scholarly journals Good News and Bad News About Incentives to Violate the Health Insurance Portability and Accountability Act (HIPAA): Scenario-Based Questionnaire Study

10.2196/15880 ◽  
2020 ◽  
Vol 8 (7) ◽  
pp. e15880
Author(s):  
Joana Gaia ◽  
Xunyi Wang ◽  
Chul Woo Yoo ◽  
G Lawrence Sanders
Keyword(s):  
Health Care ◽  
Health Insurance ◽  
Private Information ◽  
Medical Records ◽  
High Probability ◽  
Rational Choice Theory ◽  
Good News ◽  
Monetary Incentives ◽  
Health Insurance Portability ◽  
Personal Context

Background The health care industry has more insider breaches than any other industry. Soon-to-be graduates are the trusted insiders of tomorrow, and their knowledge can be used to compromise organizational security systems. Objective The objective of this paper was to identify the role that monetary incentives play in violating the Health Insurance Portability and Accountability Act’s (HIPAA) regulations and privacy laws by the next generation of employees. The research model was developed using the economics of crime literature and rational choice theory. The primary research question was whether higher perceptions of being apprehended for violating HIPAA regulations were related to higher requirements for monetary incentives. Methods Five scenarios were developed to determine if monetary incentives could be used to influence subjects to illegally obtain health care information and to release that information to individuals and media outlets. The subjects were also asked about the probability of getting caught for violating HIPAA laws. Correlation analysis was used to determine whether higher perceptions of being apprehended for violating HIPAA regulations were related to higher requirements for monetary incentives. Results Many of the subjects believed there was a high probability of being caught. Nevertheless, many of them could be incentivized to violate HIPAA laws. In the nursing scenario, 45.9% (240/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, that is acceptable for violating HIPAA laws. In the doctors’ scenario, 35.4% (185/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, for violating HIPAA laws. In the insurance agent scenario, 45.1% (236/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, for violating HIPAA laws. When a personal context is involved, the percentages substantially increase. In the scenario where an experimental treatment for the subject’s mother is needed, which is not covered by insurance, 78.4% (410/523) of the participants would accept US $100,000 from a media outlet for the medical records of a politician. In the scenario where US $50,000 is needed to obtain medical records about a famous reality star to help a friend in need of emergency medical transportation, 64.6% (338/523) of the participants would accept the money. Conclusions A key finding of this study is that individuals perceiving a high probability of being caught are less likely to release private information. However, when the personal context involves a friend or family member, such as a mother, they will probably succumb to the incentive, regardless of the probability of being caught. The key to reducing noncompliance will be to implement organizational procedures and constantly monitor and develop educational and training programs to encourage HIPAA compliance.

scholarly journals Correction: Good News and Bad News About Incentives to Violate the Health Insurance Portability and Accountability Act (HIPAA): Scenario-Based Questionnaire Study (Preprint)

2020 ◽  
Author(s):  
Joana Gaia ◽  
Xunyi Wang ◽  
Chul Woo Yoo ◽  
G Lawrence Sanders
Keyword(s):  
Health Care ◽  
Health Insurance ◽  
Private Information ◽  
Medical Records ◽  
High Probability ◽  
Rational Choice Theory ◽  
Good News ◽  
Monetary Incentives ◽  
Health Insurance Portability ◽  
Personal Context

BACKGROUND The health care industry has more insider breaches than any other industry. Soon-to-be graduates are the trusted insiders of tomorrow, and their knowledge can be used to compromise organizational security systems. Objective: The objective of this paper was to identify the role that monetary incentives play in violating the Health Insurance Portability and Accountability Act’s (HIPAA) regulations and privacy laws by the next generation of employees. The research model was developed using the economics of crime literature and rational choice theory. The primary research question was whether higher perceptions of being apprehended for violating HIPAA regulations were related to higher requirements for monetary incentives. Methods: Five scenarios were developed to determine if monetary incentives could be used to influence subjects to illegally obtain health care information and to release that information to individuals and media outlets. The subjects were also asked about the probability of getting caught for violating HIPAA laws. Correlation analysis was used to determine whether higher perceptions of being apprehended for violating HIPAA regulations were related to higher requirements for monetary incentives. Results: Many of the subjects believed there was a high probability of being caught. Nevertheless, many of them could be incentivized to violate HIPAA laws. In the nursing scenario, 45.9% (240/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, that is acceptable for violating HIPAA laws. In the doctors’ scenario, 35.4% (185/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, for violating HIPAA laws. In the insurance agent scenario, 45.1% (236/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, for violating HIPAA laws. When a personal context is involved, the percentages substantially increase. In the scenario where an experimental treatment for the subject’s mother is needed, which is not covered by insurance, 78.4% (410/523) of the participants would accept US $100,000 from a media outlet for the medical records of a politician. In the scenario where US $50,000 is needed to obtain medical records about a famous reality star to help a friend in need of emergency medical transportation, 64.6% (338/523) of the participants would accept the money. Conclusions: A key finding of this study is that individuals perceiving a high probability of being caught are less likely to release private information. However, when the personal context involves a friend or family member, such as a mother, they will probably succumb to the incentive, regardless of the probability of being caught. The key to reducing noncompliance will be to implement organizational procedures and constantly monitor and develop educational and training programs to encourage HIPAA compliance.

