To all I&A folks: We wanted to let you know that some progress is being made on the trading partner agreement front concerning the legal ramifications of creation of an entirely electronic eTPA. Yesterday William Kammerer, Marcallee Jackson, and I held a conference call with 3 legal types from the law firm of Davis, Wright, Tremaine (DWT), who have volunteered to provide some level of assistance to us pro bono as we wrestle with the non-technical privacy, security, and fraud-potential issues surrounding creation of an automated eTPA.
The question posed to the teleconference group was "how can DWT work with our WEDI-SNIP workgroup"? We discussed our plans to move the industry toward an "electronic TPA" rather than (in place of) signed paper agreements. The TPA we have envisioned includes technical communication protocols, security and encryption, and potentially even the "companion guide" type of information - all of that being generally classified as the "technical" business arrangement between the trading parties. Our most pressing concern is: even if we can get all of the nuances of the "technical" business arrangement included within our electronic definition, will there still be overriding legal barriers which will still require each trading partner to negotiate and sign a paper document to comply with the HIPAA regulations. DWT explained how business agreements can be implied under the UCC. As a simple example, when a customer sends an unsolicited order to a supplier, and the supplier fills the order, there is an implied business agreement under the UCC. DWT also indicated that there is now an extension to the UCC which is being adopted in most states that specifically addresses electronic business exchanges. After some discussion, their suggestion was that if we could promote a health care industry-wide accord, that it could act as an anchor point for creation of the compliance portion of the paperless interchange agreement and would embody language which safeguards the participants. Our next steps will be to work with DWT in drafting a "talking paper" over the next 3 weeks which lists some of the key elements that such an accord would have, and how the accord would be used in conjunction with the UCC to satisfy the regulatory needs (privacy/disclosure of PHI). Stay tuned... Dave Minch T&CS Project Manager John Muir / Mt. Diablo Health System Walnut Creek, CA (925) 941-2240