Mid-Atlantic Health Law TOPICS

Background hero atmospheric image for HIPAA Highlights Fall 2003

HIPAA Highlights Fall 2003

The Health Insurance Portability and Accountability Act (HIPAA) contains administrative simplification provisions that are designed to encourage health care providers and health plans to process health claims and payments (and to perform other administrative functions) electronically, using standard transactions and uniform code sets. The theory is that uniformity and electronic processing will reduce the administrative costs associated with health care, and the savings can be used for health care services, rather than administration.

The administrative simplification provisions call for the use of unique health identifiers for employers, health plans, and health care providers; adoption of transaction standards and uniform code sets; and improved privacy and security protection for health information. Over the next year, TOPICS will include a regular column on HIPAA administrative simplification to help providers and health plans prepare for compliance.

A. October 16 Electronic Transmission Deadline

Insurers, HMOs, and group health plans (regardless of whether they are insured or self-funded), as well as health care clearinghouses, must be capable of conducting claims processing electronically by October 16, 2003. Thereafter, health care providers have the option to conduct the transactions on paper or electronically, but all electronic transactions must use the standard transaction formats previously promulgated pursuant to HIPAA.

Further, as of October 16, 2003, Medicare will no longer pay claims submitted on paper, with only limited exceptions.

There is an exception from this Medicare requirement for “small” “providers of services.” “Small” means those with fewer than 25 full-time equivalent employees, and a “provider of services” is defined to include seven specific types of institutional or special purpose providers, generally including hospitals, nursing facilities, and other institutional providers that are paid through Medicare fiscal intermediaries.

There is also a Medicare exception for physician practices, other practitioners, facilities, or suppliers that have fewer than 10 full-time equivalent employers.

The change in Medicare payment practices means that many providers that previously conducted transactions on paper will have to move to electronic transactions, either by having the capability in-house, or by outsourcing to a clearinghouse.

B. Potential Problems

Some industry observers are concerned that covered entities will not be ready to conduct the standard transactions electronically using the required formats by the October deadline.

The Workgroup for Electronic Data Interchange (WEDI) wrote to the Secretary of the U.S. Department of Health and Human Services (HHS) in April, predicting “a substantial degree of noncompliance in October 2003” and suggesting that providers might revert to paper claims (which are more expensive for payers to process than electronic claims), or that payers might refuse to pay noncompliant electronic claims, thereby leaving providers with severely reduced cash flow.

Similarly, the American Hospital Association (AHA) wrote to HHS stating its concern that claim submission and payment cycles might be disrupted, and that longer payment cycles could hamper hospitals’ ability to provide care to patients.

C. July 24 Guidance

On July 24, 2003, HHS issued guidance on compliance obligations after the October 16, 2003 deadline. HHS emphasized that the deadline is firm and will not be changed, but also stated that its enforcement approach will be complaint-driven.

If a complaint is filed claiming that a covered entity has failed to conduct HIPAA-compliant transactions, HHS will notify the entity. The covered entity will then have three choices: it may demonstrate that it, in fact, submitted or received compliant transactions; it may document its good faith efforts to comply with the transaction standards; and it may submit a corrective action plan.

In explaining what constitutes good faith efforts to comply with the transaction standards, HHS noted that the HIPAA transactions usually require the participation of two covered entities, and noncompliance by one may make it impossible for the other to comply. Therefore, in evaluating complaints, HHS will look at both covered entities’ efforts to comply with the standards.

For health plans, HHS will take into account whether the plans have made diligent efforts to facilitate the compliance of their trading partners including, for example, active outreach to the plan’s provider community. For providers, HHS will consider whether they took action to become compliant before October 16, 2003.

If HHS finds that the covered entities made reasonable, diligent, and sustained efforts to achieve compliance, HHS may allow the entities a period to cure their noncompliance, but will monitor the entities during that period.

HHS will also require non-compliant covered entities to submit corrective action plans (CAPs) addressing their efforts to achieve compliance in a manner and time acceptable to HHS. More detailed information on CAPs will be issued.


September 21, 2003




Rosen, Barry F.


Health Care