News Stay informed about the latest enterprise technology news and product updates.

HIPAA 5010 goes online: CIO's troubleshooting list

Health care CIOs played an integral part in HIPAA 5010 implementation. Now that it's online, they're helping finance monitor transactions and keep revenue streaming in.

While most people received traditional holiday gifts along the lines of sweaters and ties -- or toys and electronic gadgetry -- health care IT folks got HIPAA version 5010, a compliance mandate the Centers for Medicare and Medicaid Services (CMS) wrapped up with a giant red bow like the ones in the car commercials saturating television broadcasts during December.

This gift, unlike a tie, can't be returned, even with price tags intact and receipts in hand.

HIPAA version 5010, an electronic transaction standard, ties to both security and ICD-10 coding. Its use is required as of Jan. 1. The previous standard, HIPAA version 4010, was usable with electronic transactions, but 5010 adds fields that the more complex and detailed ICD-10 codes will need when their use commences Oct. 1, 2013. It falls under HIPAA compliance, meanwhile, because the law mandated standardizing the transaction code sets for claims in order to tighten up patient data security, said Lonnie Johnson, COO of Zotec Partners.

Thankfully, HIPAA 5010 touches mainly billing and revenue cycle management software, while the impact of ICD-10 also hits the critical clinical applications that feed data into them. Since HIPAA version 5010 is confined to fewer applications and processes, the potential for IT problems is more limited, Johnson said.

CMS grants HIPAA 5010 compliance leeway, MGMA asks for more

While CMS is keeping the Jan. 1, 2012 deadline for compliance, it announced in November that it will not enforce HIPAA 5010 compliance penalties for 90 days to give the U.S. health care system some time to work the kinks out of their IT systems.

Those kinks appear to be significant. California's Medicaid system, Medi-Cal, said it may not be ready for HIPAA version 5010 until Jan. 1, 2013, and the Medical Group Management Association urged CMS to delay the deadline six months because surveys show its membership may not be ready.

"As long as one is showing reasonable effort to move toward 5010 compliance, [CMS is] not going to enforce [penalties]," said Johnson, whose company provides business management, coding and revenue cycle analytics services for health care providers, with an emphasis on radiology, anesthesiology and pathology.

Like many health care providers, Zotec conducted extensive 5010 testing with many large and small payers to prove Level II compliance, which means it can conduct HIPAA 5010 transactions with all payers in its business universe. More importantly the testing proved to its customers -- mostly physician practices, with some hospitals and commercial customers sprinkled in -- that Zotec was prepared to flip the switch when the standard went into effect.

The CMS implementation guide and supporting documentation for HIPAA version 5010 provide a good, generic overview, Johnson said. However, most providers will likely have to learn some lessons about their ability to conduct HIPAA 5010 transactions -- and most importantly, get claims paid -- through trial-and-error right now, he added, even though they might have tested in accordance with expert guidance from sources such as CMS, the American Health Information Managers Association and IT consultants.

Software vendors and their end users were making minor tweaks to HIPAA 5010 transaction process and workflows up to the deadline day -- and, probably after it.

"Every carrier has a different testing requirement, so it takes carrier by carrier, [transaction] field by field analysis to make things work," Johnson said. He added that the upside to health care's transition to 5010 is that he's seeing a much higher degree of standardization among software utilizing 5010, compared to 4010, which seemed to have a lot of one-off software and processes written to support it. In the long run, he said, better standardization should lead to fewer exceptions, less inconsistency and overall, fewer IT headaches.

Monitoring, troubleshooting HIPAA 5010 transactions

Having gone through HIPAA 5010 testing, Johnson said that he's sure there will be bumps in the road as providers move out of testing and into live production of claims using the transaction standard. Those using billing clearinghouses, CMS points out, will likely have little problem with the HIPAA version 5010 changeover.

Johnson sympathizes with hospitals that don't -- Zotec created its own clearinghouse to serve its provider base, requiring 5010 testing with every payer with which those providers file claims. For IT staff monitoring HIPAA 5010 transactions for potential problems, he offered five quick tips.

  • Work with coding and billing. While you might not typically get together with these departments regularly, now's the time to meet, report issues you both are seeing and work out solutions. Have these departments double check claim denials to make sure they weren't caused by software glitches.
  • Keep watching the transaction types that already worked. Software vendors and their end users were making minor tweaks to HIPAA 5010 transaction process and workflows up to the deadline day -- and, probably after it. It's possible those tweaks could break your claims process and delay some payments. Monitor each transaction type and confirm that the proper fee schedule and adjustment processes occur, consistently, as usual.
  • Don't forget the payment part. HIPAA version 5010 covers both claims submission on your part and the payment coming back from the carrier. Because your IT systems focus on the claims part, it might be easy to spend less time testing and monitoring the payment (this sub-standard is referred to as 835) part, but make sure you're watching the payers and confirming that their half of the electronic process is working as it should. This will minimize disruption with your organization's financials.
  • Warn the finance department about potential delays. While the word is out that ICD-10 coding could impact hospital revenue streams next year, HIPAA version 5010 problems could, too. Zotec is advising customers to expect disruptions and is hoping they will be minimal, Johnson said. At the start of the HIPAA 5010 era, he's already seeing delays with some carriers acknowledging the receipt of submitted claims. This occurred almost instantaneously under HIPAA version 4010 standard.
  • Closely monitor the smallest insurance carriers. While problems in HIPAA 5010 transactions can crop up anywhere, in Johnson's experience the smaller payers have more potential for compatibility issues. "Many carriers -- the larger ones, the Blue Shields, Uniteds, Cignas -- have done testing, gotten approval, and are in production today with 5010," Johnson said one week before the Jan. 1, 2012, deadline. "The degrees of testing have varied, depending on the sophistication of the payer. The larger payers have done more extensive testing than…a smaller commercial plan."

Let us know what you think about the story; email Don Fluckinger, Features Writer.

Dig Deeper on ICD-10 implementation and training

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.