HIPAA regs
HIPAA dvisory
HIPAAdvisory > HIPAAregs Phoenix Health Systems
news
regs
action
tech
wares
alert
live
latest
online HIPAA training
HIPAAstore
HIPAA help desk
search
contact us
site map

HIPAA regs: National Identifiers -- How They Fit into the HIPAA Puzzle

by D'Arcy Guerin Gue, Phoenix Health Systems

Updated March 2006

Why Do We Need Unique National Identifiers?

Over the past three decades, the healthcare industry and the Federal government have explored many approaches to arresting double-digit increases in healthcare costs. Strategies have included group insurance plans, subsidized plans, managed care, self-insured funds, wellness programs, and preventative patient education. The Centers for Medicare and Medicaid Services (CMS) introduced Medicare rules limiting allowable charges and requiring standardized transaction processes. Traditional health plans followed suit, introducing cost-saving electronic billing, claims processing, and other business interactions that relied upon computerized coding to identify transactions and parties to the transactions.

Unfortunately, few efforts were made to standardize the elements of what has become an industry-wide movement towards healthcare transactions automation. Today, single providers find themselves with different identifier codes assigned by different health plans,and even within the same health plans. The same identifier may be issued to multiple providers. Millions of employers – often the sponsors of health plans – are subject to similar inconsistencies, along with health plans and patients themselves. Employers, providers, payors, clearinghouses, patients and vendors – all participants in healthcare transactions – must contend with the unnecessary confusion, extra work, processing delays, and high costs created by this lack of standardization.

Healthcare claims are often delayed or rejected due to processing errors and incorrect coding formats – including incorrect identifier codes for parties to transactions. Many Americans have experienced the frustration of being caught in the middle when employers, health plans and providers are unable to coordinate eligibility and claims processes because of missing or erroneous data. Some have experienced how non-standard identifiers have contributed to unethical electronic billing practices and other fraud and abuse both in Medicare and in the private health sector. For many providers, the problems created by lack of standards has been a major reason for refusing to submit claims electronically, despite the potential cost advantages.

In the early 1990’s, healthcare industry leaders, HHS and Congress became increasingly concerned about the costly lack of standardization in the “business” of healthcare. These concerns precipitated Congress’ decision to include "administrative simplification” provisions in HIPAA, requiring that healthcare transactions and identifiers for employers, health plans, providers and individuals be standardized nationally.

Who and What Are Covered?

Section 1173 of HIPAA Administrative Simplification called for “a standard unique health identifier for each individual, employer, health plan, and health care provider for use in the healthcare system.” The Act recognized that DHHS would have “to take into account multiple uses for identifiers and multiple locations and specialty classifications for healthcare providers.” The proposed rules apply to health plans and clearinghouses, and any provider electronically transmitting any of the transactions covered by HIPAA. As a practical matter, software vendors that have contracts with health plans and providers to support healthcare transactions will also be affected by the identifier requirements.

“Electronic transmissions” includes all media, including magnetic tape, disk, CD media, the Internet, extranets, leased lines, dial-up lines, and private networks. Telephone voice response, "faxback" systems, and HTML interaction are not included. Transmissions within a corporate entity are not affected.

What is the Current Status of National Identifiers?

Two final rules have been issued, thus far:

  • National Employer Identifier, compliance date July 30, 2004 for most covered entities
  • National Provider Identifier, compliance date May 23, 2007 for most covered entities

The National Health Plan (Payer) Identifier and the National Health Identifier for Individuals have not yet been proposed. HHS has indicated that it will develop an identifier for health plans in 2006, to aid in administration of benefits and to improve the transmission of healthcare transactions.

Development of an identifier for individuals has been postponed indefinitely, and its future is uncertain. Despite the positives of the individual identifier concept, it has generated much public and advocacy group controversy regarding how it can be implemented without compromising individual privacy.

How Are Identifiers Chosen?

The selection of standard identifiers is no small task. Since standards for identifiers do not exist, DHHS has consulted extensively with designated health industry standards maintenance organizations (DSMOs), including the Workgroup for Electronic Data Interchange (WEDI), the National Uniform Billing Committee (NUBC), the National Uniform Claim Committee (NUCC) and the American Dental Association (ADA) to develop proposed standards. “Guiding Principles for Standards Selection,” which are detailed in HIPAA, were used by the implementation teams to set proposed identifier standards.

The National Provider Identifier (NPI):

What Is It?

