Perspectives on Information Technology   for the Health Care Industry
	Home | HIPAA | Health Care PKI | Internet | EDI | Email | Editorials | Contact Tunitas

HIPAA Standards for Electronic Transactions
Proposed Rule HCFA-0149-P
A Tunitas Group Executive Summary
August 1, 1998

Background

On May 7, HCFA published its proposed set of standards for electronic transactions in the health care industry in the Federal Register. This standard has been created to satisfy the directive issued under Subtitle F - Administrative Simplification of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).  Subtitle F also mandates the use of a HCFA managed system of universal identifiers for patients, providers, and health plans and a national security standard for health information.

Public reaction to the proposed standards was collected during a comment period which ended July 6. HCFA has not announced the date on which the final form of the transactions standards will be published and is significantly past the February 1998 date originally set by the HIPAA legislation. The full NPRM (Notice of Proposed Rule Making) may be downloaded from the HIPAA Administrative Simplification web site. 

Scope

Health Plan Mandate.  The Electronic Transaction Standards are principally a mandate on health plans. The regulation requires that plans implement and support standard formats for the exchange of financial and administrative data with providers, employers and other health plans. The regulation goes further to state that the only way that plans may electronically support these transactions is by using the designated standard. It is this latter restriction that imposes an indirect mandate on providers. Since plans are precluded from processing "non-standard" EDI, providers who cannot support the standards must utilize a third party clearinghouse to perform the translation into the approved format.  When HIPAA goes into full effect,  payer-provided non-standard EDI solutions must be discontinued.

Compliance by Y2001.  Health plans must be "HIPAA compliant" two years after the final form of the regulations are published.  Given the delay already occurring, the compliance date is likely to be toward the end of 2000. Very small health plans, those with less than 50 members, will be allowed an additional year to obtain compliance.

Exceptions. The mandate does not apply to internal corporate communications. Plans do not have to use the transaction standards when exchanging information between departments or wholly owned subsidiaries.  But plans must use the standard to exchange information with any outside party including their contracted agents.  HCFA, however, is claiming that the internal communications exception covers the data exchanged between HCFA Central Office and the Medicare carriers and intermediaries. The regulators give no justification for how HCFA communication with its contractors differs, in kind, from a health plan and its contractors. Any plan wishing to exempt itself from this regulation may find some basis in the tortured logic exercised here.

Internet Provision.   The regulations contain a provision that we believe is intended to exempt form data submitted via the Internet from having to use the EDI formats.  This provision requires explanation due to the muddled language used.   The actual statement reads  "HTML interaction between a server and a browser by which the data elements of a transaction are solicited from a user...  [However] Once the data elements are assembled into a transaction by the server the transmitted transaction would have to comply with the standards."  Since HTML is a language, granting an exception to messages created in HTML is logically no different than granting an exception to messages created in C, Perl or Cobol.  Clearly, this type of exception makes no sense.  Based on both public comments and private conversations with HCFA staff, we believe the intent is to allow parties to use the common Internet model for form completion via HTTP.  Permitting data to be exchanged using HTTP creates a big loophole as virtually any protocol or message type can be tunneled through HTTP. We believe HCFA will recognize the need to rewrite this provision in terms that are technically accurate and more clearly describe the intended exception.

Transaction List.  The regulation applies to 10 listed transactions, which may be extended over time: claims and encounters, claims status, remittance advice, referral certification and authorization, health claim attachments, coordination of benefits, health plan enrollment, health benefit eligibility, health plan premium payments, and first report of injury

Code Sets.  The regulation also establishes standards for the codes used within the EDI formats that apply to disease and injury, and for medical procedures.

