Frequently Asked Questions - III. Introduction to Proposed CORE HIPAA Credential

What are the requirements of the proposed CORE HIPAA Credential for the eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) transactions?

Submitted by caqh_admin on Thu, 12/24/2015 - 00:25
What are the requirements of the proposed CORE HIPAA Credential for the eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) transactions?

On January 2, 2014, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (NPRM or “proposed rule”)  that would require a controlling health plan (CHP) to submit information and documentation demonstrating that it is compliant with certain standards and operating rules adopted by the Secretary of HHS under the Health Insurance Portability and Accountability Act (HIPAA). The program proposed in the NPRM is referred to as the ACA-mandated HHS Certification of Compliance.

The January 2, 2014 NPRM proposed that the CORE HIPAA Credential would be administered by CAQH CORE and would demonstrate that a CHP has:

  1. Attested to compliance with the HIPAA-mandated standards and associated operating rules for the eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) transactions AND
  2. Conducted a certain level of testing with trading partners.

NOTE: According to the Centers for Medicare & Medicaid Services website, “CMS is currently developing a second proposed rule [regarding the ACA-mandated HHS Certification of Compliance program] that would revise the initial proposed provisions in response to public feedback received through the rulemaking process.”

As changes in policy could occur through the rulemaking process, CAQH CORE will finalize the HIPAA Credential forms and provide further guidance, as appropriate, once HHS publishes a final rule on the ACA-mandated HHS Certification of Compliance program. See draft HIPAA Credential forms here. These forms are currently a draft and CAQH CORE will not accept these forms until finalized after publication of a final rule.

Back to Top
What will be CAQH CORE’s role as administrator of the proposed CORE HIPAA Credential for the eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) HIPAA-mandated transactions and associated operating rules?

Submitted by caqh_admin on Thu, 12/24/2015 - 00:27
What will be CAQH CORE’s role as administrator of the proposed CORE HIPAA Credential for the eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) HIPAA-mandated transactions and associated operating rules?

On January 2, 2014, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (NPRM or “proposed rule”)  that would require a controlling health plan (CHP) to submit information and documentation demonstrating that it is compliant with certain standards and operating rules adopted by the Secretary of HHS under the Health Insurance Portability and Accountability Act (HIPAA). The program proposed in the NPRM is referred to as the ACA-mandated HHS Certification of Compliance program.

As proposed in Section II(A)(3)(a) of the NPRM,  as the administrator of the two options that CHPs could use to certify compliance (proposed HIPAA Credential or a Phase III CAQH CORE Certification Seal), CAQH CORE would be responsible for reviewing HIPAA Credential forms to identify obvious errors and missing required information. Per the NPRM, CAQH CORE would not be responsible for investigating the intent on the part of the health plan regarding any errors or missing information on the forms. That is, CAQH CORE would not:

  • Investigate what a health plan knew, or didn’t know, when it submitted an inaccurate HIPAA Credential form;
  • Address claims that a health plan knowingly provided inaccurate or incomplete information in its HIPAA Credential forms

NOTE: According to the Centers for Medicare & Medicaid Services website, “CMS is currently developing a second proposed rule [regarding the ACA-mandated HHS Certification of Compliance program] that would revise the initial proposed provisions in response to public feedback received through the rulemaking process.”

 As changes in policy could occur through the rulemaking process, CAQH CORE will finalize the HIPAA Credential forms and provide further guidance, as appropriate, once HHS publishes a final rule on the ACA-mandated HHS Certification of Compliance program. See draft HIPAA Credential forms here. These forms are currently a draft and CAQH CORE will not accept these forms until finalized after publication of a final rule.

Back to Top
My organization is a health plan. What documentation is required if we choose the proposed CORE HIPAA Credential to meet the ACA-mandated HHS Certification of Compliance requirements for the eligibility, claim status, electronic funds transfers (EFT),

Submitted by caqh_admin on Thu, 12/24/2015 - 00:28
My organization is a health plan. What documentation is required if we choose the proposed CORE HIPAA Credential to meet the HHS certification requirements for the eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) HIPAA-mandated transactions and associated operating rules?

On January 2, 2014, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (NPRM or “proposed rule”)  that would require a controlling health plan (CHP) to submit information and documentation demonstrating that it is compliant with certain standards and operating rules adopted by the Secretary of HHS under the Health Insurance Portability and Accountability Act (HIPAA). The program proposed in the NPRM is referred to as the ACA-mandated HHS Certification of Compliance program.

As proposed in Section II(A)(3)(a) of the NPRM, a CHP will have to submit the following materials to CAQH CORE to obtain the CORE HIPAA Credential:

  • A HIPAA Attestation Form
  • A HIPAA Credential Application Form requiring a signature verifying that all forms have been submitted to CAQH CORE and that HHS may view the application and associated forms
  • A Trading Partner Testing Attestation Form in which the health plan:
    • Confirms that it has successfully tested the HIPAA-mandated transaction standards and operating rules for eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) with trading partners
    • Provides contact information, including, but not limited to, name, phone number, and email address, for each of the listed trading partners

NOTE: According to the Centers for Medicare & Medicaid Services website, “CMS is currently developing a second proposed rule [regarding the ACA-mandated HHS Certification of Compliance program] that would revise the initial proposed provisions in response to public feedback received through the rulemaking process.”

As changes in policy could occur through the rulemaking process, CAQH CORE will finalize the HIPAA Credential forms and provide further guidance, as appropriate, once HHS publishes a final rule on the ACA-mandated HHS Certification of Compliance program. See draft HIPAA Credential forms here. These forms are currently a draft and CAQH CORE will not accept these forms until finalized after publication of a final rule.

