Health IT and Electronic Health Activate your FREE membership today |  Log-in

Community Blog

Sep 1 2011   10:50AM GMT

Health Insurance Exchange guidance: What you need to know to get started

Posted by: Jenny Laurello
ACA, Affordable Care Act, EHR, Health Insurance Exchange, HIE

Guest post by: Claudia Page, Co-Director, Social Interest Solution

Health care reform is a game changer prompting the most dramatic systems transformation in the history of the health care industry. At the core of this evolution is the desire to enhance the quality of care while improving operational inefficiencies and reducing costs.  And although the desired outcomes are clear, the pathway for achieving success is not.

Central to this industry transformation is the Health Insurance Exchange provision within the Affordable Care Act (ACA), which requires states to create online marketplaces where individuals, small employers and eventually large employers can shop for and compare various health insurance options. According to ACA mandates, states must create their own insurance exchanges by July 1, 2014 or adopt or default to the Federal Exchange.

Establishing a state exchange will be a complex task requiring a high level of seamless interoperability across various IT systems, applications and stakeholders — providers, payers, pharmacies, etc. –and a major restructuring of eligibility, enrollment and billing systems. While the ACA outlines structural parameters for state exchanges, state leaders are left with a lot of questions regarding the best design and implementation paths to choose.

This document is the first in a series of documents designed to help states understand some of the ACA mandates and the guidance published by the Department of Health & Human Services (DHHS) related to the consumer experience, how business rules should be expressed, privacy considerations and systems architecture. The key issues outlined below are critical elements that states must understand and address when designing and developing their health insurance exchange.

Consumer Experience

The federal government requires states to develop a transparent, easy to use, online process for consumers to make choices, apply, recertify, modify and manage benefits in the exchange.  Guidance articulates a requirement for a consumer mediated approach in which consumers own their data and make decisions about how, when and with whom it is shared.  Consumer usability is also called out in the guidance indicating exchange systems must support a range of languages and user capabilities, including usability standards under Section 508 of the Rehabilitation Act, compliance with federal civil rights laws and standards and protocols adopted under sections 1104 of ACA.

According to guidance, consumers can expect real-time transactions, electronic verification of eligibility from federal and state databases and third party assistance in enrolling for and maintaining coverage.  Using a minimal amount of consumer information, exchange systems must provide real-time notification of eligibility and enrollment, as well as facilitate timely resolution of discrepancies for persons who cannot be handled in real-time.

Systems Integration and Data Exchange

Real-time integration between private insurance and public health coverage options is another requirement.  Guidance states that systems need to allow interoperability with health information exchanges, public health agencies, human services programs and community organizations providing outreach and enrollment, and must connect consumers not only with health programs (vertical integration), but also with Supplemental Nutrition Assistance Program (SNAP), Temporary Aid to Needy Families (TANF) and other human services (horizontal integration).

To enable the interoperability and integration envisioned in the guidance, states are expected to use the National Information Exchange Model (NIEM) data guidelines to permit consistent, efficient and transparent data exchange between programs and states (Medicaid, CHIP, SNAP, TANF). NIEM enables information sharing by promoting a common semantic understanding among participating organizations and data formatted in a semantically consistent manner; essentially promoting the level of standardization needed to achieve the interoperability called for in ACA guidance to date.  NIEM standardizes content (actual data exchange standards), provides tools, and manages processes (see for more information).

Finally, standard HIPAA transactions are required to enroll consumers into public and private health coverage programs. Guidance promotes leveraging existing HIPAA transaction standards (e.g., HIPAA 834, 270, 271) to send and respond to eligibility queries, as well as transmit enrollment data between public and private insurance programs.

Verification Processes

Federal guidance requires states to utilize real-time verifications with federal and other agencies for the purposes of eligibility determination for Medicaid, CHIP and subsidies, and for re-certification and change in circumstances for health insurance coverage options.

Guidance recommends the development of a Federal “reference software model” to obtain verification of a consumer’s initial eligibility, renewal and change in circumstances. The Federal government is contemplating the creation of such a “verification hub” for states to use to verify a consumer’s information against the following databases:

  • Internal Revenue Service
  • Homeland Security
  • Social Security Administration
  • National Directory of New Hires
  • Electronic Verification of Vital Events Record System (EVVE)
  • State Income and Eligibility Verification (IEVS) systems
  • Public Assistance Reporting Information System (PARIS)
  • U.S. Postal Service Address Standardization

Enrollment systems will also need to facilitate coordinated and automated queries across multiple programs to determine if a consumer is known to other eligibility and enrollment systems.  If the consumer is known to another system, the exchange system should permit for the retrieval and re-use of relevant eligibility data.  Guidance also points to the use of a Web Services approach to support eligibility determinations in other health and human services programs, including Medicaid, CHIP, SNAP and TANF.

Business Rules

Section 1561 of the Affordable Care Act and other federal guidance recommends that states clearly and unambiguously express their business rules outside of the transactional systems. The primary reason for this is to develop a consistent, reusable set of business logic that can be written once and applied broadly. In contrast, business rules which exist only as computer code are harder to understand, enforce, extract and modify.

A key component of the federal guidance is that federal agencies and states express their business rules in a consistent, technology-neutral standard. Clear and consistent expression will ease development of technology solutions and facilitate seamless interoperability between programs, as developers will be able to identify and understand the rules that should be coded into new and existing systems.

Privacy and Security

Federal guidance offers that state systems should be designed to collect and use the minimum data necessary for an eligibility and enrollment determination. This should be balanced with the desire to reuse information for multiple eligibility decisions (beyond just health coverage).  Guidance calls out the need for states to have clear, transparent policies and processes for consumers about authorizing access to data. Authorization to access and data use intentions should be provided to the consumer in a Privacy Notice, presented to all consumers accessing the exchange prior to or at the time personal information is collected. The Privacy Notice should also clearly indicate all entities that will be permitted to use a consumer’s eligibility data, as well as the permissible uses of such data

The following privacy and security safeguards are provided as a starting point for state compliance:

  • FIPS (Federal Information Processing Standards)
  • FIPs (Fair Information Practices)
  • NIST (National Institute of Standards and Technology)
  • HIPAA (Health Insurance Portability and Accountability Act)
  • (Health Information Technology for Economic and Clinical Health)

Systems Architecture

In implementing ACA enrollment provisions, states must develop modular, flexible systems including open interfaces and exposed application programming interfaces.  The vision is that systems are built to permit sharing (in whole or in part), and allow for ongoing and iterative updates and enhancements.  To accomplish this, systems will need to be in alignment with the Medicaid Information Technology Architecture (MITA) framework and must follow the Standard Industry Lifecycle Framework (SDLC) framework. It is expected that states will take advantage of Web Services Architecture (utilizing protocols and formats such as SOAP and XML) and Service Oriented Architecture (SOA) to leverage opportunities to share and to pool configurable resources.

Systems and system components financed with federal financial participation are required to be non-proprietary, utilizing open architecture standards, to permit re-use by other states and jurisdictions. In particular, Early Innovator states must be able to produce requirement specifications, analysis, design, code, and testing that can be easily shared with other interested and authorized parties and stakeholders, including other states.

While these are just some of the key issues state decision makers need to consider when setting a strategy for building a health insurance exchange, understanding the regulations and guidance affiliated with these topics will help them accelerate the deployment of their exchange and ensure their go-to-market strategy will work.

Future blog entries will offer thoughts and considerations on newly released and anticipated Federal guidance on implementing Health Insurance Exchanges.

For more information, visit or email

Comment on this Post

Leave a comment:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: