Journal of AHIMA - September 2011

across health plans; they address am-
biguous or conditional requirements in
the standard and clarify when to use or
not use certain data elements or code
values; and they specify how trading
partners, including providers, should
communicate with each other and ex-
January 1, 2013. A comment period on
the interim final rule ends September 6,
2011. If CMS receives comments that
cause it to alter aspects of the interim
rule, it will finalize those changes by
January 1, 2012.

In 2000 CMS adopted standards for

By January 1, 2013, covered entities must adopt new operating rules for two more transaction standards: eligibility for a health plan and healthcare claim status.

upgraded to version 5010 by January 1, 2012. All covered entities that transmit health information electronically are required to comply with the standards.

Although the HIPAA transaction standards were intended to significantly decrease administrative burden on covered entities by creating greater uniformity in data exchange, flexibility in the standards permit each health plan to use the transactions in different ways. Those differences have created obstacles to achieving greater administrative simplification. ¢

change patient information, with the goal of eliminating connectivity inconsistencies.

The rule became effective June 30,
and covered entities must be in com-
pliance with the operating rules by
electronic healthcare transactions and
the medical code sets used in those
transactions. The electronic claims
processing standard, ASC X12, should
be top of mind for the healthcare in-
dustry right now because it must be

“Administrative Simplification: Adoption of
Operating Rules for Eligibility for a Health Plan
and Health Care Claim Status Transactions”
www.gpo.gov/fdsys/pkg/FR-2011-07-08/
pdf/2011-16834.pdf

Fear of Hacking

Respondents to a May 2011 survey on EHRs expressed the greatest worries over hacking. Of those who had concerns about EHRs, 78 percent worried that their personal information would be stolen by hackers.

Reports of actual data breaches made to the federal government, however, indicate that hacking is among the least common cause of breach. Just 6 percent of reported breaches have been attributed to hacking.

Instead, theft and loss are the most
common forms of breach, primarily
related to laptops. Through May 2011
theft and loss accounted for 70 per-
cent of reported breaches.

Percent of
respondents
worried about
hacking

78%

Percent of
reported
large-scale
breaches
attributed to
hacking

6%

0%

20%

40%

60%

80%

100%

Screening Medicare
Claims for Fraud

The Centers for Medicare and Medicaid Services is using a predictive modeling system to detect Medicare fraud prior to paying claims.

In June CMS announced it would be moving away from its “pay-and-chase” fraud detection method to the use of predictive modeling, which assesses the statistical likelihood that a claim is fraudulent or in error.

Based on the software platform Verizon uses for its own fraud detection, the system scans incoming Medicare claims using an algorithm to forward potentially fraudulent claims to case managers for investigation.

CMS began using the model on July 1. A test pilot of the system identified millions of dollars in potential fraud, all of which was verified by CMS to actually be fraudulent claims, according to a July 21 Government Health IT article.