Good News and Bad News About Incentives to Violate the Health Insurance Portability and Accountability Act (HIPAA): Scenario-Based Questionnaire Study (Preprint)

2019 ◽  
Author(s):  
Joana Gaia ◽  
Xunyi Wang ◽  
Chul Woo Yoo ◽  
G Lawrence Sanders
Keyword(s):  
Health Care ◽  
Health Insurance ◽  
Private Information ◽  
Medical Records ◽  
High Probability ◽  
Rational Choice Theory ◽  
Good News ◽  
Monetary Incentives ◽  
Health Insurance Portability ◽  
Personal Context

BACKGROUND The health care industry has more insider breaches than any other industry. Soon-to-be graduates are the trusted insiders of tomorrow, and their knowledge can be used to compromise organizational security systems. OBJECTIVE The objective of this paper was to identify the role that monetary incentives play in violating the Health Insurance Portability and Accountability Act’s (HIPAA) regulations and privacy laws by the next generation of employees. The research model was developed using the economics of crime literature and rational choice theory. The primary research question was whether higher perceptions of being apprehended for violating HIPAA regulations were related to higher requirements for monetary incentives. METHODS Five scenarios were developed to determine if monetary incentives could be used to influence subjects to illegally obtain health care information and to release that information to individuals and media outlets. The subjects were also asked about the probability of getting caught for violating HIPAA laws. Correlation analysis was used to determine whether higher perceptions of being apprehended for violating HIPAA regulations were related to higher requirements for monetary incentives. RESULTS Many of the subjects believed there was a high probability of being caught. Nevertheless, many of them could be incentivized to violate HIPAA laws. In the nursing scenario, 45.9% (240/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, that is acceptable for violating HIPAA laws. In the doctors’ scenario, 35.4% (185/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, for violating HIPAA laws. In the insurance agent scenario, 45.1% (236/523) of the participants indicated that there is a price, ranging from US $1000 to over US $10 million, for violating HIPAA laws. When a personal context is involved, the percentages substantially increase. In the scenario where an experimental treatment for the subject’s mother is needed, which is not covered by insurance, 78.4% (410/523) of the participants would accept US $100,000 from a media outlet for the medical records of a politician. In the scenario where US $50,000 is needed to obtain medical records about a famous reality star to help a friend in need of emergency medical transportation, 64.6% (338/523) of the participants would accept the money. CONCLUSIONS A key finding of this study is that individuals perceiving a high probability of being caught are less likely to release private information. However, when the personal context involves a friend or family member, such as a mother, they will probably succumb to the incentive, regardless of the probability of being caught. The key to reducing noncompliance will be to implement organizational procedures and constantly monitor and develop educational and training programs to encourage HIPAA compliance. CLINICALTRIAL

scholarly journals Inappropriate requests for tumor markers in patients aged 50 years and older: lessons not learned

2021 ◽  
Vol 15 ◽  
Author(s):  
Valter Paz Nascimento-Júnior ◽  
Einstein Francisco Camargos
Keyword(s):  
Internal Medicine ◽  
Health Care ◽  
Health Insurance ◽  
Medical Records ◽  
Private Health Insurance ◽  
Medical Specialty ◽  
Health Care Managers ◽  
Inappropriate Use ◽  
Care Managers ◽  
Previous Diagnosis

OBJECTIVE: To investigate, within a private health insurance, the ordering frequency and the costs related to inappropriate TM test orders. METHODS: This study analyzed data regarding TM requests within a private health insurance between 2010 and 2017. Patients included in this analysis were ≥ 50 years old, had available medical records, and had at least 1 TM tested within the study period. Tests were considered inappropriate when TMs were used in screening for neoplasms, ie, when there was no previous diagnosis. We evaluated data regarding age, sex, the ordering physician’s medical specialty, and test costs. RESULTS: Between 2010 and 2017, 1,112 TM tests were performed and increased from 52 to 262 per year. Our sample consisted mostly of women (69.50%) with a mean age of 59.40 (SD, 8.20) years. Most orders were inappropriate (87.80%) and represented 79.40% of all expenses with TM tests. Cardiology professionals were the medical specialty that requested the most TM tests (23.90%), followed by internal medicine specialists (22.70%) and gynecologists (19.20%). CONCLUSIONS: We observed a high percentage of inappropriate test orders in the study period, resulting in elevated costs. Studies of this nature deserve the attention of health care managers, and interventions should be performed in order to reduce the inappropriate use of TM tests in clinical practice.

