Subpart D—Standard Unique Health Identifier for Health Care Providers

Under such system, the Secretary may impose appropriate fees on such physicians to cover the costs of investigation and recertification activities with respect to the issuance of the identifiers.

(c) Code Sets.-- ``(1) In general.--The Secretary shall adopt standards that-- ``(A) select code sets for appropriate data elements for the transactions referred to in subsection (a)(1) from among the code sets that have been developed by private and public entities; or ``(B) establish code sets for such data elements if no code sets for the data elements have been developed. ``(2) Distribution.--The Secretary shall establish efficient and low-cost procedures for distribution (including electronic distribution) of code sets and modifications made to such code sets under section 1174(b).

(1) In general.--The Secretary shall adopt standards for transactions, and data elements for such transactions, to enable health information to be exchanged electronically, that are appropriate for-- ``(A) the financial and administrative transactions described in paragraph (2); and ``(B) other financial and administrative transactions determined appropriate by the Secretary, consistent with the goals of improving the operation of the health care system and reducing administrative costs. ``(2) Transactions.--The transactions referred to in paragraph (1)(A) are transactions with respect to the following: ``(A) Health claims or equivalent encounter information. ``(B) Health claims attachments. ``(C) Enrollment and disenrollment in a health plan. ``(D) Eligibility for a health plan. ``(E) Health care payment and remittance advice. ``(F) Health plan premium payments. ``(G) First report of injury. ``(H) Health claim status. ``(I) Referral certification and authorization.

(b) Unique Health Identifiers.-- ``(1) In general.--The Secretary shall adopt standards providing for a standard unique health identifier for each individual, employer, health plan, and health care provider for use in the health care system. In carrying out the preceding sentence for each health plan and health care provider, the Secretary shall take into account multiple uses for identifiers and multiple locations and specialty classifications for health care providers. ``(2) Use of identifiers.--The standards adopted under paragraph (1) shall specify the purposes for which a unique health identifier may be used.

It is the purpose of this subtitle to improve the Medicare program under title XVIII of the Social Security Act, the medicaid program under title XIX of such Act, and the efficiency and effectiveness of the health care system, by encouraging the development of a health information system through the establishment of standards and requirements for the electronic transmission of certain health information.

Regulations.-- (1) In <<NOTE: Regulations.>> general.--If legislation governing standards with respect to the privacy of individually identifiable health information transmitted in connection with the transactions described in section 1173(a) of the Social Security Act (as added by section 262) is not enacted by the date that is 36 months after the date of the enactment of this Act, the Secretary of Health and Human Services shall promulgate final regulations containing such standards not later than the date that is 42 months after the date of the enactment of this Act. Such regulations shall address at least the subjects described in subsection (b). (2) Preemption.--A regulation promulgated under paragraph (1) shall not supercede a contrary provision of State law, if the provision of State law imposes requirements, standards, or implementation specifications that are more stringent than the requirements, standards, or implementation specifications imposed under the regulation.

National Provider Identifier Standard (NPI)

NPS DATA ELEMENTS

We agree with commentersthat it would be costly to collect,validate, and maintain certification andschool information.

The NPI may also be used for anyother lawful purpose requiring theunique identification of a health careprovider.

HHS will exercise overallresponsibility for oversight andmanagement of the NPS.

The NPS will be designed to be easyto use. The design will employ the latesttechnological advances whereverfeasible for capturing health careprovider data and making informationavailable to users.

Communicate to the NPS anychanges to its required data elements inthe NPS within 30 days of the change.

A strong majority ofcommenters supported our proposalthat the NPI be intelligence-free.

We find the statedadvantages of a 10-position numericidentifier convincing. We have revisedproposed § 142.402 (now § 162.406(a))to provide that the NPI will be a 10position numeric identifier, with the10th position being an ISO standardcheck digit.

A health care provider’s NPI willnot be deactivated if that health careprovider is sanctioned or barred fromone or more health plans.

