CMS delays 5010 enforcement but not HIPAA compliance date

HIPAA Compliance Still Required of CE’s

Thursday, November 17, 2011, CMS released a statement on looming compliance for ASCX12 Ver 5010. The Office of e-health Standards and Services (OESS) under CMS announced a 90 day period of enforcement discretion with regard to the new HIPAA transaction standards. This did not however alter the HIPAA compliance date for any HIPAA covered entities. All covered entities are still required to be HIPAA compliant with ASC X12 Version 5010 (Version 5010), NCPDP Telecom D.0 (NCPDP D.0) and NCPDP Medicaid Subrogation 3.0 (NCPDP 3.0) standards. It will be holding off until March 31, 2012 on enforcing its rule not the compliance date of January 1, 2013. Small health plans have until January 1, 2013 to comply with NCPDP 3.0.

As scheduled, the OESS will accept complaints on covered entities associated with any compliance issues starting January 1, 2012. These “filed-against entities” may still be asked by the OESS to produce evidence of compliance or their “good faith efforts” happening to become compliant during the 90 day discretionary period.

The decision was made to create the discretionary period after industry feedback showed the amount of providers that would not be compliant because of their trading partners and software vendors not being ready. These standards implementations are a prerequisite for the transition to updated ICD-10 CM diagnosis and ICD-10-PCS inpatient procedure code set in electronic health care transactions which is effective October 1, 2013. Keep up to date on the CMS ICD-10 transition on their web site.

In related news, the AMA voted last week at their semi-annual policy-making meeting “to work vigorously to stop implementation” of the International Classification of Diseases 10th Revision family of diagnostic and procedural codes. An interesting stand from a once mighty organization that has done nothing but continuously shrink for the last decade to a membership representing less than 20% of practicing physicians. Could it be that potential members of organizations are much more aware these days about exactly what an organization is all about? Exactly how much money from their members are they using to stop this freight train traveling downhill? The AMA says that the average three physician practice will spent near $83K to transition and implement ICD-10. So should they be spending additional money on efforts that will do nothing to help them implement and become compliant?