As the ACA Administrative Simplification provisions build on and update the provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Section 1104 of the Affordable Care Act (ACA) requires all HIPAA-covered entities to comply with the adopted HIPAA-mandated transaction standards and associated operating rules.
Beyond general HIPAA compliance, ACA Section 1104 requires health plans to file a statement with HHS certifying that their data and information systems are in compliance with any applicable standards and associated operating rules for the following nine healthcare administrative and financial transactions:
- Eligibility for a health plan
- Health claim status
- Electronic funds transfers
- Healthcare payment and remittance advice
- Health claims or equivalent encounter information
- Enrollment and disenrollment in a health plan
- Health plan premium payments
- Health claims attachments
- Referral certification and authorization
On January 2, 2014, HHS issued a Notice of Proposed Rulemaking (NPRM) proposing requirements for the ACA-mandated HHS Certification of Compliance program addressing four of the nine transactions: eligibility, claim status, electronic funds transfers (EFT), and electronic remittance advice (ERA) transactions. To date, HHS has not issued regulations regarding health plan certification for the remaining five transactions.
According to the Centers for Medicare & Medicaid Services website, “CMS is currently developing a second proposed rule [regarding the ACA-mandated HHS Certification of Compliance program] that would revise the initial proposed provisions in response to public feedback received through the rulemaking process.”
Please Note: CAQH CORE is not authorized to determine if an organization or individual is a HIPAA-covered entity. CMS provides charts to help organizations determine if they are a HIPAA-covered entity. HHS also provides FAQs on whether an organization is a HIPAA-covered entity.