scholarly journals Neurosurgical practice in the current regulatory environment

2002 ◽  
Vol 12 (4) ◽  
pp. 1-16 ◽  
Author(s):  
John A. Kusske
Keyword(s):  
Health Care ◽  
Health Insurance ◽  
Medical Treatment ◽  
Regulatory Environment ◽  
Retirement Income ◽  
Income Security ◽  
Delivery Of Care ◽  
Health Insurance Portability ◽  
Health Care Law ◽  
Retirement Income Security

The practice of neurosurgery has been complicated over the last 25 years by the enactment of a series of statutes that have significantly altered the time-honored means by which neurosurgeons manage their work. These laws deal with issues that neurosurgeons have not customarily had to consider. The author outlines some of the socioeconomic and political matters that led to the passage of these statutes. An assortment of the laws is then surveyed, to foster an appreciation for the variety and depth of health care law that affects neurosurgeons' practice and the delivery of care to their patients. Statutes discussed include the fraud and abuse laws, self-referral laws, the Emergency Medical Treatment and Labor Act, Health Insurance Portability and Accountability Act, and Employee Retirement Income Security Act.

scholarly journals Necessity and Implications of ICD-10: Facts and Fallacies

2011 ◽  
Vol 5;14 (5;9) ◽  
pp. E405-E425
Author(s):  
Laxmaiah Manchikanti
Keyword(s):  
Health Care ◽  
Health Insurance ◽  
The United States ◽  
Unintended Consequences ◽  
Diagnostic Coding ◽  
Classification Of Diseases ◽  
Icd 10 ◽  
Health Insurance Portability ◽  
New System

The International Classification of Diseases-10 (ICD-10 is a new system that is expected to be implemented effective on October 1, 2013. This new system is a federally mandated change affecting all payers and providers, and is expected to exceed both the Health Insurance Portability and Accountability Act (HIPAA) and Y2K in terms of costs and risks. However, the Administration is poised to implement these changes at a rapid pace which could be problematic for health care in the United States. In 2003, HIPAA named ICD-9 as the code set for supporting diagnoses and procedures in electronic administrative transactions. However, on January 16, 2009, the Department of Health and Human Services (HHS) published a regulation requiring the replacement of ICD9 with ICD-10 as of October 1, 2013. While ICD-9 and 10 have a similar type of hierarchy in their structures, the ICD-10 is more complex and incorporates numerous changes. Overall, ICD-10 contains over 141,000 codes, a whopping 712% increase over the less than 20,000 codes in ICD-9, creating enormous complexities, confusion, and expense. Multiple published statistics illustrate that there are approximately 119 instances where a single ICD-9 code can map to more than 100 distinct ICD-10 codes, whereas there are 255 instances where a single ICD-9 code can map to more than 50 ICD-10 codes. To add to the confusion, there are 3,684 instances in the mapping for diseases where a single ICD-10 code can map to more than one ICD-9 code. Proponents of the new ICD-10 system argue that the granularity should lead to improvements in the quality of health care, since more precise coding that more accurately reflects actual patient conditions will permit smarter and more effective disease management in pay-forperformance programs. This, in essence, encapsulates the benefits that supporters of this new system believe will be realized, even though many of these experts may not be involved in actual day-to-day medical practices. Detractors of the system see the same granularity as burdensome. The estimated cost per physician is projected to range from $25,000 to $50,000. Further, they argue that the ICD10 classification is extremely complicated, and expensive. Concerns exist that it is being implemented without establishing either the necessity or thinking through the unintended consequences. Opponents also argue that beyond financial expense, it is also costly in terms of human toll, hardware and software expenses and has the potential to delay reimbursement. There is also concern that an unintended consequence of granularity would be the potential for enhanced and unnecessary fraud and abuse investigations. The authors of this article favor postponing the implementation of the ICD-10 until such time as its necessity is proven and implications are understood. Key words: Diagnostic coding systems, International Statistical Classification of Diseases and Related Health Problems (ICD), ICD-9-CM, ICD-10-CM, regulations, growth, evidencebased literature, reimbursement, claims, Health Insurance Portability and Accountability Act (HIPAA)

Sign in / Sign up

Export Citation Format

Share Document