Presently, health plans assign an identifying number to each provider with whom they conduct electronic business. Since providers typically work with several health plans, they are likely to have a different identifier number for each plan. The standard Provider Identifier (NPI) will ensure that each provider has one unique identifier to be used in transactions with all health plans. National Provider Identifiers must be used by all providers, and accepted by all clearinghouses and health plans in connection with the electronic transactions that are covered by HIPAA.

The original, proposed format for the NPI was an eight digit alphanumeric identifier. However, the healthcare industry has widely criticized this format, claiming that major information systems incompatibilities will make it too expensive and difficult to implement. DHHS has now revised its recommendation, stating that the final rule will specify a 10-position numeric identifier with a check digit in the last position to help detect keying errors. The NPI is expected to carry no intelligence; in other words, its characters will not in themselves provide information about the provider. Each healthcare provider will receive just one unique identifier which will remain with the provider throughout its (his/her) life as a provider.

How Will We Implement the NPI?

DHHS has recommended that the NPI be implemented through a central electronic National Provider System (NPS), to be managed by HCFA. The NPS will consist of a combination of existing Federal health plans, Medicaid state agencies and a new, Federally-directed registry -- all of whom will assign identifiers, or “enumerate” providers. Federal health plans and Medicaid agencies will enumerate their own healthcare providers. Providers who don’t belong to one of the included Federal programs will be enumerated by the Federally-directed registry.

NPI enumeration will be implemented in phases. First, providers that submit electronic Medicare transactions will automatically be assigned an NPI. Non-Medicare health plans such as Medicaid and HMOs will then phase in enumeration of their providers. Providers using these programs will not need to apply for an NPI, but will have to decide which health plan will provide it. Providers who do not participate in any Federal health plans or Medicaid but who transmit standard HIPAA transactions electronically, will have to apply directly to the new Federal registry for their NPIs. Finally, providers who don’t participate in any Federal plans or transmit the electronic transactions covered by HIPAA are expected to be enumerated after all other providers. The NPS will maintain the national database in perpetuity.

Implementation of the NPI is likely to be a challenge, both for the Federal government and the healthcare community. The proposed National Provider System does not yet exist, and while enlisting the participation of Federal plans may help lower set-up costs, coordinating an initial nation-wide enumeration process and managing the transition from multiple identifiers to a single identifier environment may become complicated. Providers and other organizations will have to update their legacy information systems, administrative processes, reference files and forms in order to ensure continuity between old provider identifiers and the new NPIs. Some providers and vendors will find that their systems require tweaking or significant reengineering to accommodate the new standard. Health plans, clearinghouses and software vendors may have to perform software conversions to meet the requirement.

The National Employer Identifier (NEI):

What Is It?

Because employers are primary sponsors of health plans, they often must be identified within healthcare transactions. DHHS has recommended that the National Employer Identifier be the number currently assigned to employers by the Internal Revenue Service.

The IRS Employer Identification Number (EIN) is a 9-digit number (xx-xxxxxx) that is already used as the employer identifier for enrollment/disenrollment in a health plan, health claim, eligibility, and premium payment. As the EIN is a publicly available number that does not reference any individual, it is unlikely to create any privacy issues. DHHS also has emphasized that it does not enable access to tax information.

How Will We Implement the NEI?

Implementation of the National Employer Identifier is expected to have a much milder impact than implementation of the Provider Identifier. The EIN is already in wide use, so few entities will be required to make substantial process changes. Nevertheless, all providers, payors, and clearinghouses currently using other employer identifiers in electronic transactions will be required to convert to the EIN. Employers will need to disclose their EIN when requested. Some payors and clearinghouses may need to alter their systems to accommodate the new standard.

What Will Be the Benefits of National Identifiers?

Standardization of transaction data elements – including the codes that identify parties to healthcare transactions – is expected to help reduce healthcare fraud, transaction errors, redundant administrative efforts and, ultimately, costs. Many hope that standardized healthcare transactions processes (“administrative simplification”) combined with adequate privacy and security protections, will provide a foundation for an efficient, streamlined nation-wide healthcare information infrastructure.

Clearly, initial costs of implementation will overshadow any early benefits. Significant benefits are likely to be realized only over the next several years as fewer referrals are denied or rejected for erroneous provider identifiers, and the healthcare delivery environment becomes increasingly streamlined, standardized and cost-effective.

Review the full text of the Final National Provider and Employer Identifier Rules.

D'Arcy Guerin Gue is Executive Vice President, Knowledge Services and Business Development, of Phoenix Health Systems. This article was co-authored by Angie Atcher. (2001).

Go to TOP