|
Why should Health Plans, Vendors and
Clearinghouses test? What are the different levels of testing?
The Strategic National Implementation Process (or SNIP, the group
constituted under the Workgroup for Electronic Data Interchange
to guide the health care industry in an orderly implementation
of
HIPAA-compliant EDI) has recommended transaction testing prior
to "going live" with standard format transactions.
It only makes sense that a submitter would want and need the opportunity
to identify and correct errors before entrusting their health care
transactions entirely to the new formats. As help in making the
most of the testing opportunity, SNIP has recommended testing in
six categories, commonly referred to as levels:
Level 1: Integrity Testing (X12
Syntax)
Level 2: Requirement Testing
(Implementation Guide Syntax)
Level 3: Balancing
Level 4: Situation Testing (Implementation
Guide "Situational Elements")
Level 5: Code Set Testing
Level 6: Specialty or Line of
Business Testing
Level 7: Trading Partner Specific
Testing (added by Claredi for the convenience of trading partners
with specific requirements which go beyond basic HIPAA requirements).
Section D of the ASCA compliance extension
form specifies a timeframe for testing not later than April 16,
2003. Can you provide a definition of testing, and does it relate
to all transactions?
ASCA requires that testing begin no later than April 2003. The law
itself did not specify what type of testing, (e.g. internal, external,
final with trading partners, all transactions, or just one, etc.)
HHS interprets this to mean the date requested on the extension
form as the date when internal system testing begins for the first
transaction the covered entity will test. However, some covered
entities will need to begin their external testing sooner than others,
especially those that have many trading partners or are implementing
many of the transactions. We encourage all covered entities to begin
testing as soon as possible.
Why should I certify?
While there is clear regulatory requirement for compliance with
specific EDI standards, there is no such stipulation about certification.
However, the HIPAA rules do recommend that you complete a minimum
level of certification. Third-party certification can determine
an organization's capability for pertinent standard transactions
and speed the realization of economic benefits from HIPAA implementation.
In addition, being certified as HIPAA compliant, even if it is for
only some of the transactions, demonstrates your "good faith"
effort in complying with the law. This could become important in
preventing fines later.
Can Software Vendors be certified too?
Yes, software vendors are encouraged to be certified. With that
said, software vendors should create their own account on the Claredi
web site (www.claredi.com).
use a clearinghouse. How do I certify?
If your clearinghouse is already Claredi-certified, your certification
is very simple. Simply establish an account with Claredi, and have
the clearinghouse submit your files to Claredi on your behalf. If
your clearinghouse is not yet certified, please contact Claredi’s
Marketing department.
Are the test files I submit to Claredi
secure?
Yes, Claredi utilizes a secure server environment and does not collect
and store data for purposes other than testing and certification.
For added measure, we make available, free of charge, an X12 De-Identification
Utility, which you can use to strip identification data from your
files. Additionally, Claredi's testing can take place via a direct
modem connection without going through the internet.
Does each health care entity have to
certify its transactions?
No. Certification of EDI transactions covered by HIPAA is required
by neither MDCH nor CMS at this time. All organizations that use
these transactions are strongly urged to pursue certification. This
includes entities not specifically covered by HIPAA, such as clearinghouses
and software vendors. For an in-depth look at the benefits of certification,
in addition to the benefits mentioned in section 1.2 of this document,
please read Peter Barry’s white paper, “Economics of Third-Party
Transaction Certification.” Mr. Barry’s paper, along with
others can be found at www.claredi.com/whitepapers.php?PHPSESSID=4335dd816ba0f4ec03e3dd351fba13ab.
How much does certification cost?
Certification is provided at no cost to the entities listed in section
1.3 of this document. All entities have the option of purchasing
their own account from Claredi. The cost of certification is usually
no more than $6,000.
My software vendor is telling me that
its software is already certified. Why do I need to be certified
by another organization?
If your software vendor is telling you that its software is certified,
ask to see the certificate. The certificate should list specific
ANSI ASC X12N transaction sets for which the vendor was certified
(e.g. ACS X12N 837i v4010 X098). In addition to each specific transaction
set, the certificate should list the WEDI/SNIP types of testing
passed by the vendor for each transaction. A certified transaction
should indicate passing all six types of testing. In addition to
the certificate requirements, you should also evaluate the validity
of the certification agency. There are vendors who certify their
own transactions. Understandably, the value and validity of such
certifications should be questioned. A certificate from a third-party
is most valuable.
Even if a third-party certificate exists,
who certifies the certification agency?
There is no certification process for certification agencies. It
is up to each health care entity to determine the value of a certificate.
You will find that with over 18 years of EDI experience, Claredi,
Inc. experts are among the most knowledgeable in the industry. Members
of the Claredi leadership team own two clearinghouses, and have
co-authored the HIPAA implementation guides. Whoever you choose
as your certification agency, be sure that the following items are
covered:
- Certification is recognized by your trading partners
- Certification is done by a neutral third party
- Certification process is disclosed AND verifiable
- Certification is recognized by the health care industry
My employer will soon merge with another
organization in a similar line of business. How will this merger
affect my Claredi certificate
Your employer will need to be re-certified. The re-certification
will be required because of Claredi’s definition of a “Certifiable
Entity”. A “Certifiable Entity” is defined by a combination
of an EDI system and a Federal Tax ID. If your employer merges with
another organization, either the Federal Tax ID, a portion of your
EDI system, or both will change. If all that changed is the Federal
Tax ID, you should resubmit the test transaction(s) and a new certificate
will be issued. If the structure of your EDI system changes, you
may have additional work ahead of you. Keep in mind that each certificate
is lined to the Claredi directory and will show your entity’s
specific capabilities. Therefore, if your entity’s transactions
turn out as non-compliant due to EDI system changes, your certificate
will be voided. To be safe, re-certification should be done any
time changes to EDI are made.
Can Vendors submit HIPAA test claims
to the state of Michigan?
If a vendor is registered as an electronic biller with MDCH they
can submit test claims directly to the state of Michigan. If you
are a software vendor (not a clearinghouse) it may be necessary
for you to partner with a provider in order to submit test claims
and receive accurate results.
If Providers are using web based applications — who will certify
they are HIPAA compliant?
Certification of HIPAA compliant claims is performed by a third
party testing vendor such as Claredi.
|
