HIPAA’s intention with the use of EDI (Electronic Data Interchange) for conducting medical service reimbursement (to mention a few) was projected by the HHS (Department of Health & Human Services) to cause an immediate cost savings for both the provider and the medical community. But in its implementation, addressing the security and privacy regulations (including the use of a translator or clearinghouse) to process these EDI transactions comes with a necessary budget.

Spend Money to Save Money?

These rules would replace paper-based system with electronic data interchange. Most providers don’t have the technical expertise to ride the transition, thus need either a consultant or a clearinghouse to meet this demand. Both of which cost money. Also, the privacy rule requires a notice of privacy policy be give to the patient and track that every patient has received this notification and understands the new effect this regulation has on the patient’s use of their own medical information. If the organization has an enterprise wide master patient index (EMPI), it can track the date and version of the notice given. If the organization does not have this they will need to implement this using the above example or keeping some type of log. The rules do not give specifics on how this notice is going to distributed and noted that the patient understands this notice.

A variety of alternatives should be evaluated for your practice, including simply giving a notice at every encounter, placing an acknowledgement or receipt of notice in the medical record or log. You could consider optically scanning the acknowledgement and making it available to review through the admissions/registration system.

Another reason why implementing HIPAA seems costly is the media reaction. They predicted costs way above the Y2K implementation. In the notice example above, an EMPI may truly improve continuity of care and a document imaging system may improve patient financial services workflow. But CIO’s and HIM professionals may seize this opportunity to implement necessary upgrades or projects that see as needing implementation under this HIPAA umbrella.

Consulting services can be a significant cost that can be used wisely or be an unnecessary investment if internal implementations were already in place. The lack of a clear picture of future benefits also appears to drive up HIPAA implementation costs.

For example, where EDI will clearly save money and decrease the number of employees used for billing and eligibility functions, the privacy and security area costs overshadow future benefits because costs are not quantified.

Think Creatively, Not Expensively

Providers should distinguish between necessary expenditures and those that may be attributable to other healthcare needs. There are a range of tools and services available to assist in creating and managing documents. These can be found on the web or through medical associations.

10 Ways to Stretch Your Dollars

The following list can identify where investments in outside services would be beneficial and where internal resources are probably adequate.

  1. Invest in understanding the rules This may be only be an investment in time to read and discuss the rules, or it may entail obtaining external counsel to assist in highlighting key element and providing practical interpretation, but one must achieve compliance.
  2. Inventory and use of Internal Talent Within your organization, there may already be people with technical writing skills, training experience, database or spreadsheet knowledge- HIPAA does not "belong" to any one department; everyone needs to work together.
  3. Hake HIPAA multidisciplinary Everyone in the organization must comply with the rules. Involving many people is the winning way.
  4. Don’t’ involve too many people in the decision making Though this is a multi-disciplinary approach – let the senior staff or project manager make the decisions. Committee decisions take time and often create "lowest common denominator" solutions.
  5. The best solution is not the most expensive one The best solution is the one that will ensure compliance.
  6. Don’t assume that solutions cannot be changed HIPAA requires resting and revision of solutions, which lays the groundwork for ongoing compliance
  7. Seek outside counsel from consultants, attorneys and others appropriately. Use these resources to inform and interpret, benchmark, validate, and obtain solutions that are too expensive to create internally. You would not be turning over the whole HIPAA program.
  8. Collaborate to learn from others, achieve economies of scale, and improve satisfaction for members of the work force and patients. Privacy must be assured for all and should not be used as a competitive advantage.
  9. Investments in IT to support HIPAA can be used to advantage. If you can send claims out the door faster, there is a distinct advantage. If you have found a more effective way to carry out a given policy, even through the policy is consistent across the community, there is real savings for you.
  10. Just do IT! There are risks for non-compliance; but there are also risks in over investing in outside solutions that don’t work. Take stock of the resources at hand. There are probably more than you think.

References: Amatayakul, Margaret, "10 Ways to Keep Implementation Costs Under Control, Journal of AHIMA, May 2002.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.