HIPAA EDI Testing and Certification

1
HIPAA EDI Testing and Certification
HIPAA COW April 25, 2003

• Larry Watkins, Executive Vice President
• Co-chair, ASC X12 Health Care Task Group
• Co-chair/Co-founder, WEDI SNIP
• Member, DSMO Steering Committee

2
Topics

• HIPAA Testing Issues
• The WEDI SNIP Model
• Testing vs. Certification
• How much testing is enough?
• Test vs. Production
• Progress, not Perfection
• Testing for RSAs

3
HIPAA Testing

• Finite period of time to HIPAA deadline
• Testing must start by April 16, 2003
• Limited resources (internal external)
• Expected provider testing bubble
• Testing and production have conflicting
  requirements
• Testing detect and reject errors proactively
• Production accept maximum number of claims.
  Keep low rejection levels.

4
Testing Challenges

• Ive got gobs of trading partners, theres no
  way I can test with each of them individually.
• I know that testing with the vendors and
  clearinghouses alone will simply not work for
  HIPAA. Providers must first have the data.
• For HIPAA to work, more than 13 million pairs of
  payer and provider must implement an average of
  2.2 transactions eachthe industry will need 2.9
  million analyst months to implement HIPAA
• GartnerGroup, March 2001

5
Issue 2 HIPAA IG requirements

• HIPAA Implementation Guide Ambiguity
• Should vs. Must (open to interpretation?)
• Some ambiguous situational notes
• Business edits not included in the guides
• HIPAA Companion guides
• No electronic, automatically processable, source
• Open to interpretation, just like the
  Implementation Guides
• Most testing is focused on transaction set
  (e.g. 837, 270, etc.), rather than unit of
  business (e.g. claim)
• No objective measure of line-of-business
  capabilities
• Many HIPAA requirements are line-of-business based

6
Issue 3 - The Return of Paper

• My providers will revert to paper if they cant
  generate HIPAA compliant transactions.
• Payers are processing as many as 85 of current
  claims electronically
• The HIPAA EDI rejection rate should not be much
  greater than currently (under 5)
• If providers cant submit HIPAA compliant
  electronic transactions they may revert to paper
  submission to avoid incurring fines or
  significant cash flow disruption
• The increase in paper processing costs for payers
  would be untenable
• A very real concern for clearinghouses

7
HIPAA Testing Options Testing my own
transactions not required by HIPAA

• No testing of transactions
• Testing is not required mantra
• Testing by sympathy
• Other people with the same vendor have tested
  already. Why should I test?
• Testing my first couple of connections
• I expect them to be all the same
• Testing every single connection
• Time consuming, difficult, expensive
• Compliance testing and certification
• Followed by trading partner testing
• WEDI SNIP model

8
Testing today

• Find trading partner that agrees to test with you
• Typically one that will eventually benefit from
  your transactions.
• They must be ready. Or readier than you are.
• Send or get test files
• Get test report from/to trading partner
• Correct errors found with trading partner
• Repeat the cycle until no more errors

9
Graphical view

• EDI Submitter contract
• Telecom / connectivity
• X12 syntax
• HIPAA syntax
• Situational requirements
• Code sets
• Balancing
• Line of business testing
• Trading partner specifics

10
Testing with multiple Trading Partners
11
Certification prior to Testing with multiple
Trading Partners
TP Specific
Common in HIPAA
(2-3 weeks total)
TP Specific
12
Certification prior to Testing with multiple
Trading Partners
TP Specific
Common in HIPAA
TP Specific
13
WEDI SNIPs premise

• Using thorough compliance testing will allow you
  to
• Detect your errors early
• Identify the cause of the error
• Clean up, remediate when appropriate
• Provide cleaner data to trading partner
• Reduce the testing time with each trading partner
• 80/20 Rule

14
Testing vs. Certification

• Compliance testing is great, it allows me to
  clean my own system.
• Then I may be able to test with my trading
  partners in a shorter time
• Certification allows both me and my trading
  partner to know my capabilities
• Then my trading partners will feel comfortable
  with the reduction in testing

15
HIPAA Testing How much is enough?

• Testing of vendor/clearinghouse validates FORMAT,
  but not CONTENT
• 4 Distinct Data Points ALL need testing
• Data Collection
• Data Gathering into system(s)
• Data Formatting into HIPAA standards
• Data Reception

16
The Environment
17
Todays Complex EDI Environment

• Four Data Points
• Data Collection
• System Compilation
• Data Formatting
• Data Reception

Proprietary/ Private Network
Information Flow
VAN
National Clearing- house
Provider
Beneficiary
PPMS/HIS System
MSO
Proprietary/ Private Clearinghouse
Billing Agent
COLLECTION
COMPILATION
FORMATTING
RECEPTION
18
(No Transcript)
19
HIPAA Testing How much is enough?

• 4 Data Points
• Collection, Gathering, Formatting, Reception
• Transaction types specialties, bill types, etc.
• Measurements that are crucial to business
• Flexibility for HIPAA reality
• Provider by Provider
• Claim by Claim

20
Claredis model 80 Rule

• How close can we get before we begin the
  necessary end-to-end testing?

Dont stop here!
Transaction
21
Progress not perfection

• Certification of the capability
• Certif. for some transactions, not others
• Certif. for some Bill Types, not others
• Not all claims will be compliant
• Gap filling issues
• Implementation guide errors
• Legacy data, data errors
• Perfection may be impossible

22
Test environment

• Need to identify ALL the errors
• Some will be HIPAA related
• Some will be related to established business
  practices
• Some errors will be relevant
• Other errors will be irrelevant or may not have
  correction at my end

23
Production Environment

• Error detection already exists in the current
  systems.
• The objective is to get the transactions
  processed correctly
• The objective is to reject the least number of
  transactions
• Perfection is impossible. The data stream is
  imperfect. The 80/20 rule.

24
One locust is called a grasshopper.
25
Put a few thousand in one place and we call it
A Plague.
TEST NOW!
26
Contact Information

• Larry Watkins, Executive Vice President
• Larry.Watkins_at_claredi.com
• (801) 444-0339 x204