• Industry News
  • Access and Reimbursement
  • Law & Malpractice
  • Coding & Documentation
  • Practice Management
  • Finance
  • Technology
  • Patient Engagement & Communications
  • Billing & Collections
  • Staffing & Salary

Administrative Simplification - Simplified


A review of HIPAA

While the Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA, demands shifts in the way we handle healthcare and insurance-related information, not all parts of the act so keenly affect the coding and billing staff -- the core of so many practices -- as those contained in the "Administrative Simplification" provisions.

The provisions have several parts. For now, practices should be most concerned with the Transaction Standards and the Privacy Rule, since these have been published as "final" rules and have upcoming deadlines. But be prepared, too, for rules concerning unique employer identifiers, code sets, security and claims attachments.

Here's a brief description of all the components of the Administrative Simplification provisions of HIPAA so you'll know what to expect.

The Transaction Standards

What they are ...
Transaction rules apply to a physician's capability to transmit claims electronically using the ASC X12 formats, defined as "the new standardized way" to file claims and receive payment based on these claims. Standards published in the final rule (Federal Register, Aug. 17, 2000) apply to the Medicare program, although under HIPAA, the standards will extend to commercial payers as well.

Under the Medicare transaction standards, practices must now be in compliance or have applied for an extension,  which was available through the Centers for Medicare and Medicaid Services (CMS).

Florida Hospital in Orlando, for one, is well ahead of the game. Nearly 10 years ago, the hospital's electronic data interchange (EDI) staff got the idea of extending its X12 capabilities beyond Medicare, which was the only payer using the ASC X12 standard back in the early 1990s. The progression only made sense, according to Ned Palmer, the hospital's EDI manager. "We knew since Medicare was using this, the others [payers] were sure to follow."

Smaller facilities and private practices unable to afford the EDI costs will continue to depend on clearinghouses until, Palmer believes, biting the bullet for software becomes the economically practical solution.

... and when you have to comply
The deadline for compliance with the transaction rule is Oct. 16, 2002; physicians have the option to file a request for a one-year extension by the same date, which waives compliance until Oct. 16, 2003. The extension requires information about your practice's strategy for achieving compliance, planned use of contractors or vendors, assessment of compliance problems, and a timeframe for testing to begin by April 16, 2003. A form is available online at cms.hhs.gov/hipaa/hipaa2/TCSFormInstructions.asp.

Medicare contractors cannot accept Medicare transactions that do not meet the standards by the dates noted.

The Privacy Rule

What it is ...
The Privacy Rule applies to health plans, healthcare clearinghouses, and certain healthcare providers, ("covered entities") and was developed to protect the patient's health information through regulations and written policies that stipulate how the information may be used, whether it can be disclosed and, if it is, to whom.
According to the Privacy Rule, the covered entity must designate a privacy officer to manage the program and to train everyone who requires access to sensitive medical information. All staff members need to be trained on privacy issues and that training should be documented.

Many healthcare providers and health plans require assistance from a variety of contractors who may also have access to protected health information. In allowing providers and plans to give protected health information to these so-called "business associates," the Privacy Rule requires, typically by contract, satisfactory assurances that the business associate will use the information only for the purposes of the business agreement.

In general, the physician is not liable for privacy violations of a business associate. If the physician becomes aware of questionable practices by a business associate under contract, the physician must take "reasonable steps" to check out the situation and, if necessary, cancel the contract and report the business associate.
Bob Burleigh, a board member for the Healthcare Billing and Management Association in California, does not anticipate many changes to his business due to the Privacy Rule. "The provider always had a moral duty to pay attention to who gets the information and the consultant always had the moral duty to protect the information provided for the job," he says.

... and when you have to comply
A covered healthcare provider must comply with the Privacy Rule by April 14, 2003.

New and existing business associate agreements with a renewal date prior to April 14, 2003 must be either amended or canceled and replaced by April 14, 2003. Existing agreements with renewal after April 14, 2003 must be either amended or canceled and replaced by April 14, 2004.

Standard Unique Employer Identifier

What it is ...
Covered entities must use the employer identification number (EIN) in health-related financial and administrative transactions; the EIN appears on the IRS Form W-2, Wage and Tax Statement.

... and when you have to comply
Healthcare providers must comply by July 30, 2004.

Standards for Code Sets

What they are ...
This part of the provision hits coders and physicians the hardest since they rely upon the following code sets, all of which may be replaced:

  • Diagnostic Codes: International Classification of Diseases, Ninth Revision, Clinical Modification, or ICD-9-CM, Volumes 1 and 2
  • Procedure Codes: Current Procedural Terminology, or CPT, and Volume 3 of ICD-9-CM
  • Healthcare Common Procedure Coding System

... and when you have to comply
A 10th revision of the International Classification of Diseases (ICD-10-CM) is the most likely predecessor for diagnostic coding; however, the "when" of the transition has not yet been established. The pre-release draft of ICD-10-CM was released in August and is available online at http://www.cdc.gov/nchs/about/otheract/icd9/icd10cm.htm.

Procedure coding is no further along and presents an even more complicated picture due to issues of whether to move to a single procedure coding system from the current dual system (ICD-9-CM, Volume 3, and CPT).

In the interim of the final rule, the current sets of codes are the standards as they have been for the past 30-plus years.

Chris B. Fraizer can be reached at editor@physicianspractice.com.

This article originally appeared in the October 2002 issue of Physicians Practice.

Related Videos
Ike Devji, JD and Anthony Williams discuss wealth management issues
Ike Devji, JD and Anthony Williams discuss wealth management issues
Victor Bornstein gives expert advice
Victor Bornstein gives expert advice
Victor Bornstein gives expert advice
Victor Bornstein gives expert advice
© 2024 MJH Life Sciences

All rights reserved.