Wachler & Associates, PC | Serving healthcare providers nationwide for over 20 years

 

Home
Firm Overview
Practice Areas
Stark
Medicare Audits and Appeals & RAC Audits
HIPAA
Specialty Pages
Attorney Profiles
Publications
Newsletters
Seminars
Research Links
Office Directions
Contact Us

 

 

The Health Lawyers: We Focus on the BUSINESS of Healthcare

Publications

Final Rule Implements Standards For Electronic Health Care Transactions

Andrew B. Wachler and Phyllis A. Avery
Wachler & Associates, P.C.
Royal Oak, Michigan

Introduction
The Health Insurance Portability and Accountability Act of 1996 ("HIPAA") included requirements aimed at the administrative simplification of processing health care claims and related information. Among other requirements, HIPAA required the adoption of standards for electronic transactions and the adoption of code sets to be used in those "standard transactions." On August 17 , 2000, the Health Care Financing Administration ("HCFA ") published a final rule setting forth standards for certain electronic transactions and specifying the code sets to be used in these electronic transactions. 65 Fed. Reg. 50312. Health care plans, health care providers who transmit health care information electronic form, and health care clearinghouses will be required to comply with the requirements set out in the final rule or face civil monetary penalties. HCFA expects that in order to comply with these requirements, health plans and health care providers will have to spend $7 billion to convert to the use of the standard electronic transactions and to comply with other administrative simplification requirements imposed by HIPAA. 65 Fed. Reg. at 50355. Such an undertaking is drawing comparisons to Y2-K compliance efforts.

The expectation is that by forcing health care plans and health care providers to utilize standard electronic transactions it will improve the efficiency and effectiveness of the health care system through the consistent and uniform transfer of information. HCFA anticipates that health plans and health care providers will benefit in the long run from the implementation of these standards. In fact, HCFA sets forth a cost/benefit analysis which envisions that over a ten year period, health care plans and providers will save $29.9 billion ($13.1 billion in savings for health plans and $16.7 billion in savings for providers). In present dollars, the discounted value of these expected savings is only $19.1 billion. These estimated savings are expected to result from increased efficiencies in health information processing.

While on its face the concept of requiring uniform transactions for electronic health care claims and information processing seems simple, the implementation of such standards is highly complex. Indeed, after the proposed rule addressing standard electronic transactions was published in May 1998, HCFA received 17,000 comments within the 60 day comment period. Responses to these comments are included in the lengthy preamble to the August 17th final rule. This article addresses the standard transactions and code sets included in the final rule and discusses some of the problems health care plans and providers will face in trying to comply with this final rule.

Who Must Comply With Rule?
The August 17th final rule requires health plans, health care providers who transmit health information electronically and health care clearinghouses to utilize the standard transactions and code sets set forth in the rule. The final rule describes these three groups as "covered entities." Notably, health care providers who submit health information on paper are not governed by this rule. Such providers can continue to submit paper transactions without adopting the standard transactions and code sets described in this final rule. In the preamble to the final rule, HCFA does indicate that it has the authority to declare that even providers who submit paper transactions must comply with the standard transactions and code sets. It notes that, "at this point", HCFA chooses to focus on providers who submit electronic transactions. 65 Fed. Reg. at 50318.

As defined in the regulation, health plans are individuals or groups that provide, or pay the cost of, medical care. Both public and private health plans are subject to the rule. Health plans are specifically defined to include, for example: group health plans (certain employee welfare benefit plans); health insurance issuers (such as Blue Cross); HMOs; Medicare; Medicaid; issuers of Medicare supplemental policies; issuers of long-term care policies (with limited exception); and plans offering health benefits to the employees of two or more employers. In addition, health plans include other federally funded health benefit programs as well as any other individual or group plan that provides or pays for the cost of medical care. 65 Fed. Reg. at 50366.

Health care providers are defined to include hospitals, skilled nursing facilities, outpatient rehabilitation agencies, home health agencies, hospice, residential facilities (mental health/mental retardation/substance abuse), pharmacies, medical and dental laboratories, durable medical equipment suppliers, medical doctors, osteopaths, dentists, podiatrists, chiropractors, optometrists and other health care service providers. 65 Fed. Reg. at 50366. As noted, only health care providers who transmit health information electronically must comply with the final rule. Those health care providers who choose to transmit health information via paper claims are not required to comply with the rule.

