- The Administrative Simplification provisions of HIPAA apply to the adoption of electronic transaction standards and operating rules for use in the health care industry. HIPAA has some different requirements for information exchange than EHRs, but there is hope for convergence in the future. Information about the HIPAA regulations regarding standards and operating rules can be found at https://www.cms.gov/Regulations-and-Guidance/Administrative-Simplification/HIPAA-ACA/index.html. Readers can find information about requirements for covered entities and their business associates and enforcement from this link.
- This standard and the transaction were adopted under the Health Insurance Portability Act of 1996 (HIPAA) to increase efficiency in the health care system by reducing the use of paper and increasing the exchange of health care information electronically. This information is often maintained in provider practice management and billing systems but duplicates information in electronic health records.
- Before implementation of a new version of a standard, end to end testing should be conducted with vendor systems and between trading partners to ensure changes have been accommodated.
- There are two versions of the enrollment transaction in use by industry today. One is the adopted transaction exchanged between a covered health plan and the employer, which is not a covered entity. The adoption rate is unknown. The other version, referred to as the HIX, has not been adopted by the federal government, but is used by the issuers participating in the federal marketplace or health insurance exchanges created by the Affordable Care Act. It includes data elements necessary to complete that enrollment process.
- Additional information is available on testing, and the full cost on any of the X12 transactions.
- For a description of the functionality of each transaction, visit the X12 website.
- ASETT is the HHS compliance tool to enable testing and complaint filing for all X12 and NCPDP transactions. To test transactions, visit the HHS compliance page.
- Operating rules have not been adopted for the enrollment transaction standard.
- NCPDP operating rules are in the NCPDP Telecommunication Standard, Implementation Guide, Version D.0. Additional operating rules are not developed by any entity outside of NCPDP for the pharmacy standards.
- All covered entities and their business associates are required to comply with the HIPAA Privacy and Security Rules. Health and Human Services has partnered with the Office of the National Coordinator and the National Institutes of Standards and Technology to publish comprehensive guidance for Security specific to electronic protected health information. A self-assessment tool kit is available to support integrating privacy and security into practices