Volume TenNumber EightAugust 2008

Published Monthly

Earn CEU creditsee insert

Feature Focus:

NPI and data integrity: A ticking time bomb

page 32

Meet

R. Alexander AcostaUnited States Attorney for the Southern District of Florida

page 14

Compliance 101:

Developing custom evaluation and management documentation formspage 48

Stopping lateral violence: Committing

to your code of conduct

page 4

Health Care Compliance Association • 888-580-8373 • www.hcca-info.orgAugust 2008

32

feature

NPI and data integrity: A ticking time tomb

focusBy Stephanie Rose-Belcher

Editor’s note: Stephanie Rose-Belcher is Vice President of Payer Solutions for Enclarity in Charlotte, NC. She has more than 20 years experience as a senior operations executive for health plans, specializing in customer service, claims management, process improvement, project management and information technology. Ms. Rose-Belcher may be reached by e-mail at srosebelcher@enclarity.com.

A s of May 23, 2008, all HIPAA electronic health care trans-actions now require the National Provider Identifier (NPI), a standard, unique 10-digit identifier for providers, as

the only identifier. Any claims submitted, (1) without the required NPI data, or (2) in combination with a legacy identifier, are being rejected or delayed. Early reports following the deadline indicated that Medicare claims rejections spiked to double-digit percentages, howev-er, because the deadline fell on a holiday weekend, it could be weeks or months before the full impact of these rejections is realized.

When a claim is rejected or delayed, payers will inevitably lose revenue and experience increased costs associated with manual correction. For claims that lack an NPI, or are submitted with a legacy identifier, the cost of manual correction has an estimated price tag of an additional $8 per rejected and then manually processed claim – and the resulting costs will be substantial. The current volume of claims submissions with NPI-only are in the single digits. For providers and payers that have procrastinated in the hope that the mandate would go away, they’re simply turning a deaf ear to the sounds of the ticking time bomb that has exploded.

Envisioned as a provision that would help to mitigate the costs associ-ated with poor data quality by shifting power from the payer to the provider, NPI has become a source of fear and consternation for payers and providers alike. And while the deadline has passed, payer organiza-tions who act quickly can mitigate the impact that rejected or delayed claims will have on their bottom line.

NPI was designed to ensure that each individual provider has one unique identifier to be used in all electronic transactions with all health plans and that business entities have unique identifiers associ-ated with their various lines of business (sub-parts). The US govern-ment’s Centers for Medicare and Medicaid Services (CMS) developed the National Plan and Provider Enumeration System (NPPES) to assign these unique identifiers.

Conceptually, this is an excellent idea. But it will work only if every provider has and uses its NPI number(s), and every payer is able to recognize and match the NPI to its internal provider files. However, the enumeration guidelines were broad, with entities given the opportunity to determine how to set up their NPIs in a way that worked best for them. The challenge is that the business entities were free to choose how they enumerate. This has led to inconsistencies where some entities will have multiple NPIs and similar entities will have only one. Furthermore, the payers all have their own methods of organizing provider informa-tion, which may or may not match how the provider enumerates. While it has been weeks since the NPI went into effect, many health care payer organizations covered under HIPAA are still behind in implementation.

Placing further strain on payer and provider organizations is a decision made by CMS on April 3, 2008 to discontinue use of taxonomy codes for “crosswalk” purposes. Organizations that are attempting NPI-only transactions are finding significant crosswalk problems. In fact, a num-ber of incidents have been cited where Medicare payments have been delayed or rejected due to crosswalk failures. In addition, a secondary-provider NPI is also now required, and there has been little to no volume seen for this field. For example, say you have a hospital claim for an X-ray. The bill must include the ordering doctor’s NPI (the secondary NPI) as well as the hospital’s NPI number for the claim to be processed.

