Wachler & Associates, PC | Serving healthcare providers nationwide for over 20 years

 

Home
Firm Overview
Practice Areas
Stark
Medicare Audits and Appeals & RAC Audits
HIPAA
Specialty Pages
Attorney Profiles
Publications
Newsletters
Seminars
Research Links
Office Directions
Contact Us

 

 

The Health Lawyers: We Focus on the BUSINESS of Healthcare

Publications

Congress Extends Compliance Deadline for Electronic Standard Transactions Rule: Providers Must Submit Compliance Plan

By: Andrew B. Wachler and Amy K. Fehn, Wachler & Associates, P.C. Royal Oak, Michigan

Congress recently provided some relief for entities concerned about meeting the October 16, 2002 deadline for compliance with the Health Insurance Portability and Accountability Act ("HIPAA") Electronic Standard Transactions rule.

On December 27, 2001, H.R. 3323, the "Administrative Simplification Compliance Act", was signed by the President. H.R. 3323 extends the deadline for compliance with the Electronic Standard Transactions rule until October 16, 2003 for covered entities who submit a compliance plan containing the following information:

(1) an analysis reflecting the extent to which, and the reasons why, the person is not in compliance;

(2) a budget, schedule, work plan, and implementation strategy for achieving compliance;

(3) whether the person plans to use or might use a contractor or other vendor to assist the person in achieving compliance; and

(4) a timeframe for testing that begins not later than April 16, 2003.

The Electronic Standard Transactions, along with the privacy and security rules, are part of HIPAA's administrative simplification provisions. The privacy and security rules are unaffected by H.R. 3323.

The HIPAA Electronic Standard Transactions rule applies to health plans, health care clearinghouses, and health care providers who transmit health information electronically. These "covered entities" will be required to submit the following transactions in standard format: health care claims or equivalent encounter information; health claims attachments; health plan enrollments and disenrollments; health plan eligibility; health care payment and remittance advice; health plan premium payments; first report of injury; health care claim status; and referral certification and authorization.

It is important for covered entities to understand that the deadline extension is not automatic. Covered entities will need to assess their current situation and develop a schedule and strategy for compliance. Compliance with the rule can be achieved in a variety of ways, such as programming changes to existing systems, purchasing new software, or utilizing the services of a clearinghouse.

H.R. 3323 also requires the government, through the National Committee on Vital and Health Statistics (NCVHS), to identify and propose solutions to compliance barriers. Although solutions will not be specifically tailored to individual entities, the NCVHS will analyze a sample of the plans submitted and will publish potential solutions for those problems that are identified as being the most common or challenging.

Covered entities should also be aware that the Secretary of Health and Human Services is required to issue a model form by March 31, 2002 which can be used for submission of the compliance plan. Although the model form is anticipated to be relatively easy to complete, the representations and commitments to compliance must be true and accurate. A covered entity must ensure that the plan is feasible and will, in fact, be carried out.

According to H.R. 3323, noncompliance with the original October 16, 2002 deadline, without submission of an adequate plan, could result in exclusion from the Medicare program. Because of the potentially harsh consequences, covered entities should consider having their compliance plan reviewed by a health care attorney with knowledge of the Electronic Standard Transactions Rule.

Some entities may have been advised in the past that compliance with HIPAA could be avoided by submitting only paper claims. However, H.R. 3323 mandates electronic submission of Medicare claims unless the entity is a "small provider of services or supplier." A "small provider of services or supplier" is defined as: (1) a provider of services with fewer than 25 full-time equivalent employees; or (2) a physician, practitioner, facility, or supplier (other than provider of services) with fewer than 10 full-time equivalent employees.

The compliance deadline for small health plans, which was originally set for October 16, 2003, is unchanged by this legislation. It is also important for covered entities to remember that the recent legislation does not alter the deadlines for the HIPAA privacy and security rules. The deadline for compliance with the privacy rule remains April 14, 2003 (April 14, 2004 for small health plans). Although the security rule remains in proposed form, the final rule is expected in early 2002 and covered entities will be required to comply within two years of the issuance of the final rule (three years for small health plans). Because the requirements for the privacy and security rules are extensive, covered entities should already be in the process of developing a plan for compliance with these rules as well.

For more information on H.R. 3323, including a link to the text of the bill, and other HIPAA related news, please visit our website at www.wachler.com or www.hipaa-attorneys.com.