CMS Offers 90-Day Grace Period for HIPAA 5010 Enforcement | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

CMS Offers 90-Day Grace Period for HIPAA 5010 Enforcement

November 18, 2011
by root
| Reprints

The Centers for Medicare & Medicaid Services’ Office of E-Health Standards and Services (OESS) announced that with respect to any HIPAA covered entity that is not in compliance with the HIPAA 5010 standards, it is offering a 90-day enforcement grace period until March 31, 2012. The compliance date for use of these new standards remains Jan. 1, 2012.

CMS’ Office of E-Health Standards and Services is the U.S. Department of Health and Human Services’ component that enforces compliance with HIPAA transaction and code set standards. OESS encourages all covered entities to continue working with their trading partners to become compliant with the new HIPAA standards, and to determine their readiness to accept the new standards as of Jan. 1, 2012.

While enforcement action will not be taken, OESS will continue to accept complaints associated with compliance with Version 5010, NCPDP D.0 and NCPDP 3.0 transaction standards during the 90-day period beginning Jan. 1, 2012. If requested by OESS, covered entities that are the subject of complaints (known as “filed-against entities”) must produce evidence of either compliance or a good faith effort to become compliant with the new HIPAA standards during the 90-day period.

OESS made the decision for a discretionary enforcement period based on industry feedback revealing that, with only about 45 days remaining before the Jan. 1, 2012 compliance date, testing between some covered entities and their trading partners has not yet reached a threshold whereby a majority of covered entities would be able to be in compliance by Jan 1, 2012. Feedback indicates that the number of submitters, the volume of transactions, and other testing data used as indicators of the industry’s readiness to comply with the new standards have been low across some industry sectors.

Topics

News

Report: Insider Threats to Patient Data Remain Unnoticed

Of the reported healthcare data breach incidents that occurred in September, it took an average of 387 days for healthcare organizations to discover a breach had occurred, according to a report from cybersecurity software company Protenus.

Reports: Ex-Pharma Exec Alex Azar Emerges as Trump’s Top Pick for HHS Secretary

President Donald Trump could be on the verge of tapping Alex Azar, a former pharmaceutical industry executive and George W. Bush administration official, as the next HHS Secretary, according to media reports.

ONC HIT Certification Program Approves HIMSS Immunization Integration Method

The ONC has approved a HIMSS testing method for the health IT certification program that can now serve as an alternative to the current National Coordinator-approved method for testing transmissions to immunization registries.

UF Health Receives $2.2 Million CDC Grant for Telemedicine Project

UF Health Jacksonville in Florida will be using a $2.2 million federal grant to launch a telemedicine program aimed at improving care for patients living with HIV in an urban setting.

Epic, CVS Health Team Up to Use Analytics for Informed Medication Insights

Epic Systems and CVS Health have announced an initiative in which analytics and data sharing will be leveraged to generate insights surrounding dispensing patterns and behaviors around medication adherence.

Two Major Healthcare Collaboratives Partner to Improve Regional Data Sharing

NRHI a national organization of regional healthcare improvement collaboratives, and SHIEC, a national trade association representing health information exchanges, are now joining forces.