Case 3: Risk Assessment: Information Privacy and the Cost/Benefits of a Proposed Online System Happy Healthcare Systems of America HHSA is a third-party benefits administrator, pro- viding a liai

Case 3: Risk Assessment: Information Privacy and the Cost/Benefits of a Proposed Online

System

Happy Healthcare Systems of America

HHSA

is a third-party benefits administrator, pro-

viding a liaison between insurance companies and provider groups

physicians, hospitals, etc.

.

HHSA earns revenue by collecting from the insurance companies and then paying the provider

groups for services rendered to eligible patients/members.

Since HHSA’s operations are similar to that of an HMO, non-routine procedures, such as

surgery or referral to a specialist, must be pre-authorized by HHSA in order for the service to be

paid by HHSA. HHSA is considering acquiring an online service to expedite the authorization

process. With this system, contracted providers would be allowed access to HHSA’s database to

initiate and review the status of a particular authorization. Providers would be able to enter data

into the system such as diagnosis, requested treatment/procedure, and other data needed to deter-

mine the necessity of the procedure.

The determination of the suitability or necessity of these non-routine procedures is currently

determined by HHSA case managers, who review and authorize the requested procedures or

referrals. Under the proposed system, the provider would enter the data, allowing the case man-

ager to pull up the data and start the authorization process. The new system would allow the entry

of data or notes and would assign an authorization number to those procedures that are approved.

Once the data is in the system, providers would be given access to check on the status of the

authorization at any time.

Another aspect of the online system that should be considered is how the system will comply

with federal and state laws, such as the Health Insurance Portability and Accountability Act

HIPAA

, which restricts the access to and/or distribution of a patient’s private health information

to unauthorized persons. Therefore, some of those involved in the online system decision argue

that providers should not have access to data for patients not under their direct care.

You are the chairman of the committee charged with determining the feasibility/acceptability

of the proposed online system, and you will oversee the implementation of this system if it is

accepted.

Questions

1. What recommendations would you make to HHSA regarding cost and benefits of an

online authorization system?

2. How can HHSA ensure patient information confidentiality if this service is provided

for

more information on regulatory requirements related to information confidentiality, visit

http://www.hhs.gov/ocr/hipaa

?

Leave a Comment