Proposal Summary: Our proposed rules apply to health plans and health care clearinghouses, as well as any health care provider when transmitting an electronic transaction defined in Subpart A of 45 CFR Part 142.
Comment: Several commenters requested clarification on the applicability provisions. For example, several commenters questioned whether a health plan would be required to accept or send a standard that it does not currently support electronically. Some commenters believe the language allows any entity to submit a standard transaction and expect it to be processed by the receiver even though they do not have a business relationship with each other.
Response: Under the terms of section 1172(a) of the Act, these regulations apply to health plans, health care clearinghouses, and health care providers who transmit any health information in electronic form in connection with a transaction referred to in section 1173(a) of the Act (in other words, “covered entities”). We interpret this provision to mean that by the applicable compliance dates of the regulation, all covered entities must comply with the standards adopted by this regulation. (Covered entities, of course, may comply before the applicable compliance dates.) We do not have the authority to apply these standards to any entity that is not a covered entity. However, we require covered entities to apply many of the provisions of the rule to the entities with whom they contract for administrative and other services related to the transactions, as it would be inconsistent with the underlying statutory purpose to permit covered entities to avoid the Act’s requirements by the simple act of contracting out certain otherwise covered functions.
With respect to health plans, a health plan is required to have the capacity to accept and/or send (either itself, or by hiring a health care clearinghouse to accept and/or send on its behalf) a standard transaction that it otherwise conducts but does not currently support electronically. For example, if a health plan pays claims electronically but historically performed enrollment and disenrollment functions in paper, the health plan must have the capacity to electronically perform enrollment and disenrollment as well as claims payment as standard transactions by the applicable compliance date of the regulation.
Also, in response to the public’s need for clarification of the applicability of the HIPAA administrative simplification provisions (45 CFR subtitle A, subchapter C) to covered entities, we revisited the applicability provision with respect to health care providers. In the proposed rule, we proposed that the administrative simplification provisions would apply to a health care provider when transmitting an electronic transaction (63 FR 25305). (We note that this language differed somewhat from the statute, which states that the HIPAA administrative simplification provisions apply to “a health care provider who transmits any health information in electronic form in connection with a transaction” referred to in subchapter C.)
We phrased the applicability section in the proposed rule as we did in an effort to convey the message that these regulations do not require a health care provider to transmit transactions electronically; thus, a health care provider remains free to use paper media. These regulations do require, however, that a health care provider who uses electronic media to transmit any health information in connection with a transaction referred to in 45 CFR subtitle A, subchapter C, must do so in compliance with the regulations. We do not believe that the proposed applicability language as it applied to health care providers adequately communicated this message. Thus, after reevaluating the proposed approach, we believe that the best approach is to have the applicability text mirror the statute and use §162.923 (Requirements for Covered Entities) as the vehicle to detail the specific requirements for covered health care providers.
In addition, we provide the following as examples of types of health care provider behavior that are permissible under the regulations. For instance, a health care provider may send an electronic health care claim or equivalent encounter information standard transaction for Patient A to health plan Z, and may send a paper claim for Patient B to health plan Z. A health care provider may also send an electronic health care claim or equivalent encounter information standard transaction to health plan S and then send paper claims to health plan T.
In regard to the second comment, while we interpret HIPAA to mean that a health plan cannot refuse to conduct a transaction because it is a standard transaction, we do not believe that use of standard transactions can create a relationship or liability that does not exist. For example, a health plan cannot refuse to accept a claim from a health care provider because the health care provider electronically submits the standard transaction. However, the health plan is not required to pay the claim merely because the health care provider submitted it in standard format, if other business reasons exist for denying the claim (for example, the service for which the claim is being submitted is not covered). This rule does not require a health care provider to send or accept an electronic transaction.