Subj: Re: Question on Standard 270 / 271, Direct Data Entry and The EqualT reatment... Date: 2/18/2002 8:41:17 PM Central Standard Time From: <A HREF="mailto:PETERBARRY";>PETERBARRY</A> To: <A HREF="mailto:[EMAIL PROTECTED]";>[EMAIL PROTECTED]</A> To: <A HREF="mailto:[EMAIL PROTECTED]";>[EMAIL PROTECTED]</A> To: <A HREF="mailto:[EMAIL PROTECTED]";>[EMAIL PROTECTED]</A>
Dear Manoj Kumar: There is a general rule that, if HIPAA has defined a standard for the transaction being conducted by a covered entity, the standard must be used. The definition of a standard transaction includes purpose, and in many cases, who the sender is and who the receiver is. A standard transaction specifies both format and data content. The general rule allows a covered entity to employ another organization called a business associate to act on its behalf for purposes of conducting the transaction. If a transaction flows through a business associate and on one side or the other the transaction does not conform to standard format and data content, then the business associate is a clearinghouse. It must conform fully to standard on the other side, except if the clearinghouse is acting for both the sender and receiver, the transaction can be nonstandard on both sides so long as it exists in the middle, even for a moment, in standard format and data content. The general rule allows for a direct data entry exception. Under the exception, the data content of the transaction must conform to standard but the exception gives relief from conforming to the format of the standard. To qualify for the DDE exception, the health plan (or its business associate) must operate a server (which could be a IP server, a CICS mainframe server, or similar) and the provider connects to it using key-entry through a browser or dumb terminal. But if the provider enters data into its own computer (or its business associate's computer) and that computer interfaces with the health plan's server, then the arrangement is not operating under the DDE exception and so it is not relieved of the X12 or NCPDP format requirement. In your message you included the following: > I was under the impression that only EDI transactions have to be format > compliant. I thought that XML format should just be HIPAA compliant as far > as data is concerned and not format compliant. Whether an arrangement uses XML, HTML, 3270-screen image, field-by-field display/accept, or any other technology is completely irrelevant to meeting the conditions that permit the DDE exception. The conditions for the DDE exception are defined only in terms of health plan server and provider user or client as described above. I would like to suggest that you download the SNIP Impact on DDE Services paper, version 1.0, dated July 31, 2001, if you have not already done so. I do not completely understand the arrangement you are describing. You might look over the scenarios 4.2 to 4.4 in that paper. I would be interested whose business associate, the provider's or the plan's, is in the middle in your scenario. Let me know your thinking. Thanks for writing. Peter Peter Barry Peter T Barry Company Ozaukee Bank Building 1425 West Mequon Road Mequon Wisconsin 53092 (414) 732 5000 (national cell) [EMAIL PROTECTED] ----------------------- In a message dated 2/18/2002 7:41:51 PM Central Standard Time, [EMAIL PROTECTED] writes: > Subj: Question on Standard 270 / 271, Direct Data Entry and The EqualT > reatment Rules > Date: 2/18/2002 7:41:51 PM Central Standard Time > From: [EMAIL PROTECTED] (MANOJCOM) > To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] > > Hi! Peter/Kristin, > > I was reading your article posted under > http://snip.wedi.org/public/articles/270-271_DDE_&_Eq_Treatment_Rule.pdf > on Standard 270 / 271, Direct Data Entry and The Equal Treatment Rules. > > One paragraph that interested me was on Page 6, > > Item 8.4 Computer simulated data entry not permitted though DDE. > > "If the sender is using his or her browser to directly enter > information onto a server that is part of the receiver's system , then it is > considered a direct data entry transaction, which need only meet the data > content and data condition requirements. If, however, the data are being > entered onto a server which is then repackaging the information to be sent > to the receiver's system, that is considered a transaction which must be > sent to the receiver meeting the data format requirements as well." > > We have a scenario something similar to this but we are using XML transfers. > > Our dataentry screens are with a thrid party. They capture the data and > based on the Payor converts to XML and sends us the transaction. We process > it and send them back the XML document which they break up and show on the > respective response JSP. > > We are getting ready to be HIPAA data compliant, but not format compliant > since it is XMLed. > > I was under the impression that only EDI transactions have to be format > compliant. I thought that XML format should just be HIPAA compliant as far > as data is concerned and not format compliant. > > Can you clarify with me on this please. > > I really appreciate your help and Thank You in advance. > > regards > > Manoj Kumar ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=business and enter your email address.
