Okay, I admit, though fairly familiar with EDI, my HIPAA knowledge is limited and only recently won. Here's the crux of my thoughts. According to the IGs the phrase NOT USED means <copyandpaste source="004010X096">This item should not be used when complying with this implementation guide.</copyandpaste>
I'm not clear from the discussion: does "should not" equal "must not" as far as HIPAA rules go? If something is transmitted that falls in this "should not" zone, is the sender liable for fines, imprisonment, wrist slaps, summary execution or other appropriate punishment? If HIPAA "should not" is "must not", then the answer is clearly to send additional (parallel, maybe EDI, maybe XML, maybe proprietary--who cares?) documents. If that's the case, it's enough to me to stop my line of inquiry. On the other hand, if "should not" really means "we don't think it's a good idea but we can't stop you if you really really want to send this NOT USED thing," then I submit it would be possible for a state to say, "gee, we need you to send this additional stuff (in the very same 837) that doesn't supersede/violate HIPAA but provides us [the state] with some very important data." I stress here additional data that doesn't countermand or violate any of the HIPAA requirements. (One motivation for such a stance would be to avoid having a plethora of different brands of documents transmitted.) Does the final rule, somewhere therein, give an iron-clad statement that though shalt not use NOT USED items under penalty of grievous punishment? Best regards, Bill Chessman Peregrine Systems, Inc. -----Original Message----- From: Rachel Foerster [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 12:28 PM To: [EMAIL PROTECTED] Subject: RE: States' roles in HIPAA IG vs. X12 Compliance Bill, Here's my comments inline to your questions posed below. Rachel Rachel Foerster Principal Rachel Foerster & Associates, Ltd. Professionals in EDI & Electronic Commerce 39432 North Avenue Beach Park, IL 60099 Phone: 847-872-8070 Fax: 847-872-6860 http://www.rfa-edi.com -----Original Message----- From: Bill Chessman [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 12:37 PM To: [EMAIL PROTECTED] Subject: States' roles in HIPAA IG vs. X12 Compliance All this talk about the HIPAA IG and X12 Compliance and 997 vs 824 vs something completely different has my head spinning a little bit. Another thing that was mentioned made me wonder about how the state laws may fit into this jigsaw puzzle called HIPAA Compliance. In trying to keep my volume of e-mail archives to a minimum, I confess I've lost the name of the person who posted the remark, but it went something like, "what about state-level mandates for specific data used for statistical analysis, epidemiological tracking, etc. and how does that affect segments which are deemed in the HIPAA IGs as NOT USED?" <ref>No affect whatsoever to the HIPAA IGs. They are mandated by federal law for the specific purpose defined in the law/rule and in accordance with the standard set forth in the law. If states want other or additional data beyond the specific data allowed within a specific HIPAA guide, they are well within their states' rights to require additional transactions. In this case they are then not the HIPAA mandated transaction, but another set of data in another transaction....it's just not a HIPAA transaction. These transactions could also be based on the full X12 transaction specification, but subsetted to suit the needs. For example, if the X12 837 can support additional information needed for statistical analysis, etc. there is no prohibition against a state, or any other entity for that matter, using the 837 for that purpose. There's no conflict with HIPAA since it's not the transaction as specified in the law. For example, here's what the law says is a claim: Health care claims or equivalent encounter information: A transmission from a provider to a health plan to Request payment Provide necessary accompanying information Provide encounter information for the purpose of reporting health care No direct claim, because the reimbursement contract is based on a mechanism other than charges or reimbursement rates for specific services Designated Standards: Retail pharmacy drug claims NCPDP Telecommunication Standard Implementation Guide, Version 5 Release 1, September 1999 NCPDP Batch Standard Batch Implementation Guide, Version 1 Release 0, February 1, 1996 Institutional Health Care Claims ASC X12N 837-Health Care Claim Version 004010X096 Dental Health Care Claims ASC X12N 837-Health Care Claim Version 004010X097 Professional Health Care Claims ASC X12N 837-Health Care Claim Version 004010X098 Any entity is free to use the X12 837 for other purposes outside of this in any way it chooses, assuming of course, that it does so with the purpose and scope of the 837. </ref> Is there any precedent for putting state laws on top of federal laws? <ref>Of course there's precedent for state laws to expand on federal laws....the Uniform Commercial Code is a good example, as is UETA, the Uniform Electronic Transactions Act. In these two examples, each state is free to adopt/adapt the federal act as it deems necessary within its own jurisdiction.</ref> By that I don't mean as an attempt to supersede, but rather as an attempt to augment. If the state says, "we want to do everything that's called for in HIPAA but there's also this other stuff we want in addition"...would that be possible? legal? on the horizon? Also, if so, would we likely expect some states to issue their own "HIPAA++" IGs? Is this something that might need to be taken into consideration? <ref>States cannot supercede the HIPAA electronic transaction final rule. Since HIPAA is federal law, it crosses all state boundaries and applies to all states, whether business is conducted intra- or inter-state.?ref> Also, what happens if the claim is across state lines and both have their own HIPAA++ requirements (scenario 1: they kind of overlap, scenario 2: they conflict)? <ref>If it's a claim, then all covered entities must comply with the claim specification set forth in the federal law. The HIPAA Electronic Transaction Final Rule **supercedes** any state law to the contrary except if that state law is necessary to prevent fraud and abuse.</ref> <ref>Furthermore, states are free to enact their own laws and regulations regarding the prompt payment of health care claims....and many states have already done so, e.g., New Jersey, Texas. Some states are also using the term "clean claim", but are conveniently not defining what constitutes a clean claim.</ref> <ref>Clear? Or clear as mud!!</ref> Just thinking "aloud." Best regards, Bill Chessman Peregrine Systems, Inc.
