CMS Institutes Grace Period for HIPAA 5010 Compliance

The Centers for Medicare and Medicaid Services (CMS) has instituted a 90-day grace period for compliance with version 5010 of the HIPAA X12 standard. While January 1, 2012 remains the “official compliance date", the agency reported it will not “initiate enforcement action” on that compliance before March 31, 2012. HIPAA 5010 regulates the electronic transmission of specific health care transactions. It is a prerequisite to preparation for the implementation of ICD10 transition sets; the deadline for the latter is October 1, 2013. Meanwhile, CMS’ Office of E-Health Standards and Services (OESS) is encouraging all covered entities to avoid using the grace period as a rationale for postponing moves toward HIPAA 5010 conversion. Rather, it is entreating these entities to continue working with their trading partners to become compliant with the new HIPAA standards, and to determine their readiness to accept the new standards as of the original deadline Moreover, although enforcement action will not be taken until the end of March, OESS will “continue to accept complaints associated with compliance with Version 5010, NCPDP D.0, and NCPDP 3.0 transaction standards during the 90-day period beginning January 1, 2012,” CMS explained in a statement. "If requested by OESS, covered entities that are the subject of complaints (known as 'filed-against entities') must produce evidence of either compliance or a good faith effort to become compliant with the new HIPAA standards during the 90-day period.”