ACA requires self-insured plans to secure health plan identifier (HPID) and certify compliance with electronic transaction requirements
A provision within the Affordable Care Act requires the Department of Health and Human Services (HHS) to develop new requirements for electronic transactions sent between Covered Entities and a method to certify compliance with the new rules.
Additionally, self-insured health plans, defined as a Covered Entity within HIPAA, must obtain a health plan identifier (HPID). The intent of the HPID is to simplify the routing, review and payment of electronic transactions to reduce administrative errors. (See standard transaction summary below.)
Health plans that meet the definition of a controlling health plan are required to have a health plan identifier by November 5, 2014. Small health plans, those with less than $5 million in annual receipts (claims paid) in the previous plan year, have until November 5, 2015.
A controlling health plan (CHP)
- Controls its own business activities, actions or policies, or
i) is controlled by an entity that is not a health plan, and
ii) if it has a sub-health plan(s), exercises sufficient control over the sub-health plans(s) to direct its business activities, actions or policies.
Most employer-sponsored self-funded health plans meet the criteria of a CHP and must obtain a HPID.
A sub-health plan (SHP)
- A health plan whose business activities, actions or policies are directed by a controlling health plan. A self-funded plan that is a SHP may obtain an identifier number, but it is not required, unless it is identified in a standard transaction.
Under the final rule a health plan must obtain its own HPID, even if it uses a third-party to process electronic transactions. The Department of Health and Human Services (HHS) has received numerous requests to exempt self-funded plans from the HPID requirement if they do not directly conduct standard transactions. For now HHS has not granted any exemptions. Fully insured plan sponsors do not need a HPID because they do not qualify as a Covered Entity/health plan under HIPAA.
Self-insured health plans must certify, generally through their TPA, that they comply with HIPAA electronic transaction rules and provide an attestation confirming compliance to HHS by December 31, 2015. Small health plans, those with less than $5 million in annual receipts (claims paid), have until December 31, 2016, to meet the compliance requirements.
Plans can be fined $1 per covered life per day (up to maximum cap of $20 per covered life) for failure to file the required certification. Willful noncompliance could result in a penalty of up to $40 per covered life in the plan. A secondary certification is also identified in the Affordable Care Act, but no regulations have been issued to date, leading some to conclude a delay.
The online application is available through the CMS Health Plan and Other Entity Enumeration System (HPOES). HPOES is housed in CMS’ Health Insurance Oversight System and must be accessed via the CMS Enterprise Portal.
CMS has provided instruction videos that review each step of the application process to obtain a HPID for a controlling health plan (CHP), a subhealth plan (SHP), and any other entity identifier (OEID).
Your Bukaty Companies benefit consultant will assist you with this process.