HIPAA Impact on Employers
Transactions and Code Sets - Impact on Employers
Plan Sponsors (and Employers) are not "covered entities" and, therefore, do not have to comply with the Transactions and Code Sets regulation. Plan Sponsors can continue to submit electronic files in their proprietary format after October 16, 2003. We have found that most of our Plan Sponsors have determined that they wish to continue to send information directly to CareFirst and not through the group health plan they sponsor. If you have decided to switch to a standard transaction format, please contact Business Relationships Group at email@example.com.
Privacy and Security - Impact on Employers
Employer sponsored self-insured group health plans are "covered entities" under the Privacy and Security regulations and as such, must comply with the requirements of the regulations in the same way as other health plans and providers. A group health plan is not subject to the HIPAA requirements if, and only if, it is fully insured and does not create or receive PHI. CareFirst has implemented policies and procedures designed to meet compliance obligations and minimize disruption to the service you and your employees enjoy from us.
Remember, under HIPAA, there are two components of an employer - the group health plan and the plan sponsor. HIPAA regulations may vary for your company depending on which component wishes to receive PHI.