HIPAA Transactions and Code Sets Where Are We Today

1
HIPAA Transactions and Code Sets Where Are We
Today?

• Stanley Nachimson
• Office of HIPAA Standards
• Centers for Medicare and Medicaid Services

2
One Deadline Passed, Several to Go

• Privacy deadline was April 14
• Transactions deadline is October 16
• Security deadline is April 20, 2005

3
Transactions Implementation Where Should We Be

• Vendors/Clearinghouses
• Should have delivered, or should be operating,
  HIPAA compliant solutions
• Providers
• Should have all software upgrades
• Should be completing testing with health
  plans/trading partners/business associates for
  all transactions.

4
Transactions Implementation Where Should We Be

• Health Plans
• Should have testing scheduled and nearing
  completion with trading partners/providers/busines
  s associates for all transactions.
• CMS
• Should be doing outreach and providing guidance
  for all entities on compliance.(We are.)

5
How Will CMS Enforce the Transaction Standards

• Our goal is to assure that all entities are
  compliant
• Enforcement procedure will be
• Complaint based
• Designed to resolve complaints and move entities
  into compliance via corrective action
• Monetary penalties as last resort.

6
Enforcement

• Past actions which indicate due diligence and
  reasonable efforts to achieve compliance will be
  favorably considered
• Willingness to achieve compliance will be
  favorably considered

7
Compliance Guidance

• Issued July 24
• October 16 is still the deadline for compliance,
  but CMS will use 1176(b) enforcement flexibility
• CMS will not impose penalties on covered entities
  deploying contingency plans onand after October
  16 if
• Reasonable and diligent efforts to become
  compliant
• Reasonable efforts by health plans to facilitate
  trading partner compliance

8
Guidance

• What are contingency plans?
• Used to continue smooth flow of payments
• Examples
• Health plans continue to process pre-HIPAA
  electronic transactions

9
Guidance

• What are reasonable and diligent efforts?
• Possible examples
• Outreach
• Expansive testing
• Signed agreements with vendors and periodic
  monitoring indicated deadline should have been met

10
Guidance

• We will consider each situation on a case-by-case
  basis
• We will continue to monitor the covered entity to
  ensure that they are continuing to make progress
  towards compliance
• October 16 is the deadline, and as we move
  further from the date our flexibility will
  decrease.

11
Medicare Electronic Billing Regulation

• Published 8/15
• Requires claims submitted by providers to
  Medicare be done so electronically except for
• Small providers
• Roster billing for vaccinations Medicare
  demonstration projects Dental claims
• Claims when more than one primary payer to
  Medicare
• Other future circumstances as determined by the
  Secretary