The Health Insurance Portability and Accountability Act (HIPAA) comes with a large
number of implementation regulations, some of which are not yet finalized and all
of which are extremely complex. The administrative simplification regulations for
HIPAA began phasing in October 16, 2002.
Communication from the Centers for Medicare and Medicaid Services (CMS) indicates
that federal regulators continue to develop additional HIPAA regulations and refinements
to current regulations. Under the circumstances, we are unable at the present time
to provide a comprehensive, definitive statement. Nor, given the breadth and complexity
of the regulations and the uncertainty still surrounding their implementation, can
we provide assurances on any given timetable or specific compliance factor. However,
we can advise you as follows:
- We have conducted awareness and education sessions with our board of directors,
senior management and staff and hosted a statewide educational forum on HIPAA for
both providers and employers. We also have addressed HIPAA regulatory issues in
numerous publications distributed to our employees and customers.
- We have appointed a HIPAA privacy officer and security officer and established an
organizational structure for implementing HIPAA that clearly designates project
accountabilities and allows for timely status reporting to our board of directors
and senior management.
- We have completed our operational assessment for transactions and code sets, standard
identifiers, privacy and security. We have implemented appropriate policies and
procedural changes necessary to meet privacy and security mandates.
- We have applied for the ASCA extension and have received our confirmation number.
- We have been ready to accept transactions ASC X12N 837i, 837p, 270/271, and 276/277
version 4010 since October 16, 2002. Transactions are facilitated through our Advanced Health Information Network (AHIN).
We are also ready to generate 835 transactions and are ready to accept 834 and 820
transactions from employers.
- We are currently partner testing HIPAA-compliant transactions with providers using
the latest mandated version, 4010A1.