The Health Insurance Portability and Accountability Act (HIPAA) was signed into Federal Law on August
21, 1996 to improve the efficiency of health care delivery. HIPAA mandates standards for Electronic
Data Interchange (EDI) transactions and code sets. It establishes uniform health care identifiers for
providers, health plans, and employers. Compliance with HIPAA requires the use of ANSI ASC X12N
(Version 4010) transaction standards and implementation guides. It also addresses privacy and security.
The final rules for transactions and code sets were published in the Federal Register on August 17, 2000,
and the compliance date is October 16, 2002. However, President Bush signed a bill on December 27,
2001 (HR 3323) enabling covered entities to delay compliance with the transactions and codes sets rule
by one year until October 16, 2003. To qualify for the extension, covered entities must submit a
compliance plan to the Secretary of the Department of Health and Human Services by October 16,
2002. The plan must include a budget, schedule, work plan, and implementation strategy for achieving
compliance. SynerMed is analyzing the appropriateness of filing for an extension.
The final rule for Privacy Standards was published in the Federal Register on December 28, 2000. The
compliance date is April 14, 2003. This date is not affected by the extension granted for the final rules
for transactions and code sets.
Covered entities will be subject to financial penalties, which will be defined under the pending
Enforcement Regulation, if they do not comply with the dates mandated by the HIPAA rules and
regulations.
HIPAA Applicability
Under the terms of HIPAA, the rules and regulations apply to health plans, health care clearinghouses,
and health care providers who transmit any health information in any electronic form in connection with
transactions covered under HIPAA, and who receive, maintain, or disclose individually identifiable health
information in any form or medium. All covered entities must comply with the standards adopted by
HIPAA by the applicable compliance dates. If a provider chooses to conduct a standard electronic
transaction with a health plan, the health plan may not refuse to conduct, or delay such transactions.
The modes of electronic transmission covered under HIPAA include the Internet, extranets, leased
lines, dial-up lines, private networks, and those transmissions that are physically moved from one
location to another using magnetic tape, disk, or compact disk media.
HIPAA Transaction Standards
The transactions that are required to use the HIPAA standards under this regulation are as follows:
| Transaction Name A |
SC X12 Transaction |
NCPDP Transaction |
| Health Claims and Equivalent Information |
837 |
NCPDP 5.1/Batch1.0 |
| Enrollment and Disenrollment in a Health Plan |
834 |
|
| Eligibility Inquiry/Response for a Health Plan |
270/271 |
NCPDP 5.1/Batch1.0 |
| Health Care Payment/Remittance Advice (EFT/ERA) |
835 |
NCPDP 5.1/Batch 1.0 |
| Health Plan Premium Payments |
820 |
|
| Health Claim Status |
276/277 |
|
| Referral Certification and Authorization |
278 |
|
| Coordination of Benefits |
837 |
NCPDP 5.1/Batch 1.0 |
| Electronic Attachments * |
275/HL7/LOINC |
|
HIPAA Transactions Update to SynerMed E-Claims Providers
As of October 16th healthcare providers who submit transactions electronically will be responsible for
complying with a new set of federal standards for conducting electronic healthcare transactions. These
transaction requirements came about as a result of the 1996 Health Portability and Accountability Act
(HIPAA) passed by Congress. This law included the now well-known privacy protections for health care
information, as well as other “Administrative Simplification” provisions that went into effect in October
2003.
The HIPAA standards require healthcare providers to collect more information than they have in the
past in order to process a healthcare transaction electronically. The standards also require that
electronic data be submitted in a specific format and encrypted (none other than the intended receiver
can view the data).
The government agency charged with enforcement – the Center for Medicare and Medicaid Services
(CMS) – recognized the massive effort required to transition an entire industry to new standards and
the fact that many in the healthcare community will not be prepared to fully adopt the HIPAA standards.
SynerMed similarly takes seriously our obligation to help ensure that the migration to the new HIPAA
standards does not create unnecessary administrative burdens for our business partners or cause
significant disruptions in healthcare payments and services. However, SynerMed does recognize that
HIPAA is law and must take certain steps to be HIPAA compliant.
SynerMed will continue to actively and aggressively test and otherwise collaborate with providers
wishing to transition to HIPAA standard transactions. Because of the wide variation in payer and
provider readiness, this process must be carefully managed over a period of months. As part of our
transition plan, SynerMed will continue to process claims and other transactions without the additional
information requested by payers under the HIPAA standards. However, we must discontinue our direct
receipt of electronic claims/other files that are not encrypted or not in HIPAA-compliant formats. These
files must be submitted to established SynerMed Clearinghouses. Our EDI Department will be
contacting you soon if you are not using one of our established Clearinghouses for E-Claims submission.
More information regarding SynerMed and HIPAA may be found at our website www.iSynerMed.com. If
you have additional questions or concerns, please contact Craig Girard direct in the EDI department at
(213) 437-4284.
HIPAA Code Sets
Under HIPAA, a "code set" is any set of codes used for encoding data elements, such as tables of terms,
medical concepts, medical diagnosis codes, or medical procedure codes. Code sets for medical data are
required for data elements in the administrative and financial health care transaction standards adopted
under HIPAA for diagnoses, procedures, and drugs.
The following code sets have been adopted as the standard medical data code sets:
The combination of Health Care Financing Administration Common Procedure Coding System
(HCPCS), as updated and distributed by the DHHS and Current Procedural Terminology, Fourth Edition
(CPT-4), as updated and distributed by the American Medical Association for physician services and
other health related services. International Classification of Diseases, 9th Edition, Clinical Modification
(ICD-9-CM), Volumes 1 and 2 (including the Official ICD-9-CM Guidelines for Coding and Reporting),
as updated and distributed by the DHHS. International Classification of Diseases, 9th Edition, Clinical
Modification (ICD-9-CM), Volume 3 Procedures (including the Official ICD-9-CM Guidelines for Coding
and Reporting), as updated and distributed by the DHHS. Drug and Biologic Codes -Currently under
review by DHHS.
Dental Procedures and Nomenclature, As Updated and Distributed By the American Dental Association, for Dental Services
HIPAA Identifiers (Final Rules Pending) Following are the proposed HIPAA identifiers: National Provider
Identifier (NPI): proposed to be a ten-position numeric identifier Employer Identification Number (EIN):
proposed to be the nine-digit IRS Tax Identification Number Health Plan Identifier (PAYERID): not yet
announced but likely to be a ten-digit number assigned to all health plans for the routing of electronic
transactions.
How to Prepare for HIPAA
There is a wealth of information being published to keep the health care community informed of what is happening on the HIPAA front. The following government and health care organization Web sites are available for assistance with HIPAA implementation:
www.hipaa.org,
www.cms.hhs.gov/HIPAAGenInfo/ and
www.hipaadvisory.com.