theDataMap

Documenting all the places
personal data goes.

healthDataMap


Legend: with your name, without your name.
Click on a circle above for names of organizations and details of data shared.


Clearing Houses work on behalf of physicians, hospitals, pharmacies, and other healthcare providers to assist with processing billing claims with payers (e.g., health insurance companies).

A clearinghouse offers billing support to health care providers (physicians, hospitals) and to labs and pharmacies. To appreciate the role of a clearinghouse, consider the dynamics of medical billing. About 3 million licensed provider facilities [1] use different assortments of software to submit claims to any of 1300 different licensed insurance companies [2] in any of fifty different states. Each state has its own insurance regulatory nuances. Each insurance company has it's own internal software infrastructure for receiving claims. After submission, any errors found in a claim usually require phone calls and re-submittals until reimbursement issues are resolved and the bill is paid. Clearly, the administrative overhead to process an insurance claim for payment can be onerous for a provider. A clearinghouse removes much of this burden by acting as a middleman between the provider and insurance companies. The provider gains a single point of contact, the clearinghouse, and a single way to process generic claims, through the clearinghouse, regardless of the insurance company. The clearinghouse then acts on the provider's behalf, handling idiosyncrasies and complexities with the various insurance companies.

[1] Centers for Medicare and Medicaid Services. National Plan and Provider Enumeration System (NPPES). Database as of June 9, 2009.

[2] U.S. General Accounting Office. Private Health Insurance: Number and Market Share of Carriers in the Small Group Health Insurance Market. Presented to the Committee on Small Business and Entrepreneurship, United States Senate on March 25, 2002.

Examples

Health Data Insights purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Georgia Department of Community Health, Affiliated Computer Services (ACS) had a data breach in 2007, in Georgia. A computer disk containing personal information including addresses, birthdates, dates of eligibility, full names, Medicaid or childrens health care recipient identification numbers, and Social Security numbers went missing from a private vendor, affiliated Computer Services (ACS), contracted to handle health care claims for the state. (2900000 records involved) [source].

  

Information Management Systems, Inc. purchases statewide personal hospital discharge data from at least WA [source]. See more information about the fields of data shared, an example of matching real names to the records in statewide discharge data, and which states use standards less than the HIPAA standard.

  

Millennium Medical Management Resources had a data breach in 2010, in Illinois. Health records belonging to patients were stolen in a break-in. The records were on a portable hard drive and stolen from the Westmont office of Millennium Medical Management Resources. Millenium believes the hard drive contained personally identifiable information about EHP patients including name, address, phone, date of birth, and Social Security number. In some cases other information such as diagnosis, procedure (and/or codes), medical record number, account number, drivers license number and health insurance info. It was NOT encrypted. (180,111 records involved) [source].

  
  

(return to health DataMap)



Copyright © 2012-2016 President and Fellows Harvard University.