calculators
publications
news
about us
frequently asked questions
contact us
site map
video library
links
home
home
members retirees employers governing boards careers
 
Employers

Employer Bulletin

All WRS Employers
Vol. 20, No. 14
September 26, 2003

DETF Makes Changes to Comply With Health Insurance Portability and Accountability Act (HIPAA)

Through this Employer Bulletin, the Department of Employee Trust Funds (DETF) hopes to supplement what you may already know about the Health Insurance Portability and Accountability Act (HIPAA) and outline some of the HIPAA compliance efforts going on within DETF.

What is HIPAA?

Congress enacted HIPAA at the request of the health industry. The primary goal underlying one HIPAA effort is to simplify and streamline the healthcare claims and payment process by implementing national standards. The three components of this "administrative simplification rules" effort, are: Electronic Data Transaction Standards, Privacy, and Security.

What is DETF Doing?

DETF has identified itself as a "covered entity" by virtue of the Group Insurance Board's self-insured health insurance plans administered by the Department. As a covered entity, the Department must comply with the applicable HIPAA regulations. Some of the changes we have made in response to HIPAA include:

  • The Health Insurance Application forms (ET-2301 and ET-2302 - for Graduate Assistants) were amended (see below).
  • The Health Insurance Complaint Form (ET-2405) was amended to be HIPAA compliant. The form now includes an authorization for DETF staff to work with the health plan and must be completed by the participant in order to initiate a complaint.
  • A Notice of Privacy Practices was mailed to all members of the Standard Plans in April 2003 and is posted on DETF's Web site. In addition, participants covered by a Health Maintenance Organization (HMO) received the Notice from their HMO.

What Does HIPAA Mean to Employers?

As a result of HIPAA, health plans cannot release any information to an employer about a participant's health insurance claims unless they have a signed authorization from the participant. This may affect employers who assist their employees with health insurance claim issues. If you encounter this situation with a health plan, you can either obtain an authorization from the employee, or direct them to the DETF ombudspersons for assistance.

Employers should exercise caution when discussing sensitive health issues concerning their employees. Remember to provide only the minimum necessary information. In addition, take steps to ensure you do not use employees' protected health information for employment-related matters.

What Specific Changes Were Made to the Health Insurance Applications?

  • The Health Insurance Application forms (ET-2301, ET-2302) have been amended to remove the blanket authorization language on the back of the form. Blanket authorizations are prohibited by HIPAA because such authorizations permit the release of more personal information than is necessary in most instances.
  • Instructions for completing the Health Insurance Application forms (ET-2301, ET-2302) have been amended to include the following HIPAA codes for applicant relationship:

    01-Spouse
    15-Legal Ward
    17-Step-Child
    19-Child
    24-Dependent of a Minor Dependent

  • The revised instructions also include new HIPAA Student Status codes:

    F-Full-time
    P-Part-time
    N-Not a student

If you have any questions about the employers' role in HIPAA, please contact Steve Hurley at (608) 267-2354 or Kari Jo Zika at (608) 266-1423. Questions related to health insurance eligibility or enrollment should be directed to the Employer Communication Center at (608) 264-7900.