brand logo

Don’t let HIPAA stop your cash from flowing on Oct. 16. Here’s how to prepare.

Fam Pract Manag. 2003;10(8):57-62

What would you do if, suddenly, the percentage of your practice’s insurance claims rejected by Medicare, Medicaid and other health plans increased to 10 percent? To 25 percent? To 40 percent? If the thought worries you – and it should – read on.

On Oct. 16, 2003, the transactions and code sets standards that are part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) take effect. The intent of this part of the administration simplification provision is to create standard transactions to replace the many versions currently being used for claim status inquiries, eligibility verification, referral authorization and others. (For a complete list of the transactions affected by HIPAA, see "HIPAA transactions.") After Oct. 16, Medicare will no longer accept paper claims from practices with 10 or more full-time equivalent (FTE) staff, and all payers will be required by law to accept only those electronic claims that use HIPAA-standard formats. If the claims you submit after the deadline are not in HIPAA-standard formats, they may be rejected or slow to be paid. Here’s how to prevent this from happening.


  • The HIPAA administration simplification provision requires that payers, physicians and other providers use new standard claims formats and electronic transmission procedures.

  • Doing so should speed claims processing and reduce errors in both claims filings and payments.

  • Medical practices that defer responsibility for HIPAA compliance to software vendors, billing services or other outside sources may find themselves unprepared for the Oct. 16, 2003 deadline.

Know the basics

The first step is to determine whether the HIPAA transactions and code sets standards apply to your practice. If your practice files claims electronically or sends paper claims to a billing service that submits claims electronically on your behalf, you must comply with HIPAA. Don’t leave compliance efforts solely in the hands of your vendor, billing service, clearinghouse or payer. Case reports from around the country suggest these parties are alarmingly unprepared. Instead, take the initiative to make sure necessary changes to billing systems are made so that the transactions your practice submits to health plans are HIPAA compliant. The approach you take to do this will depend on the contracts you have with payers in your region, your practice management system’s capabilities, the decisions your software vendor makes and – most important – how quickly and decisively you act.


Did you know that beginning Oct. 16, 2003, Medicare does not have to pay claims submitted on paper? That’s according to the Administration Simplification Compliance Act (ASCA) passed last December. If you currently submit paper claims to Medicare, don’t panic. You might qualify for a small-practice exception. According to the Centers for Medicare & Medicaid Services (CMS), you can continue to submit paper claims if “you are a physician, practitioner, facility or supplier (other than provider of services) with fewer than 10 FTE employees.” (More information is available at Those who qualify for the exception are not required to submit a waiver form to CMS at this time. However, regulations regarding a waiver are expected to be published within the next few months. In the meantime, simply continue to submit claims to Medicare on paper.

Most practices have the following options (for a brief overview, see “Transaction transmission options”):

  1. Submit claims and other transactions directly to payers in HIPAA-standard formats. Doing this requires practice management software that incorporates the new HIPAA-standard formats before claims leave your office.

  2. Continue to send non-HIPAA-standard electronic transactions (including HCFA-1500 forms) from your practice management system, using a clearinghouse for translation to the HIPAA-standard formats. Many practice management system vendors may encourage this option since some own, and many have business relationships with, one or more clearinghouses.

  3. Submit paper claims directly to health plans, except for Medicare. As noted previously, Medicare will begin requiring electronic claims submission on Oct. 16. (Smaller practices may be exempt from this requirement. See “Medicare waiver for small practices” for more information.) Many health plans intend to follow Medicare’s lead. In fact, some have already begun to require that claims be submitted electronically beginning in 2004. Consider this option temporary at best.

  4. Send paper claims to a billing service to be converted into an electronic format, then to a clearinghouse for translation to the new HIPAA-standard format and then on to payers. This simple fix doesn’t require additional office automation; however, it will cost your practice money and prevent you from doing any internal auditing because you won’t have your claims data in your billing system.

  5. Use a Web-based, payer-provided service to enter HIPAA-standard data content online. This option, known as direct data entry or DDE, is like having a separate payment kiosk for each payer. However, not all payers offer DDE.


The HIPAA transactions and code sets regulations standardize the electronic exchange of health-related administrative information, such as claims forms. Under HIPAA, a handful of standardized transaction formats will replace the hundreds of proprietary transactions currently in use. The table below lists the HIPAA-standard transactions that most medical practices will be required to use beginning Oct. 16.

