Yearly HEDIS^® visits will begin soon
During the next few months, BCBSNM nurses will be visiting physician offices to gather information for the nationally validated Healthcare Effectiveness Data and Information Set (HEDIS). You may wonder if these activities are permissible under the privacy regulations of the Health Insurance Portability and Accountability Act (HIPAA) of 2006 and whether a specific authorization is required from your patients (our members) prior to releasing copies of medical records to our nurses. Under the “payment and health operations” provision of HIPAA, a special authorization is not needed for you to provide these medical records.

According to the HIPAA Privacy Rule (CFR 160, 164), a health care provider can disclose protected health information (PHI) to health plans for quality assurance, quality improvement, and accreditation activities. A provider is permitted to disclose PHI to a health plan for HEDIS data collection without authorization from the patient when both the provider and the health plan have a relationship with the patient and the information relates to that relationship (45 CFR 164.506 [c][4]).

Prior to our visit, you will receive a letter outlining the information being requested. If you have questions about the planned HEDIS nurse visits, contact Sara Daugherty-Pineda, RN, at (505) 816-2053 or 1-877-232-5520 and select option 6. We will report aggregated HEDIS results in an upcoming issue.

HEDIS® is a registered trademark of the National Committee for Quality Assurance.

Blue Review • March 2010 • www.bcbsnm.com