Requirements  

• The "Must Use" Provision.  Health plans must use the standards when transmitting data relating to the listed transactions. Plans may no longer require providers to support proprietary formats or plan specific implementation.   Providers need only support the standard version for each transaction.
• The "Must Accept" Provision.  Health plans are required to accept and process without delay all transactions that are presented in a standard format.   It is unclear how the regulators expect the standard transaction to be completed given that there is no provision that requires health plans to support connectivity.  The requirement is moot, if a health plan fails to provide a server, mail address, or other device to which providers may submit their standard transactions.   In such circumstances, the provider's alternative is to submit data on tape or diskette delivered by US mail, to which payers would similarly respond.  This is clearly not the intent of Administrative Simplification. The Tunitas Group offered comments on this issue during the public comment period.  We recommended that the final regulation guarantee a connectivity solution that supports the submission of standard transaction data.  There are many options that could be used for this purpose:  access privileges to the payer's ftp server, an electronic mail address, a time slot with the payer's transaction processor.   Without such a guarantee, the lack of connectivity will retard the use of standards particularly for low volume submitters.

Healthcare EDI is accomplished by entering identifiers, diagnosis and procedure information into standard message types. Currently, there is no single standard which is universally accepted for any of these EDI components.   Administrative Simplification regulations remedy this situation by establishing the following requirements:

• Standardization of Identifiers.  The HIPAA legislation requires the use of universal identifiers for plans, providers, patients and employers (purchasers).  This regulation describes the four identifiers that will be used:  a National Patient Identifier, a National Provider Identifier, a National Health Plan Identifier,  and a National Employer Identifier. The National Patient Identifier is controversial and legislative action to withdraw the mandate is forthcoming. Congress provided no funds to enumerate providers.  We believe the proposals for assigning and managing provider IDs without specific funding are insufficient for the task and are unlikely to be implemented.  The NPRM for health plan identifiers has not been completed.  The employer identifier is set as the employer taxpayer ID. Each of the identifiers will be described in a separate NPRM.

 
• Diagnosis and Procedure Information.   Multiple code sets with "local" variations complicate the coding of these data elements.  To remedy these circumstances, the regulation sets forth the following standard code sets which will be used by all parties:

ICD-9-CM Diagnosis
CPT-4  Physician services
HCPCS (level 2) Medical equip, injectable drugs, transportation and
other services not covered by CPT-4
CDT-2   Dental services
NDC Prescription drugs

Beginning in 2000, the use of local or "z" codes will be phased out.  In particular, the regulations require health plans to eliminate local codes that are used for administrative convenience rather than to describe medical conditions or treatments.  Plans must also eliminate infrequently used local codes.  The continued use of any local codes must be submitted for approval as "temporary" codes until the standard code set can be modified to include them. Code sets are to be reviewed and changed on a annual basis.
 
• EDI Formats.  With only a few exceptions, the regulation designates the use of ANSI X12N (insurance) transaction standards.  Version 4010 was selected due to its Y2K compliance.  The specific X12N transaction reference numbers are:

X12 837 & NCPDP   Claims and Encounter
Used for healthcare dental, professional and institutional claims.
Pharmacy claims will use the NCPDP standard format version 3.2

X12 835   Remittance Advice
Use for notification of payment.

X12 837 & NCPDP   Coordination of Benefits
The proposed regulation does not require health plans to coordinate benefits.
If a plan does so, it must use the X12 837 (or NCPDP) to transmit the claim and benefit information.

X12 276/277   Claim Status
Used for up to date information on the status of submitted claims.

X12 834   Health Plan Enrollment
Used for benefit enrollment and maintenance (employers and plan only)

X12 270/271   Eligibility for Health Plan
Used for eligibility queries and response.  This transaction includes both batch or "interactive"  mode.  Interactive mode delivers near real-time response to an inquiry about the benefit status of a single patient.

X12 820   Health Premium Payments
Used by employers and plans only.

X12 278   Referral and Authorization
Used for review, authorization and certification.

First Report of Injury
The current  X12 148 standard is not available in a Y2K compliant  form.  When a 4010 version becomes available, it is the obvious candidate to become the adopted standard.

Health Claim Attachments
Standard development  is an on-going activity. The claim attachment mandate will become effective a year after the other transaction standards.  The Health Claim Attachment standard will support (but not require) the submission of HL7 Clinical data to health plans.

Copyright © 1998 Tunitas Group.  All rights reserved.