CMS HIPAA Contingency Plan Crucial to Continuity of Care

The HIPAA contingency plan devised by the Centers for Medicare and Medicaid Services (CMS) should allow the industry the additional time it needs to prepare for implementation of the Transaction and Code Sets regulation. But the plan is also crucial to maintaining continuity of care and reimbursement for Medicare patients, according to the results of a new Healthcare Information Management Systems Society (HIMSS) survey.

The CMS announced in September that it was implementing a contingency plan to accept noncompliant electronic transactions after the Oct. 16 compliance deadline for the HIPAA regulation. The decision was based on a CMS review of statistics showing that an unacceptably low number of compliant claims were being submitted.

Fifty-six percent of survey respondents indicated that the contingency plan will forestall an imminent crisis and allow many facilities to become compliant.

Seventy-six percent of the respondents indicated that the plan is crucial to enable providers to maintain their operations, as well as to ensure that care for Medicare patients will not be interrupted.

According to respondents, the CMS should leave its contingency plan in place for at least 30 days (6%), 30 to 90 days (21%), three to six months (42%), six to 12 months (26%), or more than a year (3%).

The survey also asked whether other payers should offer contingency plans. Payers have not been consistent in their reactions to CMS's September announcement.

Blue Cross Blue Shield, for instance, has indicated that it will offer a contingency plan, while others say they will revert to a paper-based system. About half (55%) of the survey respondents believe this diverse response will lead to a delay in HIPAA compliance.

To mitigate confusion, HIMSS recommends that entities do the following:
· maintain their current contingency plan, and do not assume there will be a lengthy reprieve;
· continue testing and obtain firm testing dates from all trading partners;
· review and follow the contingency plan for claims submissions for Medicare and Medicaid if they have not successfully tested with the CMS to date;
· contact other payers to determine their readiness and whether they will accept noncompliant transactions;
· secure a copy of trading partners' contingency plan;
· document everything they have done to become compliant, especially their determination of what contingency planning needs to be done; and
· consider contracting with a third-party vendor that specializes in testing and certification for HIPAA compliance to help determine whether their transactions or those of their trading partners are compliant.