Standards for Privacy of Individually
Identifiable Health Information
Guidance issued July 6, 2001
Payment
[45 CFR 164.501]
General Requirements
As provided for by the Privacy Rule, a covered entity
may use and disclose protected health information (PHI)
for payment purposes. "Payment" is a defined term that
encompasses the various activities of health care providers
to obtain payment or be reimbursed for their services
and for a health plan to obtain premiums, to fulfill
their coverage responsibilities and provide benefits
under the plan, and to obtain or provide reimbursement
for the provision of health care.
In addition to the general definition, the Privacy
Rule provides examples of common payment activities
which include, but are not limited to:
- Determining eligibility or coverage under a plan
and adjudicating claims;
- Risk adjustments;
- Billing and collection activities;
- Reviewing health care services for medical necessity,
coverage, justification of charges, and the like;
- Utilization review activities; and
- Disclosures to consumer reporting agencies (limited
to specified identifying information about the individual,
his or her payment history, and identifying information
about the covered entity).
|
