REPS Software and HIPAA Compliance

REPS Software & HIPAA Compliance

REPS is designed primarily for use in Independent and Assisted Living communities. As noted above, HIPAA is not likely to immediately impact most of these types of facilities. It should be noted, however, that:

REPS offers an advanced level of security. The program enables users to design staff roles and assign rights to those roles with the ability to limit program information as needed. An advanced security system utilizes user names and rotating passwords linked to staff roles.

REPS Software will constantly monitor on-going HIPAA requirements and is committed to providing its clients with products that offer compliance and security as needed.

About HIPAA

The Health Information Portability and Accountability Act (or HIPAA) is a federal law that seeks to standardize and protect communications within the healthcare sector.

The portion of HIPAA that is most immediately relevant to healthcare organizations is under Title II: Preventing Fraud and Abuse, Subtitle F: Administrative Simplification. Administrative Simplification is divided into four categories that are the first focus of HIPAA requirements:

1. Transaction and Code Set Standards
   
   The purpose of the HIPAA transaction standards is to create a common language that all payers and providers can use to exchange electronic data.
   
   The final rule was published August 17, 2000, with a deadline of October 2002. Later the date for compliance was extended a year, to October 16, 2003, as long as providers submitted a compliance plan.
   
   
2. Privacy
   
   Requires an individual's health information to be treated sensitively and confidentially, regardless of how it is stored or transmitted-by paper, orally or electronically.
   
   The first proposed Privacy rules were published in 2000. Modifications to the Privacy section were finalized on August 14, 2002. The compliance date was April 14, 2003.
   
   
3. Unique Identifiers
   
   Codes assigned to providers, employers, payors, and individuals.
   
   The Unique Identifier for Employers is the only Identifier that has been finalized. It will be the Employer Identification Number (EIN). The EIN is issued and maintained by the Internal Revenue Service, and a business that pays wages to employees already has a EIN.
   
   
4. Security Standards
   
   Standards to ensure the confidentiality, availability, authentication, integrity, and accessibility of electronic protected health information. The Final Rule was published February 20, 2003 with a compliance date of April 20, 2005.
   
   

Recommendations For Your Organization

• Investigate to see if your community or organization must comply with HIPAA standards.
• Know the provisions of HIPAA and how they will or might affect your community or organization. Remain updated.
• Seek qualified advice or consultation if necessary to be informed or to comply.
• If required to comply, have a plan in place.

*** Please note that REPS Software offers this information as a service to its clients based on its research and application to its products and services. The information contained in this Brief is not designed to be an official interpretation of law, nor should it serve as the only or primary means for use in determining the need for or meeting compliance. REPS Software is not responsible for organizations' or communities' compliance with HIPAA or any laws. It is suggested that readers seek further information on this topic to determine need for or terms of compliance.