Content created by Freedom of Information Act (FOIA) Division
System name: National Disaster Claims Processing System.
Security classification: None
System location: Office of Emergency Preparedness (OEP), 12300 Twinbrook Parkway, Rockville, MD 20852.
Categories of individuals covered by the system: Individuals requiring definitive medical care at an NDMS hospital as the result of a medical condition caused by, or exacerbated by, a natural or technical disaster, or a terrorist act.
Categories of records in the system: Medical claims data will be in uniform claim forms accepted by the Health Care Financing Administration (HCFA) for institutional and non-institutional claims. Records will include: Beneficiaries Name, Social Security Number, Address, Dates of Care, DRG/CPT, Provider Name, Provider Address, HIPAA Provider Number, Amount Billed, Amount Allowed, Other Insurance Payment, and Amount to be paid. In addition information from the providing hospital including the Employer Identification Number (EIN) and information for submitting electronic payment will be collected.
Authority for maintenance of the system: the authority for maintaining this system of records is from 42 U.S.C. 243(c)(1).
Purpose(s):
To justify and document reimbursement payments for services provided in connection with the National Disaster Medical System (NDMS).
Routine uses of records maintained in the system, including categories of users and the purposes of such uses:
1.To a Congressional Office from the records of an individual in response to an inquiry made from the Congressional Office made at the request of that individual.
2. To the Department of Justice (DOJ), court or other tribunal, or to another party before such tribunal, when:
a. HHS or any component thereof; or
b. Any HHS employee in his or her official capacity; or
c. Any HHS employee in his or her individual capacity where the Department of Justice (or
HHS where it is authorized to do so) has agreed to represent employee; or
d. The United States or any Agency thereof, where HHS determines that the litigation is likely to affect HHS or any of it's components; is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the tribunal, or other party is relevant and necessary to the litigation and would help in the effective representation of the governmental party, however, that in each case, HHS determines that each disclosure is compatible with the purpose for which the records were collected.
3. To a contractor for the purpose of collating, analyzing, aggregating, or otherwise refining or processing records in this system, or for developing, modifying, and/or manipulating it with automatic data processing (ADP) software. Data would also be available to users incidental to consultation, programming, operation, user assistance, or maintenance for an ADP or telecommunications system containing or supporting records in the system.
Policies and practices for storing, retrieving, accessing, retaining and disposing of records in the system:
Storage: Paper and computer form.
Retrievability: Information will be retrieved by beneficiary's name; and may be sorted by medical diagnosis, geographical area, or medical provider.
Safeguards:
1. Authorized Users: Only HHS personnel or HHS contract personnel whose duties require the use of the system may access the data. In addition, such HHS personnel or contractors are advised that the information is confidential and the criminal sanctions for unauthorized disclosure of private information may be applied.
2. Physical Safeguards: Physical paper records are stored in locked files cabinets or secured areas.
3. Procedural Safeguards: Employees who maintain records in the system are instructed to grant access only to authorized users. Data stored in computers are accessed through the use of passwords known only to authorized personnel. Contractors who use records in this system are instructed to make no further disclosure of the records except as authorized by the system manager and permitted by the Privacy Act. Privacy Act language is in contracts related to this system.
4. Implementation Guidelines: HHS Chapter 45-13 of the General Administration Manual, “Safeguarding Records Contained in Systems of Records and the HHS Automated Information Systems Security Program Handbook, Information Resources Management Manual.''
Retention and disposal: Disposition of records is according to the National Archives and Records Administration (NARA) guidelines, as set forth in the Office of Emergency Preparedness Records Management Manual.
System manager(s) and address: Chief, National Disaster Medical System Branch, Office of Emergency Preparedness, 12300 Twinbrook Parkway, Suite 360, Rockville, Maryland 20852.
Notification procedure: Inquiries and requests for system records should be addressed to the system manager at the address indicated above. The requestor must specify the name, address, and health insurance number.
Record access procedures: Same as notification procedures. Requesters should also reasonably specify the record contents being sought. These procedures are in accordance with HHS Regulations at 45 CFR 5b.5(a)(2) and 45 CFR 5b.6
Contesting record procedures: Contact the system manager named above and reasonably identify the record and specify the information to be contested. State the reason for contesting the record (e.g., why it is inaccurate, irrelevant, incomplete, or not current), the corrective action being sought, and give any supporting justification. (These procedures are in accordance with HHS regulations 45 CFR 5b.7.)
Record source categories: Information contained in these records will be obtained from NDMS hospitals seeking reimbursement for treatment provided to disaster victims.
Systems exempted from certain provisions of the act: None.