IT Consulting from the Trenches

HIPAA’S ADMINISTRATIVE SIMPLIFICATION REQUIREMENTS

It surprised me at how many affected healthcare providers and business partners were still trying to finish the steps that are needed to comply with HIPAA. This is the substance of a primer I prepared on August 16, 2003, exactly two months before the compliance deadline. That was three and a half years ago. The last physician clinic we helped become compliant was in summer 2006. I wouldn’t be surprised if we got several more engagements like that.

This primer covers HIPAA’s key administrative aspects.

One of HIPAA's important objectives is to simplify the administrative requirements of the healthcare industry. The administrative simplification requirements consist of four parts:

1. Electronic transactions and code sets
2. Security
3. Unique identifiers
4. Privacy

If (you) the healthcare provider or its billing company or clearinghouse transacts business electronically, then all related parties are covered by HIPAA.

Business transactions are any of the following:

1. Claims
2. Payment and remittance advices
3. Claim status inquiries and responses
4. Eligibility inquiries and responses
5. Referral authorization inquiries and responses

HIPAA strongly encourages the designation of a “point of contact” in the covered entity. This could be your office manager. This person is responsible for all HIPAA-related activities. You should provide this person with some level of authority, resources, and assistance.

Your office

1. Ensure that your medical office administrative software is HIPAA-compliant. Check with your vendor.
2. Clarify the documents that are transmitted electronically and on paper. Determine what needs to be done differently. Under HIPAA, certain data are required that your existing paper forms do not have.

The health insurance payers

1. If they haven’t done so yet, learn when they will distribute a guide for HIPAA-mandated coding and transaction requirements. Local codes have been eliminated by HIPAA as part of its administrative simplification objective.
2. Confirm whether they will provide you with partner agreements that specify transmission methods as well as the coding and transaction requirements specified above.
3. Ensure that they have tested their software for HIPAA-compliance. Ensure that you participated in these tests.

I edited this entry to add this link to the coding system. The next version of the coding system was released after I wrote that entry although the substance is virtually identical.