Health care clearinghouses are entities that process information received from another entity in an nonstandard format into a standard transaction. They also process information received from one entity as a standard transaction into a nonstandard format for another entity. 65 Fed. Reg. at 50366. Health care clearinghouses may be public or private entities and may include entities such as billing services, community health management information systems, value-added networks, and switches if they process information as described above.

In addition, the preamble explains that entities that are not "covered entities" are not subject to the requirements of the rule. For example, employers and unions that sponsor health plans are not covered entities although they may engage in electronic health care transactions. 65 Fed. Reg. at 50317. Workers' compensation programs, property and casualty programs, and disability programs are not considered health plans and thus are not covered entities and are not subject to the rule. 65 Fed. Reg. at 50320.

What Are The Standard Transactions That Must Be Utilized?
HIPAA requires the adoption of standards for financial and administrative electronic transactions. It also requires the adoption of data elements for those "standard transactions." Specifically HIPAA requires the adoption of standards for the following nine transactions:

  1. Health care claims or equivalent encounter information;
  2. Health claims attachments;
  3. Health plan enrollments and disenrollments;
  4. Health plan eligibility;
  5. Health care payment and remit- tance advice;
  6. Health plan premium payments;
  7. First report of injury;
  8. Health care claim status; and
  9. Referral certification and authorization.

HIPAA also allows for the adoption of standards for other financial and administrative transactions.

In the August 17th final rule, HCFA adopted standards for seven of the nine required transactions. It did not adopt a standard for first report of injury, nor did it adopt a standard for health claims attachments. In particular, the preamble explains that the development of a standard for health claims attachments is an onerous task. A final rule or rules addressing first report of injury and health claims attachments will be issued at some point in the future. In addition, a standard for a national provider identifier as mandated by HIPAA will also be issued at some point in the future. The August 17th final rule does include a standard transaction for coordination of benefits under the authority to adopt standards for other financial and administrative transactions.

For each of the eight transactions covered by the August 17th final rule, the standards specify the format, data elements, and data content, including designated code sets. 65 Fed. Reg. at 50315. Most of the standards required by the final rule were developed by a subcommittee of the Accredited Standards Committee ("ASC X12N") which was chartered by the American National Standards Institute to design national electronic standards for business applications including those for the insurance industry. Some of the standards were developed by other sources. The National Council for Prescription Drug Programs (NCPDP) developed the standards used for health care claims, health care payment and remittance advice, and coordination of benefits for retail pharmacies. Implementation specifications for all of the standards are not included in the final rule but are available by written request, telephone or fax request, or on the Internet. 65 Fed. Reg. at 50368.

What Coding Sets Must Be Utilized?
In addition to requiring the utilization of the eight standard transactions set forth in the August 17th rule, HCFA is also requiring the utilization of uniform code sets in connection with these standard transactions. Code sets are defined in the regulation as any set of codes used to encode data elements. They include medical code (diagnostic codes, procedure codes) and non- medical codes (revenue codes). HCFA adopted existing code sets developed by public and private entities. The code set to be used for diseases, injuries, impairments, etc. is the International Classification of Diseases, 9th Edition, Clinical Modification ("ICD-9-CM") Volumes 1 and 2. The code sets adopted for physician and other health care services (such as physical and occupational therapy, radiologic procedures, clinical laboratory tests, other medical diagnosistic procedures, hearing and vision services, and ambulance services) are the Health Care Financing Administration Common Procedure Coding System ("HCPCS") and the Current Procedural Terminology, Fourth Edition ("CPT-4"). The code set to be utilized for hospital inpatient services is the ICD-9-CM Volume 3. The Code on Dental Procedures is to be used for dental services. Drugs and biologicals must be coded using the National Drug Codes ("NDC"). All other substances, including durable medical equipment and supplies, must be coded using HCPCS. Any updates to the code sets are the responsibility of the (coding organization which develops them. 65 Fed. Reg. at 50370.

Code sets other than those specified above will not be accepted. Health plans and providers will be required to convert to use of the code sets specified in the final rule. For example, the preamble reflects that if a health plan currently requires health care providers to use CPT-4 to report inpatient facility-based procedures, both the health plan and health care providers will be required to convert to ICD-9-CM. 65 Fed Reg. at 50325.

