HIPAA Administrative
Simplification Compliance Act (ASCA)
Frequently Asked
Questions
Q1: What will be the impact of the
one-year extension?
A1: The delay will give covered entities more time to build, test, and
successfully implement the new Final Electronic Transactions and Code Sets
required by HIPAA.
Q2: Does the extension affect the
compliance date for the HIPAA privacy standards?
A2: No, the compliance date for the privacy standards is still April, 2003 or,
for small health plans, April 2004.
Q3: Can small health plans get an
extension to their current compliance date of October, 2003?
A3: No, the compliance date for small plans does not change.
Q4: Do all covered entities
automatically get an extension?
A4: No. Covered entities must submit a compliance extension plan to the
Department of Health and Human Services (HHS) before October 16, 2002 to get an
extension.
Q5: Why didn't Congress just give
everyone an extension?
A5: The requirement to submit a compliance extension plan provides assurance
that covered entities have plans in place that will allow them to be compliant
by the new deadline of October 16, 2003.
Q6: Is HHS going to actually
review and approve all these compliance extension plans?
Will some be denied?
A6: The law does not require approval or disapproval of plans. Submission of an
extension plan is sufficient to secure the one-year extension.
Q7: When will the model compliance
extension form be available?
A7: The form will be available by March 31, 2002.
Q8: Where can I get a copy of the
form? Do I have to use the form, or can I submit a compliance plan in another
format?
A8. We will publish the form in the Federal Register and will also make it
available on several websites. The compliance extension form we are developing
is a model. While we strongly recommend its use, covered entities may submit
plans using other formats.
Q9: How extensive will the model
compliance extension form be?
A9: We are still working on the form, but we intend to make it as simple and
easy to complete as possible. The ASCA requires the plans to contain summary
information regarding compliance activities, including: 1) budget, schedule,
work plan and implementation strategy for achieving compliance;
2) planned use of contractors or vendors; 3) assessment of compliance problems;
and 4) a timeframe for testing to begin no later than April 16, 2003.
Q10: My organization has a very
detailed, voluminous compliance plan - are we supposed to submit the whole
thing?
A10: No. The compliance extension form will ask only for summary information
from your detailed plan. You do not need to send other information.
Q11: Can I file the compliance
extension form electronically?
A11: Yes, we will encourage electronic filing of compliance extension plans,
although we will also accept plans submitted on paper.
Q12. What will be the application
deadline for a delay?
A12. Covered entities must submit their compliance extension plans by October15,
2002.
Q13: Where should I send my
completed compliance extension form?
A13: Please do not submit requests at this time. Instructions will be issued
that will explain how to submit compliance extension plans.
Q14: How will one covered entity
know whether another covered entity with which it does business has submitted a
plan?
A14: Each covered entity should communicate directly with its own trading
partners to determine which ones have submitted plans. This information could be
included in establishing schedules for the testing activities that are to begin
by April 16, 2003, culminating in a migration to the new standards that meets
the needs of all trading partners.
Q15: I believe I will be fully
compliant by October, 2002. However, I know that some of my trading partners are
requesting extensions and will continue to use nonstandard formats after that
date. Do I need to submit a compliance extension plan so that I can continue to
communicate with these partners using nonstandard transactions?
A15: No. A covered entity will be considered compliant if it can send and
receive compliant transactions, and therefore would not need to submit an
extension plan.
Q16: Can a plan require its
network providers to move to standard transactions before October 16, 2003?
A16: This is a business decision between the plan and its provider network.
Neither HIPAA nor ASCA preclude plans from requiring that their providers use
standard transactions in advance of the compliance deadline, but HIPAA
non-compliance penalties would not apply to a provider that has submitted a plan
until 2003.
Q17: What will be done with the
information I provide?
A17: ASCA requires that a sample of the plans will be provided to the National
Committee on Vital and Health Statistics (NCVHS), an advisory committee to the
Secretary of Health and Human Services. The NCVHS will review the sample to
identify common problems that are complicating compliance activities, and will
periodically publish recommendations for solving the problems.
Q18: Will the information I
provide be made public?
A18: Under the Freedom of Information Act (FOIA), information held by the
federal government is available to the public on request, unless it falls within
one of several exemptions. The model form will be designed to avoid collection
of any information that would be subject to exemption, such as confidential
personal or proprietary information. If such information is submitted, both the
FOIA and the ASCA require that it be redacted before the files are released
either to the NCVHS or to the public.
Q19: How does the delay affect
Medicare implementation activities?
A19: Medicare will continue to implement the HIPAA transaction standards on a
sequenced basis, and that schedule will not change significantly. We expect to
be ready to test the claim and several other transactions by Spring 2002, but
implementation of several transactions (such as the referral/authorization
transaction) will be in early FY 2003. Once a provider has successfully tested a
transaction with us, it will be able to use the standard in our production
environment.
Q20: When will Medicaid Agencies
begin testing compliant transactions with their trading partners?
A20: Each Medicaid State Agency has its own project plan for achieving HIPAA
compliance, and will decide whether to submit a compliance extension plan. If
you are a trading partner, you will receive notice of testing directly from the
Medicaid State Agency(s) with whom you do business.
Q21: Do software vendors need to
file for an extension?
A21: No. Only covered entities - plans, clearinghouses and providers - must
file. In fact, vendors will need to maintain their current delivery schedules
for compliant software in order for covered entities to make use of the
additional implementation time.
Q22: Should covered entities
discontinue testing until 2003?
A22: ASCA requires that compliance plans include a testing phase that would
begin no later than April 16, 2003. We recommend that all covered entities begin
to test as soon as they are ready in order to allow adequate time to address and
correct problems. CMS will soon send out an instruction with dates by which
Medicare contractors must begin testing with providers.
Q23: ASCA allows the Secretary of
HHS to exclude covered entities from the Medicare program if they do not submit
a compliance extension plan or achieve compliance by October, 2002. Will every
such covered entity be excluded?
A23: HHS will be publishing proposed regulations to address this new exclusion
authority.
Q24: Doesn't the law also require
Medicare claims to be submitted electronically after October, 2003?
A24: ASCA prohibits HHS from paying Medicare claims that are not submitted
electronically after October 16, 2003, unless the Secretary grants a waiver from
this requirement. It further provides that the Secretary must grant such a
waiver if there is no method available for the submission of claims in
electronic form or if the entity submitting the claim is a small provider of
services or supplies. Beneficiaries will also be able to continue to file paper
claims if they need to file a claim on their own behalf. The Secretary may grant
such a waiver in other circumstances. We will publish proposed regulations to
implement this new authority.
| 