There are many questions that come up when dealing with HIPAA EDI. Because EDI communication depends on non-human information exchange (from computer to computer network systems) the potential for classified or sensitive information to be lost, misdirected, or intercepted, is a critical issue for a number of organizations legally responsible for protecting their clients information as well as their own records. HIPAA EDI is used exclusively in the medical community, including private practices, hospitals, health insurance, and any other environment dealing with medical records or patient care.
HIPAA EDI Transactions
HIPAA EDI is the exchange of electronic documents through EDI methods of communication (such as modem, FTP, e-mail, HTTP) between medical practices and healthcare vendors. This is often also referred to as “HIPAA EDI Standard Transactions”. Other forms of EDI communication that are not HIPAA EDI specific are also referred to as “Transactions”, but are used to classify any electronic business document, not just ones that are related to sensitive healthcare information.
Rules Governing Use of HIPAA EDI
There are many standards involved in HIPAA EDI communication. Medical practices and other medical providers are required to utilize HIPAA EDI when they exchange electronically any sensitive administrative information (such as claim forms, patient medical records, etc.) when corresponding with health care plans and insurance companies. Medicare also has its own requirements concerning HIPAA EDI since they only accept electronically submitted administrative documents.
HIPAA EDI Standards
HIPAA EDI standards are made up of officially recognized and approved transaction and code designations that therefore standardize any electronic exchange of health-sensitive information (such as medical history, claim forms, referrals, authorizations, etc.) Although they are designated as HIPAA EDI-specific standards, HIPAA EDI is based on generally accepted EDI standards.
How HIPAA EDI Works
When HIPAA documents are converted into HIPAA EDI documents, the information is retained but is converted into computer (non-human) language, and standardized transaction codes are assigned to each set of documentations. Each HIPAA EDI transaction contains its own name, number and usage information. For example, in medical practices, the HIPAA EDI transaction codes are X12 837 (claim/encounter transactions), X12 270 and 271 (eligibility inquiries and responses), X12 276 and 277 (claim status inquiries and responses), X12 278 (referrals and prior authorization transactions), X12 835 (health care payment and remittance information), and X12 275 (health claims attachments).
Because it is the responsibility of the organization (in this case, medical practice) to be compliant with HIPAA EDI regulations, most rely on EDI software vendors (or Practice Management System, PMS, software vendors, or billing and accounting software vendors) to do so. Although organizations rely on HIPAA EDI compatible software to comply with HIPAA EDI standards, actual endorsed “HIPAA EDI Compliant” software does not exist. Instead, EDI translation/communication software is marketed as “HIPAA EDI Ready” if it has the capabilities.