Administrative Simplification CORBAmedJanuary 12, 1999 Bill Braithwaite Senior Advisor on Health Information Policy U.S. Department of Health and Human Services
Administrative Simplification Law Title II - Subtitle F of H.R. 3103(the Kassebaum/Kennedy Bill) “The Health Insurance Portability and Accountability Act of 1996” AKA “HIPAA” Signed August 21, 1996 to become P.L. 104-191 Part C of Title XI of the Social Security Act
Purpose of Provisions • Improve the efficiency and effectiveness of the health care system by standardizing the electronic data interchange of certain administrative and financial transactions. • Protect the security and privacy of transmitted information. $
Overview of Provisions • HHS must adopt national standards necessary for efficient, electronic, administrative and financial health care transactions. • All health plans, all clearinghouses, and those providers who choose to conduct these transactions electronically, are required to implement these standards. • Recommendations for privacy legislation. • Recommendations for electronic medical records.
Mandated Standards • 9 EDI transaction standards (claims, encounters, enrollment, etc.) including code sets. • Coordination of benefits information. • Unique identifiers (including allowed uses) for individuals, employers, health plans, and health care providers. • Security, confidentiality, and electronic signatures.
Standards Adoption Process • HHS looks to industry for consensus standard: • developed by ANSI accredited standards setting organization (SDO). • HHS works with industry to develop and confirm consensus at implementation guide level. • Secretary relies on recommendations of the NCVHS, which holds public meetings and hearings as required to get public input. • HHS publishes proposed rules and then final rules which have the force of federal law.
Satisfaction of Requirements • Directly transmitting and receiving data using adopted standards • Submitting non-standard data to a health care clearinghouse for transmission using adopted standards. • Receiving non-standard data from a health care clearinghouse after conversion from data received using adopted standards.
Penalties • Penalty for Non-compliance with Standards: • $100 each violation; maximum $25,000 per year per violation of identical requirement or prohibition. • Penalty for Wrongful Disclosure: • Maximum $250,000 and 10 years imprisonment.
Publications in 1998 • Federal Register - Notices of Proposed Rule Making (NPRMs) and their public comment periods: • Transactions and Medical Coding (5/7/98 - 7/6/98) • National Provider ID (5/7/98 - 7/6/98) • Employer ID (6/16/98 - 8/17/98) • Security (8/12/98 - 10/13/98)
Expected 1999 Publications • Final rules for transactions, security, provider identifier, and employer identifier. • NPRM for Health Plan Identifier • NPRM for Claims Attachment • NPRM for First Report of Injury • Possible standard for Health Number for Individuals?
Expected 2000 Publications • Standards for Privacy of Individually Identifiable Health Information (whether or not Congress passes privacy law by August 1999). • NCVHS Recommendations for standards for patient medical record information and the electronic exchange of such information. • Possible other financial and administrative transactions that improve the operation of the health care system and reduce administrative costs.
Criteria for Standards • Improve efficiency and effectiveness • by leading to cost reductions for or improvements in benefits from electronic health care transactions. • Meet needs of user community • Data element definitions and codes consistent and uniform with other standards. • Low development and implementation costs relative to benefits of using the standard. • Supported by ANSI-accredited SDO or other organization to ensure continuity and updating.
Criteria for Standards • Timely development, testing, implementation, and updating procedures. • Technologically independent of computer platforms and transmission protocols, except when explicitly part of the standard. • Precise and unambiguous, but simple as possible. • Low data collection and paperwork burdens. • Flexibility to adapt to changes in infrastructure.
New Technology • Proposed process to introduce new technology: • Request waiver for testing showing • clear improvement over the current standard. • cost-benefit analysis. • Test new standard or revision of current standard. • Report on test results. • HHS will adopt new or revised standard if • benefits of the proposed revision or new standard significantly outweigh the disadvantages of implementing it.
Philosophy • One standard for the data (definitions + conditions) • Potential for multiple transport standards • Open standards (over proprietary) • Due process for consideration of all input (ANSI) • Standards at implementation guide level • Consider cost of supporting multiple standards • Limit transition requirements as standards evolve
Resources • Web Sites: • http://aspe.os.dhhs.gov/admnsimp/ • posting of law, process, regulations, and comments. • http://www.wpc-edi.com/hipaa/ • posting of X12N implementation guides • Listserv: • receive e-mail notification on publication of documents related to HIPAA regulations • send e-mail to: firstname.lastname@example.org • include in body of message: subscribe HIPAA-REGS first-name last-name