| HOME | CONTACT US | ABOUT |

 

HIPAA 
INFORMATION

Administrative Simplification
Health Plans &     
      Clients
Providers - Form
Companion Guides
Readiness
EDI Payor Information

Privacy
Privacy Statement Authorization Form

Links
Centers for Medicare
  & Medicaid Services

HHS/Privacy

TPA - Home

Third Party Administration:

Health Plans & Clients
(downloadable version)

HIPAA Compliance and Readiness C. L. Frates and Company, September 16, 2003 The Health Insurance Portability and Accountability Act, (HIPAA), continues to impact the exchange of health care information and health care billing and payment transactions. Two important dates for Health Plans are, October 16, 2003 compliance deadline for use of the standardized electronic transaction formats, and the April 14, 2004 compliance date for the privacy rules. Please review this notice carefully to understand how C. L. Frates and Company is prepared to act on your behalf to assist your compliance efforts.

HIPAA Covered Entities & Business Associates

Under the law, HIPAA requires Covered Entities to engage in certain practices with respect to the use of health care information in providing treatment, health care operations and payments. Covered Entities include Providers, Clearinghouses and Health Plans. Your obligations arise from the operation of your employee Health Plans. Each Health Plan must comply with applicable HIPAA rules.

C. L. Frates and Company is not a Covered Entity. Our relationship to your Health Plan is that of a Business Associate. In this capacity we will be expected to comply with those provisions of HIPAA that effect the operations that we conduct on behalf of your Health Plan. In addition to C. L. Frates and Company, you may have Business Associate relationships with other venders such as managed care networks, pharmacy benefit managers and excess insurance companies.

Administration Simplification/EDI Requirements and Compliance - October 16, 2003

Your Health Plan must be prepared to communicate electronically with other Covered Entities in a mandated standardized format, known as a transaction set, by October 16, 2003. Providers, such as physicians and hospitals, can choose to communicate by electronic or other means. If they choose electronic means Providers are required to follow the transaction rules. Clearinghouses and Health Plans must use the standardized transactions when a Provider chooses to exchange information electronically.

There are eight standardized transactions covering claims, enrollment, verification of benefits and status inquiries. Each of these eight transaction is commonly referred to by its reference number, such as the “837 Claim Submission”. The entities that exchange information, including Covered Entities and their Business Associates, are referred to as Trading Partners.

The standardization of electronic transactions is requiring all Covered Entities, and/or their Business Associates, to invest in the technology and supporting human resources to convert legacy processes to comply with HIPAA. The process has been underway for many years at significant cost nationally.

Center for Medicare and Medicaid Services (CMS) Enforcement

The Administrative Simplification provisions of HIPAA are regulated and enforced by the Office of HIPAA Standards of CMS. Additional CMS information is available from their excellent web site, http://www.cms.hhs.gov/HIPAAGenInfo/.

C. L. Frates and Company Readiness and Compliance Plans

CLF has completed installation of our HIPAA translation software and Internet portal. We are currently processing compliant transactions using Acclamation Systems Incorporated Applications.

Action Items for Health Plan Clients for HIPAA EDI Compliance

The primary compliance requirements for your Health Plan have been delegated to C. L. Frates and Company as your Business Associate and third party administrator. While the Health Plan is ultimately accountable for compliance, we will have accepted all of the compliance activity required for the operations we perform on your behalf. With respect to the electronic data interchange requirements this is substantially all of the compliance activity.

You should undertake a necessary review of our activity and your knowledge of HIPAA to satisfy your internal needs as a Covered Entity. Substantial flexibility is granted to Covered Entities in determining their own compliance programs. There are no required filings or documents under the Administrative Simplification rules. The primary obligation is to conduct electronic transactions in compliant formats. For most Health Plans this function will actually be conducted by a Business Associate such as a third party administrator.

We suggest you undertake the following activities:

  • Review this document with your management team and legal counsel
  • Consult with C. L. Frates and Company if you have any questions or concerns
  • Refer any other Covered Entities to CLF if you receive a direct inquiry on HIPAA readiness and keep a simple log of these inquiries and your responses

Future HIPAA Compliance Activity

The electronic transaction requirements are the first of three major operational regulatory areas affected by HIPAA. HIPAA Privacy rules will take effect for your Health Plan on April 14, 2004. This will be followed by the HIPAA Security requirements in 2005 and 2006 (Small Plans). The Security rule implementation date for most plans is 2006.

The Privacy rules will require more direct involvement by employers and their employees. We will be providing additional guidance and compliance information for the privacy rules in the near future.  

A Downloadable version of this document is available in PDF format (Adobe Acrobat Reader required). Click here to download the document.

Download Adobe Acrobat Reader