FPM article series on HIPAA This article is part of a series designed to educate and prepare family physicians to comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Any practice, hospital or health plan in the United States that electronically transmits patient-identifiable health care information must comply with the HIPAA regulations or face civil and criminal penalties. To access the series of articles, go to http://www.aafp.org/x20098.xml.

Imagine that your practice could submit all claims electronically, track the status of claims with the push of a button and communicate online with payers to confirm patient eligibility and determine what services will be paid when. Now imagine that payments could be received electronically and automatically posted to your practice's accounting software. Finally, imagine that your office could analyze payment data so that you could determine what procedures, payers and contracts were most or least profitable for your practice. And moreover, what if what I've described could actually lower your overhead costs?

This kind of breakthrough automation of the medical practice's business processes - computerized eligibility checking, claims submission and payment, and data reporting - is the "holy grail" of practice management. And it may be just around the corner if the uniform transactions and code set standards mandated by the Health Insurance Portability and Accountability Act (HIPAA) go into effect in October 2002 as scheduled. [Editor's note: Small health plans will have an additional 12 months to comply.]

What are the HIPAA transactions and code set standards?

The HIPAA transactions and code set standards are rules to standardize the electronic exchange of patient-identifiable, health-related information. They are based on electronic data interchange (EDI) standards, which allow the electronic exchange of information from computer to computer without human involvement.

KEY POINTS: The purpose of the HIPAA transactions and code set standards is to simplify the processes and decrease the costs associated with payment for health care services. The transactions and code set standards apply to patient-identifiable health information transmitted electronically. Physician practices will continue to be able to submit paper claims. When the regulations take effect in October 2002, standard formats and code sets will take the place of any payer-specific or location-specific formats or requirements.

Prior to the passage of HIPAA in 1996, Congress determined that to improve the efficiency and effectiveness of the health care system and decrease administrative burdens on providers (i.e., medical practices, hospitals and health care plans) it was necessary to have national standards for the electronic exchange of health care transactions. These standards apply to nine types of administrative and financial health care transactions used by payers, physicians and other providers, including claims submission, claims status reporting, referral certification and authorization, and coordination of benefits. (See "Standard transaction formats" for a complete list of the transactions and the standard formats required.) HIPAA also requires that medical data code sets be standardized and all local and proprietary codes be eliminated. Conforming to the code set standards is not expected to pose much difficulty for most practices since many of the code sets that have been adopted are already in common use. (For a list of code sets adopted by HIPAA, see "Uniform code sets.")

All practices will be affected in some way by the HIPAA transactions and code set standards, whether their claims are submitted electronically or on paper. Why? Because all the payers, health plans, clearinghouses and insurance plans you deal with will have to convert to using the standards in order to comply with HIPAA.

HIPAA rumor and reality

As was the case with Y2K, there is much uncertainty about exactly what HIPAA will require of us - and much conjecture. Have you heard that HIPAA will force practices to computerize their claims submission processes? That's not true. In fact, the HIPAA transactions and code set standards currently say nothing at all about paper claims.

Many of the code sets that have been adopted are already in common use.

What the HIPAA regulations do say is that somewhere in the exchange between provider and payer, a non-standard transaction must be translated to the HIPAA standard format. Medical practices may continue to submit claims on paper or in non-standard electronic data formats, but this translation may ultimately be something you have to pay for. Practices that submit information electronically using the HIPAA standards will have some advantages: A payer may not refuse to accept a HIPAA-standard transaction, must respond to the provider with the appropriate electronic message standard format and may not delay payment because the transactions are submitted electronically. The HIPAA rules do seem to give the advantage to medical practices that submit claims electronically, as they guarantee those practices prompt responses from payers. Because of this, more physician practices may want to use computers instead of paper for submitting and receiving claims.

