across health plans; they address am-
biguous or conditional requirements in
the standard and clarify when to use or
not use certain data elements or code
values; and they specify how trading
partners, including providers, should
communicate with each other and ex-
January 1, 2013. A comment period on
the interim final rule ends September 6,
2011. If CMS receives comments that
cause it to alter aspects of the interim
rule, it will finalize those changes by
January 1, 2012.
In 2000 CMS adopted standards for
By January 1, 2013, covered entities must
adopt new operating rules for two more
transaction standards: eligibility for a health
plan and healthcare claim status.
upgraded to version 5010 by January
1, 2012. All covered entities that transmit health information electronically are
required to comply with the standards.
Although the HIPAA transaction
standards were intended to significantly decrease administrative burden
on covered entities by creating greater
uniformity in data exchange, flexibility
in the standards permit each health
plan to use the transactions in different
ways. Those differences have created
obstacles to achieving greater administrative simplification. ¢
change patient information, with the
goal of eliminating connectivity inconsistencies.
The rule became effective June 30,
and covered entities must be in com-
pliance with the operating rules by
electronic healthcare transactions and
the medical code sets used in those
transactions. The electronic claims
processing standard, ASC X12, should
be top of mind for the healthcare in-
dustry right now because it must be
“Administrative Simplification: Adoption of
Fear of Hacking
Operating Rules for Eligibility for a Health Plan
and Health Care Claim Status Transactions”
Respondents to a May 2011 survey on
EHRs expressed the greatest worries
over hacking. Of those who had concerns about EHRs, 78 percent worried
that their personal information would
be stolen by hackers.
Reports of actual data breaches
made to the federal government, however, indicate that hacking is among
the least common cause of breach.
Just 6 percent of reported breaches
have been attributed to hacking.
Instead, theft and loss are the most
common forms of breach, primarily
related to laptops. Through May 2011
theft and loss accounted for 70 per-
cent of reported breaches.
Claims for Fraud
The Centers for Medicare and Medicaid Services is using a predictive modeling system to detect Medicare fraud
prior to paying claims.
In June CMS announced it would be
moving away from its “pay-and-chase”
fraud detection method to the use of
predictive modeling, which assesses
the statistical likelihood that a claim is
fraudulent or in error.
Based on the software platform Verizon uses for its own fraud detection,
the system scans incoming Medicare
claims using an algorithm to forward
potentially fraudulent claims to case
managers for investigation.
CMS began using the model on July
1. A test pilot of the system identified
millions of dollars in potential fraud, all
of which was verified by CMS to actually be fraudulent claims, according to
a July 21 Government Health IT article.
For more on how the new program
works, read “Predicitve Modeling 101”
on page 46. ¢