V610 HIPAA Business Issues

1
V610 HIPAA Business Issues

• Catherine Schulten
• Healthcare Business Development Manager
• Healthcare Sales
• Catherine.Schulten_at_sybase.com

2
Agenda

• Sybase HIPAA Expertise
• Sybase Industry Leader
• HIPAA Websites
• An overview of HIPAA
• Status of the HIPAA Regulations
• ASCA
• Transaction Addendums
• Q A

3
Sybase in HIPAA
4
Sybase HIPAA Expertise

• AFEHCT, co-chair ASPIRE workgroup (CMS 1500 and
  UB92 print image gap analysis/demonstration
  project)
• HL7 membership, ASIG workgroup (claim
  attachments)
• X12N membership, TG3 WG3 (HIPAA Implementation
  and Modeling)
• Testified on HIPAA issues to NCVHS
• WEDI Board of Directors 02-04, Co-chair
  Emerging Technologies
• WEDI SNIP, Co-chair Translations sub-workgroup
• NCPDP membership
• EHNAC accredited

5
Sybase Industry Leader
SYBASE
Source Gartner Research DF-15-0891 8 January 2002
6
Integration Brokers for HIPAA in Health Plans

• Gartner Research Note
• the most-often mentioned vendors were those
  with a strong historic presence in this market
• Sybase, the most frequently mentioned vendor,
  was early to market with its HIPAA add-in
  product
• Sybases EDI Server is a very strong specialty
  mapper, able to handle the complexity and provide
  the throughput required to process healthcare
  claims

7
Sybase Industry Leader Healthcare Channel
Partners
Payer Vendors

• Trizetto embedded solution for EDI and Process
  Management
• HSD/Perot embedded EDI solution for Diamond
  725/950
• OAO MC400 embedded EDI solution
• CSC PowerMHS recommended solution

8
HIPAA WebsitesWhere to find information
9
HIPAA websites

• Workgroup for Electronic Data Interchange (WEDI)
• www.wedi.org
• WEDI Strategic National Implementation Plan
  (SNIP)
• http//snip.wedi.org/
• Association for Electronic Healthcare
  Transactions (AFEHCT)
• www.afehct.org
• HHS Administrative Simplification
• http//aspe.os.dhhs.gov/admnsimp/

10
HIPAA websites

• Accredited Standards Committee X12 (ASC X12)
• www.x12.org
• Health Level 7 (HL7)
• www.hl7.org
• National Council for Prescription Drug Programs
• www.ncpdp.org
• Centers for Medicare and Medicaid (CMS)
• http//cms.hhs.gov/
• Designated Standards Maintenance Organizations
  (DSMO)
• www.hipaa-dsmo.org

11
WEDI Website
12
WEDI SNIP Website
13
WEDI SNIP Website
14
Admin Simp Website
15
CMS Website
16
DSMO Website
17
An Overview of HIPAAHIPAA 101
18
HIPAA Documents
The Act
The Final Rule
Implementation Guides

• Enacted by Congress
• Signed by the President

• Promulgated by the
• Secretary of HHS
• Reflects Public
• Congress Comments

• Developed by ANSI
• Standards Development
• Organizations
• Cited for use by the Final
• Rule

19
An Overview of HIPAA The Act

• Health Insurance Portability and Accountability
  Act
• Public Law 104-191, 8/21/96
• Improve Portability and Continuity of Health
  Insurance for Groups and Individuals
• Combat Waste, Fraud and Abuse
• Promote the Use of Medical Savings Accounts
• Improve Access to Long Term Care
• Simplify the Administration of Health Insurance
• Administrative Simplification
• Transaction Code Set Standards
• National Identifiers
• Security
• Privacy

