Problem solve Get help with specific problems with your technologies, process and projects.

Access to list of Medicaid clients under HIPAA

I am an auditor with the Legislative Audit Division. We are currently conducting a financial-compliance audit of the Medicaid program. As part of our audit, we generally re-perform eligibility determinations for Medicaid clients. We conduct this testing to meet requirements under A-133 guidelines. Is there anything in the new HIPAA laws that will prevent us from having access to a list of Medicaid clients in the state for the purposes of selecting a sample of files for testing?
The only thing I can think of that will affect you is to make sure a business associate agreement has been put in place. If your organization is otherwise authorized to obtain these records, then you should fall under the business associate umbrella and will have to comply via a business associate agreement(s) as any other auditing organization would. You should definitely confirm this with your legal counsel.

For more information on this topic, visit these other SearchSecurity.com resources:
  • Featured Topic: HIPAA update
  • Best Web Links: Securing Health Care/Health Services
  • News & Analysis: HIPAA legislates good business practice

  • This was last published in April 2003

    Dig Deeper on HIPAA

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.