We do not consider individuals whoare health care providers (that is, theymeet our definition of ‘‘health careprovider’’ at § 160.103) and who aremembers or employees of anorganization health care provider to be‘‘subparts’’ of those organization healthcare providers, as described earlier inthis section.

We define two categories of healthcare providers for enumerationpurposes. A data element, the ‘‘Entitytype code,’’ in the NPS record for eachhealth care provider will indicate theappropriate category.• NPIs with an ‘‘Entity type code’’ of1 will be issued to health care providerswho are individual human beings.Examples of health care providers withan ‘‘Entity type code’’ of 1 arephysicians, dentists, nurses,chiropractors, pharmacists, and physicaltherapists.• NPIs with an ‘‘Entity type code’’ of2 will be issued to health care providersother than individual human beings,that is, organizations. Examples ofhealth care provider organizations withan ‘‘Entity type code’’ of 2 are: hospitals;home health agencies; clinics; nursinghomes; residential treatment centers;laboratories; ambulance companies;group practices; health maintenanceorganizations; suppliers of durablemedical equipment, supplies related tohealth care, prosthetics, and orthotics;and pharmacies

We decided not toestablish sub-IDs because our decisionsregarding which entities would beeligible to receive NPIs (includingseparate physical locations and subpartsof certain kinds of organization healthcare providers) obviate the need forthem. Sub-IDs may be useful as a laterimplementation feature that wouldsupport EDI routing or other purposes.We will consider an expansion at a latertime to include them, if we determinethat they would be beneficial.

For purposes of this rule, weconsider group health care providers tobe organization health care providers.

that the organization healthcare provider is a legal entity and is thecovered entity under HIPAA if it (or asubpart or component) transmits healthinformation in electronic form

We accommodate this language byrequiring covered health care providersto obtain NPIs for subparts of theirorganizations that would otherwisemeet the tests for being a covered healthcare provider themselves if they wereseparate legal entities, and permittinghealth care providers to obtain NPIs forsubparts that do not meet these tests butotherwise qualify for assignment of anNPI.

Therefore, because these kinds ofentities are not health care providers,they will not be eligible for NPIs.

Only those entitiesthat (1) meet the definition of healthcare provider at § 160.103, and (2)transmit health information inelectronic form on their own behalf, orthat use a business associate to transmithealth information in electronic form ontheir behalf, in connection with atransaction for which the Secretary hasadopted a standard (a coveredtransaction) are health care providerswho are required to comply with theHIPAA regulations.

The fact that a healthcare provider obtains an NPI does notimpose covered entity status on thathealth care provider.

Our general rule is that allhealth care providers, as we define thatterm in the regulations, will be eligibleto receive NPIs

National ProviderSystem (NPS)

HIPAA Administrative Simplification:Standard Unique Health Identifier forHealth Care Providers

Guidance on National Provider Identifier (NPI) Enumeration; 45 Code of Federal Regulations(CFR) § 162.412(b)

HIPAA at 25 — The lasting health privacy protections of the Clinton administration

Back in 1996, as HIPAA legislation was on the verge of passing with bi-partisan support, thorny privacy issues were threatening to scuttle the entire enterprise. A compromise was struck whereby Congress would give itself a deadline of three years to enact privacy legislation, and if it didn’t — the Department of Health and Human Services (HHS) Secretary would by default be required to issue privacy regulations. On the day that three years expired, I was the Deputy General Counsel at HHS and happened to be standing in my boss’ office when Secretary Donna E. Shalala walked in, smiled, and said, “Well, they missed the deadline, I guess you better get started.” The General Counsel, Harriet Rabb, turned to me and said, “I think this one is yours.” With that, I began advising an amazing team of policymakers at HHS as we went about drafting the first federal health privacy regulations in the United States.

President Clinton Issues Strong New Consumer Protections to Ensure the Privacy of Medical Records

to make medical records easier to see for those who should see them, and much harder to see for those who shouldn't.

Benefits verification