TransactionNumberBusiness use
Claim/encounterX12–837For submitting claims to health plans, insurers or other payers.
Eligibility inquiry and responseX12–270 and X12–271Inquiring about the status of a patient’s eligibility in a health plan, including benefits and details regarding the types of services covered. Also used by health plans or payers to respond to your inquiries.
Claim status inquiry and responseX12–276 and X12–277For inquiring about and monitoring outstanding claims. Also used by health plans or payers to respond to your inquiries. Under HIPAA, claims status codes are standardized for all payers.
Referrals and prior authorizationsX12–278For obtaining referrals and authorizations, and for receiving prior authorization responses from payers or utilization management organizations used by payers.
Health care payment and remittance adviceX12–835For replacing paper explanation of benefits statements and explaining all adjustment data from payers. Also permits automatic posting of payments to accounts-receivable system.
Health claims attachments (proposed)X12–275For sending detailed clinical information to support claims or in response to payment denials, among others.

Consider the pros and cons

Each of the above options has advantages and disadvantages. For example, continuing to submit paper claims after the Oct. 16 deadline requires the least amount of office automation on your part, but using an intermediary such as a billing service or clearinghouse to translate claims from paper to electronic or from one electronic format to another adds costs to the billing process. And, as more and more payers demand electronic exchange of information, these fees will only increase. DDE seems attractive, but using a separate Web portal for each payer or health plan may be inefficient at best.

Practices that don’t want to change their current practice management system software will likely opt to send their claims to a clearinghouse to be translated to HIPAA-standard formats. If you choose this option, be aware that doing business with a clearing-house may cost your practice additional fees that you’re not currently paying. And the clearinghouse may not be able to do the job correctly 100 percent of the time.

For example, the new HIPAA standards require not only new formatting of data, but new data elements. Required HIPAA data elements such as “other payer information” can’t be added to the claims at the clearing-house level; they can only be supplied by the practice. Incorporating these new data elements in your claims may require you to make significant changes to your practice’s software program, which of course you’ll have to pay for on top of what you’re paying the clearinghouse.


Practices that must comply with the HIPAA transactions and code sets standards have the following options for transmitting transactions to health plans and payers.

© 2003 Margret/A Consulting, LLC. Adapted with permission.

Do it yourself

Without a doubt, the best choice is for your practice to take steps to submit electronic claims and other transactions directly to payers. Using practice management software to generate your own HIPAA-standard transactions will give your practice the most control over content and formatting, and will reduce dependence on intermediaries, such as clearinghouses. Perhaps most important, it will enable your practice to take full advantage of the benefits that the HIPAA administration simplification provision promises, such as streamlined claims status inquires, authorization and referrals, and automated check posting and bank deposits.

The major disadvantage associated with directly submitting electronic claims to payers is that you may end up having to switch practice management system vendors since not all of them plan to offer direct HIPAA-standard transactions capability. Although the transition associated with that change can seem costly or painful, equipping your practice so that it can directly submit electronic claims to payers is the way to go in the long run.

Thus far, I have focused on what you, your software vendor or clearinghouse need to do to become HIPAA compliant. But keep in mind that before a successful electronic exchange of HIPAA-standard transactions can occur, health plans and the computer systems they use must also be ready. Unfortunately, there is no guarantee that they will be. To find out, ask your practice management system vendor to tell you which of the health plans you contract with are currently engaged in transactions testing.


One way to make complying with the HIPAA transactions and code sets standards a little easier is to prioritize your efforts. Use the worksheet below to list each payer or health plan to which you currently submit (or plan to submit) electronic claims. The worksheet will help you organize pertinent information and prepare you to speak with your vendors regarding their own HIPAA-readiness (For what to ask your vendors, see “Questions for your practice management system vendor.”)

Health planNumber of claims sentDollar amountPercent sent electronicallyPercent sent on paperErrors

Plan for a smooth transition

If your practice’s claims will be submitted electronically on Oct. 16, there is much to be done to ensure that they not only make it to the health plan, but are not denied or delayed once they get there:

1. Prioritize. Make a list of the payers and health plans to which you currently submit (or plan to submit) electronic claims or that you exchange other administrative data with, such as eligibility information. The health plan inventory worksheet will help you organize this information. Having this information in hand will help you put your effort where it will pay the highest dividend and will prepare you for discussions with vendors.

2. Talk to your vendor. If you haven’t done so already, talk to your practice management system or billing system vendor to determine your practice’s readiness to send HIPAA-compliant claims to payers, including Medicare, Medicaid and all commercial health plans in your inventory. (See “Questions for your practice management system vendor.”) To obtain vendor contact information, consult the HIPAA EDI practice management system directory at Contact the vendor directly and don’t accept the response “Don’t worry, we are HIPAA compliant” without taking step 3 below. If your practice management system vendor is not listed in the directory yet, it’s not exactly a good sign that it’s engaged in preparing for HIPAA.


