Guest Article

(From the Employer's Guide to HIPAA Privacy Requirements, Thompson Publishing Group)

CMS to Deploy EDI Contingency Plan for Medicare

Anticipating that many Medicare providers will be unable to submit HIPAA-compliant claims by the Oct. 16 compliance deadline for HIPAA's electronic data interchange (EDI) rules, the Centers for Medicare and Medicaid Services (CMS) will implement a contingency plan for handling these claims, the agency announced Sept. 23.

"Implementing this contingency plan moves us toward the dual goals of achieving HIPAA compliance while not disrupting providers' cash flow and operations," said CMS Administrator Tom Scully. "We encourage other [health] plans to assess the readiness of their trading partners and implement contingency plans if appropriate," added Tom Grissom, director of CMS' Center for Medicare Management.

However, many private health plans and other HIPAA-covered entities have been reluctant to deploy contingency plans for fear of enforcement action by CMS -- which is both the EDI regulatory agency and, in its Medicare capacity, the largest covered health plan -- according to Jared Adair, director of CMS' Office of HIPAA Standards. Although the agency promised leniency for "good-faith" compliance efforts in its July 24 EDI guidance, "many wanted us to go farther" and establish a legal safe harbor, but CMS decided the HIPAA law would not allow this, she testified Sept. 23 before the Senate Special Committee on Aging.

If CMS does receive a HIPAA complaint regarding a health plan's processing of noncompliant transactions, the agency will determine whether the plan has made good-faith outreach and testing efforts, Adair said. "If they've exhibited good-faith efforts, there will not be any penalty taken against them."

Under CMS' contingency plan for Medicare, the agency will continue to accept transactions submitted in "legacy" electronic formats. CMS plans to regularly reassess the readiness of its trading partners to determine how long the contingency plan will remain in effect. "I cannot give you a specific date," Adair said. "We will be monitoring the percentage of claims" that are HIPAA-compliant.

CMS' decision to deploy its contingency plan "is very good news" for private health plans because it should dissuade health care providers from reverting to paper claims, according to Alissa Fox, executive director of policy for the BlueCross BlueShield Association (BCBSA). "Our plans have contingency plans that also allow legacy claims to be submitted and processed," she said.

However, Fox urged CMS to resist calls by some provider groups to require acceptance of claims that lack some of the HIPAA-required data elements. Such a step would "return to what we're trying to get away from" and defeat the purpose of national uniform standards, she said.

Cathy Treadway, a clinic administrator who testified on behalf of the Medical Group Management Association, argued that guidance on accepting incomplete HIPAA claims is needed to dispel health plans' lingering uncertainty about the enforcement consequences of doing so. Otherwise, she said, "there is no incentive for health plans to take that extra effort to get claims paid."

However, Adair said that while CMS is encouraging private health plans to deploy contingencies, "those decisions are their own business decisions to make." CMS did indicate, in a Sept. 8 question-and-answer document, that an acceptable contingency plan could include "flexibility on data content or interim payments" as well as the agency's own strategy of continuing to accept legacy transactions.

Sen. Larry Craig, R-Idaho, chairman of the Senate Aging Committee, called the hearing on HIPAA's EDI and privacy rules to address concerns about "the confusion, disruption and uncertainty these new rules are creating in the health care system," including the specter of a "train wreck" Oct. 16 at the end of the one-year extension granted by the Administrative Simplification Compliance Act, which Craig sponsored. The committee is a non-authorizing committee but its hearings do serve to build the record for other committees, he noted.

Costs, Lessons Learned

Craig questioned Adair about the cost of EDI compliance, which is expected to far exceed CMS' initial projection of $5 billion. "There's just so many health care dollars out there," he said.

"We acknowledge the first couple of years we will experience the cost of change," Adair replied. "Once we have overcome the cost of change, the benefits will be there." The benefits of abandoning the current plethora of proprietary formats will be "significant for the health care industry," she said.

According to Fox, the current problems should provide lessons for the subsequent phases of electronic health care implementation. First, "credible cost-benefit analysis is a must," Fox said. A report commissioned by BCBSA in 2001 projected costs of $16 billion for the EDI rules, and the total now appears on track to exceed that figure, she said.

Second, "the industry must involve all aspects of their operation, not just the IT shop," Fox said. "When you change a code, it has a ripple effect on the entire operation that we just didn't understand."

Finally, "standards must be pilot-tested before we adopt them," Fox said. The next round of EDI standards and modifications -- as well as initiatives such as "HIPAA II" for clinical information and interoperability of health care systems -- should first be tested on a limited basis to ensure that they work "before you tell the entire country to do it," she said.

To this end, BCBSA urges the creation of a high-level stakeholder commission to "look at where we all want to go and what is the smartest way of getting there," Fox said.

Reprinted with permission from the October 2003 newsletter of the Employer's Guide to HIPAA Privacy Requirements, © Thompson Publishing Group, Inc., 2003. All rights reserved.

BenefitsLink is an independent national employee benefits information provider, not formally affiliated with the firms and companies who kindly provide much of the content and advertisements published on this Web site, including the article shown above.