The Health Insurance Portability and Accountability Act of 1996 (HIPAA) train is about to leave the station. Will you be on board when HIPAA’s mandate for “administrative simplification” begins to take effect Oct. 16, 2002?
The primary purpose of HIPAA is to enhance health insurance accessibility for people changing jobs or leaving the workforce. However, HIPAA contains a section entitled “Administrative Simplification” whose provisions are designed to promote the transmission of confidential healthcare data electronically. Congress, in return for legislating significant dollar savings for health plans and providers by simplifying claims transactions, has imposed a string of privacy and security requirements to assure that electronically transmitted data will remain confidential and secure. To view the HIPAA law and regulations, visit https://www.aspe.hhs.gov/admnsimp/index.htm.
What Are the HIPAA Administrative Simplification Provisions?
There are four key provisions:
- National standards for electronic transmission of healthcare data.
- Unique health identifiers for providers, employers, health plans, and individuals.
- Security standards to protect electronically maintained health information.
- Privacy regulations to protect individual health information.
HIPAA Administrative Simplification provisions cover all neurosurgeons who store patient records on a computer or use electronic means to transmit any of the following: health claims, remittance or payment advice, claim status inquiries, eligibility requirements, enrollment and disenrollment, referral certification and authorization, coordination of benefits, or health plan premium payments. The rules take a wide view of “electronic means.” Included are all types of media including tapes, CDs, diskettes, and all types of transmission-leased or dial-up phone lines, Internet, extranet, virtual and private networks. The regulations may require significant changes to your billing and data collection systems.
First Stop: Compliance With Electronic Health Transactions and Code Sets, Oct. 16, 2002
The original compliance date for Electronic Health Transactions and Code Sets was set at Oct. 16, 2002 (45 Code of Federal Regulations, parts 160, 162). But with the enactment of the Administrative Simplification Compliance Act (ASCA) on Dec. 27, 2001, the compliance date was extended one year to Oct. 16, 2003. In order to qualify for this extension, all neurosurgeons who use electronic means to transmit healthcare data, must submit a compliance plan to the Centers for Medicare and Medicaid Services (CMS) by Oct. 15, 2002.
The sample compliance plan can be obtained from CMS at https://cms.hhs.gov/hipaa/hipaa2/TCSFormInstructions.asp. You can submit the form electronically or on paper, and you will receive a confirmation number from CMS after the forms are submitted. The plan must include:
- reasons additional time is needed;
- budget, schedule, and plan to achieve compliance;
- whether an outside vendor will be used; and
- a time frame for testing which begins no later than April 16, 2003.
If you are a HIPAA-covered neurosurgeon and do not submit a compliance plan, you must be compliant with the HIPAA Electronic Healthcare Transactions and Code Sets by Oct. 16, 2002.
Transaction Standards. The ANSI ASC X12N standard has been adopted for all transactions except pharmacy. ANSI (American National Standards Institute) ASC (Accredited Standards Committee) is an organization that accredits various standards-setting committees. HIPAA prescribes that the standards mandated under it are to be developed by ANSI accredited bodies. An ANSI accredited group that defines Electronic Data Interchange (EDI) standards for many American industries, including healthcare insurance, is X12. Most of the electronic transaction standards mandated under HIPAA are X12 standards and the most current release format is X12N. For ASC X12N transaction standards, implementation guides and data dictionary, an excellent overview is available at https://www.wpc-edi.com.
Code Sets Adopted. The HIPAA Standards Rule also specifies the code sets that are to be used for HIPAA-compliant transactions. Code sets that are of interest to neurosurgeons include:
- Diagnosis codes (ICD-9-CM) as updated and distributed by HHS.
- Combination of procedure codes HCPCS and CPT-4 for physicians and other health-related services.
- All local codes will be eliminated.