Back to Top
My organization is a HIPAA covered health plan. If we choose the CORE HIPAA Credential to meet the proposed requirements of the ACA-mandated HHS Certification of Compliance, are we required to complete end-to-end certification testing with a third-par

Submitted by caqh_admin on Thu, 12/24/2015 - 00:29
My organization is a HIPAA covered health plan. If we choose the CORE HIPAA Credential to meet the HHS requirements, are we required to complete end-to-end certification testing with a third-party testing vendor?

On January 2, 2014, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (NPRM or “proposed rule”)  that would require a controlling health plan (CHP) to submit information and documentation demonstrating that it is compliant with certain standards and operating rules adopted by the Secretary of HHS under the Health Insurance Portability and Accountability Act (HIPAA). The program proposed in the NPRM is referred to as the ACA-mandated HHS Certification of Compliance program.

According to the January 2, 2014 NPRM, the HIPAA Credential would not require CHPs to complete external testing with a third-party testing vendor, as is required for CORE Certification. While health plans will be required to complete external testing with trading partners in order to obtain the HIPAA Credential, it does not require a specific approach to external testing. The HHS NPRM notes that “we [HHS] view the HIPAA Credential as an initial step toward a consistent testing framework for CHPs that decide not to undergo the certification testing for a CORE Phase III Seal.”

NOTE: According to the Centers for Medicare & Medicaid Services website, “CMS is currently developing a second proposed rule [regarding the ACA-mandated HHS Certification of Compliance program] that would revise the initial proposed provisions in response to public feedback received through the rulemaking process.”

As changes in policy could occur through the rulemaking process, CAQH CORE will finalize the HIPAA Credential forms and provide further guidance, as appropriate, once HHS publishes a final rule on the ACA-mandated HHS Certification of Compliance program. See draft HIPAA Credential forms here. These forms are currently a draft and CAQH CORE will not accept these forms until finalized after publication of a final rule.

Back to Top
Is obtaining the proposed CORE HIPAA Credential the only proposed option for health plans to meet the requirements for the first ACA-mandated Department of Health and Human Services (HHS) Certification of Compliance addressing the eligibility, claim s

Submitted by caqh_admin on Thu, 12/24/2015 - 00:31
Is obtaining the proposed CORE HIPAA Credential the only proposed option for health plans to meet the requirements for the first ACA-mandated Department of Health and Human Services (HHS) Certification of Compliance addressing the eligibility, claim status, electronic funds transfer (EFT), and electronic remittance advice (ERA) transactions?

On January 2, 2014, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (NPRM or “proposed rule”)  that would require a controlling health plan (CHP) to submit information and documentation demonstrating that it is compliant with certain standards and operating rules adopted by the Secretary of HHS under the Health Insurance Portability and Accountability Act (HIPAA). The program proposed in the NPRM is referred to as the ACA-mandated HHS Certification of Compliance.

The January 2, 2014 NPRM proposes two potential options for health plans to meet the HHS certification requirements:

  • Option 1: Obtain a HIPAA Credential: The NPRM proposes that health plans may apply to receive a HIPAA Credential by attesting that they have successfully tested the applicable HIPAA transaction standards and associated operating rules for eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) with trading partners.
  • Option 2: Complete CORE Certification: The NPRM proposes receipt of a Phase III CORE Certification Seal as the second option for health plans to meet the requirements of the ACA-mandated HHS Certification of Compliance. Health plans that successfully complete certification testing with a CAQH CORE-authorized Testing Vendor and submit the required documentation will receive a Phase III CORE Certification Seal demonstrating their compliance.

NOTE: According to the Centers for Medicare & Medicaid Services website, “CMS is currently developing a second proposed rule [regarding the ACA-mandated HHS Certification of Compliance program] that would revise the initial proposed provisions in response to public feedback received through the rulemaking process.”

As changes in policy could occur through the rulemaking process, CAQH CORE will finalize the HIPAA Credential forms and provide further guidance, as appropriate, once HHS publishes a final rule on the ACA-mandated HHS Certification of Compliance program. See draft HIPAA Credential forms here. These forms are currently a draft and CAQH CORE will not accept these forms until finalized after publication of a final rule.

Back to Top
Is the CORE HIPAA Credential available to stakeholder entities that are not health plans?

Submitted by caqh_admin on Thu, 12/24/2015 - 00:32
Is the CORE HIPAA Credential available to stakeholder entities that are not health plans?

On January 2, 2014, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (NPRM or “proposed rule”)  that would require a controlling health plan (CHP) to submit information and documentation demonstrating that it is compliant with certain standards and operating rules adopted by the Secretary of HHS under the Health Insurance Portability and Accountability Act (HIPAA). The program proposed in the NPRM is referred to as the ACA-mandated HHS Certification of Compliance.

The January 2, 2014 NPRM proposes two potential options for health plans to meet the proposed ACA-mandated HHS Certification of Compliance requirements. Unlike the first option, CORE Certification, the second option, the CORE HIPAA Credential, is proposed to be only available to health plans.

NOTE: According to the Centers for Medicare & Medicaid Services website, “CMS is currently developing a second proposed rule [regarding the ACA-mandated HHS Certification of Compliance program] that would revise the initial proposed provisions in response to public feedback received through the rulemaking process.”

As changes in policy could occur through the rulemaking process, CAQH CORE will finalize the HIPAA Credential forms and provide further guidance, as appropriate, once HHS publishes a final rule on the ACA-mandated HHS Certification of Compliance program. See draft HIPAA Credential forms here. These forms are currently a draft and CAQH CORE will not accept these forms until finalized after publication of a final rule.

Back to Top