HIPAA 5010 & HITECH Compliance and ISO 27001 Certification

Click here or call us and be sure to ask our ISO Specialist how you can get a copy of our ISO 27001 Requirements Guide. Use promotional code FREEISO27001RQ.

We Build and Implement Information Security Management Systems to Meet the Requirements of HIPAA & the HITECH Act Compliance and ISO 27001 Certification

Services Available: Documentation, Training, Consulting, Internal Auditing, RFQ for Certification through an independent Registrar

Getting Ready for HIPAA 5010

The updated HIPAA 5010 transactions will include clearer HIPAA instructions, reduced ambiguity among common data elements, and elimination of redundant and unnecessary data elements. To avoid rejected claims and cash flow interruptions, physicians should work with their vendors, clearinghouses, billing services, and payors to upgrade and test their HIPAA systems to ensure that they are able to successfully implement the new HIPAA 5010 standards prior to the compliance date.

The American Medical Association (AMA) has developed resources to assist physicians to make the transition to HIPAA 5010 including the following practice tasks to include in their HIPAA 5010 implementation plans:

Questions for your practice management system vendor

• Will you be upgrading my current system to accommodate the 5010 transactions?
• Can my current system accommodate both the data collection and transaction conduction for 5010?
• Will there be a charge for the upgrade?
• When will the upgrades be available?
• When will the installation to my system be completed?

Questions for your clearinghouses or billing service, and health insurance payors

• Will you be upgrading your systems to accommodate the 5010 transactions?
• Will you be increasing your fees for the 5010 transactions?
• When will your upgrades be completed?
• When can I send test transactions to you to test that the system will work?
• Will I need to re-negotiate my provider contract or electronic data interchange (EDI) agreement based on the move to the 5010 transactions?

Questions to help Identify changes to data reporting requirements

• Can we identify the data reporting changes for the various transactions we use?
• Can we find resources to assist us in identifying the data reporting changes?
• What is the cost of the resources we need?
• Should we use a consultant to assist us in identifying the data reporting changes?
• What is the cost of hiring a consultant?
• Which of this new data can be stored in our current system?
• Which of this data relies on the system upgrade in order to store it?

Questions to help identify potential changes to existing practice work flow and business processes

• Do we currently collect this data?
• If not, how will we capture the data?
• What added costs will result from new data collection methods, e.g. longer appointment times, revising existing forms?
• What work flow processes do we need to change or add to capture the new data?
• What are the costs of the newly revised work flow processes?

Questions to identify staff training needs

• Who should be trained on the transaction changes?
• How long will it take to train the staff on the changes?
• Will there be “downtime” during the training?
• Should we use a consultant to conduct the training and if so, what is the cost of a consultant?
• What resources do we need for the training and to support staff after training?
• What is the cost of purchasing or creating the training resources?
• When should training be completed?

Questions for testing with your trading partners, e.g. payors and clearinghouses

• What transactions should I test?
• Which trading partners should I test with?
• When should I begin testing?
• Will the testing be truly test data or will it use live production data?

iso 27001 information security requirements

iso 27001 registration

Are you looking for ISO Certification Resources?