HIPAA action
HIPAA dvisory
HIPAAdvisory > HIPAAction > HIPAA/LAW: Legal Q/A Phoenix Health Systems
news
regs
action
tech
wares
alert
live
latest
online HIPAA training
HIPAAstore
HIPAA help desk
search
contact us
site map

HIPAA/LAW:
August 2003

"Enforcement of the Transactions and Code Sets Standards"

by Steve Fox & Rachel Wilson, Esqs., Pepper Hamilton LLP

The Department of Health and Human Services (HHS) recently provided insight into how the electronic transactions and code set standards (the "Standards") mandated under HIPAA will be enforced (in the form of another in its continuing "Guidance" series). Covered entities are required to be in compliance with the Standards by October 16, 2003 (the "Compliance Date").

Covered Transactions

The Standards are applicable to electronic transactions involving the following: (a) health care claims or equivalent encounter information; (b) health care payment and remittance advice; (c) coordination of benefits; (d) health care claim status; (e) enrollment and disenrollment in a health plan; (f) eligibility for a health plan; (g) health plan premium payments; and (h) referral certification and authorization (collectively, the "Transactions").

Applicability

Health plans are required to support all of the Standards for the Transactions regardless of whether they conduct any particular electronic Transaction in the normal course of their business. Although the Standards do not technically require providers to conduct electronic Transactions, as a practical matter, most providers will have little choice. In line with HIPAA's goal to promote greater efficiency industry-wide, HHS has prohibited most covered entities, except for small providers (those under 10 full-time employees or if it is impossible to do electronic filing) from submitting paper claims to Medicare after the Compliance Date. With limited exceptions, payment will be conditioned upon electronic submission of HIPAA-compliant claims to HHS’ Centers for Medicare & Medicaid Services (CMS).

Enforcement

CMS has been charged with responsibility for enforcing the Standards. CMS will focus on voluntary compliance and enforcement will be complaint-driven (necessitated in part by a fortuitous lack of resources). A covered entity will receive written notification of any complaint filed against it. The covered entity will then have an opportunity to:

  1. demonstrate that it is in compliance with the Standards,
  2. document its good faith efforts to comply with the Standards, and/or
  3. submit a corrective action plan.

As long as the compliance failure is based upon reasonable cause and is not due to willful neglect, HHS is not likely to impose a penalty – assuming the failure is corrected within 30 days or such longer period as CMS may authorize.

Good Faith Compliance Effort

CMS is cognizant of the fact that any single Transaction may involve more than one covered entity. Noncompliance by one entity may negatively impact the compliance efforts of another. For that reason, CMS has indicated its intent, during the period immediately following the Compliance Date, to look at the good faith compliance efforts of each of the covered entities that are party to a Transaction in order to determine whether there is reasonable cause for the noncompliance.

Covered entities are encouraged to intensify their efforts towards compliance. As it relates to health plans, HHS has suggested that part of this focused initiative should include an assessment of future trading partners in the provider community to determine the need, if any, for contingency plans so that the flow of payments and other information is not interrupted while provider partners continue to work toward compliance. CMS has stated that it will not impose penalties on covered entities that deploy such contingencies if those entities have made reasonable and diligent efforts to become compliant. In making a determination whether such an effort has been made, CMS will place strong emphasis on demonstrable progress.

So, essentially, the government's message seems to be, "Work hard, do the best you can, and if that doesn't work, keep trying."It sounds as if someone at CMS used to be our third-grade teacher.

Read past HIPAA Legal Q/A articles.

Steve Fox, Esq., is a partner at the Washington, DC office of Pepper Hamilton LLP, www.pepperlaw.com. This article was co-authored by Rachel H. Wilson, Esq., an associate of Pepper Hamilton LLP. They may be reached at foxsj@pepperlaw.com.

Disclaimer: This information is general in nature and should not be relied upon as legal advice.

Go to TOP