instance, they both should be high-level management; serve as the focal point for their respective compliance programs; develop and implement compliance policies and procedures; train; audit; and monitor their respective compliance programs. What differs is the subject matter on which they focus their attentions. The Fraud and Abuse Compliance Officer focuses on issues dealing with fraud and the abuse of our laws and regulations. As you know, quality of care issues, unlawful billing issues, etc. The Privacy Officer must focus exclusively on the use and disclosure of confidential information, that which the government is calling "individually identifiable health information" which is protected. A very different focus. The reality is that the ideal person in your facility for the Fraud and Abuse Compliance Officer position might very well be someone intimate with quality of care details but completely unfamiliar with medical records details. Ever facility’s situation and available resources and personnel are different. What works for some other facility may not work for yours and vice versa.

Editor

Note: We are happy to answer any questions you have regarding health care legal issues. Of course all requests for information shall remain anonymous. All letters are published for educational purposes only. Legal advice and opinion can only be provided for upon individual consultation.

For more information, please Call or E-mail

Articles page HIPAA page top of this article