Printer-friendly format

Today it seems that everyone is just a number. Many times the same person is a different number in different situations. Keeping track of which number you are to whom can be confusing and frustrating.

The world of healthcare is not immune to this "numbers" issue. Providers are assigned numbers by Medicare/Medicaid, each of their commercial health plans, state licensing agencies and suppliers. While this may not change any time soon, the Centers for Medicare and Medicaid Services (CMS) has developed a system under which all providers will need only one number — the National Provider Identifier (NPI).

The NPI is a 10-digit number which will be used to identify healthcare providers to those with whom they interact. Although the NPI is not "intelligent," meaning the number reveals no information about the provider such as the type of provider or state where the provider is located, it is unique enough and so widely applicable that will be capable of use as an (almost) "universal" identifier.

The idea for the NPI was born out of HIPAA regulations which required the Department of Health and Human Services to establish unique health identifiers for healthcare providers, health plans, and employers. On January 23, 2004, the NPI Final Rule was published creating the NPI as this identifier. The Final Rule placed requirements on all healthcare providers (both individuals and organizations) relating to obtaining, using and disseminating NPI. It also set May 23, 2007 (May 23, 2008, for small health plans) as the effective date for providers to begin using their NPI.

All healthcare providers are eligible to receive NPIs, but "covered healthcare providers" are required to obtain and use the number. "Covered healthcare providers" are those that (i) meet the requirements of 45 CFR § 160.103 (which includes almost all traditionally recognized fields of healthcare) and (ii) transmit health information in electronic form on their own behalf, or use a business associate to do so, in relation to a transaction for which HHS has developed a standard (again, almost all transactions for claims, payments, certifications, enrollments, etc.).

Under the NPI system, healthcare providers are divided into two categories : Individuals and Organizations. Individuals, categorized as Entity Type 1 providers, include physicians, dentists, pharmacists, physical therapists, and similar professionals. Organizations, or Entity Type 2 providers, include hospitals, home health agencies, clinics, nursing homes, labs, HMOs, pharmacies, DME providers, and other organizations. Organizations may also have one or more sub-parts which would require their own NPIs. If an "individual" has incorporated his/her practice, an Organizational NPI may be required along with an Individual NPI, depending on how healthcare transactions are handled by the provider.

With the fast approaching effective date for utilization of NPIs, providers have only a few short months to plan for the new NPI compliance requirements. Upon the deadline, providers will need to be prepared to do the following:

1. Obtain from the National Plan and Provider Enumeration System (NPPES) an NPI for themselves and for any sub-parts required to obtain an NPI. Providers can apply for the NPI in one (and only one) of the following ways: (i) online at https://nppes.cms.hhs.gov; (ii) by filing a paper application and sending it to the Enumerator (a copy of the application and the Enumerator's mailing address is available at the NPPES Web site, or you may call the Enumerator at 1-800-465-3203 to request an application); or (iii) by authorizing another entity to submit your application in an electronic file.

2. Use the NPI to identify the provider in all standard transactions where a healthcare provider identifier is required.

3. Upon request, disclose the NPI to any entity that needs the NPI to identify that healthcare provider in a standard transaction.

4. Communicate to the NPPES any changes in the provider's required data elements (i.e., change of ownership, address, etc.) within 30 days of the change.

5. If business associates are used to conduct standard transactions, require the business associates to use the provider's NPI.

6. If one or more subparts have been assigned NPIs, comply with the above requirements for each of the sub-parts.

While these requirements are not as daunting as those associated with the introduction of the HIPAA Privacy Rule, all providers should heed the lessons learned during that transition and ensure that you are prepared well in advance of the deadlines. Understanding the time it takes to apply and implement these requirements, we advise all our clients who have not yet begun this process to do so immediately.



Kate Gilchrist and David Donnell are attorneys with Adams and Reese, LLP in Jackson. They can be reached at Katie.Gilchrist@arlaw.com and David.Donnell@arlaw.com, respectively.



February 2007

Tags:

None