One of the issues raised by the comments to the proposed rule was the fact that the standard code sets adopted will not cover all health care services. There was particular concern that the code sets did not adequately address home infusion therapies, alternative therapies, dental diagnoses, and mental health services. HCFA's response to these concerns was that interested parties may request a change to the code sets through the process for modifications to standards. In the interim, HCFA suggests that manual processing be used for services for which codes have not been adopted. 65 Fed. Reg. at 50325-50326. In the preamble, HCFA discusses its intent to eliminate all local codes. It states that covered entities will not be able to use local codes after the compliance deadlines pass. HCFA expects that health insurers will review their local codes and eliminate those that duplicate the national codes included in the code sets. It suggests that for codes used less than 50 times per year, the covered entities should use the code for "not otherwise specified." HCFA also indicates that health plans can request the establishment of a new national code based upon a local code through the process for code modification discussed below. The preamble reflects that HCFA appreciates that the elimination of all local codes will be "challenging" but suggests that the standardization is "achievable." 65 Fed. Reg. at 50300. HCFA does require that health plans must be able to receive and process all codes in the standard code sets, but does not require that the health plan cover all coded procedures. If a transaction contains a standard code it cannot be rejected because the health plan does not recognize the code. Rather, the health plan must process the code and respond that the procedure is not covered. 65 Fed. Reg. at 50327.

What Are The Deadlines For Compliance?
The effective date of the final rule is October 16, 2000. Health care providers and health care clearinghouses will not be required to comply with the requirements set forth in the rule until October 16, 2002. Health plans will also have to comply by October 16, 2002, except small health plans will have until October 16, 2003 to comply. 65 Fed. Reg. at 50368. Small health plans are defined in the regulation as a health plan with annual receipts of $5 million or less.

By granting small health plans an additional year to come into compliance, HIPAA has created a problem for health care providers and health care clearinghouses that must be compliant one year earlier. Health care providers and health care clearinghouses will be required to utilize the standard transactions and code sets for electronic submissions by October 16, 2002, but small health plans will not be required to accept these standard transactions. Conceivably, small plans could delay or even deny a claim submitted pursuant to a standard transaction which the provider was required by law to use.

One would expect that health plans would be required to implement the changes first and then provide a transition period during which providers would be able to utilize old formats or the new formats as they changed over to the standard transactions. Indeed, the preamble states that HCFA anticipates the need for a crossover period of at least 90 days to convert between versions/formats during which both the new and old versions/formats will be supported. 65 Fed. Reg. at 50335. HCFA envisions that health plans will take the lead in informing providers of the impending changes and arranging for appropriate educational activities. 65 Fed. Reg. at 50329. Allowing small plans to comply one year after providers and clearinghouses seems to run counter to such expectations.

When called for comment on this issue, one of the regulators responsible for drafting the regulation indicated that they had recognized this problem but were unable to change the compliance dates which were mandated by HIPAA. The regulator did indicate that providers who could not submit standard transactions to small plans which would not accept them prior to October 16, 2003 would not be penalized for the submission of non-standard transactions to those small plans.

How Will Modifications to Standards and New Standards Be Effectuated?
According to the August 17th final rule, Designated Standard Maintenance Organizations ("DSMOs") will be selected to maintain the standard transactions and code sets and to receive and process requests for adopting a new standard or modifying an adopted standard. The process that must be followed by the DSMOs when processing requests for new or modified standards includes open public access, coordination with other DSMOs, and an appeals process. In addition, the DSMOs must provide for an expedited process to address needs identified by the health care industry when appropriate. Finally, a proposed modification or new standard will be accepted only after submission of the recommendation to the National Committee on Vital and Health Statistics. 65 Fed. Reg. at 50368.

How effectively these DSMOs will operate remains to be seen. Some comments expressed concern that they may be overwhelmed by requests relating to the elimination of local codes. The rule provides no guidance with respect to what type of requests will be granted expedited status. Nor does it estimate the length of time that such processes will take on an expedited or non-expedited basis. One can expect that the length of time will vary based upon the number and type of requests. It can also be expected that the most requests will occur early on in response to changes required by these new regulations.

