Most Physicians Not Ready for HIPAA Compliance: Feds Ease Standards Slightly. (Health Insurance Portability and Accountability Act)

Article excerpt

Harry Reynolds is worried.

Mr. Reynolds is responsible for making sure that his health plan, BlueCross BlueShield of North Carolina, is ready on Oct. 16, the deadline for complying with the part of the Health Insurance Portability and Accountability Act (HIPAA) that regulates electronic health transactions.

That means making sure providers who contract with the plan will be ready to transmit electronic claims that comply with the new law. The health plan has tried everything: provider outreach, educational manuals, you name it. It has even set up a Web site where providers and clearinghouses can test their new claims formats with the plan, free of charge, as often as they like.

The plan receives claims from more than 6,300 providers who transmit through 544 different "portals": vendors, clearinghouses, and the like. As of early August, only 11 of those 544 portals had indicated that they were interested in doing any testing.

"Everybody seems to be running down to the last minute to get HIPAA ready," said Mr. Reynolds, the plan's vice president" for HIPAA and information compliance officer in Durham. He pointed out that the top 25 portals account for 73% of the plan's electronic claims, "but the 519 others equal 27%, and [getting them ready] is a little like hand-to-hand combat."

As concerned as he is about HIPAA compliance, Mr. Reynolds became a lot less worried in July. That's when the Department of Health and Human Services, which is responsible for enforcing HlPAA, issued a three-page document that relaxed some of the compliance requirements.

"With the October deadline just ahead, HHS has received a number of inquiries expressing concern over the health care industry's state of readiness," HHS officials wrote. "In response, the department believes it is particularly important to outline its approach to enforcement of HIPAA's electronic transactions and code sets provisions."

In particular, Mr. Reynolds and officials at other health plans were worried about HIPAA's mandate that insurance plans must reject any claim submitted on or after Oct. 16 that did not comply with the new electronic transaction standard. If stringently enforced, that rule could have forced many providers to go back to submitting claims on paper and backing up processing for many insurers, which are no longer staffed to process large volumes of paper claims.

Not to worry, HHS said. The Centers for Medicare and Medicaid Services, which will be enforcing the new rules for HHS, "will not impose penalties on covered entities that deploy contingencies (in order to ensure the smooth flow of payments) if they have made reasonable and diligent efforts to become compliant and, in the case of health plans, to facilitate the compliance of their trading partners," the document said. "Specifically, as long as a health plan can demonstrate to CMS its active outreach/testing efforts, it can continue processing payments to providers."

That guidance is nice as far as it goes, but there still could be trouble ahead, according to Rob Tennant, senior policy advisor at the Medical Group Management Association's (MGMA) Washington office. …