5 Ways CIOs Need to Prepare for Obamacare
Healthcare reform in the United States focuses mainly on providing coverage to the uninsured, and odds are good that your company offers health insurance to most employees. However, there are still reporting and security requirements you'll need to deal with -- and you'll have to be a vocal leader to make sure these tasks are a high priority.
Thu, September 26, 2013
CIO — For most large businesses, the upcoming enrollment period for Obamacare is no small matter. The legislation, officially known as the Patient Protection and Affordable Care Act, has been on executives' radar for years, and its merits and drawbacks have been debated almost ad nauseum in the press, in Congress and even the United States Supreme Court.
Experts, though, say the enrollment period, which starts on Oct. 1 and runs through next spring, still presents employers with a few technical challenges. To that end, CIO.com talked to insurance experts, IT gurus and attorneys to find the best ways to prepare for this sea change in healthcare. Here are five things business should be doing to prepare for healthcare reform.
1. Create an Internal Health Insurance Enrollment Portal
Americans without health insurance are encouraged to use health insurance exchanges to "shop" for plans that offer the coverage that best fits their needs. Subsidies are available for those who qualify. Those who remain uninsured at the end of 2014 face financial penalties.
Some companies, in an effort to reduce healthcare costs, are dropping employer-based plans and sending employees to the insurance exchanges instead. Even large companies that plan to continue offering employer-based health plans will likely need to create their own open enrollment sites, though.
Jeffrey Ungvary, president of Strategic Wellness & Insurance Management Services, says the exchanges for each state, such as MNsure in Minnesota, will pave the way. Employees will become accustomed to browsing through list of insurance providers and seeing pricing plans. Large companies should be prepared to offer similar, internals portal for choosing among health plans.
2. Revisit HIPAA Security Compliance Issues
Every IT executive in the healthcare field already knows about the Health Insurance Portability and Accountability Act (HIPAA). When enrollment starts, new opportunities for data breaches that violate HIPAA will emerge as well. What's more, the law, first enacted in 1996, has been updated for the digital information age to increase the financial penalties for an entity that suffers a data breach.
Les Levinson, the chair of the healthcare practice at the New York law firm Edwards Wildman Palmer, points to one specific provision regarding employee wellness programs. IT may be called on to manage the security between employer-sponsored health insurance and third-party wellness program providers. If that third party creates, receives, stores, transmits or otherwise possesses personal health information, then it's liable under HIPAA — so make sure it's ready, willing and able to take HIPAA seriously.