Health Information Compliance Alert

Published on Thu Jan 03, 2013 PDF

Filing for your HIPAA ASCA extension was one of the first steps to a successful compliance plan. Now that you’ve accomplished that, where do you go?

Back in December 2001, the Health Insurance Portability and Accountability Act’s Administrative Simplification Compliance Act extended the deadline for compliance with HIPAA’s transaction and code set standards to Oct. 16, 2003.

The delay in the compliance deadline gives covered entities some much needed time to build, test and implement their TCS plans, but not many CEs are sure where to apply their efforts. In order to ensure that your implementation will be a success and will minimize any interruption in your health care delivery or revenue cycle, testing is crucial.

Here are a few tips that will help CEs plan their TCS testing measures:

Sit down and plan, plan, plan. Considerations must be made very early in the planning and implementation effort to incorporate testing methods. For this to be effective, a testing coordinator must participate in your HIPAA steering committee or HIPAA core team.

That responsibility will span the entire HIPAA compliance efforts, says Linda Ostach, a principal with Phoenix Health Systems, in an audioconference entitled, “Hands on HIPAA: Testing Your Transactions and Code Sets.”

Everyone on your team must understand the significance of testing, what the expectations are, and each member should have a very high level of HIPAA knowledge.

Make sure that your team members know what impacts testing will have on your organization and how you plan to achieve HIPAA compliance, Ostach urges.

Compliance is a group effort. HIPAA is forcing the communication, coordination and implemetation of a new way of doing business in the health care world.

Standardization of the billing process has been attempted unsuccessfully for many years, Ostach notes, but now CEs finally have a chance to get it right. That can only be done when all CEs are working together, she claims.

Test as frequently as possible. Practice makes perfect. You must ensure that the changes to your IT systems and the applications that support your processes are functioning as necessary to validate the data you’re collecting, the processing of the data, and the transmission of that data to your trading partners, Ostach notes.

Inbound to your organization, you should validate that you’re able to accept the transmission being sent to you and you’re able to process the data that’s contained in that transmission, she says. Keep in mind that not only do you want to achieve a successful compliance implementation, but you also want to ensure an uninterrupted revenue stream, she suggests.

Stay on target. Remember that the ASCA extension is not a get-out-of-jail-free card. You have some extra time that you will need to get your TCS plan tested and implemented.

With whom to test? You’ll need to test your vendor’s software in-house and then test outside with your trading partners. That means you’ll need to have team members who understand how data is captured, and by whom and how it is maintained and processed, Ostach explains.

Vendors are required to deliver software that supports your HIPAA compliance. They will deliver releases and upgrades, and you’ll have to determine within your organization how it will be implemented as it relates to your specific compliance plan. This means your IT department will be actively planning with the vendor and other testing participants when and how to install enhancements. For customers that have remote support or remote data centers, this will have to be scheduled and coordinated with the vendors, Ostach says.

Three levels of testing. There are three levels of testing, Ostach says: syntax compliance testing, transaction compliance certification testing, and trading partner business-tobusiness testing.

With syntax compliance testing: “We need to ensure that the data is HIPAA-compliant, the content of the data includes allowable values, and the field lengths are appropriate as they relate to the HIPAA requirements.”

With transaction compliance, one must test the transactions and ensure that the format of the transactions is compliant consistent with the “X12” format as stated in the administrative simplification requirements.

“When testing your transaction compliance, you may want to engage with a third-party certification testing vendor who will be able to take your transactions and process them through, and indicate to you any areas of the transaction that may or may not be compliant,” Ostach admonishes.

Finally, with business-to-business testing (trading partner testing), you need to validate the format of your transactions.

Developing your test plan. Documenting your processes, problems and resolutions is crucial, claims Ostach.

Provide ongoing updates to all those that are involved. Ensure that you’re including your interfaces. Also make sure that you’re including your trading partners, your clearinghouses, your bank, your payor or your provider.

Perhaps most crucial to a successful testing system is to retest as much as possible, Ostach notes. Once you’ve finished these steps, you’re well on your way.