According to regulations mandated by HIPAA, modifications to standard transactions will occur no more often than once every 12 months. Covered entities will be provided at least 180 day, if not more, to come into compliance with modified standards. 65 Fed. Reg. at 50367. This timetable may be too slow for those waiting for modifications to become effective, while at the same time, it may allow for modifications too often for those dealing with the ongoing costs of compliance such as software development and system upgrades. Such conflicting interests reflect the difficulties regulators face in implementing these regulations.

What Are The Penalties For Non-Compliance?
In accordance with HIPAA requirements, health plans must process standard transactions by no later than the compliance deadlines set forth in the rule. As mandated by HIPAA, the regulation prohibits health plans from delaying or rejecting a transaction or taking other adverse action because the transaction is a standard transaction. Nor may health plans provide incentives to discourage the use of standard transactions. 65 Fed. Reg. at 50368. HCFA states in the preamble that it expects that health plans will process standard transactions from any person in the same time frame in which they processed transactions prior to HIPAA. 65 Fed. Reg. at 50316.

HIPAA established civil monetary penalties for violations relating to the failure to comply with the timetable for conversion to standard transactions, the refusal by health plans to conduct transactions as standard transactions, or delays or other adverse action taken by a health plan because the transaction is in standard format. Civil monetary penalties of not more than $100 per person per violation may be imposed. Civil monetary penalties of up to $25,000 per person per violation of an identical requirement or prohibition may be imposed in a calendar year. HIPAA does add that civil monetary penalties may not be imposed if a person did not know, and by exercising reasonable diligence would not have known, that there was a violation. Further,

HIPAA provides that no penalty may be imposed if the failure to comply was due to a reasonable cause, was not the result of willful neglect, and the failure is corrected within 30 days of the date the person knew, or by exercising reasonable diligence would have known, that the failure to comply had occurred.

The August 17th final rule does not address the penalties other than to reference the statutory language. In the preamble, HCFA does point out that it will discuss enforcement and liability related to non-compliance in a later regulation. 65 Fed. Reg. at 50334, 50342-50343. A proposed regulation addressing compliance and enforcement is expected next year with a final regulation to become effective before the compliance dates of this August l7th rule. One regulator indicated that if the enforcement regulations are not in effect prior to the compliance deadline for standard transactions there will be no enforcement efforts until the enforcement regulations are finalized.

It should be noted that HCFA recognizes that while a health plan cannot refuse to process a standard transaction because it is a standard transaction, it may be able to refuse to process a standard transaction on other grounds depending on the business agreements it has with the sender. HCFA also recognizes that the use of a standard transaction does not create a relationship or liability that would not otherwise exist. 65 Fed. Reg. at 50336. For example, a health plan would not be required to respond to a request from a health care provider with whom it does not have a business arrangement.

What Are The Costs And Benefits Of Conversion To Standard Transactions?
As reflected above, the costs to the health care industry to convert to standard transactions will be significant. As noted, the preamble to the final rule reflects HCFA's estimate that health plans and health care providers will spend $7 billion in order to comply with HIPAA's administrative simplification requirements. In the preamble, HCFA explains that health plans and providers will need to purchase translator software (to avoid major reprogramming) or engage a health care clearinghouse in order to comply with these standard transactions requirements. 65 Fed. Reg. at 50346. The preamble also reflects that HCFA is now anticipating that each State Medicaid program may have to spend $10 million to accommodate the new standard transactions. While much of this may be subsidized by the Federal government, State Medicaid programs will still be left with a $1-$2.5 million tab. 65 Fed. Reg. at 50346. The estimated costs of compliance for covered entities are expected to arise from conversion costs, upgrade costs, start-up costs, training costs, and implementation problems. Implementation problems are expected to include an increase in rejected transactions, manual exception processing, payment delays and requests for additional information. It is expected that the majority of these costs will be incurred during the first three years of implementation. 65 Fed. Reg. at 50351, 50353. On the other hand, HCFA is expecting that long-term savings will outweigh these costs. As stated above, HCFA figures that savings will be in the range of $29.9 billion over a ten year period ($19.1 billion in discounted value). Notably, in the preamble, HCFA does admit that costs to a specific health plan or health care provider may outweigh the benefits to that entity. This fact does not seem to concern HCFA which explains that its focus is on the overall benefit to the health care industry as a whole. 65 Fed. Reg. at 50345. HCFA bases its expectations of savings on increased efficiencies in health information processing such as the reduction in manual data entry, elimination of postal service delays, elimination of costs associated with paper forms, reduced software develop- ment and maintenance costs, and decreased labor costs. 65 Fed. Reg. at 50351, 50354.

