Monday, November 2, 2009

House Bill May Finally Deliver on HIPAA's Promise

HIPAA has never achieved its promise of standardized and ubiquitous electronic transactions. The House of Representatives will be voting this week on a Health Reform bill that
  • requires electronic transaction standardization including elimination of payer-specific companion guides,
  • enables the "real-time (or near real time) determination of an individual’s financial responsibility at the point of service and, to the extent possible, prior to service, including whether the individual is eligible for a specific service with a specific physician at a specific facility, on a specific date or range of dates, include utilization of a machine-readable health plan beneficiary identification card",
  • enables near real-time adjudication of claims,
  • requires "timely and transparent claim and denial management processes, including uniform claim edits, uniform reason and remark denial codes, tracking, adjudication, and appeal processing",
  • requires a single binding companion guide starting with the X12 5010 electronic transaction set,
  • requires implementation of the standards and new transactions within five years of enactment, and
  • puts enforcement teeth behind use of the transactions.
Excerpt of Section 1173A of the House bill follows:

SEC. 1173A. STANDARDIZE ELECTRONIC ADMINISTRATIVE TRANSACTIONS.
(a) STANDARDS FOR FINANCIAL AND ADMINISTRATIVE TRANSACTIONS.
(1) IN GENERAL.—The Secretary shall adopt and regularly update standards consistent with the goals described in paragraph (2).
(2) GOALS FOR FINANCIAL AND ADMINISTRATIVE TRANSACTIONS.—The goals for standards under paragraph (1) are that such standards shall, to the extent practicable—
(A) be unique with no conflicting or redundant standards;
(B) be authoritative, permitting no additions or constraints for electronic transactions, including companion guides;
(C) be comprehensive, efficient and robust, requiring minimal augmentation by paper transactions or clarification by further communications;
(D) enable the real-time (or near real time) determination of an individual’s financial responsibility at the point of service and, to the extent possible, prior to service, including whether the individual is eligible for a specific service with a specific physician at a specific facility, on a specific date or range of dates, include utilization of a machine-readable health plan beneficiary identification card or similar mechanism;
(E) enable, where feasible, near real-time adjudication of claims;
(F) provide for timely acknowledgment, response, and status reporting applicable to any electronic transaction deemed appropriate by the Secretary;
(G) describe all data elements (such as reason and remark codes) in unambiguous terms, not permit optional fields, require that data elements be either required or conditioned upon set values in other fields, and prohibit additional conditions except where required by (or
to implement) State or Federal law or to protect against fraud and abuse; and
(H) harmonize all common data elements across administrative and clinical transaction standards.
(3) TIME FOR ADOPTION.—Not later than 2 years after the date of the enactment of this section, the Secretary shall adopt standards under this section by interim, final rule.
(4) REQUIREMENTS FOR SPECIFIC STANDARDS.—The standards under this section shall be developed, adopted, and enforced so as to—
(A) clarify, refine, complete, and expand, as needed, the standards required under section
6 1173;
(B) require paper versions of standardized transactions to comply with the same standards as to data content such that a fully compliant, equivalent electronic transaction can be populated from the data from a paper version;
(C) enable electronic funds transfers, in order to allow automated reconciliation with the related health care payment and remittance advice;
(D) require timely and transparent claim and denial management processes, including uniform claim edits, uniform reason and remark denial codes, tracking, adjudication, and appeal processing;
(E) require the use of a standard electronic transaction with which health care providers may quickly and efficiently enroll with a health plan to conduct the other electronic transactions provided for in this part; and
(F) provide for other requirements relating to administrative simplification as identified by the Secretary, in consultation with stakeholders.
(5) BUILDING ON EXISTING STANDARDS.—In adopting the standards under this section, the Secretary shall consider existing and planned standards.
(6) IMPLEMENTATION AND ENFORCEMENT.— Not later than 6 months after the date of the enactment of this section, the Secretary shall submit to the appropriate committees of Congress a plan for the implementation and enforcement, by not later than 5 years after such date of enactment, of the standards under this section. Such plan shall include—
(A) a process and timeframe with milestones for developing the complete set of standards;
