When HIPAA Calls, Providers Answer
Edition: July 2002 - Vol 10 Number 07
While the concept of electronic data interchange has been around for some time, actually converting one's office or practice to such a system can be daunting. Ask any of a number of healthcare providers who are required under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to implement new transaction standards and code sets in an effort to adopt the electronic interchange of data.
Establishing a system for electronically transmitting healthcare information is part of HIPAA's larger plan to protect American employees by facilitating access to health insurance and helping prevent waste, fraud and abuse within the system, according to HIPAAnswers, an Eden Prairie, MN-based consulting firm.
More groups than not will be affected by HIPAA requirements, at a cost of billions of dollars. Over a half million healthcare providers, from small physician practices to large health plans, must take steps to convert their systems to meet HIPAA regulations, says HIPAAnswers. All entities that process protected health information (PHI) or electronically transmit health claims, remittances, status inquiries, and eligibility or certification information must comply. In the end, however, HIPAA transactions should save providers close to $9 billion each year by limiting administrative overhead and fraud, says HIPAAnswers.
HIPAA Offers Extension
The good news is that organizations that complete and submit their Administrative Simplification Compliance Act (ASCA) compliance plans by October 16, 2002, will be eligible for a one-year compliance extension to October 16, 2003.
The Centers for Medicare and Medicaid Services (CMS) offers the following guidelines to assist covered entities in qualifying for the extension:
The ASCA compliance form, released last March 28, is available on the CMS website. The form also is published in the Federal Register.
Organizations need only provide summary information about their full compliance plan not the entire detailed plan itself. Information required includes:
1. Budget, schedule, work plan and implementation strategy for achieving compliance.
2. Planned use of contractors or vendors.
3. Assessment of compliance problems.
4. A timeframe for testing to begin no later than April 16, 2003.
Organizations may file the ASCA extension form electronically by visiting the CMS website.
Those unable to file electronically must mail a printed form to: Model Compliance Plans, Centers for Medicare and Medicaid Services, P.O. Box 8040, Baltimore, MD 21244-8040.
Only those covered entities that submit the compliance extension plan by October 16, 2002, will receive the extension, and small health plans whose compliance date already was October 16, 2003, will not receive an extension. Also, the ASCA extension will not affect the HIPAA privacy standards compliance date of April 14, 2003 (April 14, 2004, for small health plans).
Congress does not anticipate denying any covered entities an extension if they submit a properly completed compliance plan by October 16. The form serves as an assurance that covered entities have plans in place, permitting them to be compliant by the new deadline.
Ideally, the extension will enable covered entities to sufficiently develop, test and implement their Final Electronic Health Care Transactions and Code Sets required by HIPAA. ASCA does require that compliance plans include a testing phase beginning on or before April 16, 2003, although covered entities are encouraged to begin testing as soon as possible to allow enough time to address any problems. CMS is expected to provide an instruction form with dates for Medicare contractors to begin testing with providers.
The ASCA delay should not interrupt Medicare activities. Medicare will continue to implement HIPAA transaction standards, and the schedule is not anticipated to change much, according to CMS.