This section contains information for the public about the Health Insurance Portability and Accountability Act of 1996 as it relates to the pharmacy industry. Subsections include information on:
Implementation Guide Corrections
+
11/2012 Telecommunication Standard D.0 Enhancement for Quantity Prescribed
Based on approval during the November 2012 work group meetings of DERF 001097, a new publication of the Telecommunication Standard Version D.0 (November 2012) has been posted to the Standards Download section of the website. The enhancement is for the use of Quantity Prescribed (460-ET) in the billing transactions.
The original industry requested implementation timeframe was 01/2014. THIS IS ON HOLD PENDING REGULATORY PROCESSES. The Telecommunication Standard Version D.0 of 08/2010 is still in place.
What Do I Need Now for HIPAA?
+
Telecommunication Version D.0
+
Version D Editorial - August 2017
This document provides a consolidated reference point for questions that have been posed based on the review and implementation of the NCPDP Telecommunication Standard Implementation Guide and Data Dictionary for Version D. This document also addresses editorial changes made to these documents. Since the HIPAA-named Standards documents are "frozen" from changes, this document provides helpful FAQs, typographical changes and corrections, and further guidelines for implementation. This document is very important to implementers of the Telecommunication and Batch Standards, and Medicaid Subrogation Implementation Guide, as appropriate. Please continue to review this link as the document is updated as needed. Version D Editorial - August 2017
NCPDP Payer Sheet Template for Telecommunication Version D.0
The NCPDP SNIP Committee developed guidance that is strongly recommended to be used in filling out and creating payer sheets based on Version D.0 and above. Payer Sheets may be used in addition to provider manuals or included in provider manuals. Payers may take the request and response template sections within the guidance document, fill out the template per their usage, and send to their trading partners. The guidance also provides instructional sections to assist the payers in completing their payer sheets. Click here for Version 1.5.
Medicaid Subrogation Version 3.0
+
Medicaid Subrogation Questions, Answers and Editorial Updates
This document provides a consolidated reference point for questions that have been posed based on the review and implementation of the NCPDP Medicaid Subrogation Standard Implementation Guide Version 3.0, and the Data Dictionary and External Code List only as they apply to Medication Subrogation. This document also addresses an editorial change made to the implementation guide in October 2010. Please continue to review this link as the document is updated as needed.
NCPDP Payer Sheet Template for Medicaid Subrogation Version 3.0
The NCPDP SNIP Committee developed guidance is strongly recommended to be used in filling out and creating payer sheets based on Medication Subrogation Implementation Guide Version 3.0, Batch Standard Implementation Guide Version 1.2 and Telecommunication Standard Implementation Guide Version D.0 and above. Payer Sheets may be used in addition to provider manuals or included in provider manuals. Payers may take the request and response template sections within the guidance document, fill out the template per their usage, and send to their trading partners. The guidance also provides instructional sections to assist the payers in completing their payer sheets. Click here for Version 1.0.
ICD-10
+
Health Plan Identifier (HPID)
+
Regulations
HHS final rule (2012-21238) effective on November 5, 2012. Compliance dates: Health plans with the exception of small health plans must obtain an HPID by November 5, 2014. Small health plans must obtain an HPID by November 5, 2015. Covered entities must use HPIDs in the standard transactions on or after November 7, 2016.
Final Rule Correction
CMS Guidance & Webinars
Health Plan Identifier Notice of Enforcement Discretion
On October 31, 2014, The Centers for Medicare and Medicaid Services (CMS) announced a delay in enforcement of 45 CFR 162, Subpart E until further notice.
Recommendations
2014 The NCPDP SNIP Committee provided recommendations on the use of the National Health Plan ID (HPID) in the pharmacy industry to the National Committee on Vital and Health Statistics (NCVHS).
Additional recommendations.
2012 The NCPDP SNIP Committee provided recommendations on the use of the National Health Plan ID (HPID) in the pharmacy industry to the Secretary of Health and Human Services, members of the National Committee on Vital and Health Statistics (NCVHS), and CMS.
2010 NCPDP Testimony to NCVHS on HPID
The Work Group for Electronic Data Interchange (WEDI) also provided recommendations to the Secretary of Health and Human Services for the use of the HPID http://wedi.org/
Electronic Funds Transfer (EFT) and Remittance Advice (RA)
+
April 2013 The Interim Final Rule stands with no modifications. Per CMS, the EFT & ERA Operating Rule Set IFC is a final rule that is in effect now, which means industry implementation efforts should be underway for the January 1, 2014 compliance date. For free copies of the EFT & ERA Operating Rule Set see http://www.caqh.org/.
January 2012 The Centers for Medicare & Medicaid Services (CMS) Interim Final Rule with Comment Period (IFC) to adopt standards for the Health Care Electronic Funds Transfers (EFT) and Electronic Remittance Advice transaction (ERA) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Other HIPAA Information
+
HIPAA Privacy Information
September 2013 The Office of the National Coordinator for Health Information Technology (ONC) and the Office for Civil Rights (OCR) have collaborated to develop model Notices of Privacy Practices for health care providers and health plans to use to communicate with their patients and plan members.
January 2013 Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; Other Modifications to the HIPAA Rules was published in the Federal Register on January 25, 2013. Covered entities and business associates must comply with the applicable requirements of this final rule by September 23, 2013.
HIPAA Privacy and Security Toolkit supports privacy and security principles for health care stakeholders engaged in the electronic exchange of health information and includes tangible tools to facilitate implementation of these principles.
ONC's Office of the Chief Privacy Officer (OCPO) Guide to Privacy and Security of Health Information, an instructional guide designed to help healthcare practitioners, staff, and other professionals better understand the important role privacy and security play in the use of electronic health records (EHRs) and Meaningful Use.
August 14, 2002 HHS released the final rule for Privacy, as well as a Press Release and Fact Sheet. Please see http://www.hhs.gov/ocr/privacy/.
HIPAA Security Information
Security Final Rule
February 20, 2003 Health insurers, certain health care providers and health care clearinghouses must establish procedures and mechanisms to protect the confidentiality, integrity and availability of electronic protected health information. The rule requires covered entities to implement administrative, physical and technical safeguards to protect electronic protected health information in their care. The rule can be viewed at http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html.
Security Guidance
Security guidance and educational information is available at http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/index.html.
Workgroup for Electronic Data Interchange (WEDI) white papers http://wedi.org/.
Other HIPAA Privacy and Security Resources
https://www.healthit.gov/policy-researchers-implementers/privacy-security-policy
https://www.healthit.gov/providers-professionals/ehr-privacy-security
https://www.ftc.gov/tips-advice/business-center/guidance/sharing-consumer-health-information-look-hipaa-ftc-act
https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/protocol/index.html
HIPAA Employer ID Information
Employer ID Final Rule
May 31, 2002 The final rule adopting a standard for a National Employer Identifier was released. This standard will be the Employer Identifier Number issued by the Internal Revenue Service. The final rule can be viewed at https://www.gpo.gov/fdsys/pkg/FR-2002-05-31/pdf/02-13616.pdf.
Operating Rules
+
National Provider ID (NPI)
+