(B) a proposal for accommodating necessary changes between version changes and a process for upgrading standards as often as annually by interim, final rulemaking;
(C) programs to provide incentives for, and ease the burden of, implementation for certain health care providers, with special consideration given to such providers serving rural or underserved areas and ensure coordination with standards, implementation specifications, and certification criteria being adopted under the HITECH Act;
(D) programs to provide incentives for, and ease the burden of, health care providers who volunteer to participate in the process of setting standards for electronic transactions;
(E) an estimate of total funds needed to ensure timely completion of the implementation plan; and
(F) an enforcement process that includes timely investigation of complaints, random audits to ensure compliance, civil monetary and programmatic penalties for noncompliance consistent with existing laws and regulations, and a fair and reasonable appeals process building off of enforcement provisions under this part, and concurrent State enforcement jurisdiction. The Secretary may promulgate an annual audit and certification process to ensure that all health plans and clearinghouses are both syntactically and functionally compliant with all the standard transactions mandated pursuant to the administrative simplification provisions of this part and the Health Insurance Portability and Accountability Act of 1996.
(b) LIMITATIONS ON USE OF DATA.—Nothing in this section shall be construed to permit the use of information collected under this section in a manner that would violate State or Federal law.
(c) PROTECTION OF DATA.—The Secretary shall ensure (through the promulgation of regulations or otherwise) that all data collected pursuant to subsection (a) are used and disclosed in a manner that meets the HIPAA privacy and security law (as defined in section 3009(a)(2) of the Public Health Service Act), including any privacy or security standard adopted under section 3004 of such Act.
SEC. 1173B. INTERIM COMPANION GUIDES, INCLUDING OPERATING RULES.
(a) IN GENERAL.—The Secretary shall adopt a single, binding, comprehensive companion guide, that includes operating rules for each X12 Version 5010 transaction described in section 1173(a)(2), to be effective until the new version of these transactions which comply with
25 section 1173A are adopted and implemented.
(b) COMPANION GUIDE AND OPERATING RULES DEVELOPMENT.—In adopting such interim companion guide and rules, the Secretary shall comply with section 1172, except that a nonprofit entity that meets the following criteria shall also be consulted:
(1) The entity focuses its mission on administrative simplification.
(2) The entity uses a multistakeholder process that creates consensus-based companion guides, including operating rules using a voting process that ensures balanced representation by the critical stakeholders (including health plans and health care providers) so that no one group dominates the entity and shall include others such as standards development organizations, and relevant Federal or State agencies.
(3) The entity has in place a public set of guiding principles that ensure the companion guide and operating rules and process are open and transparent.
(4) The entity coordinates its activities with the HIT Policy Committee, and the HIT Standards Committee (established under title XXX of the Public Health Service Act) and complements the efforts of the Office of the National Healthcare Coordinator and its related health information exchange goals.
(5) The entity incorporates the standards issued under Health Insurance Portability and Accountability Act of 1996 and this part, and in developing the companion guide and operating rules does not change the definition, data condition or use of a data element or segment in a standard, add any elements or segments to the maximum defined data set, use any codes or data elements that are either marked ‘not used’ in the standard’s implementation specifications or are not in the standard’s implementation specifications, or change the meaning or intent of the standard’s implementation specifications.
(6) The entity uses existing market research and proven best practices.
(7) The entity has a set of measures that allow for the evaluation of their market impact and public reporting of aggregate stakeholder impact.
(8) The entity supports nondiscrimination and conflict of interest policies that demonstrate a commitment to open, fair, and nondiscriminatory practices.
(9) The entity allows for public reviews and comment on updates of the companion guide, including the operating rules.
(c) IMPLEMENTATION.—The Secretary shall adopt a single, binding companion guide, including operating rules under this section, for each transaction, to become effective with the X12 Version 5010 transaction implementation, or as soon thereafter as feasible. The companion guide, including operating rules for the transactions for eligibility for health plan and health claims status under this section shall be adopted not later than October 1, 2011, in a manner such that such set of rules is effective beginning not later than January 1, 2013. The companion guide, including operating rules for the remainder of the transactions described in section 1173(a)(2) shall be adopted not later than October 1, 2012, in a manner such that such set of rules is effective beginning not later than January 1, 2014.