20
HIPAA Health Insurance Portability and
Accountability Act of 1996
Title I
Title II
Title III
Title IV
Title V
Fraud Abuse Medical Liability Reform
Administrative Simplification
Insurance Portability
Tax Related Health Provision
Group Health Plan Requirements
Revenue Off-sets
Privacy
Security
EDI
Transactions
Code Sets
Identifiers
21
Administrative Simplification Components of HIPAA
Security Polices, Procedures and Technical
Mechanisms Utilized to secure personally
identifiable electronic health care data either
at rest or in motion
Privacy Standards to protect the privacy of
individually identifiable health information
Electronic Transactions, Unique IDs, Code
Sets Implementation Standards used for the
electronic transmission of specific health care
transactions
22
Administrative Simplification Components of HIPAA
Electronic Transactions
Unique Identifiers
Code Sets
Privacy
Security Standards
23
Why HIPAA? Simplify the Administration of
Health Insurance

• Reduce Direct and Overhead Costs
• Reduce the Accounts Receivable Cycle
• Improve Accuracy
• Reduced Data Entry Time
• Smaller/Faster Transmissions at Lower Cost
• Reduce/Eliminate Rework
• Avoid/Reduce Data Entry FTE
• Reduce Operational Costs (office supplies, postal
  costs and telephone charges)

24
Why HIPAA? Simplify the Administration of
Health Insurance

• Improve Process that directly impacts healthcare
  stakeholders -
• Improved patient, provider and payer support
• Efficient information delivery
• Improved quality
• Fosters good will with patients
• Fosters closer working relationships between
  organizations

25
Why HIPAA? Simplify the Administration of
Health Insurance

• Create a Competitive Advantage -
• Increase responsiveness between healthcare
  stakeholders
• Penetration of new markets
• Easier to do business
• Improved relations with other organizations

26
Providers, Payers, Clearinghouses

• All must comply with the mandates of HIPAA
  Administrative Simplification with the following
  exceptions
• Providers who wish to conduct transactions via
  paper may continue to do so and avoid HIPAA
  compliance mandates
• Employers, Workers Compensations Plans, Life
  Insurance Plans not under HIPAA jurisdiction
• Under ASCA, Medicare will require electronic
  claim submission by 10/16/03 for providers of a
  certain size. Other payers may also choose to
  refuse paper transactions in the future.

27
What happens if I do not comply?

• Penalties for transaction non-compliance
  specified in the Act
• not more than 100 for each such violation,
  except that the total amount imposed on the
  person for all violations of an identical
  requirement or prohibition during a calendar year
  may not exceed 25,000

28
What happens if I do not comply?

• Penalties for wrongful disclosure of individually
  identifiable health information specified in the
  Act
• Fine of not more than 50,000, not more than 1
  year imprisonment
• False pretenses, fine of not more than 100,000,
  not more than 5 years imprisonment
• Commercial advantage, personal gain, malicious
  harm, fine of not more than 250,000, not more
  than 10 years imprisonment

29
HIPAA - Promulgation of Proposed and Final Rules

• Federal Rule Making Process
• Publication of Notice of Proposed Rule Making
  (NPRM) in the Federal Register
• Public Comment Period
• Review and Response by appropriate agency (HHS)
• Office of Management and Budget (OMB)
• Publication of Final Rule in the Federal Register
• Congressional Comment Period
• Effective date of Final Rule
• Compliance date

30
NPRMs and Final Rules

• NPRM
• A draft set of instructions
• Proposes HOW to comply
• Open to review and comments
• Final Rule
• Response to NPRM comments
• Contains both front matter and the regulation
• Publication establishes the compliance date

31
Status of the HIPAA Regulations

• TRANSACTIONS
• Final Rule was made effective 10/16/00
• Original Compliance date 10/16/02
• ASCA 1-yr Extension date 10/16/03
• Claim Attachment in development
• Report of First Injury in development

32
Status of the HIPAA Regulations

• CODE SETS
• Final Employer ID published 5/31/02
• NPRM Provider ID published 5/7/98
• Plan ID in development

33
Status of the HIPAA Regulations

• SECURITY
• NPRM published 8/12/98
• Final Rule published ??/??/??
• (expected August 02)
• Compliance date ??/??/??
• (August 04)

34
Status of the HIPAA Regulations

• PRIVACY
• Final Rule was made effective 4/14/01
• Compliance date 4/14/03
• Guidance document published 7/01

