The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

HIPAA is the acronym for the Health Insurance Portability and Accountability Act of 1996.

The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human Services to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addressed the security and privacy of health data. Adopting these standards was intended to improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in health care.

The Secretary of HHS was required to adopt standards from among those already approved by private standards developing organizations for certain electronic health transactions, including claims, enrollment, eligibility, payment, and coordination of benefits. These standards also must address the security of electronic health information systems.

  • Electronic health care transactions (final rule issued);

  • Health information privacy (final rule issued);

  • Unique identifier for employers (final rule issued);

  • Security requirements (final rule issued);

  • Unique identifier for providers (proposed rule issued; final rule in development);

  • Unique identifier for health plans (proposed rule in development); and

  • Enforcement procedures (proposed rule in development).

COMPLIANCE SCHEDULE

In general, the law requires covered entities to come into compliance with each set of standards within two years following adoption, except for small health plans, which have three years to come into compliance. For the electronic transaction rule only, Congress in 2001 enacted legislation allowing a one-year extension for most covered entities provided that they submit a plan for achieving compliance. As a result, covered entities that qualify for the extension will have until Oct. 16, 2003 to meet the electronic transaction standards instead of the original Oct. 16, 2002 deadline. (Small health plans must still meet the Oct. 16, 2003 compliance date and are not eligible for an extension under the new law.) The legislative extension does not affect the compliance dates for the health information privacy rule, which remains April 14, 2003 for most covered entities (and April 14, 2004 for small health plans). More information about the HIPAA standards is available at http://aspe.hhs.gov/admnsimp/  and  http://www.cms.gov/hipaa.

 

ELECTRONIC TRANSACTION STANDARDS

A Final Rule adopting the October 2002 Addenda for use under HIPAA was published by the US Department of Health and Human Services in the Federal Register on February 20, 2003.

The nine transaction standards adopted  are the ASC X12N version 4010 as originally issued on May 2000 and with an Addenda issued on October 2002. The applicable standards are:

 

276/277: Health Care Claim Status Request and Response
270/271: Health Care Eligibility/Benefit Inquiry and Information Response

278: Health Care Services Review -- Request for Review and Response

820: Payroll Deducted and Other Group Premium Payment for Insurance Products

834: Benefit Enrollment and Maintenance

835: Health Care Claim Payment/Advice

837: Health Care Claim: Institutional

837: Health Care Claim: Dental

837: Health Care Claim: Professional

Home
© 2003 - Transko Corporation