Last week, the Department of Health and Human Services (HHS) and its Center for Medicare & Medicaid Services (CMS) released the HIPAA/PPACA final rule, “Administrative Simplification: Adoption of a Standard for a Unique Health Plan Identifier; Addition to the National Provider Identifier Requirements; and a Change to the Compliance Date for the International Classification of Diseases, 10th Edition (ICD‐10‐CM and ICD‐10‐PCS) Medical Data Code Sets.”

There are three components to the rule:

  • The rule adopts a standard for a national, unique health plan identifier (HPID) under Health Insurance Portability and Accountability Act of 1996 (HIPAA) standards for electronic health care transactions. Further, the rule requires plans to obtain HPIDs, and that those identifiers be used in HIPAA standard transactions where health plans need to be identified. The rule also adopts a data element that will serve as an “other entity” identifier (OEID) for entities—such as third party administrators and other entities—that are not health plans, health care providers or individuals, but that need to be identified in standard transactions.
  • The rule adds to the National Provider Identifier (NPI) requirements by specifying the circumstances under which a covered health care provider that is an organization must require certain noncovered individual health care providers, such as physicians who are prescribers, to obtain and disclose an NPI.
  • The rule delays by one year, from Oct. 1, 2013, until Oct. 1, 2014, the date by which covered entities must transition to ICD‐10 from ICD‐9 for HIPAA transactions.

This is the fourth rule in a series of regulations Section 1104 of the Affordable Care Act requires HHS to issue over the course of several years that are designed to streamline health care administrative transactions, encourage greater use of standards by health care providers and make existing standards work more efficiently. On July 8, 2011, HHS published the first regulation in the series, an interim final rule with comment (IFC) that adopted operating rules for two electronic health care transactions intended to make it easier for health care providers to determine whether a patient is eligible for coverage and the status of a health care claim submitted to a health insurer. On January 10, 2012, HHS published the second regulation, an IFC that adopted standards for the health care electronic funds transfers (EFT) and remittance advice transaction between health plans and health care providers. On August 10, 2012, HHS published a third regulation, an IFC that adopted operating rulings for the health care EFT and electronic remittance advice transaction. Future administrative simplification rules will address adoption of (1) a standard for claims attachments, (2) operating rules for claims attachments and (3) requirements for certification of health plans’ compliance with all HIPAA standards and operating rules.

HPID and OEIDs. Currently, health plans are identified in standard transactions using multiple identifiers that differ in length and format. According to HHS, health care providers are frustrated by the following problems associated with the lack of a standard identifier: the routing of transactions, rejected transactions due to insurance identification errors and difficulty determining patient eligibility. On July 19, 2010, the National Committee on Vital and Health Statistics (NCVHS) Subcommittee on Standards held a hearing on the health plan identifier to gather information for developing a recommendation to the Secretary, and on September 30, 2010, the NCVHS sent HHS its recommendations for adoption of a standard establishing a unique health plan identifier. In its recommendations, it identified the need for an identifier for entities—such as health care clearinghouses, third‐party administrators (TPAs) and repricers—that are not health plans but that perform certain health plan functions. These entities are currently identified in the standard transactions in the same fields and using the same types of identifiers as health plans, but are not health plans and therefore cannot obtain a health plan identifier. Based on the NCVHS recommendations, HHS proposed to adopt—and now adopts—a data element that would serve as an OEID.

The primary purpose of the HPID and the OEID is for use in the HIPAA standard transactions. The most significant benefit of the HPID and the OEID is that they will increase standardization within the HIPAA standard transactions.

NPIs. In January 2004, HHS published a final rule in which the Secretary adopted the NPI as the standard unique health care provider identifier and adopted requirements for obtaining and using the NPI. Since that time, pharmacies have encountered situations where the NPI of a prescribing health care provider needs to be included in the pharmacy claim, but the prescribing health care provider does not have an NPI or has not disclosed it. This problem has become especially notable in Medicare Part D. The final rule announced today addresses this problem by specifying the circumstances under which an organization‐covered health care provider, such as a hospital, must require certain noncovered health care providers, such as physicians who are prescribers, to obtain and disclose an NPI.

The final rule is effective on November 5, 2012. The rule requires health plans to obtain an HPID by November 5, 2014, except for small plans, which must obtain HPIDs by November 5, 2015. Covered entities must use HPIDs in HIPAA‐covered transactions beginning November 7, 2016. An organization‐covered health care provider must require certain noncovered health care providers to obtain and disclose NPIs by May 6, 2013.

The rule is on display at the Federal Register and may be viewed at‐ 21238_PI.pdf. It will be published in the Federal Register on September 5, 2012. A fact sheet on the rule can be found at