STANDARD TRANSACTION FORMATS To simplify the electronic exchange of financial and administrative health care transactions, the Health Insurance Portability and Accountability Act (HIPAA) transactions standards will require all health plans, health care clearinghouses and health care providers to use or accept the following electronic transactions. The following formats will replace the hundreds of proprietary and local formats used throughout the health insurance industry when the transactions standards take effect in October 2002: Claims submission: The X12-837 HIPAA format will be used when a physician or other health care provider (e.g. hospital) files an electronic claim for payment for the delivery of care. This format is similar in many respects to the UB-92 and the HCFA-1500 formats. Enrollment and disenrollment in a health plan: The X12-834 format will be used to establish communication between the sponsor of a health benefit and the health plan. Eligibility: The X12-270 (inquiry) and X12-271 (response) formats will be used to inquire about the eligibility, coverage or benefits associated with a benefit plan, employer, plan sponsor, subscriber or a dependent under the subscriber's policy. Health care payment to provider (with remittance advice): The X12-835 format will be used by a health plan to make a payment to a financial institution for a health care provider (sending payment only), to send an explanation of benefits or remittance advice directly to a health care provider (sending data only), or to make payment and send an explanation of benefits and remittance advice to a health care provider via a financial institution (sending both payment and data). Premium payment to health insurance plans: The X12-820 format will be used by employers, employees, unions and associations to make and track premium payments to their health insurers. Claim status request and response: The X12-276 and X12-277 formats will be used by health care providers and recipients of health care products or services (or their authorized agents) to request the status of a health care claim or encounter from a health plan. Referral certification and authorization: The X12-278 format will be used to transmit health care service referral information between health care providers and health plans. It will also be used to obtain authorization for certain health care services from a health plan. Claims attachment: Some insurers also require additional records for each claim submitted. For example, the insurer may wish to review subscriber, patient, demographic, diagnosis or treatment data. A standard format for electronic health claims attachments is expected soon. First report of injury: This transaction will be used to report information pertaining to an injury, illness or incident to entities interested in the information for statistical, legal, claims and risk management processing requirements. A standard format is expected soon.

Finally, despite what you may have heard, you can continue to store data in any format as long as they can be translated into the standard transaction format when being transmitted.

Have you heard that HIPAA will force practices to computerize their claims submission processes? That's not true.

Simplified processes, decreased costs

Most third-party payers already process claims electronically. The problem is that electronic claims transmission and processing developed in an environment where information systems and software were designed to handle specific payers' formats and coding requirements - not to communicate with other information systems. To better understand the nightmare this has created for the health care industry, imagine yourself traveling on a train from Boston to San Francisco and having to stop and re-board another train at each state border because every state's railroad track gauge was of a different width. Under HIPAA, a handful of standard formats will replace the hundreds of proprietary and local formats currently in use, enabling health care providers to submit the same transaction to any health plan in the United States.

UNIFORM CODE SETS The Health Insurance Portability and Accountability Act (HIPAA) specifies that the health care industry use the following five code sets when submitting health care claims electronically. Adopting a uniform set of medical codes is intended to simplify the process of submitting claims electronically and reduce administrative burdens on health care providers and health plans. These code sets will replace all local or proprietary codes used by insurers and health plans: International Classification of Diseases, 9th Edition, Clinical Modification (ICD-9-CM). Available from the U.S. Government Printing Office at 202-512-1800, 202-512-2250 (fax) and from many other vendors, including Amazon.com. Current Procedural Terminology. 4th Edition. (CPT-4). Available at www.ama-assn.org/ama/pub/category/3113.html. HCFA Common Procedure Coding System (HCPCS). Available at www.hcfa.gov/medicare/hcpcs.htm. Code on Dental Procedures and Nomenclature. 2nd Edition. (CDT-2). Available from the American Dental Association at 800-947-4746 or www.ada.org. National Drug Codes (NDC). Available at www.fda.gov/cder/ndc/index.htm.

Of course, electronic transmission is only part of the story. There is a difference between how claims are transmitted and how third-party payers process them. The vast majority of electronic claims are still being processed manually because they lack necessary data and are complicated. This step is called "adjudication." Some of the questions that payers have to answer when adjudicating a typical insurance claim include the following: Is the patient a member of a plan, and is the particular service covered by the benefits of that plan? Was the service authorized? Is the provider a member of the provider network? Has the patient met his or her deductible? Automating such a complicated process is difficult, even when all of the data are provided. Standardizing the automated transmission between provider and payer is an important step toward even larger cost savings down the road.

Because you'll no longer have to deal with innumerable formats and instructions, you should save money on overhead.

This administrative simplification that this portion of HIPAA will bring about is expected to save the health care industry billions of dollars. Physicians and other providers will be among those saving money. Because you'll no longer have to deal with innumerable payer-specific or location-specific formats and instructions, you should save money on overhead. According to a survey of 20 medical groups (most had eight or more physicians), the average administrative savings resulting from implementation of the transactions rules was estimated to be $7,200 per physician annually.¹

If you are still transmitting paper claims - and many of you are - you may want to consider converting your paper claims into electronic claims and submitting them yourself. The standard formats required by HIPAA will make sending clean claims much easier and could save you a large portion of the fees you may now be paying to clearinghouses, third-party administrators or billing services.

RECENT FPM ARTICLES ON HIPAA This article is the third in a series designed to educate and prepare family physicians for the Health Insurance Portability and Accountability Act (HIPAA), which was signed into law in 1996. Every practice, hospital and health plan in the United States that electronically transmits patient-identifiable health care information will have to comply with the HIPAA regulations, starting with the transactions and code set standards in the fall of 2002. Other articles in the series are listed below. The series is available online at www.aafp.org/fpm/hipaa.html. "A Problem-Oriented Approach to the HIPAA Security Standards." Kibbe DC. July/August 2001:37-43. "What You Need to Know About HIPAA Now." Kibbe DC. March 2001:43-47.

