Chapter 2: HIPAA for Mental Health Practitioners
Chances are, you didn't make it this far in your field without knowing what HIPAA is and what it regulates. But for the sake of covering bases, let's briefly recap the HIPAA takeaways that relate to cyber privacy issues.
First Things First: Who's Covered by HIPAA?
You're covered by HIPAA (and must comply) if…
- You are a covered entity. This includes any business that electronically bills or checks health insurance coverage eligibility using a computer or web-based system.
- You engage in covered transactions. This includes computer-to-computer transmission of healthcare claims, payment and remittance, benefit information, health plan eligibility information, any digital bills submitted to insurers, and any digital billing information submitted to clients.
Your practice is covered by HIPAA if you check health insurance coverage using a computer, transmit healthcare claims, or submit digital billing information to clients.
As you may already know, Title II of HIPAA is the part of the law that most applies to your electronic work. It governs the privacy, security, and electronic transfer of healthcare information.
According to the Clinical Social Work Association, there's another key part of HIPAA that is especially important for mental health practitioners. HIPAA adopted the Current Procedural Terminology (CPT) for procedure codes and International Classification of Diseases (ICD) for diagnoses. The latest version of the DSM uses the diagnostic codes in the ICD, which should make everyone's life easier.
Next: Part 1: HIPAA Privacy Standards vs. Security Standards