Skip Navigation
  • Health Plans
  • Health & Wellness
  • Online Care
  • Customer Service
  • My Account

HMSA’s HIPAA Compliance

We monitor HIPAA regulations and compliance issues and participate in health care industry discussions on an ongoing basis to ensure HMSA’s continued compliance.

Key regulations and compliance dates are listed below:

Standards Description Compliance Date
HIPAA 5010 The current 4010A1 standard format of electronic transactions of certain administrative or financial information is being replaced with a new 5010 version. Jan. 1, 2012
National Provider Identifier A national, standard identifier for health care providers. The National Provider Identifier (NPI) is required for all electronic transactions governed by HIPAA. May 23, 2007
Security Safeguards for protected health information (PHI) including storage, maintenance, transmission and access. April 20, 2005
Electronic Health Care Transactions & Code Sets A standard format for electronic transmission of certain administrative or financial information. National standards for coding medical procedures, prescription drugs and diagnoses. Oct. 16, 2003
Privacy Policies and procedures for authorization, notice of privacy practices, members’ rights, minimum necessary uses and disclosures of PHI. HMSA Membership Notice April 14, 2003

National Provider Identifier (NPI)

HMSA has modified our systems to accommodate the use of NPI in HIPAA-covered transactions, such as claims, remittance advices and eligibility inquiries.

Security

HMSA’s security policies, procedures and practices are consistent with the HIPAA security regulations and generally accepted industry practices. We continue to assess our information security program and make improvements as necessary.

Electronic Health Care Transactions & Code Sets

HMSA uses HIPAA-standard formats for all electronic health care transactions governed by HIPAA.

Privacy

HMSA’s policies meet HIPAA Privacy regulations and our privacy policies include:

  • Notifying members about their privacy rights and how their information can be used.
  • Implementing privacy policies and procedures to assure member rights to privacy.
  • Employee training on privacy policies and procedures.
  • Designating an individual responsible for seeing privacy policies and procedures are adopted and followed.
  • Securing records with confidential member information and providing access only to those who need them.

HMSA’s Privacy Office oversees activities related to our members’ confidential information and works with members exercising the rights under HIPAA Privacy regulations.

Links

    Related Links