Referral Certification and Authorization Request and Response for Dental, Professional and Institutional Services

Type	Standard / Implementation Specification	Standards Process Maturity	Implementation Maturity	Adoption Level	Federally required	Cost	Test Tool Availability
Implementation Specification	ASC X12N/005010X217 Health Care Services Review—Request for Review and Response (278), May 2006 as an ASC X12 Standards for Electronic Data Interchange Technical Report Type 3	Final	Production		Yes	$	Yes

Limitations, Dependencies, and Preconditions for Consideration	Applicable Security Patterns for Consideration
The Administrative Simplification provisions of HIPAA apply to the adoption of electronic transaction standards and operating rules for use in the health care industry. HIPAA has some different requirements for information exchange than EHRs, but there is hope for convergence in the future. Information about the HIPAA regulations regarding standards and operating rules can be found at https://www.cms.gov/Regulations-and-Guidance/Administrative-Simplification/HIPAA-ACA/index.html. Readers can find information about requirements for covered entities and their business associates and enforcement from this link. Adoption of standards to increase the efficiency of the health care system was required by the Health Insurance Portability Act of 1996 (HIPAA). This version of the standard was adopted in 2009, and compliance was required by January 2012. The purpose of the electronic standard transactions was to improve efficiency in the health care system by reducing the use of paper and increasing the electronic exchange of health care information. Before implementation of a new version of a standard, end to end testing should be conducted with vendor systems and between trading partners to ensure changes have been accommodated. Additional information is available on testing, and the full cost on any of the X12 transactions. ASETT is the HHS compliance tool to enable testing and complaint filing for all X12 and NCPDP transactions. For a description of the functionality of each transaction, visit the X12 website. Click on a transaction set name to toggle the display of the purpose and scope of that transaction set.	All covered entities and their business associates are required to comply with the HIPAA Privacy and Security Rules. Health and Human Services has partnered with the Office of the National Coordinator and the National Institutes of Standards and Technology to publish comprehensive guidance for Security specific to electronic protected health information. A self-assessment tool kit is available to support integrating privacy and security into practices.

Limitations, Dependencies, and Preconditions for Consideration

Applicable Security Patterns for Consideration

The Administrative Simplification provisions of HIPAA apply to the adoption of electronic transaction standards and operating rules for use in the health care industry. HIPAA has some different requirements for information exchange than EHRs, but there is hope for convergence in the future. Information about the HIPAA regulations regarding standards and operating rules can be found at https://www.cms.gov/Regulations-and-Guidance/Administrative-Simplification/HIPAA-ACA/index.html. Readers can find information about requirements for covered entities and their business associates and enforcement from this link.
Adoption of standards to increase the efficiency of the health care system was required by the Health Insurance Portability Act of 1996 (HIPAA). This version of the standard was adopted in 2009, and compliance was required by January 2012. The purpose of the electronic standard transactions was to improve efficiency in the health care system by reducing the use of paper and increasing the electronic exchange of health care information.
Before implementation of a new version of a standard, end to end testing should be conducted with vendor systems and between trading partners to ensure changes have been accommodated.
Additional information is available on testing, and the full cost on any of the X12 transactions. ASETT is the HHS compliance tool to enable testing and complaint filing for all X12 and NCPDP transactions.
For a description of the functionality of each transaction, visit the X12 website. Click on a transaction set name to toggle the display of the purpose and scope of that transaction set.

All covered entities and their business associates are required to comply with the HIPAA Privacy and Security Rules. Health and Human Services has partnered with the Office of the National Coordinator and the National Institutes of Standards and Technology to publish comprehensive guidance for Security specific to electronic protected health information. A self-assessment tool kit is available to support integrating privacy and security into practices.

Comment