It is understandable that as many Americans have concerns about mass data collection by the National Security Agency (NSA) and its international partners, medical billing and coding professionals would also have questions regarding this topic.
While the NSA is usually associated with security, recent disclosures have shown that it has also engaged in gathering information that relates to commercial business and politics. As government officials have confirmed the collection of meta data from Americans, it has also been revealed that the NSA has the capability of accessing many personal electronic sources of data, such as email and social media accounts. The extent to which this has taken place has not been disclosed.
It has also been confirmed that the NSA and its international partners have gathered intelligence on Americans participating in domestic non-terrorism related crimes and fed this information to local law enforcement officials who are then able to make local arrests.
Aside from questions about the right to privacy, for billing and coding professionals this raises the concern: can the federal government use its surveillance capabilities to investigate and detect something like HIPAA violations, Medicaid fraud, or upcoding. For the clients of medical billing and coding professionals this may raise similar questions, while patients may wonder about the privacy of their electronic health records (EHRs) and how this might affect situations like buying health insurance on a federal or state marketplace.
The Privacy Debate Isn’t Settled
Billing and coding professionals, or clients thereof, who are engaged in fraudulent activities should always be worried because this is a crime, and law enforcement can always investigate a crime with tools like a search warrant. While professionals may unknowingly violate HIPAA regulations, they should be more concerned about raising a red flag with the Centers for Medicare and Medicaid Services or the Office of Inspector General (OIG). It seems highly unlikely that the NSA would detect – let alone be monitoring for – a HIPAA violation and tip off the OIG.
A concern about the general right to privacy is more cogent, especially in relation to EHRs and billing and coding professionals who want to protect patients’ privacy. In addition to federal policy that encourages the adoption of EHRs, the federal government is now also running health insurance marketplaces for some states. Combine this with the recent revelations about federal agencies compiling electronic data about Americans and there is an understandable privacy concern.
Currently the boundary between privacy and security is an ongoing debate with gray areas. Privacy questions will not be resolved until broad legislation is passed that strictly defines the rights and boundaries for data collection by intelligence and law enforcement agencies.
While related to the ease of accessibility to EHRs, when it comes to patient data a more relevant concern of billing and coding professionals should be about security from nefarious actors like hackers or opportunistic thieves who might steal a laptop containing hundreds of thousands of sensitive files. This has much more potential to cause actual harm, while concerns about privacy will have to wait for a national resolution on the general subject.