Health Information Compliance Alert

HIPAA Identifiers:

NATIONAL IDENTIFIERS ON THE WAY BUT WHEN?

Health care providers will soon trade in a tangle of identifying codes for a single national identifier but nobody is quite sure exactly when or how that's going to happen.

Currently, health plans assign their own unique, proprietary identifying codes to any provider with whom they conduct electronic business. That means that providers working with more than one health plan, as most do, are likely to have numerous identifiers.

However, as part of the changes wrought under the Health Insurance Portability and Accountability Act, the Department of Health and Human Services issued a proposed rule in May 1998 creating a standard National Provider Identifier. Under the rule, a health care provider will be assigned a single NPI likely a 10-digit numeric code with a check digit in the final position, industry insiders tell Eli to be used with all payers that it does business with electronically.

HHS also issued in June of the same year a proposed rule creating a similar standardized National Employer Identifier, and a rule creating a National Health Plan Identifier is expected soon. And while the single identifier should simplify payer-provider electronic transactions, making the transition will require some effort.

The first step, oddly enough, is deciding how many identifiers you need.

"There are really two types of identifiers," explains the Mayo Clinic's Mark Norby, who also works with the Workgroup for Electronic Data Interchange, a standards organization that has consulted extensively with HHS on the NPI. "There's an individual identifier and there's an entity identifier."

Individual providers will get only one NPI. However, larger complex entities like a medical center containing a hospital and a clinic may qualify under the final rule for more than one NPI, depending upon how the rule defines what counts as an entity.

Under the proposed rule, for example, if the medical center's hospital and clinic currently have separate tax ID numbers, then the two will likely count as separate entitites and hence will qualify for separate NPIs. Exactly how many NPIs a large entity should receive, however, is currently difficult to determine, but advisory groups have petitioned HHS to offer providers some guidance on the issue.

"With regard to entities, [WEDI has] proposed that business rules need to be established to assist providers in determining what constitutes a different entity," Norby tells Eli.

After deciding on how many NPIs are necessary, the next step is to go out and get them.

Under the current plan, the NPI program will be implemented in stages via a central electronic National Provider System made up of of a combination of federal health plans and Medicaid state agencies. Providers that already bill members of the NPS e.g., providers that already have a Medicare number will have NPIs automatically assigned to them. Providers who lack Medicare billing numbers must apply for them directly.

Norby doubts, however, that the NPI application process will be much of a burden for providers. "Already in the marketplace today," he explains, "if you are a practicioner of any billable fashion and you want to bill Medicare you have to fill out a fairly detailed provider application. That will carry forward with the NPI."

And while the application process might not be difficult, Norby tells Eli, the transition to NPIs nonetheless calls for some planning. "There will be some effort involved in setting up your systems for this number," he counsels.

So what can you do to prepare for the upcoming changes? While options are limited until the final rule is published, providers and payers should at the very least be building an awareness of the issue into their overall HIPAA compliance strategies.

"When a provider or payer is doing its HIPAA analysis or its gap assessment," suggests WEDI-member Richard Landen of the BlueCross and Blue Shield Association, "it should include questions on the eventual migration to the national standard identifiers in that analysis or in that gap assessment."

Other Articles in this issue of

Health Information Compliance Alert

View All