Sharing of mailbox number and password for Clearinghouses/NSVs
Clearinghouses and Network Service Vendors (NSVs) must use their own mailbox number and password to submit/receive EMC/ERA transactions on behalf of providers and may not use a mailbox number or password assigned to a provider. If they currently use or have knowledge of the mailbox number and password issued to a provider by Medicare, the information must be disclosed to the contractor.
Clearinghouses/NSVs are permitted to interact with a Medicare contractor's system only for submission or receipt of EDI Medicare transactions for providers that have already filed an Electronic Data Interchange (EDI) Enrollment form and other written notice with the contractor in which they authorize that clearinghouse/NSV to do so, and in which they have specified the types of transactions the clearinghouse/NSV can conduct on their behalf.
The clearinghouse/NSV will be in violation of CMS and HIPAA privacy and security requirements if it attempts to conduct EDI transactions for a provider that the provider has not authorized, to conduct authorized transactions for a provider when that provider did not request the specific transactions, such as submission of a request for eligibility data when that request was not originated by the provider identified as the source of the request in the submitted transaction, and that as a HIPAA covered entity, a clearinghouse/NSV guilty of such a violation would be subject to those penalties as established by HIPAA and could lose all access rights to Medicare contractor systems nationally.
Page Last Updated: Tuesday, 15-Jul-2008 10:35:50 CDT
