Hi, David and Bonnie.
It's important to keep two terms distinct: "plan administration functions"
(which is a Privacy Rule term) and "plan administrator" (which is an ERISA
term).
The plan administrator (which, under ERISA, is the plan sponsor unless the
plan document says otherwise) has certain reporting and disclosure functions
assigned to it by ERISA. The plan administrator may also be (but need not
be) the named fiduciary for purposes of the claims adjudication procedures
that a group health plan is required to have under ERISA.
"Plan administration functions" is a poorly defined term in the Privacy
Rule. What it appears to signify is performing those functions that make a
plan a covered entity--i.e., doing things that require working with PHI.
Is the ERISA plan administrator necessarily a person who perform plan
administration functions?
No. So long as the ERISA plan administrator is not also the named fiduciary
for purposes of claims administration, it does not necessarily perform plan
administration functions on account of the jobs assigned to it by ERISA.
That is because the jobs assigned to it under ERISA may be performed on the
basis of summary health information received and used for plan design
purposes (permitted under the Privacy Rule) or eligibility and enrollment
information (also permitted under the Privacy Rule).
An ERISA plan administrator will perform plan administration functions,
however, where it is also the named fiduciary for claims adjudication
purposes, i.e., the person who has to receive all the PHI relevant to making
claims decisions.
In addition, where a plan is self-insured, the plan sponsor will ALWAYS be
assigned the full gamut of responsibilities under the Privacy Rule, without
regard to whether the plan sponsor contracts those functions out to a third
party.
Thus, for example, if you are a self-insured plan and you contract out
EVERYTHING to a third party administrator ("TPA"), you are not spared ANY of
the requirements of the Privacy Rule. You must still prepare and distribute
an NPP to your participants and satisfy all of the Privacy Rule's
administrative requirements.
In the case of the self-insured group health plan maintained by your
hospital for its employees, all of the provisions of the Privacy Rule will
apply.
However, your hospital and the group health plan may (and probably do) have
different compliance dates. The compliance date for health care providers
is the first date of service after April 14, 2003. The compliance date for
health plans (including group health plans) is April 14, 2003 for large
plans and April 14, 2004 for small plans. A "large plan" is one that has
"receipts" (i.e., pays premiums in the case of an insured plan or provides
benefits in the case of a self-insured plan) of $5,000,000 or more annually.
A "small plan" is one that has annual receipts of less than $5,000,000.
Hope this helps.
John D'Amato
redHIPAA.com (coming soon)
----- Original Message -----
From: "David Blasi" <[EMAIL PROTECTED]>
To: "WEDI SNIP Privacy Workgroup List" <[EMAIL PROTECTED]>
Sent: Thursday, March 13, 2003 3:51 AM
Subject: Re: Self insured health plans & NPP
> Without going into a lot of discussion about the difference between the
> plan sponsor and plan administrator activities, the plan administrator
> is responsible for this. If you are also the plan administrator, than
> you have both responsibilities. Your SPD should state who is the plan
> administrator for easy reference.
>
> >>> <[EMAIL PROTECTED]> 03/13/03 07:40AM >>>
> We are an acute care hospital providing health insurance to our
> employees
> as a self-insured plan. As the plan sponsor we are required to amend
> our
> group health plan document to comply with HIPAA. Are we also
> responsible
> for drafting and providing to our employees a Notice of Privacy
> Practice,
> or is that the responsibility of the health plan?
>
> Bonnie R Millman
> Privacy Coordinator
> Bayhealth Medical Center
> 640 South State Street
> Dover, Delaware 19901
>
> 302-744-6728
>
>
>
> ______________________________________________________________________
> CONFIDENTIALITY NOTICE: The information contained in this e-mail
> message
> and any attachment(s) is intended only for
> the confidential use of the intended recipient(s) named above. This
> e-mail message and any attachment(s) may contain
> confidential health information or other confidential information that
> is
> legally privileged and exempt from disclosure under
> applicable law. If the reader of this e-mail message is not the
> intended
> recipient or the employee agent responsible for
> delivering it to the intended recipient, you should be aware that any
> dissemination, distribution, copying or action taken in
> reliance on the content of this e-mail message or any attachment(s)
> is
> strictly prohibited. If this e-mail has been received
> in error, please notify us immediately via e-mail at
> [EMAIL PROTECTED] and delete or otherwise destroy the
> original message, any attachment(s) and copies. Thank you for your
> cooperation.
>
>
> ---
> The WEDI SNIP listserv to which you are subscribed is not moderated.
> The discussions on this listserv therefore represent the views of the
> individual participants, and do not necessarily represent the views of
> the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an
> official opinion, post your question to the WEDI SNIP Issues Database at
> http://snip.wedi.org/tracking/. These listservs should not be used for
> commercial marketing purposes or discussion of specific vendor products
> and services. They also are not intended to be used as a forum for
> personal disagreements or unprofessional communication at any time.
>
> You are currently subscribed to wedi-privacy as:
> [EMAIL PROTECTED]
> To unsubscribe from this list, go to the Subscribe/Unsubscribe form at
> http://subscribe.wedi.org or send a blank email to
> [EMAIL PROTECTED]
> If you need to unsubscribe but your current email address is not the
> same as the address subscribed to the list, please use the
> Subscribe/Unsubscribe form at http://subscribe.wedi.org
>
>
>
> ---
> The WEDI SNIP listserv to which you are subscribed is not moderated. The
discussions on this listserv therefore represent the views of the individual
participants, and do not necessarily represent the views of the WEDI Board
of Directors nor WEDI SNIP. If you wish to receive an official opinion, post
your question to the WEDI SNIP Issues Database at
http://snip.wedi.org/tracking/. These listservs should not be used for
commercial marketing purposes or discussion of specific vendor products and
services. They also are not intended to be used as a forum for personal
disagreements or unprofessional communication at any time.
>
> You are currently subscribed to wedi-privacy as:
[EMAIL PROTECTED]
> To unsubscribe from this list, go to the Subscribe/Unsubscribe form at
http://subscribe.wedi.org or send a blank email to
[EMAIL PROTECTED]
> If you need to unsubscribe but your current email address is not the same
as the address subscribed to the list, please use the Subscribe/Unsubscribe
form at http://subscribe.wedi.org
---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions
on this listserv therefore represent the views of the individual participants, and do
not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If
you wish to receive an official opinion, post your question to the WEDI SNIP Issues
Database at http://snip.wedi.org/tracking/. These listservs should not be used for
commercial marketing purposes or discussion of specific vendor products and services.
They also are not intended to be used as a forum for personal disagreements or
unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at
http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the
address subscribed to the list, please use the Subscribe/Unsubscribe form at
http://subscribe.wedi.org
