Effective October 31, 2014, the Centers for Medicare & Medicaid Services (CMS) Office of e-Health Standards and Services (OESS), the division of the Department of Health & Human Services (HHS) that is responsible for enforcement of compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) standard transactions, code sets, unique identifiers and operating rules, announces a delay, until further notice, in enforcement of 45 CFR 162, Subpart E, the regulations pertaining to health plan enumeration and use of the Health Plan Identifier (HPID) in HIPAA transactions adopted in the HPID final rule (CMS-0040-F).
This enforcement delay applies to all HIPAA covered entities, including healthcare providers, health plans, and healthcare clearinghouses.
On September 23, 2014, the National Committee on Vital and Health Statistics (NCVHS), an advisory body to HHS, recommended that HHS rectify in rulemaking that all covered entities (health plans, healthcare providers and clearinghouses, and their business associates) not use the HPID in the HIPAA transactions (see http://ncvhs.us/wp-content/uploads/2014/10/140923lt5.pdf). This enforcement discretion will allow HHS to review the NCVHS’s recommendation and consider any appropriate next steps.
Enumeration is the process of getting an HPID. All Controlling Health Plans (CHPs) must enumerate. Third-party administrators are not eligible to obtain HPIDs for themselves, but may submit HPID requests in the Health Plan and Other Entity Enumeration System (HPOES) on behalf of their health plan customers. View the data elements that will be collected for HPID (CHP and SHP) and OEID applications and the subhealth plan category definitions.
SPBA is analyzing the announcement and will have further information very soon. If you have any questions please contact Rhonda Reed at Rhonda@spbatpa.org.