(2) DEFINITIONS.—Section 1171 of such Act (42 U.S.C. 1320d) is amended— (A) in paragraph (1), by inserting ‘‘, and associated operational guidelines and instructions, as determined appropriate by the Secretary’’ after ‘‘medical procedure codes’’; and
(B) by adding at the end the following new paragraph:
(10) OPERATING RULES.—The term ‘operating rules’ means business rules for using and processing transactions, such as service level requirements, which do not impact the implementation specifications or other data content requirements.’’.
(3) CONFORMING AMENDMENT.—Section 1179(a) of such Act (42 U.S.C. 1320d–8(a)) is amended, in the matter before paragraph (1)—
(A) by inserting ‘‘on behalf of an indi1vidual’’ after ‘‘1978)’’; and
(B) by inserting ‘‘on behalf of an individual’’ after ‘‘for a financial institution’’ and
(b) STANDARDS FOR CLAIMS ATTACHMENTS AND COORDINATION OF BENEFITS.—
(1) STANDARD FOR HEALTH CLAIMS ATTACHMENTS.—Not later than 1 year after the date of the enactment of this Act, the Secretary of Health and Human Services shall promulgate an interim, final rule to establish a standard for health claims attachment transaction described in section 1173(a)(2)(B) of the Social Security Act (42 U.S.C. 1320d– 2(a)(2)(B)) and coordination of benefits.
(2) REVISION IN PROCESSING PAYMENT TRANSACTIONS BY FINANCIAL INSTITUTIONS.—
(A) IN GENERAL.—Section 1179 of the Social Security Act (42 U.S.C. 1320d–8) is amended, in the matter before paragraph (1)—
(i) by striking ‘‘or is engaged’’ and inserting ‘‘and is engaged’’; and
(ii) by inserting ‘‘(other than as a business associate for a covered entity)’’ after ‘‘for a financial institution’’.
(B) COMPLIANCE DATE.—The amendments made by subparagraph (A) shall apply to transactions occurring on or after such date (not later than January 1, 2014) as the Secretary of Health and Human Services shall specify.
(c) STANDARDS FOR FIRST REPORT OF INJURY.— Not later than January 1, 2014, the Secretary of Health and Human Services shall promulgate an interim final rule to establish a standard for the first report of injury transaction described in section 1173(a)(2)(G) of the Social Security Act (42 U.S.C. 1320d–2(a)(2)(G)).
(d) UNIQUE HEALTH PLAN IDENTIFIER.—Not later October 1, 2012, the Secretary of Health and Human Services shall promulgate an interim final rule to establish a unique health plan identifier described in section 1173(b) of the Social Security Act (42 U.S.C. 1320d– 2(b)) based on the input of the National Committee of Vital and Health Statistics and consultation with health plans, health care providers, and other interested parties.
(e) EXPANSION OF ELECTRONIC TRANSACTIONS IN MEDICARE.—Section 1862(a) of the Social Security Act (42 U.S.C. 1395y(a)) is amended—
(1) in paragraph (23), by striking ‘‘or’’ at the end;
(2) in paragraph (24), by striking the period and inserting ‘‘; or’’; and
(3) by inserting after paragraph (24) the following new paragraph: ‘‘(25) subject to subsection (h), not later than January 1, 2015, for which the payment is other than by electronic funds transfer (EFT) so long as the Secretary has adopted and implemented a standard for electronic funds transfer under section 1173A.’’.
(f) EXPANSION OF PENALTIES.—Section 1176 of such Act (42 U.S.C. 1320d–5) is amended by adding at the end the following new subsection:
(c) EXPANSION OF PENALTY AUTHORITY.—The Secretary may, in addition to the penalties provided under subsections (a) and (b), provide for the imposition of penalties for violations of this part that are comparable—
(1) in the case of health plans, to the sanctions the Secretary is authorized to impose under part C or D of title XVIII in the case of a plan that violates a provision of such part; or
(2) in the case of a health care provider, to the sanctions the Secretary is authorized to impose under part A, B, or D of title XVIII in the case of a health care provider that violations a provision of such part with respect to that provider.’’.

1 comment:

Mike said...

Very recently I had came across one website http://hipaatraining.net/ that I found quite interesting from HIPAA Compliance point of view. This site provides comprehensive HIPAA training courses in multiple formats, as well as services and products for covered entities & business associates to meet HIPAA compliance. They also provide Online HIPAA Training as well as self study kits. The HIPAA training will helps to better understand the implications of HIPAA legislation and identify critical compliance requirements for your business/client. It helps you better understand HIPAA’s Administrative Simplification Act as well as how to create a framework for initiating and working towards a blueprint for HIPAA Privacy compliance and understand HIPAA Security rules and regulations.