CMS Indefinitely Delays HIPAA’s Unique Health Plan ID Requirement
November 4, 2014 in News
CMS has announced that it will delay, until further notice, enforcement of a requirement that organizations covered by HIPAA use unique health plan identifiers, Health Data Management reports (Goedert, Health Data Management, 11/3).
According to CMS, HPIDs are standard identifiers that the original 1996 HIPAA law required.
In 2012, HHS issued a final rule that required health plans to obtain HPIDs by Nov. 5, 2014, with the exception of small health plans, which had until Nov. 5, 2015. All covered entities would have been required to use HPIDs in standard transactions by Nov. 7, 2016, according to the final rule.
CMS by 2016 intended to create a database of all health plans that use HPIDs (iHealthBeat, 9/24).
Details of Delay
The delay, which took effect Oct. 31, applies to all entities covered by HIPAA, including:
- Claims clearinghouses;
- Health plans; and
- Providers (CMS announcement, 10/31).
The delay follows September recommendations made to HHS from the National Committee on Vital and Health Statistics. The advisory body argued that HHS should “rectify in rulemaking that all covered entities not use” HPIDs for electronic transactions covered by HIPAA, citing the:
- Costs of adapting software for HPIDs (Brino, Government Health IT, 11/3); and
- Widespread use of the National Association of Insurance Commissioners payer identification system.
In a letter to HHS, NCVHS expressed concerns that “modifying [the payer ID system] would create a significant disruption in the routing and processing of all administrative transactions” (Health Data Management, 11/3).
CMS’ Office of e-Health Standards and Services said that the indefinite delay “will allow HHS to review the NCVHS’ recommendation and consider any appropriate next steps” (Government Health IT, 11/3).