On October 3, 2017, the Department of Health and Human Services (HHS) withdrew proposed rules that would have required health plans to certify their compliance with certain electronic transaction standards. Although most employers would not have been affected directly, because their plans are handled by insurance carriers, self-funded employers were facing potential challenges. The HHS notice withdrawing the rules is welcome news for those employers and their advisors.
By way of background, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets standards and operating rules for electronic transactions, including plan eligibility, claim status, and electronic funds transfers. These rules are generally referred to as HIPAA’s administration simplification requirements. They remain in place.
Subsequently, the Affordable Care Act (ACA) added provisions for HHS to require health plans to formally certify their compliance with the HIPAA standards and for HHS to conduct audits. Over the past several years, HHS has worked on developing certification procedures. The agency proposed rules in 2014, but still had not finalized or implemented the certification requirements. The proposed rules are now withdrawn.