Communication Hampers HIPAA Compliance Efforts

Despite the fact that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) has been in effect since April 2003, only three out of four organizations have become compliant with the legislation, according to the Phoenix Health Systems Fall 2003 Survey.

The survey, which placed special emphasis on the health care industry's Transactions and Code Sets (TCS), showed that between 73% and 88% of all organizations were in compliance with HIPAA. Providers represented 67% of the respondents, while payers accounted for 19%, clearinghouses 3%, and vendors 11%.

The survey found that provider compliance levels remained virtually unchanged since a spring 2003 survey (76% versus 78%). Meanwhile, the survey showed that nearly 40% of providers and 22% of payers that had claimed to be privacy compliant have not completed all of their necessary business associate agreements. And about 15% of providers have not initiated processes for accounting of disclosures and for .minimum necessary. restrictions. Further-more, about 50% of all respondents reported that their organizations had one or more privacy breaches over the previous six months.