Health Information Compliance Alert

Published on Fri Oct 20, 2006 PDF

3 tips to help you avoid enforcement watchdogs and lost revenues.

If you haven't tested your solutions for compliance with HIPAA's rules on transactions and code sets (TCS), you could be easily find yourself out of business when claims aren't paid.

HIPAA's privacy and security rules usually garner the most publicity when it comes to covered entities' compliance concerns, and the TCS standards are considered by some to be HIPAA's abandoned stepchild.

The Department of Health and Human Services said it plans to take a flexible approach with respect to TCS enforcement. While that's good news for most entities struggling with the regulation, your major concern should not be with the Centers for Medicare and Medicaid Services coming down on you, but rather with your survival as a business.

Potential enforcement by CMS is not as significant as your livelihood. After all, "if you're not transmitting electronically to Medicare, you're not getting paid," warns John Yates, a principal at Phoenix Health Systems in charge of strategic planning.

Here are some of the most significant and easy-to-implement steps you can take to comply with the TCS standards:

1. Assign responsibility for testing. Your privacy officer won't have much, if any, input when it comes to testing your solutions for TCS implementation, and you'll need to find someone who has loads of tech experience for this task.

For larger facilities, you should coordinate your testing phase with your IT department. For smaller entities, strongly consider outside consulting help. "A lot of my clients are small providers who probably couldn't afford to have the IT staff necessary to do this in-house," says Robert Markette with Gilliland & Caudill in Indianapolis.

If you do go out of house, Markette says entities have a few options: "You can buy software, you can tell your IT people to start working on the problem, and in the meantime you can switch to using a health care clearinghouse that is compliant and do that for the interim period until your IT guys have the problem fixed and you are compliant." Whichever path you choose, make you sure you appoint someone -- and preferably, have more than one person working towards your goals -- to drive this process on internally.

2. Communicate often with your vendors. Software vendors are vital to TCS compliance. After all, your vendors are making the products that will ultimately make you compliant and will ensure proper, efficient electronic transactions. You must receive concrete evidence from your software vendors that the software you're using or planning to use has been upgraded and it now definitely has the capability of transmitting and receiving the standard transactions, advises Randa Upham, Principal at Phoenix Health Systems in charge of Program Development and overseer of Phoenix' e-learning services.

If your software can't transmit claims in a HIPAA standard format, find out if and when your software provider will be able to produce an upgrade. Vendors should be in their testing phase so their customers have time to familiarize themselves with the new software, says Nileen Verbeten, vice president of the California Medical Association's Center for Economic Services.

Verbeten tells Eli she created two simple letters for CMA members: One letter was intended for the member's software vendor; the other was to go to the member's billing service, if it used one. The letters ask if the software the CMA member is currently using is HIPAA-compliant. If it isn't, it asks what the physician has to do and what it will cost. The letters take a practical approach: "Don't give me all this mumbo jumbo about all this technical stuff, just tell me what I have to do," Verbeten explains.

3. If necessary, use your clearinghouse. "A lot of vendors are saying, 'We suggest you contact a clearinghouse in the meantime'" until they produce a software upgrade, says Yates. He says that's a good route to take and says in many cases clearinghouses are a great resource for making your transactions compliant.

Well, a clearinghouse is certainly an option and most providers use some kind of clearinghouse anyway. However, you've still got to give them the data elements to create the 837 claim form, he warns. "The problem is, this is everyone's fallback solution, and everyone's waiting because they don't want to incur the expense," he notes. If you are going to use a clearinghouse, do it now, since clearinghouses are likely to be flooded with requests like this, and they may not be able to provide services as quickly as you'd like.