35
HIPAA Implementation Guides

• Developed and Maintained by the Standards
  Development Organizations (SDOs)
• X12N www.wpc-edi.com , free to download
• NCPDP www.ncpdp.org, 500 for copy of standard
  and data dictionary
• HL7 www.hl7.org (click on Special Interest
  Groups, Attachments, Publications), free to
  download
• SDOs are ANSI accredited organizations
• Open to all interested participants
• X12 membership ranges from 750 to 5,250
• NCPDP membership is 550
• HL7 membership fees ranges from 150 to 12,000

36
HIPAA Implementation Guides

• Developed and approved in the style and manner
  adopted by the development organization
• Intention is to provide a non-ambiguous set of
  instructions for each transaction
• Questions of interpretation may be submitted to
  the DSMO web site or to the developers of the
  guide

37
Implementation Guides v. Standards

• Implementation Guides support a uniform and
  unambiguous interpretation of each electronic
  transaction
• They specify limits and guidance for
  implementation
• Currently, there are 12 X12 and 2 NCPDP published
  HIPAA Implementation Guides

• Standards are purposefully non-specific and open
  to interpretation
• Trading Partners decide what data content to send
• X12 Standards exist today for over 500 different
  transaction types and for over 25 versions

38
HIPAA X12N Transactions
Payer
Provider
Eligibility Inquiry 270
Eligibility Response 271
Sponsor
Enrollment 834
Request for Review 278
Premium Payment 820
Review Response 278
Claim/Encounter 837
Remittance Advice 835
Request Additional Information 277
Attachments 275/HL7
Additional Information 275/HL7
Status Inquiry 276
Status Response 277
39
HIPAA X12 Cross Reference
HIPAA Transaction ASC
X12 Standard Health Care Claim/COB
Professional X12N 837 X098
Institutional X12N 837 X096
Dental X12N 837 X097 Claim
Attachment X12N 277 275
HL7 Enrollment/Disenrollment X12N 834
X095 Eligibility X12N 270 271 X092 Premium
Payment X12N 820 X061 Payment Remittance
Advice X12N 835 X091 First Report of
Injury X12N 148 X086 Health Claim
Status X12N 276 277 X093 Referral X12N
278 X094
40
HIPAA NCPDP Cross Reference
HIPAA Transaction NCPDP Standard Health
Care Claim/COB Real time Version 5,
Release 1 Batch Version 1,
Release 0 Payment Remittance Advice Real
time Version 5, Release 1 Batch
Version 1, Release 0
41
HIPAA Future Claim Attachment Transactions

• The claim attachment is a combination of the
  X12 277 or 275 transaction with HL7 data resident
  in the BIN segment
• Ambulance
• Emergency Department
• Rehabilitative Services
• Lab Results
• Medications
• Clinical Notes

42
Transaction Addendums
43
HIPAA X12N Transaction Addendums

• Proposed Rule to adopt a set of transaction
  implementation guide addendums published in the
  Federal Register on 5/31/02
• Purpose was to modify existing published final
  X12N HIPAA Implementation Guides to provide
  greater clarity and resolve issues that made the
  guides un-implementable
• This rule proposes to make some limited
  technical modifications to some of the
  transactions standardsas necessary to permit
  initial implementation of the standards within
  the industry.
• Details of changes are available at
  http//www.hipaa-dsmo.org/crs/fasttrack.pdf

44
HIPAA X12N Transaction Addendums

• The proposed modifications to the HIPAA X12
  Implementation Guides do NOT impact the
  transaction compliance deadlines (10/16/02 or
  10/16/03)
• Final Rule for Addendums must be published at
  least 180 days prior to the 10/16/03 compliance
  deadline in order for covered entities to legally
  comply

