"Transactions are electronics exchanges involving the transfer of health care information between two parties for specific purposes, such as a health care provider submitting medical claims to a health plan for payment."
HIPAA mandates that, if covered entities engage in electronic transactions (and really, how many don't?), they must adhere to certain standards that HHS outlines.
Related to transactions are code sets. According to HHS, code sets are:
"Under HIPAA, a "code set" is any set of codes used for encoding data elements, such as tables of terms, medical concepts, medical diagnosis codes, or medical procedure codes. Medical data code sets used in the health care industry include coding systems for diseases, impairments, other health-related problems, and their manifestations; causes of injury, disease, impairment, or other health-related problems; actions taken to prevent, diagnose, treat, or manage diseases, injuries, and impairments; and any substances, equipment, supplies, or other items used to perform these actions."
In addition to the HHS resources, there are two other great sites you should check out. The first, provided by the American Medical Association (AMA), covers HIPAA in general and has a specific section on Transactions and Code Sets.
Finally the American Academy of Family Physicians has a great article that covers HIPAA, including some great high-level advice on dealing with the regulation, as well as how to transition an organization to HIPAA compliance.
As for HIPAA assessments, there are several good resources also provided by HHS. One resource gives extensive information on safeguards, policies and risk management. Another resource has a great high-level outline of what to expect as part of being audited (.PDF). Finally, HIPAA auditors, as a general rule, use the Medicaid guidelines (.PDF) provided by the Office of the Inspector General of Health and Human Services.
For more information:
This was first published in August 2009