HIPAA regs
HIPAA dvisory
HIPAAdvisory > HIPAAregs Final Provider Identifier Phoenix Health Systems
news
regs
action
tech
wares
alert
live
latest
online HIPAA training
HIPAAstore
HIPAA help desk
search
contact us
site map

Standard Unique Health Identifier for Healthcare Providers

I. Background

In order to administer its programs, a health plan assigns identification numbers to its providers of healthcare services and its suppliers. A health plan may be, among other things, a Federal program such as Medicare, a State Medicaid program, or a private health plan. The identifiers it assigns are frequently not standardized within a single health plan or across health plans, which results in the single healthcare provider having different identification numbers for each health plan, and often having multiple billing numbers issued within the same health plan. This complicates the healthcare provider’s claims submission processes and may result in the assignment of the same identification number to different healthcare providers by different health plans.

A. NPI Initiative

In July 1993, the Centers for Medicare & Medicaid Services (CMS) (formerly the Health Care Financing Administration (HCFA)), undertook a project to develop a healthcare provider identification system to meet the needs of the Medicare and Medicaid programs and, ultimately, the needs of a national identification system for all healthcare providers. Active participants in the project represented both government and the private sector. The project participants decided to develop a new identifier for healthcare providers because existing identifiers did not meet the criteria for national standards. The new identifier, known as the National Provider Identifier (NPI), did not have the limitations of the existing identifiers, and it met the criteria that had been recommended by the Workgroup for Electronic Data Interchange (WEDI) and the American National Standards Institute (ANSI).

B. The Results of the NPI Initiative

As a result of the project, and before the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Pub. L. 104–191, which was enacted on August 21, 1996, required the adoption and use of a standard unique identifier for healthcare providers, CMS and the other project participants accepted the NPI as the standard unique health identifier for healthcare providers. CMS decided to implement the NPI for Medicare, and began work on developing the National Provider System (NPS), which was intended to capture healthcare provider data and be equipped with the technology necessary to maintain and manage the data. The NPS was intended to be able to accept healthcare provider data in order to uniquely identify a healthcare provider and assign it an NPI. The NPS was intended to be designed so it could be used by other Federal and State agencies, and by private health plans, if deemed appropriate, to enumerate their healthcare providers that did not participate in Medicare.

C. Legislation

The Congress included provisions to address the need for a standard unique health identifier for healthcare providers and other healthcare system needs in the Administrative Simplification provisions of HIPAA. Through subtitle F of title II of that law, the Congress added to title XI of the Social Security Act (the Act) a new part C, entitled ‘‘Administrative Simplification.’’ (Pub. L. 104–191 affects several titles in the United States Code.) The purpose of part C is to improve the Medicare and Medicaid programs in particular, and the efficiency and effectiveness of the healthcare system in general, by encouraging the development of a health information system through the establishment of standards and implementation specifications to facilitate the electronic transmission of certain health information.

Part C of title XI consists of sections 1171 through 1179 of the Act. These sections define various terms and impose requirements on the Secretary of the Department of Health and Human Services (HHS), health plans, healthcare clearinghouses, and certain healthcare providers concerning the adoption of standards and implementation specifications relating to health information. Section 1173(b) of the Act requires the Secretary to adopt standards providing for a standard unique health identifier for each individual, employer, health plan, and healthcare provider for use in the healthcare system and to specify the purposes for which the identifiers may be used. It also requires the Secretary to consider multiple locations and specialty classifications for healthcare providers in developing the standard health identifier for healthcare providers. We discussed other general aspects of the HIPAA statute in greater detail in the May 7, 1998, proposed rule (63 FR 25320).

D. Plan for Implementing Administrative Simplification Standards

On May 7, 1998, we proposed a standard unique health identifier for healthcare providers and requirements concerning its implementation (63 FR 25320). That proposed rule also set forth requirements that health plans, healthcare clearinghouses, and covered healthcare providers would have to meet concerning the use of the standard. On May 7, 1998, we also proposed standards for transactions and code sets (63 FR 25272). We published the final rule, entitled Health Insurance Reform: Standards for Electronic Transactions (the Transactions Rule), on August 17, 2000 (65 FR 50312). On May 31, 2002, in two separate proposed rules, we published proposed modifications to the Standards for Electronic Transactions. We published a final rule adopting modifications to the Transactions Rule on February 20, 2003 (68 FR 8381).