HCFA's estimates reflect that most costs will be incurred in the first three years and arise from conversion and related costs as well as implementation problem costs. 65 Fed. Reg. at 50351, 50357. HCFA did recognize that many health care providers would rely upon health care clearinghouses to comply with the rule and that others would revert to hard copy transmissions to avoid having to comply with the rule. 65 Fed. Reg. at 50347, 50362. It is not clear whether HCFA figured the continuing costs of doing business through health care clearinghouses or reversion to paper transactions into its cost analysis. Despite the fact that standard transactions may be changed annually, HCFA decided not to consider the costs of future systems upgrades in their cost estimate. 65 Fed. Reg. at 50351. In addition, HCFA expects translator software to be readily available at low prices and expects health care clearing houses to provide services at low cost. 65 Fed. Reg. at 50347. The reasonableness of such assumptions is unclear given that all health plans and health care providers submitting electronic transactions will be required to purchase translator software or utilize healthcare clearinghouses. Indeed, the comments reflect the fear that the increase in demand for these items and services will lead to increase in prices. 65 Fed. Reg. at 50346.

Further, HCFA admits in its cost/benefit analysis that while critical to its savings estimate, the increase in electronic data interchange ("EDI") attributable to HIPAA is "highly uncertain." HCFA also expects that vendors of translation software will include ongoing maintenance costs resulting from changes in the initial purchase price. This assumption mayor may not be correct. Finally, HCFA extended the period of measuring savings in the cost/benefit analysis from the 5 year period in the proposed rule to a 10 year period in the final rule, no doubt in an effort to demonstrate long-term savings will outweigh costs. 65 Fed. Reg. at 50351.

Finally, although apparently not encompassed in the cost/benefit analysis, HCFA expects the health care industry to foot the bill for testing the standard transactions adopted by this rule. HCFA urges health plans to come forward and develop pilot test plans using the implementation specifications in the standard transactions adopted by this final rule. HCFA would also like those developing test plans to share the results via the Internet. 65 Fed. Reg. at 50342.

What Impact Will the Development of a Final Privacy Rule Have On This Standard Transaction Rule?
In addition to administrative simplification, HIPAA focused on the development of privacy standards to protect individually identifiable health information transmitted electronically. A proposed rule implementing the privacy standards mandated by HCFA was published last November at 64 Fed. Reg. 59967 (November 3, 1999). The preamble to the August 17th final rule states that compliance with the privacy standards being developed will be required at approximately the same time as compliance with this standard transaction rule. Most notably, the preamble then states that if the finalization of the privacy standards is substantially delayed or if Congress fails to adopt comprehensive and effective privacy standards that supersede the standards being developed by HCFA, then HCFA "would seriously consider suspending the application of the transaction standards or taking action to withdraw this rule." 65 Fed. Reg. at 50365. This would be a drastic step given HCFA's own estimate that health plans and health care providers will spend approximately $7 billion in an effort to come into compliance with these and related standards. It may also give pause to those health plans and health care providers inclined to convert to the new standards early. A regulator called for comment on this issue did indicate that she expected final privacy standards to be issued in the near future. Health plans and health care providers will want to keep a close eye on the privacy standards as they prepare for compliance with the standard transaction and coding requirements.

Website Answers Frequently Asked Questions
Although the August 17th final rule was issued without a comment period, health plans, providers and the attorneys who represent will have many questions about the implementation of these regulations. In order to respond to such questions, HCFA has established a website where frequently asked questions concerning electronic transaction standards can be answered. The site can be accessed at http://aspe.os.dhhs.gov/admn- simp/faqtx.htm. According to regulators, it will continue to be updated in an effort to answer ongoing questions regarding the final rule. Individuals responsible for compliance activities will want to visit this website.

Compliance Programs
Compliance with the standard transactions rule will have to be incorporated into health care compliance programs being adopted and implemented by many members of the health care industry. Those attorneys working with clients in the development of compliance programs will have to be familiar with this final rule and stay abreast of changes that will take place in the continuing regulatory environment necessitated by the HIPAA administrative simplification mandates.