DHCS Requirements Related to Preventing Privacy Incidents
| Date: | November 29, 2016 |
| To: | Health Plan of San Joaquin (HPSJ) Providers |
| From: | Provider Services Department |
| Subject: | DHCS Requirements Related to Preventing Privacy Incidents |
| Business: | Medi Cal, Medi Cal Access Program (formerly known as AIM) |
Reminder
As part of our efforts to prevent privacy‐related incidents, Health Plan of San Joaquin (HPSJ) is mandated to send out an annual reminder to our providers pertaining to the HIPAA Minimum Necessary Rule [45CFR 164.502(b), 164.514(d)], which states –
“The minimum necessary standard requires covered entities to evaluate their practices and enhance safeguards as needed to limit unnecessary or inappropriate access to and disclosure of protected health information (PHI). The Privacy Rule generally requires covered entities to take reasonable steps to limit the use or disclosure of, and requests for, protected health information to the minimum necessary to accomplish the intended purpose. “
It is the provider’s responsibility to ensure that when sending documentation to HPSJ it is:
Accurate
For the correct member
Only includes documentation for the correct member
Effective September 1, 2015, HPSJ started to deny authorizations that were incorrectly submitted and failed to meet the HIPAA Minimum Necessary Rule.
All authorizations submitted on September 1, 2015 or thereafter with unnecessary information – or information not specific to that member – are immediately being denied and sent back to the provider. Timely submission of authorizations meeting the HIPAA Minimum Rule, will help to prevent a delay in the approval process.
Should you have any further questions, please contact our Provider Services Department at (209) 942‐6340.