The Surprising Link to HIPAA from the ICD-10 Delay
The dust is finally settling after the masses descended on Las Vegas to attend the annual HIMSS conference in February. ICD-10, meaningful use, and HIPAA were several central themes discussed.
Now last week, the Department of Health and Human Services (HHS) announced a proposed ruling that would extend the ICD-10 compliance deadline until October 1, 2014.
The consensus was that a delay may give some breathing room to organizations that feel they are behind, but would also increase the total cost of the transition. Delaying the pain may feel good now, but it just extends the period of time it takes to “cure” it, sort of like extending your stay in a hospital, which we all know is expensive.
There is an interesting link to HIPAA from the ICD-10 transition. We expect many more service and software providers will be engaged to help organizations figure out the transition from gap assessments to software tools to help coders and clinicians. This means a big increase in potential business associates, since they will be exposed to protected health information (PHI).
We’ve seen numerous inquiries from business associates looking for independent audits, risk assessments and training as the realities of the potential damage from a breach become more evident. This is a good reminder to re-examine your business associate relationships; have they provided the proof that they are complying with all the regulations?
It’s just good business for both parties; neither wants to deal with the fallout of a poorly handled breach—whether for the impacted patients or to a trusted business relationship.