A Simple HIPAA Compliant Solution for Banks Entering Medical Lockbox
Let’s say that a financial institution (FI) wants to provide a medical lockbox processing solution to its existing healthcare provider customers and/or prospective customers outside its geographic branch locations. Ideally the system would process both insurance payments as well as patient payments. In order to get into this business, particularly capturing and scanning EOBs, the FI will need to follow the rules and regulations around HIPAA/HITECH; a potentially daunting and intimidating process!
Did you know that there is a way to phase into this business without major investment or compliance overhead? To do so, the FI can offer a “virtual medical lockbox” or “remote medical lockbox”.
This kind of solution entails working with a company like Orbograph that provides both EOB data conversation as well as the ability to generate check images files for remote deposit capture. The advantages of a “virtual” solution is that the scanning is done on site at the healthcare provider’s location, while the EOB conversion, electronic posting file generation and financial data collection for RDC are all hosted on the cloud, off premise from the financial institution. The risk exposure to the FI is about the same as any other RDC operation, but the opportunity to capture a new market and drive fee for service revenues are greatly increased for this lockbox marketplace.
By working with a vendor partner that is complaint with both HIPAA/HITECH rules as well as financial rules around GLBA, the FI limits the overhead of managing many of the compliance and risk mitigation activities needed for a completely “in house” solution. In addition, the compliance risk is more easily managed by the simple fact that a bank never directly receives a paper check from a patient or insurance payer with protected health information from an EOB. Therefore, the FI can offer a full featured medical lockbox product with very little in-house compliance changes.
Leave a Comment