In addition to the HIPAA Privacy, Security, and Enforcement Rules, the HIPAA Administrative Simplification Rule also includes the following rules and standards:
Transactions and Codes Set Standards
Transactions are activities involving the transfer of health care information for specific purposes. Under HIPAA, if a health plan or health care provider engages in one of the identified transactions, they must comply with the standard for it, which includes using a standard code set to identify diagnoses and procedures. The Standards for Electronic Transactions and Code Sets, published August 17, 2000 and since modified, adopted standards for several transactions, including claims and encounter information, payment and remittance advice, and claims status Any health care provider that conducts a standard transaction also must comply with the Privacy Rule.
Identifier Standards for Employers and Providers
HIPAA requires that employers have standard national numbers that identify them on standard transactions. The Employer Identification Number (EIN), issued by the Internal Revenue Service (IRS), was selected as the identifier for employers and was adopted effective July 30, 2002.
HIPAA requires that health care providers have standard national numbers that identify them on standard transactions. The National Provider Identifier (NPI) is a unique identification number for covered health care providers. Covered health care providers and all health plans and health care clearinghouses use the NPIs in the administrative transactions adopted under HIPAA. The NPI is a 10-position, intelligence-free numeric identifier (10-digit number). This means that the numbers do not carry other information about healthcare providers, such as the state in which they live or their medical specialty.
Training solutions include the gold standard HIPAA credential, Certified HIPAA Professional (CHP) and our world’s first compliance and cyber security credential, Certified Security Compliance Specialist (CSCS).
ecfirst is a HITRUST Authorized CSF Assessor.
Many clients engage ecfirst extensively for the flexible services that range from on-demand consulting to its managed compliance services programs that covers training, policies, remediation, risk assessment, technical vulnerability assessments penetration testing and much more.