Momentum is building to take a fresh look at HIPAA
Professional associations and other stakeholders believe the time is right to revisit the HIPAA law.
The electronic transaction standards and operating rules that were created under the HIPAA law to reduce administrative burdens and move the healthcare industry out of the paper-based era have broken down and need a significant tune-up.
That’s the position of the Medical Group Management Association, which represents more than 50,000 medical group practice leaders.
MGMA and other stakeholders are expected to meet in Washington this month to assess the future of HIPAA.
“The current process for developing and adopting new and revised administrative simplification standards, encouraging widespread use of the standards and enforcing compliance with the standards is defective,” MGMA in a letter tells the National Committee on Vital and Health Statistics, a public advisory body to the Department of Health and Human Services relating to issues covering health data, statistics, privacy, national health information policy and HIPAA.
In addition, transitioning from one version of the standards, from the 4010 standard to 5010 to 7030, has been needlessly protracted, and some federally mandated standards—such as the X12 275 electronic transaction for patient information—have yet to be published.
“The feds have a robust HIPAA privacy and security policy, but they have yet to issue a fine against a non-compliant health plan for ignoring HIPAA rules,” says Robert Tenant, IT policy director at MGMA. “And, prior authorization transactions are not yet supported by health insurers.”
Further, use of the HIPAA attachment standard remains problematic after all these years—a provider can submit a claim or encounter, but the health plan routinely will want more documentation before accepting the claim or encounter.
And, despite the HIPAA attachment standard being available, the insurer may want the additional documentation done manually and faxed, or sent to the insurer via FedEx. “We’re missing out on real administrative savings,” Tenant says. “CMS talks about valuing patient needs over paperwork yet does not provide a process for that.”
Tenant further notes that CMS administrator Seema Verma has called for the elimination of faxing by 2020, but that could be done sooner simply by using the existing HIPAA 275 transaction standard.
Everything about HIPAA processes is slow. For example, it can take 10 years for a new standard to be implemented, which is ridiculous, Tenant says. “We need a better process to take advantage of new standards, like FHIR, when appropriate.”
FHIR, for example, can be used for prior authorization transactions and it also can support quality reporting, audits, referrals and the movement of data, he adds.
With the National Committee on Vital and Health Statistics now beginning consideration of a revised process for development and adoption of new and revised standards, MGMA is offering recommendations:
* NCVHS should urge CMS to more aggressively enforce health plan compliance with mandatory electronic transactions and operating rules.
* The physician practice perspective in the standards developing process is underrepresented and we encourage the standards development organizations to create new opportunities to solicit input from this sector.
* Prior to NCVHS recommending a new or revised standard, the clear business need must be established and a comprehensive return on investment study conducted.
* New standards can be tested by willing trading partners but these tests should be limited in scope and approved by HHS.
* While we support expedited review of potential new or revised standards, we oppose setting a defined time limit for HHS to review and publish new or revised standards.
The complete letter from MGMA to NCVHS is available here.