United States Department of Defense United States Department of Defense

News

American Forces Press ServiceBookmark and Share

 News Article

TRICARE Complying With Stricter Rules on Healthcare Information

By Rudi Williams
American Forces Press Service

WASHINGTON, April 25, 2003 – TRICARE, like all other healthcare providers nationwide, is working under stricter rules when it comes to protecting patients' rights and the privacy of their health information.

And like its civilian counterparts, the TRICARE Management Activity implemented the privacy portion of the Health Insurance Portability and Accountability Act by the April 14 compliance deadline.

"Privacy of health information is extremely important to beneficiaries and the TRICARE activity," said Navy Cmdr. Sam Jenkins, TRICARE's HIPAA privacy officer. "The message we're trying to convey is that we're committed to the protection of the privacy of health information. We'll do everything we can to maintain its confidentiality and security."

The act, which Congress passed in 1996 and became Public Law 104-191, was designed to "combat waste, fraud and abuse, improve portability of health insurance coverage, and simplify administration of healthcare," according to a TRICARE brochure issued in January.

The measure affects health plans such as TRICARE, companies that perform electronic billing on behalf of military treatment facilities, physicians, dental clinics, pharmacies and business associates such as managed-care support contractors.

Laws that were already on the books, such as the Privacy Act, have always protected patients' medical information, Jenkins noted. "But what HIPAA does is inform individuals of what their rights are and TRICARE's responsibilities to protect health information, which hasn't been done in the past.

"The Notice of Privacy Practices describes patients' rights under HIPAA clearly and has been provided to beneficiaries in plain language so they can easily understand these rights," Jenkins said. "The act also requires us to have a contact to help patients manage their health information and those rights."

Complying with the new rules meant assigning treatment facility HIPAA privacy officers to assist patients in managing their health information and training nearly 130,000 healthcare professionals and workers worldwide. Implementing HIPAA also includes incorporating policies and procedures at treatment facilities to protect information.

It also included identifying and training more than 500 military treatment facility privacy officers worldwide, developing marketing and training materials and mailing the Notice of Privacy Practices to TRICARE sponsor households.

TRICARE mailed more than 5 million notices to beneficiaries' homes between December 2002 and March 2003. The notices are also available at military treatment facilities.

"About 95 percent of the people who received the notice have understood it," Jenkins noted. But, he said, "we have received some further questions from people who don't understand why we've done that. We've screened and responded to those letters to help further explain the information." In addition, the privacy officers can "answer questions from beneficiaries."

Besides explaining the patients' rights under HIPAA and TRICARE's responsibilities, the notice tells beneficiaries how to file a complaint if they feel their health information has been inappropriately used.

Jenkins said patients have the right to read their medical records, have a copy made, request amendments or request restrictions of usages and disclosures of their health information.

"HIPAA makes us accountable to them for our management of their health information," he emphasized.

However, he pointed out that TRICARE and military treatment facilities are allowed to use health information for treatment, payment and healthcare operation activities.

"But there are other uses and disclosures of information that we must document," he said. "Patients can request an accounting of disclosures so they'll know exactly how their health information was used. This gives the individual control over their health information. We're obliged by the rule to do that for them."

Patients have the right to request an accounting of disclosures for up to six years, Jenkins noted.

"If the patient thinks there is erroneous information in his or her record, they may make a request to the treatment facility where the records are held for review of the information," Jenkins said.

But under some circumstances, information could be withheld from patients if healthcare professionals determine that releasing it would be harmful to them. For example, Jenkins said, "if some patients know they have a catastrophic disease, it may adversely affect how their body reacts to treatment." He said the same thing applies to other patients who may react adversely if they find out their treatment is going to take a year as opposed to a month.

"These are good medical practice guidelines that allow us to withhold information from a patient where knowledge of the course of treatment or prognosis might cause them to think adversely," Jenkins said.

Not only is the patient's privacy protected in treatment facilities, it's also protected in the patient's home. For instance, Jenkins said, a patient might not want to share information left on his or her home answering machine about a follow-up appointment notice. In such a case, the patient could request a confidential communication at an alternative location.

Jenkins said HIPAA privacy applies to individually identifiable health information -- paper, electronic or oral communications. This includes information that identifies the patient and relates to his or her past, present or future health condition.

But he noted that TRICARE and military treatment facilities are required to give health information about any individual to the Department of Health and Human Services for use in an investigation of a complaint.

"We're permitted to use and disclose health information for many reasons, such as to assist public health officials in doing disease surveillance in a community," he said. "We can also share military health information on active duty people to help commanders determine an active duty member's ability to perform a particular element of a mission, or to determine their fitness for duty.

"We can also use health information to inform appropriate authorities, law enforcement (officials) and others of victims of spousal or child abuse," Jenkins noted.

Patients who have complaints about their privacy being compromised should contact the military treatment facility privacy officers or the TRICARE privacy officer.

They can also go directly to the Department of Health and Human Services' Office of Civil Rights Web site and follow the complaint and inquiry process at http://www.hhs.gov/ocr/hipaa/.

Contact Author


Click photo for screen-resolution imageProtecting Healthcare Data - The Health Insurance Portability and Accountability Act makes TRICARE accountable to patients for the privacy of their health information, according to Navy Cmdr. Sam Jenkins, TRICARE's HIPAA privacy officer.   
Download screen-resolution   
Download high-resolution



Top Features

spacer

DEFENSE IMAGERY

spacer
spacer

Additional Links

Stay Connected