Availability of Sensitive Diagnosis Information is Limited

Providers who are registered for the secure provider website at TriWest.com can view a sensitive diagnosis when checking the status of referrals and authorizations online. However, there is no sensitive diagnosis information shared on either the paper or electronic remittance advices.

The Department of Defense’s (DoD) Military Health System (MHS) generally adheres to the U.S. Department of Health and Human Services (HHS) rules implementing administrative simplification, including privacy and security. This includes the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the regulations implementing HIPAA’s administrative simplification provisions.

The HIPAA Privacy Rule requires individual health care providers, institutional providers such as military treatment facilities (MTFs), their workforce members, and their contractors to use and disclose protected health information (PHI) only as permitted or required by the HIPAA Privacy Rule. Examples of PHI include medical-record data (documentation of symptoms, examination and test results, diagnoses, treatments, and plans for future care or treatment) and billing documents.

For more TRICARE-specific information on HIPAA, refer to the TRICARE Operations Manual, Chapter 1, Section 5 and Chapter 21, Section 3 at http://manuals.tricare.osd.mil/ as well as the TRICARE Provider Handbook.