You have requested access to member-only content.


Q. Is it a HIPAA violation if a hospital receives a faxed Healthcare Effectiveness Data and Information Set (HEDIS) request and the hospital cannot ­identify the patient by full name, last name, or date of birth? These requests contain name, date of birth, provider, and the HEDIS Measure (Chlamydia screening, cervical cancer screening, cholesterol management, etc.) and last date of service of the patient. Typically, these faxed requests are from business associates of the patient's health insurance, but occasionally they come directly from the insurance company.

This is an excerpt from member-only content. Please log in or become a member.

Not a member? Join now!

Revenue Cycle Advisor is the key to your organization's Medicare regulatory news and education. It combines all of HCPro's Medicare regulatory and reimbursement resources into one handy and easy-to-access portal. News is not just repeated from other sources. It is analyzed by our Medicare experts so professionals can comprehend any new rule updates thoroughly.

For questions and support, please call customer service: 800-650-6787.