Answers to Frequently Asked Questions about HIPAA

Home Provider Part A Frequently Asked Questions

• I use the Remote System to enter all of my claims, do I need to do anything to be HIPAA compliant?
   
• What is the HIPAA Administrative Simplification Compliance Act (ASCA)?
   
• Do all covered entities automatically get an ASCA extension?
   
• What will be the impact of the one-year ASCA extension?
   
• Does the law require Medicare claims to be submitted electronically after Oct. 2003?
   
• Why didn't Congress just give everyone an ASCA extension?
   
• If I am a provider who doesn't submit any electronic transactions, do I have to comply with the HIPAA Administrative Simplification regulations or submit an ASCA compliance plan to get an extension?
   
• How will an entity know if another entity has filed an ASCA compliance plan?
   
• Must I file an ASCA compliance plan to communicate with non-compliant partners?
   
• Does a provider who conducts all covered transactions using a clearinghouse need to file for an extension?
   
• If I am HIPAA compliant, do I need to submit an extension plan to communicate with non-compliant parties?

I use the Remote System to enter all of my claims, do I need to do anything to be HIPAA compliant?

No. The DDE (Direct Data Entry) systems are not affected by HIPAA as they do not utilize a batch transmission format to submit claims. Back to Top

What is the HIPAA Administrative Simplification Compliance Act (ASCA)?

In December 2001, the Administrative Simplification Compliance Act (ASCA) extended the deadline for compliance with the HIPAA Electronic Health Care Transactions and Code Sets standards (codified at 45 C.F.R. Parts 160, 162) one year to October 16, 2003 for all covered entities other than small health plans (whose compliance date was already October 16, 2003). In order to receive an extension, covered entities must submit their ASCA compliance plans on or before October 15, 2002. ASCA requires that a sample of the plans will be provided to the National Committee on Vital and Health Statistics (NCVHS), an advisory committee to the Secretary of Health and Human Services. The NCVHS will review the sample to identify common problems that are complicating compliance activities, and will periodically publish recommendations for solving the problems. Under the Freedom of Information Act (FOIA), information held by the federal government is available to the public on request, unless it falls within one of several exemptions. The model form is designed to avoid collection of any information that would be subject to exemption, such as confidential personal or proprietary information. If such information is submitted, both the FOIA and the ASCA require that it be redacted before the files are released either to the NCVHS or to the public. Back to Top

Do all covered entities automatically get an ASCA extension?

No. Covered entities must submit a compliance extension plan to the Department of Health and Human Services (HHS) before October 16, 2002 to get an extension. Back to Top

What will be the impact of the one-year ASCA extension?

The delay will give covered entities more time to build, test, and successfully implement the Final electronic Health Care Transactions and Code Sets required by HIPAA. Back to Top

Does the law require Medicare claims to be submitted electronically after Oct. 2003?

ASCA prohibits HHS from paying Medicare claims that are not submitted electronically after October 16, 2003, unless the Secretary grants a waiver from this requirement. It further provides that the Secretary must grant such a waiver if there is no method available for the submission of claims in electronic form or if the entity submitting the claim is a small provider of services or supplies. Beneficiaries will also be able to continue to file paper claims if they need to file a claim on their own behalf. The Secretary may grant such a waiver in other circumstances. We will publish proposed regulations to implement this new authority. Back to Top

Why didn't Congress just give everyone an ASCA extension?

The requirement to submit a compliance extension plan provides assurance that covered entities have plans in place that will allow them to be compliant by the new deadline of October 16, 2003. Back to Top

If I am a provider who doesn't submit any electronic transactions, do I have to comply with the HIPAA Administrative Simplification regulations or submit an ASCA compliance plan to get an extension?

No. All of the HIPAA Administrative Simplification regulations apply to all covered entities. Health care providers that transmit health information in electronic form meet the final rule definition for a covered entity. If you do not transmit such information in electronic form, you are not a covered entity and HIPAA does not apply to you. Therefore you do not need to submit a compliance plan to request a compliance extension. ASCA prohibits HHS from paying Medicare claims that are not submitted electronically after October 16, 2003, unless the Secretary grants a waiver from this requirement. It further provides that the Secretary must grant such a waiver if there is no method available for the submission of claims in electronic form or if the entity submitting the claim is a small provider of services or supplies. The term 'small provider of services or supplier' means: A provider of services with fewer than 25 full-time equivalent employees; or A physician, practitioner, facility, or supplier (other than provider of services) with fewer than 10 full-time equivalent employees. Entities which qualify for this waiver do not need to submit a compliance plan and will be allowed to continue to file paper claims for Medicare payment. The Secretary may grant such a waiver in other circumstances. HHS will publish proposed regulations to implement this new authority. Back to Top

How will an entity know if another entity has filed an ASCA compliance plan?

Should an entity need to determine if another entity has filed a compliance plan, that entity should communicate directly with the other entity (i.e., trading partners) to determine which ones have submitted plans. This information could be included in establishing schedules for the testing activities that are to begin by April 16, 2003, culminating in a migration to the new standards that meets the needs of all trading partners. Back to Top

Must I file an ASCA compliance plan to communicate with non-compliant partners?

No. A covered entity is not required to conduct compliant transactions with covered entities that are not yet required to be in compliance and therefore would not need to submit an ASCA compliance extension plan. Back to Top

Does a provider who conducts all covered transactions using a clearinghouse need to file for an extension?

Yes. Under ASCA, health care providers are covered entities and must be HIPAA compliant by October 16, 2002, or submit a compliance extension plan to the Department of Health and Human Services (HHS) by October 15, 2002 to get an extension. Clearinghouses are also covered entities and will have to submit their own compliance extension plans if necessary. Back to Top

If I am HIPAA compliant, do I need to submit an extension plan to communicate with non-compliant parties?

No. A covered entity will be considered compliant if it can send and receive compliant transactions by October 16, 2002, and therefore would not need to submit an extension plan. It may be necessary to communicate with non-compliant trading partners using nonstandard transactions. See http://www.cms.hhs.gov for more FAQs.

Page Last Updated: Monday, 09-Jun-2008 13:35:29 CDT