To those breathing a sigh of relief about getting an extra year to meet electronic billing mandates, that breath might be put to better use exhorting people to action, and quickly.
As Congress headed home for the holidays last week, President Bush was expected to sign a well-hedged extension of the federal deadline for standardizing how the healthcare industry transacts claims and resolves reimbursement.
The House version, introduced by Rep. David Hobson (R-Ohio), was passed on Dec. 4 on a 410-0 vote. The Senate passed its version, introduced by Sen. Byron Dorgan (D-N.D.), on Nov. 27 by unanimous consent. The Senate subsequently accepted the House version by unanimous voice vote on Dec. 12. The bill was presented to Bush on Dec. 18.
The measure gives healthcare organizations until October 2003 to work through the complex challenge of using standard formats to send and receive eight insurance-related transactions. About 400 different variations of claims forms now are used industrywide.
HHS last year issued regulations that gave the industry 24 months, or until October 2002, to convert to a set of standardized transactions. That would implement a key cost-reducing objective of the Health Insurance Portability and Accountability Act of 1996 by streamlining the nation's labyrinthine and labor-intensive healthcare claims process.
However, a lobbying effort spearheaded by health insurers, and joined by the American Medical Association, intensified last fall and ultimately convinced congressional leaders that the two-year timeline was too ambitious and that the healthcare industry would not be able to complete the technological transformation and testing in time.
But in return for granting an additional year to comply, the legislation forces health plans and providers to hit specific marks on a timeline to compliance (See chart).
Among other requirements, organizations must disclose budget commitments and a concrete work plan by the original October deadline, and they will have to be ready to test electronic connections by April 2003.
"It's not a delay; it's an extension," said William Braithwaite, who until last month was the key HHS official in charge of developing HIPAA regulations. "And anyone who thinks they can relax and do nothing is going to be slapped upside the head."
That goes for other areas of HIPAA enforcement, which include extensive rules issued earlier this year governing privacy of patients' medical information, said Braithwaite, a Washington-based consultant with PricewaterhouseCoopers.
The deadline for complying with privacy and confidentiality rules is April 2003, but healthcare lobbying groups, including the American Hospital Association, are questioning whether that timeline also is too short.
One section of the just-passed legislation requires healthcare organizations to protect the confidentiality of patient data in business transactions by April 2003 whether data are transmitted in a HIPAA-compliant format or some other way.
By writing that proviso into the law, Congress underscored its resolve to resist further lobbying efforts and guarantee protection of sensitive patient data in step with electronic standards, Braithwaite said.
"These two things are set in stone with no chance of being changed," he said. "The deadline is fixed and set, and Congress will hear no more of it."
A game of catch-up
In gearing up for the transaction standards, the healthcare field faces a complicated and costly path to simplification and cost savings even with the extension, industry officials said.
"Frankly it's such a huge job that a lot of our hospitals were getting nervous about implementing it on time," said Jan Emerson, a spokeswoman for the California Hospital Association.
The job requires not only reorganizing and updating methods of claims handling within a provider organization but also coordinating efforts among health plans, claims clearinghouses, state Medicaid agencies and other trading partners in the payment resolution process.
California hospitals, for example, stood to be set back by a recent $2 billion cutback in the state budget, which wiped out funding to upgrade claims resolution systems for MediCal, the state's Medicaid program, Emerson said. "There's no way the state could be ready at this point, which poses a huge problem on the hospital side," she said.
For hospital organizations that planned to be ready by the original deadline, however, the extension could decrease the odds of getting cooperation from payers, said Donald Ragan, executive vice president and chief information officer of Detroit (Mich.) Medical Center. And that neutralizes the benefits of being HIPAA-compliant.
Third-party claims intermediaries "now have less incentive to work with us, and that's a major problem for me," Ragan said. "I can build all the plugs I want, but if there aren't any sockets to plug into, I'm in deep trouble."
But not many hospitals were in position to be compliant in time, according to an industry survey that Phoenix Health Systems conducted in October. About 25% of hospitals larger than 400 beds and 15% of smaller institutions said they had completed analyzing the impact of HIPAA's regulations and identifying what they had to do-the steps before implementing the technology and changes necessary to be compliant.
"There are many providers who didn't make the kind of progress they should have," said Jon Zimmerman, general manager of HIPAA and data-exchange initiatives at Siemens Medical Solutions Health Services Corp. "This delay is rewarding the slow."
Cutting off a second retreat
As momentum for a delay increased in Congress, lobbyists for hospitals and medical-records professionals sought to ensure that the time would be well-spent. "It's really important that the whole field move forward on transaction standards. That's the whole linchpin of HIPAA," said Melinda Hatton, the AHA's Washington counsel.
The AHA and the American Health Information Management Association opposed legislation backed by the Blue Cross and Blue Shield Association that would forestall compliance until two years after every other pending HIPAA rule was finalized, Hatton said. "That put it hugely far in the future."
A long-awaited rule governing measures to securely transfer and store patient data was expected by year-end but hasn't been released, and HHS has yet to propose rules for handling electronic claims attachments and setting up unique identification numbers for providers, payers and employers.
The AHIMA initially sought no delay, but when that didn't appear attainable, it pushed for "some deliverables for the industry to complete," said Donald Asmonga, government relations manager. Without that, "those pushing for a delay would be right back there in another year."
Likewise the AHA backed the delay as long as healthcare organizations are held to expectations of compliance. Otherwise, "those most recalcitrant about these expectations wouldn't use that extra year," Hatton said. The AHA backed the reporting requirements "as long as HHS doesn't turn it into a huge paperwork burden," she said.
The Blues association in a written statement applauded the extension. Now that Congress has acted, "providers and insurers alike can more effectively build the system that was originally envisioned by lawmakers when HIPAA was enacted."
Braithwaite said the extension gives healthcare organizations only six additional months to get a workable transaction system in place because of the deadline of April 2003 for testing readiness. "They can't test until they can conduct the transactions," he said.
The penalty for not meeting the planning and testing deadlines is possible exclusion from the Medicare program. But the real penalty looms at the end of the extension period when Medicare accepts only HIPAA-compliant healthcare claims from providers and health plans, Braithwaite said.
"Thus they get a six-month period to test the transactions until the guillotine comes down," he said. "If you can't submit a claim and get it paid from Medicare, 80% of the (healthcare) system will shut down."