[ Thursday, December 30, 2004 ]


Putting the "P" in HIPAA. Remember when HIPAA was originally a gleam in Senators Kennedy and Kassebaum's eyes? When it was all about portability, and not privacy? No?

Well, believe it or not, HIPAA was originally designed to ensure that health insurance would be portable. Back in the stone ages (think Eisenhower and tail fins), people bought health insurance (or, more likely, hospitalization insurance) themselves, rather than having it provided by their employers. Over time, health insurance became a standard type of "fringe benefit" offered by employers to their employees, but the insurance was generally purchased by the employer from a separate, independent insurance company. Then, ERISA came around and most employers of any size began to self-insure for health insurance, using insurance companies as to administer their plans and provide stop-loss coverage. Also, back in the stone ages, people tended to work for one employer their entire lives.

Fast forward to the present day, and most people switch jobs with some regularity. Also, most employers self-insure. And there's one more piece to the puzzle: insurance companies started utilizing the "pre-existing condition exclusion" concept.

A quick word about the economics of insurance: Insurance companies do not make money by paying benefits. They make money by maximizing premiums they take in, and by minimizing the benefits they pay out. It's that simple. If the insurance company is a mutual benefit company (an old-style insurance company), any excess profit it makes from premiums collected over benefits and other operating costs paid (including adding money to reserves for potential future catastrophic events), that excess goes back to the policy-holders. But mutual benefit insurance companies are few and far between these days. Most insurance companies are stock companies, so excess profit goes to the shareholders (or, depending on how jaded you are, to the executive's ex-wives). There isn't the incentive to make a profit in a mutual benefit company that there is in a stock company, but stock companies are what we've got today. And any concept an insurance company can implement that increases premiums or reduces benefit payouts (without driving off customers, of course) adds to that profit. Hence, the pre-existing condition exclusion.

The concept of the pre-existing condition exclusion is a sound one: the insurance company will insure you from unforseen accidents and illnesses that happen while you are under their insurance, but not for the baggage you bring along with you. This is important because if the insurance company does not have the right to prevent that type of coverage, there is an incentive on the beneficiary to not buy insurance when he/she is well and wait to buy insurance when he/she is sick or injured. That's "gaming the system;" insurance is supposed to work by every member of the pool agreeing to pay the average cost of coverage to level the cost out for everyone, and if someone stays out of the pool when they are a low-cost user but gets in when they are a high-cost user, the other pool participants are overburdened and the system gamer is a free-rider.

The problem is that the pre-existing condition exclusion was being used to cut out people who weren't gaming the system, but were just switching pools. It makes sense to keep the free-rider out of the pool. But what about the employee who was a consistent pool participant at Company A, who leaves the company to join Company B? Let's say the employee was diagnosed as diabetic while working at (and paying for insurance at) Company A, and he gets a better employment offer to go to Company B. If Company A and Company B have different insurance companies (and if they're both self-insured, they obviously do), Company B's insurance company may exclude the employee from coverage based on the fact that the employee has a pre-existing condition. The employee was not gaming the system, but was a fair player in the system, buying insurance when he didn't need it necessarily and taking advantage of what he bought once he did need it. Now, the employee has to face the prospect of being "locked into" the job at Company A even though it would be best for everyone if he left to take the job at Company B.

This "job lock" concept was the original impetus for HIPAA: if the employee was an insurance pool participant at Company A, he ought to be able to transport his insurance (and his history of participation) over to Company B. That's what the P stands for: Portability. How does Company B know that the boogie-woogie bugle boy employee was a pool participant at Company A and not a free-rider? Company A provides a "get-out-of-insurance-jail-free" card to the employee, so the employee can show future employers that he was a good insurance citizen and not a system-gamer. In other words, the employee gets proof that he had "qualified coverage" for a specified period in the past, so it isn't fair for the new insurer to exclude a pre-existing condition.

The "Portability" provisions of HIPAA are all about how you make sure this portability exists, and how you determine to whom it should apply. Rules regarding this, which primarily focus on the certificate Company A provides to the employee or his future employers, were in effect back in 1997. That's right, this was the "easy" part of HIPAA.

In today's (December 30, 2004) Federal Register, those rules are being modified, but only slightly. One of the changes is to show that insurance under CHIP and other coverages count as "qualified coverage," and to show that time off work or away from paying insurance while out on Family Medical Leave Act (of FMLA) time doesn't count against you.

The new regs, which will become effective for plan years starting after July 1, 2005, should also have a new form of certificate for Company A to provide to Company B (including these new requirements and descriptions), and they contain a new requirement for notice to be given to employees explaining how the P in HIPAA works. The regs may have a form for that notice as well.

I'll link to the regs directly as soon as I can find them online.

UPDATE: Here be the regs, I hope.

Jeff [9:30 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template