A very large "if"

Implementing the transactions and code set standards is nothing less than a major business process re-engineering effort within the health insurance industry - a complex and expensive undertaking that no one is certain can be accomplished in the time frame established by the legislation. As one industry expert recently told me, "In terms of programming, getting ready for HIPAA is a thousand times more complicated than what we faced with Y2K."

Furthermore, during the transition period the complexity and friction between payers and physicians and other providers might get worse. Claims processes could be delayed due to errors and miscoding, re-coding or loss of information. This could lead to unexpected adjustments to accounts receivable, delay third-party payments and put some practices in financial peril. Consider what happened to hundreds of doctors who didn't get paid during the information technology system failure and the subsequent near-collapse at Oxford Health Plans in 1998. My advice? Start preparing now for a set of changes that will shake the industry for several years to come, and work with your software vendor, billing service and/or clearinghouse so that your practice is prepared to handle the new standards. (For information about implementing the guidelines in your practice, see "Help with HIPAA transactions and code set standards.")

During the transition period the complexity and friction between payers and physicians might get worse.

Working toward compliance

Physician practices that transmit claims electronically will have to work closely with their practice software vendors to comply with the transactions and code set standards. Vendors will need to program their software so that it can "translate" the non-standard output from the office's practice management software into the HIPAA-standard formats and complete this process in reverse when HIPAA standard transactions are sent back to the practice from the payers. Some questions to ask your current software vendor regarding HIPAA readiness include:

HELP WITH HIPAA TRANSACTIONS AND CODE SET STANDARDS Implementation guides for the HIPAA transactions and code set standards can be obtained from the Washington Publishing Company. They may be downloaded free from the organization's Web site at hipaa.wpc-edi.com/HIPAA_40.asp. Bound volumes are available for purchase. For more information, contact WPC at PMB 161, 5284 Randolph Road, Rockville, MD 20852-2116; 301-949-9740 (voice); 301-949-9742 (fax). For answers to frequently asked questions about the transactions and code set standards go to the Department of Health and Human Services Web site at aspe.hhs.gov/admnsimp/.

• When will the software upgrade be ready?
• When are you going to start the necessary testing of the software, and who will be certifying the results of the testing? (Certification is required by law.)
• Will you be working directly with any insurers or clearinghouses to ease the transition to HIPAA standards and to test the messaging systems?
• Will you be notifying physician clients of your progress?
• Will there be any additional cost for this software upgrade?
• Can you assure me that all transactions and data transmitted will be handled according to the HIPAA privacy and security regulations? (Remember, the data in the transactions you will be transmitting electronically contain patient-identifiable health information. Under HIPAA you are required to have adequate safety measures in place - including technical ones - to protect this information from breaches of privacy.)

The bottom line

Practices that transmit claims electronically will have to work closely with their practice software vendors to comply.

The purpose of the HIPAA standards is to simplify the processes and decrease the costs associated with the payment for health care services. The savings to payers, physicians and other providers could be enormous, but only if there is collaboration between all parties involved. A concerted effort by software vendors and their clients is needed to replace the current labyrinthine systems with updated and streamlined versions that have been tested and certified to work properly. This is not an impossible task, but it is one of massive proportions. I urge physicians and their practices to embrace the effort. Why? Because the transactions and code set standards is the only part of the HIPAA regulations that promises on balance to save rather than increase office expenses and simultaneously improve the quality of service you provide to your patients. If you can control the data output from your practice management system and send claims electronically in the standard formats, your practice will have gained significant control in the administrative tug-of-war between providers and payers and decreased your office overhead in the process.

1. Lazarus SS. HIPAA tips for the physician office. Available at: www.hipaainfo.net/ahima040601.htm. Accessed October 10, 2001.

Dr. Kibbe is a family physician and is chair and co-founder of Canopy Systems Inc., an Internet clinical software application and services firm based in Chapel Hill, N.C. He is also a contributing editor to Family Practice Management. Conflicts of interest: none reported.

Send comments to Dr. Kibbe at fpmedit@aafp.org.

---

Copyright © 2001 by the American Academy of Family Physicians.
This content is owned by the AAFP. A person viewing it online may make one printout of the material and may use that printout only for his or her personal, non-commercial reference. This material may not otherwise be downloaded, copied, printed, stored, transmitted or reproduced in any medium, whether now known or later invented, except as authorized in writing by the AAFP. Contact fpmserv@aafp.org for copyright questions and/or permission requests.