Benefits to Your Practice. If you submit claims electronically, or plan to do so in the future, you will need to implement the new national transaction standards. While converting to the new standards will incur an initial cost, once they are implemented you will be able to submit a claim, in the standard format, to all health plans-including Medicare and Medicaid-and the plan will be required to accept it. Plans will no longer be able to customize the claims submission to suit their specific needs. Therefore, the initial implementation costs for neurosurgeons will be offset over time by savings through significantly increased administrative efficiencies and reduced hassles. For the first time, all health plans and other payers will be required to accept the same single form without any additional or local variations. Instead of more than 400 variations in claim forms there will only be a few, one for each type of transaction. There will be uniform code sets that cannot be changed by local practice. This should mean substantial savings for neurosurgeons who will not have to supervise a staff devoted to properly filling out multiple varieties of claim forms and attachments. According to one estimate based on a survey of 20 medical groups, the average potential benefit was $7,200 per physician. How these savings were allocated can be obtained from Stephen Lazarus, Ph.D., HIPAA Tips for Physician Office at https://www.hipaainfo.net/ahima040601.htm.
Physicians who implement HIPAA now will be able to reap the most benefit from the new rules on uniform transactions. You will show your patients that you are genuinely concerned about the safety and confidentiality of their medical records, and you will be prepared for the many health plans that will begin to require neurosurgeons to submit claims electronically. For example, beginning Oct. 16, 2003, all Medicare claims must be submitted electronically in HIPAA-compliant transactions unless no method is available to do so or the provider (including physicians) making the claim has fewer than 10 full-time equivalent employees.
According to the AMA, over 30 percent of claims are rejected nationally. Of that number between 30 percent and 40 percent are rejected for incorrect or missing ID. Half are never resubmitted. The new HIPAA rules allow real time eligibility determination including IDs. Under HIPAA you will be able to submit electronic eligibility inquiries directly to the health plan to promptly determine eligibility. Each plan will have to provide this service and there will be no more long waits while your staff tries to check eligibility! The rules also will allow electronic documentation of claims receipts so that the excuse “We never got it” won’t be heard. Current estimates reveal that manual referrals cost primary care providers about $40 each and specialists about $20. Going online with standard 278 (Referral Certification and Authorization) will result in large savings.
What Should Neurosurgeons Do Now? A number of consultants state that you should begin by evaluating the savings you could realize from utilizing electronic transactions. If you decide to use electronic transactions, there are two options to develop the capacity for small- or medium-sized practices. Your practice management software vendor should be able to handle the standard transactions. If you use a clearinghouse you may want to use their supplied capability to turn your data into HIPAA-compliant transmittals.
Identify the transactions you currently send and receive electronically. Recall that HIPAA does not require you to use electronic transactions now or ever-neurosurgeons retain the full right to conduct transactions by phone, fax and U.S. mail-it is up to you (although some health plans, including Medicare, are requiring this). Identify your “trading partners”-the organizations with which you share “protected health information” electronically for purposes of conducting transactions-such as health plans, clearinghouses, labs and software companies and any other vendors used to prepare or submit such transactions-and determine if they are HIPAA compliant. Be alert when purchasing new software or hardware, and be aware that many details of the HIPAA transaction rules and other regulations have yet to be established.
Second Stop: Compliance With the Privacy Rule, April 14, 2003
Once you are a HIPAA-covered entity, the Privacy Rule, which takes effect April 14, 2003, will apply to all “protected health information” whether in paper or electronic form. Thought should be given now to developing a privacy policy for your practice that includes notice to the patient of their privacy rights and reviews your privacy practices. Read more about the rule at https://www.hhs.gov/ocr/hipaa/finalreg.html and in an upcoming issue of the Bulletin.
Details for the other Administrative Simplification provisions are yet to come. For the present, the unique health identifiers have been put aside, and the security standards have yet to be written.
John A. Kusske, MD, is chair of the Department of Neurological Surgery at the University of California-Irvine, chair of the AANS Professional Liability Committee, and a member of the AANS/CNS Washington Committee.