Contact: Julia Vander Weele; Spencer Fane Britt & Browne LLP (Missouri, USA)
In the continuing saga of HIPAA compliance, most group health plans will have to obtain new health plan identifier numbers (HPIDs) by November 5, 2014. “Small” group health plans with annual receipts of $5 million or less will have one additional year to comply. The HPID must then be used in electronic transactions, including claim submissions, beginning November 7, 2016.
The HPID requirement applies to all group health plans that provide or pay for medical care. This would include medical, dental, vision, flexible spending accounts, and even some employee assistance programs. Each “controlling health plan” (CHP) must obtain its own HPID and “subhealth plans” (SHPs) may, but are not required to, obtain an HPID. Generally speaking, this means that a plan sponsor could choose to use a single HPID for all health benefits that are reported under the same ERISA plan number or on the same Form 5500.
Insurers will presumably obtain the HPID on behalf of fully insured plans, but sponsors of self-funded plans must obtain the HPID on behalf of their plans. Furthermore, because the application for an HPID must be approved by an “authorizing official” on behalf of the plan sponsor, it appears that the task cannot be delegated to the plan’s third-party administrator. The HPID will be a randomly assigned, ten-digit number that is “intelligence-free,” meaning that the assigned numbers convey no hidden data about the plan.
Plan sponsors must apply online using an enumeration system that is part of CMS’s Health Insurance Oversight System (HIOS). The CMS website also includes general information about the application process, a user manual, and step-by-step video instructions. The application process appears to be fairly simple, but it does involve several steps (registration, plan application, and approval by an “authorizing official”), so plan sponsors should begin the process sooner rather than later. Plan sponsors should also coordinate with their software vendors and third-party administrators to clarify roles and responsibilities with respect to applying for, obtaining, testing, and ultimately using the assigned HPID.