To ascertain whether the practice management system you currently use will be ready to send and receive the new HIPAA-standard transactions, ask your software vendor the following questions:

  • Will the version of your software product that I currently use be able to send to all payers a claim/encounter form in the HIPAA standard X12-837 content and data format?

  • Have your transactions been tested and certified by a third party as offering a “HIPAA-compliant” software modification?

  • When will you be ready to upgrade my system? (Ask for a specific date.)

  • Will the modifications require a new version of my practice management software?

  • Will I need any new hardware to support these modifications?

  • Will any training be provided?

  • When will you be sending me a schedule for: 1. Internal testing? 2. Testing with a clearinghouse (if applicable)? 3. Testing with Medicare? 4. Testing with commercial payers?

  • Can I upgrade to the various standards incrementally? For example, can my system generate HIPAA-compliant X12–837 claims immediately and then move to the other transactions standards at a later time?

  • Will my modified system accept the National Provider Identifier (NPI) number (expected to be a 10-digit numeral)?

  • What are the expected costs?

Source: American Academy of Family Physicians.

3. Ask your vendor for help. Request that your vendor help you start “end-to-end testing” of the HIPAA-standard transactions (e.g., testing from your office system all the way to the health plan’s computer system). Perform end-to-end testing with each payer or health plan with which you have a contract. This is an important step; the sooner you take it, the better. It is the only way you can really ascertain that all the components along the electronic transaction pathway are ready to go. Since each plan or payer may implement the new HIPAA standards in a slightly different manner, it is not sufficient to simply do generic testing at the clearing-house or vendor level (i.e., testing the components of the system, but not testing whether the system as a whole actually works as it should).

4. Know your rights. If your practice has done its part to assure that claims information is formatted in the new HIPAA-required standard, health plans cannot reject or delay your claims on the basis of format errors. A health plan that knowingly does so can be fined or penalized. If you believe a health plan is doing this, you are entitled to file a complaint and you should do so. Complaints may be made online at or by calling the Centers for Medicare & Medicaid Services hotline at 866–282–0659.

5. Shop around. If you can’t get satisfactory answers or testing assistance from your current practice management system software vendor, begin looking for another one. The AAFP will help you locate responsible vendors as well as suggest pricing options and criteria to consider (e.g., whether the system includes all of the HIPAA transactions and can send them directly to payers without translation by a clearinghouse). Simply send an e-mail message to me at


American Academy of Family Physicians ( The AAFP HIPAA Web site has a number of resources to help you prepare your practice for implementing the transactions and code sets standards, including a how-to guide and a practice management and billing system vendor directory.

BlueCross BlueShield Association ( This Web site offers an free, easy-to-use implementation guide for physician practices.

The Centers for Medicare & Medicaid Services ( This Web site offers access to the final rule published in the Federal Register as well as educational materials, FAQs and the latest information on the administration simplification provisions.

6. Prepare financially. Claims delays and rejections are likely to increase after the Oct. 16 deadline and can significantly impact your practice’s bottom line. I advise you to work closely with your office manager to monitor claims status in October and November. Do not wait 30 days to query an electronic claim that has not been paid, but instead, check to see that claims more than a week outstanding are “in process.” In general, plan for the number of rejected or delayed claims to double during the fourth quarter of 2003. Depending on your individual situation, it would be prudent to consider placing one or two months’ worth of monthly revenues in escrow or having the equivalent amount available as a line of credit to cover accounts payable in late 2003.


Since 2001, FPM has published a series of articles designed to educate and prepare family physicians for the implementation of the Health Insurance Portability and Accountability Act (HIPAA). The articles are accessible from the FPM Web site at

Keep your fingers crossed

With a little luck and some hard work, physicians and the health plans that pay us will muddle through this transition period without major economic disruptions. The administration simplification imposed by HIPAA can’t be any worse than the mess we have now. On the other hand, who knows? The paper and electronic administrative systems we currently use may be inefficient, hassle-prone and very expensive, but at least we know they work!

Continue Reading

More in FPM

More in PubMed

Copyright © 2003 by the American Academy of Family Physicians.

This content is owned by the AAFP. A person viewing it online may make one printout of the material and may use that printout only for his or her personal, non-commercial reference. This material may not otherwise be downloaded, copied, printed, stored, transmitted or reproduced in any medium, whether now known or later invented, except as authorized in writing by the AAFP.  See permissions for copyright questions and/or permission requests.