Via AAHomecare, WASHINGTON, D.C. (November 15, 2017)—CareCentrix recently notified providers of an update to their provider manual to incorporate the following language: “Except as otherwise permitted by CareCentrix in writing, Provider and any of its subvendors, subcontractors, or agents may not (1) perform or engage with business agents to perform any functions, activities or services under its agreement with CareCentrix from a location outside the United States; or (2) send or transmit to, or access, Members’ PHI (protected healthcare information) or other personal information from outside the United States.”
AAHomecare reached out to CareCentrix for clarification on the intent of this language change and the implications to providers. CareCentrix stated the purpose of this change is to determine the following:
1. Do CareCentrix providers actually have PHI offshore?
2. If they do, what are the specific details on what is being sent offshore?
3. What security measures are in place to ensure regulatory privacy and security guidelines are being followed?
After the attestations are received and reviewed by CareCentrix, a determination will be made as to whether there are any necessary steps to ensure regulatory guidelines are met as well as any requirements from health plans they work with. CareCentrix will communicate directly with providers on a case-by-case basis.
AAHomecare has been assured that contracts will not be terminated based on receipt of the attestation form stating they are utilizing offshore services. AAHomecare will continue to monitor and work with CareCentrix on any concerns that may arise as they work through this process. You can contact Laura Williard, vice president of payer relations at lauraw@aahomecare.org with any concerns.
Visit aahomecare.org for more information.