Insuring the future: facing issues from privacy to toxic mold.

• Author: Kelly, Ann
• Position: Businesstrends Insurance

No one argues the necessity of insurance, but there is considerable debate about how to provide it. How does one best meet the needs of the general public and simultaneously sustain a thriving insurance business? A measure of good faith and responsibility is required for both consumers and carriers, as well as a system of controls for those times when integrity breaks down. This year the insurance industry is being hard hit. The impact of forces from the Federal to the fungal can be felt in emerging trends.

Health Insurance Portability and Accountability Act

The new Privacy Regulations represent not so much a trend as a fait accompli. Brent Stephens, an attorney with Snow, Christensen & Martineau, describes the bill they are part of as "the most significant public health act since Medicare." Passed in August of 2002, the Privacy Regulations constitute one of four items under the Health Insurance Portability and Accountability Act (HIPAA) of 1996, which in turn comes under the umbrella of the Administrative Simplification Act. The irony is probably unintended. The other three are the Security Standards (in effect August of this year), Uniform Data Set Standards and Uniform Identifier Standards. The latter two refer to the codification, on a national level, of every identifying piece of information that might appear on a claim: patient, doctor, disease, treatment, facility, etc.

The Privacy Regulations went into effect for healthcare providers, billing agencies, and healthcare plans on April 14. Small businesses offering employee health benefits have until April 14, 2004 to comply. Stephens suggests that as business owners come to realize their role as described by the Privacy Act, there will emerge a trend away from offering employee health benefits. According to the act, all responsibility for compliance falls squarely on the shoulders of the employer. This responsibility is non-delegable. It requires the provision of a written plan (as opposed to subscription agreements) and the implementation of standards providing safeguards of privacy within the place of employment. It also places the employer in the compromising position of knowing information about his employees that he should not know: As "fiduciary plan sponsor," he is required to handle employee claims, which expose him to information that, as employer, he must remain ignorant of. This is because, in a sort of cart before the horse arrangement, the codification elements of HIPAA...