On November 3, 1999, we proposed standards for privacy of individually identifiable health information (64 FR 59918). We published the final rule, entitled Standards for Privacy of Individually Identifiable Health Information (the Privacy Rule), on December 28, 2000 (65 FR 82462). On March 27, 2002, we proposed modifications to the Privacy Rule. On August 14, 2002, we published modifications to the Privacy standards in a final rule, entitled ‘‘Standards for Privacy of Individually Identifiable Health Information’’ (the Privacy Rule Modifications) (67 FR 53182).

On June 16, 1998, we proposed the standard unique employer identifier (63 FR 32784). On May 31, 2002, we published the final rule, entitled ‘‘Standard Unique Employer Identifier’’ (67 FR 38009).

On August 12, 1998, we proposed standards for security and electronic signatures (63 FR 43242). On February 20, 2003, we published the final rule on security standards (the Security Rule) (68 FR 8334).

On April 17, 2003, we published an interim final rule adopting procedures for the investigation and imposition of civil money penalties and the conduct of hearings when the imposition of a penalty is challenged (68 FR 18895). The interim final rule is the first installment of a larger rule, known as the Enforcement Rule, the rest of which is to be proposed at a later date.

We will be proposing standards for the unique health plan identifier and claims attachments.

In the May 7, 1998, proposed rule for the standard unique health identifier for healthcare providers, we proposed to add a new part 142 to title 45 of the Code of Federal Regulations (CFR) for the administrative simplification standards and requirements. We have decided to codify the final rules in 45 CFR part 162 instead of part 142. The Transactions Rule (65 FR 50312) explains why we made this change and lists the subparts and sections comprising part 162. In this final rule, we reference the proposed text using part 142, and reference the final text using part 162.

In the Transactions Rule, we addressed (at 65 FR 50314) the comments that were made on issues that were common to the proposed rules on standards for electronic transactions, the standard employer identifier, the standards for security and electronic signatures, and the standard healthcare provider identifier. Those issues relate to applicability, definitions, general effective dates, new and revised standards, and the aggregate impact analysis. In that final rule, we set out the general requirements in part 160 subpart A and part 162 subpart A. We refer the reader to that rule for more information on all but our discussion of issues pertinent to the standard unique health identifier for healthcare providers and the definition of healthcare provider.

E. Employer Identifier Standard:

Waiver of Proposed Rulemaking and Effective Date for Uses of Employer Identifier

As stated in section I.D., ‘‘Plan for Implementing Administrative Simplification Standards,’’ of this preamble, we published the final rule that adopted the standard unique employer identifier on May 31, 2002 (67 FR 38009). The Employer Identifier was adopted as that standard effective July 30, 2002. We amend § 162.610 as explained below.

We ordinarily publish a correcting amendment of proposed rulemaking in the Federal Register and invite public comment on the correcting amendment before its provisions can take effect. We also ordinarily provide a delay of 30 days in the effective date of the final rule. We can waive notice and comment procedure and the 30-day delay in the effective date, however, if we find good cause that a notice and comment procedure is impracticable, unnecessary, or contrary to the public interest and we incorporate a statement in the correcting amendment of this finding and the reasons supporting that finding.

We find that seeking public comment on and delaying the effective date of this correcting amendment would be contrary to the public interest. Section 1173(b)(2) of the Act requires that the standards regarding unique healthcare identifiers specify the purposes for which they may be used. Section 162.610 requires a covered entity to use the standard unique employer identifier—the employer identification number (EIN) assigned by the Internal Revenue Services (IRS), U.S. Department of the Treasury—in standard transactions that require an employer identifier. Unless § 162.610 is amended to permit use of the standard unique employer identifier for all other lawful purposes, the Act could be read to subject covered entities that use their EIN for other purposes to civil money penalties under section 1176 of the Act and criminal penalties under section 1177 of the Act, a result that we did not intend. The IRS requires any taxpayer assigned an EIN to use the EIN as its taxpayer identifying number. Statutes and regulations also authorize or require other Federal agencies, including the Departments of Agriculture, Commerce, Education, Housing and Urban Development, and Labor, to collect EINs in connection with administering various Federal programs and laws. Since some of these agencies may conduct transactions with covered entities or may be covered entities in their own right, failure to promptly publish the correcting amendment could cause conflict between § 162.610 and other statutory and regulatory directives, generating uncertainty for covered entities and potentially disrupting the administration of other Federal programs and laws. We believe that it is necessary to eliminate that uncertainty and potential disruption and to do so as soon as practicable by amending § 162.610 to include as permitted uses of the EIN all other lawful purposes. Therefore, we find good cause to waive the notice and comment procedure and the 30-day delay in the effective date as being contrary to the public interest.

[Top of Page] [Previous] [Next]