45
Administrative Simplification Compliance Act
46
Administrative Simplification Compliance Act
(ASCA)

• What is ASCA?
• In December 2001, the Administrative
  Simplification Compliance Act (ASCA) extended the
  deadline for compliance with the HIPAA Electronic
  Health Care Transactions and Code Sets standards
  one year to October 16, 2003 for all covered
  entities other than small health plans (whose
  compliance date was already October 16, 2003)
• How does one apply for the 1-year extension?
• In order to receive an extension, covered
  entities must submit their ASCA compliance plans
  on or before October 15, 2002.
• The ASCA Model Compliance Form is available
  on-line at http//www.cms.hhs.gov/hipaa/hipaa2/AS
  CAForm.asp

47
ASCA The Model Compliance Form

• How extensive is the ASCA Model Compliance Form?
• The form is simple and easy to complete. The ASCA
  requires the plans to contain summary information
  regarding compliance activities, including
• budget, schedule, work plan and implementation
  strategy for achieving compliance
• planned use of contractors or vendors
• assessment of compliance problems
• a timeframe for testing to begin no later than
  April 16, 2003

48
ASCA Medicare claims submission

• Does ASCA mandate Medicare claims be submitted
  electronically by 10/16/03?
• ASCA prohibits HHS from paying Medicare claims
  that are not submitted electronically after
  October 16, 2003, unless the Secretary grants a
  waiver from this requirement.
• It further provides that the Secretary must grant
  such a waiver if
• there is no method available for the submission
  of claims in electronic form
• or if the entity submitting the claim is a small
  provider of services or supplies
• Beneficiaries will also be able to continue to
  file paper claims if they need to file a claim on
  their own behalf

49
What else is going on?
50
Sen. Kennedys eHealth Initiative

• Efficiency in Health Care Act Background and
  Need for Legislation
• Healthcare is one of the least efficient
  industries in America. Processing a single
  transaction in health care can cost as much as
  12 to 25, whereas banks and brokerages have cut
  their costs to less than a penny per transaction
  by using modern information technology
• Widespread adoption of modern information
  technology will decrease the time that health
  care professionals spend doing routine
  administrative costs and increase the time
  devoted to patient care.
• Its estimated that 1 in 4 insurance claims are
  initially rejected or processed in error due to
  incomplete or inadequate information

51
Sen. Kennedys eHealth Initiative

• Some Specifics
• Consumer information The eHealth Act requires
  health plans and providers to give consumers of
  health care comprehensive information about
  billing in an accurate and timely manner. The
  Act provides 250 million in grants to providers
  to help them meet these requirements. 
• Claims adjudication The eHealth Act requires
  every insurance company to be able to process
  claims immediately, rather than the weeks to
  months such processing currently requires.
• In addition, the Act requires that plans must
• process claims with an accuracy of greater than
  99
• be able to accept claims via the internet and
• be able to issue denials instantaneously over the
  internet.

52
Sen. Kennedys eHealth Initiative

• 3. Financial Information The eHealth Act
  requires all health plans to provide consumers
  with a statement of account showing claims
  history, status of coverage and information on
  deductibles
• I Internet Access The eHealth Act requires
  all plans to be able to issue automated referrals
  and provide pre-authorization with an automated
  system. These automated systems must provide
  physicians and consumers with access via the
  internet or a toll-free number. The Act further
  requires that each plan establish a system
  whereby information on prescriptions is available
  to physicians and beneficiaries through a secure
  internet connection without the use of paper.
  The Act also requires that plans establish a
  system to allow physicians with the permission
  of the patient to have access to a patients
  claims history via the internet.

53
Sen. Kennedys eHealth Initiative

• 3.    Modernizing Financial Transactions The
  eHealth Act requires health plans to
•       I.      accept payments from physicians or
  beneficiaries via electronic transfers of funds
•                           II.     
  implement automated audit controls to monitor
  duplicate payments
• 4.  Enhancing patient safety The eHealth Act
  sets standards for computerized systems through
  which physicians can enter orders for
  prescriptions, thereby reducing errors from
  mistaken prescriptions or illegible handwriting.
  The Act requires adoption of these systems by
  health care providers. The Act will thus reduce
  over 7,000 deaths that occur annually from
  medication errors. The Act provides 100 million
  in matching grants for hospitals to adopt these
  systems.

54
HIPAA Q A