Health Plans Get a Reprieve on HIPAA Compliance
The “Administrative Simplification: Certification of Compliance for Health Plans” proposed rule has been withdrawn. Although health plans still must comply with HIPAA electronic transaction regulations, they do not have to certify their compliance or else be fined.
HHS Backs Down on Certification
The U.S. Department of Health and Human Services (HHS) published the proposed rule Jan. 2, 2014, in the Federal Register. After considering the 72 public comments they received, HHS decided to withdraw the proposed rule on Oct. 4.
The proposed rule would have required controlling health plans to submit information and documentation demonstrating compliance with HIPAA standards and operating regulations for three electronic transactions: eligibility for a health plan, health care claim status, and health care electronic funds transfers (EFT) and remittance advice. The rule also would have established penalty fees for noncompliance.
HHS says it will “re-examine the issues and explore options and alternatives to comply with the statutory requirements” set forth under HIPAA.