The economic risks from rejected and delayed claims, including lost rev-enue, delayed cash flow, and increased cost for manual claims processing certainly will have an adverse effect on business processes and efficien-

Health Care Compliance Association • 888-580-8373 • www.hcca-info.orgAugust 2008

33

Continued on page 34

cies; however, the ramifications of non-compliance can extend much further. Consider this: If your organization does not get up to speed on NPI, you may be unable to pay providers in a timely fashion, which will put the burden back on your members. They will eventually get fed up and switch carriers, thus causing you to lose money, market share, and credibility. It’s time to get serious about NPI implementation.

Although there is a general sense that the commercial sector of the industry is minimizing the disruption to claims flow and patient care over compliance with industry regulations, both Medicare and Medicaid have stopped accepting:n Transactions without an NPI n Transactions with NPI plus legacy identifiers

Many vendors and clearinghouses face uncertainty over their readiness to submit NPI-only claim transactions. Many organizations intend to handle the compliance as a one-time transition for all clients, rather than con-ducting customized client transitions. As such, if one client still depends on legacy identifiers, even if they also are sending an NPI identifier, the vendor or clearinghouse will have to continue processing dual transactions for everyone, and will not be able to begin NPI-only transactions.

The NPPES file for unique identifiers was officially released for use in October 2007. With providers applying for NPIs over the course of many months and even years, the information in the file is already de-cayed. Providers are expected to keep their demographic information current in the NPPES database. However, the actual rate of updates currently is 0.2% per month, as opposed to the normal 2.5% expected on a monthly basis, given the industry’s typical rate of change. For the industry to process claims effectively, it is important to use more than the NPPES data, which does not include important details such as the Tax ID Number (TIN). Therefore, these organizations must identify solutions that can help them accurately match NPI Type 1 (individual) with NPI Type 2 (organizational) data.

The overall accuracy of the payer’s provider file will determine the success of the integration of NPIs today and tomorrow. Health care payer organi-zations must make adequate provisions to ensure a smooth transition by cleaning and augmenting provider files and incorporating NPI data.

So why is the NPPES database alone not enough to support NPI compliance? In reality, the complexities associated with accurately matching NPI Type 1 and Type 2 data to error-prone legacy provider files, are more than most internal IT staffs can handle on their own. To completely manage the process internally means starting a massive

IT installation, spending unnecessary money and time, and diverting resources from other projects.

Delicate blending of data

It’s a fact that a typical legacy provider file contains errors and omis-sions in 30% to 40% of the records. The NPPES database simply does not have everything necessary to ensure an accurate crosswalk to a legacy provider file. This is further compounded by the fact that both the legacy provider file and NPPES database have errors, omis-sions, and outdated information:n Missing data. The quality of demographic data has decayed during

the18-plus months since the first entries were made, and some data is still missing.

n Not all providers have NPI numbers. Approximately 96% of medical doctors and doctors offices are enumerated and 80% of dentists are enumerated.

n Inactive numbers. The file includes inactive businesses and organiza-tions that obtained a new NPI number and did not cancel the old one.

n No key for Type 2. There is no key to relate “sub-parts” to Type 2 parent organizations.

n No Tax ID. This omission makes matching difficult for payers.n No easy way to identify changes. There is not an easy way to

identify changes or additions to the NPPES database. You must do full file replacements and full re-matching to your legacy file to stay current.

Do payers know the state of their provider file?

Some argue that the underlying problem on the path to NPI compli-ance is the fact that payer organizations have never really embraced the NPI internally. This has resulted in the maintenance of old legacy IDs and created complex crosswalks that continue to pose issues as provid-ers change on a daily basis.

Payers have many things to think about in terms of the NPI compli-ance. Among those questions are: n What is the accuracy of the existing provider file? n What percent of provider records include a NPI?n Is the correct NPI matched to the correct provider?n Do we know how to figure out which NPIs are sub-parts and

belong with each Type 2 provider? n Are we prepared for the delays, paper submissions, phone calls, and orga-

nizational scrutiny that will occur if many claims are rejected or delayed?

These aren’t easy questions to answer. You can ask your staff, but they

Health Care Compliance Association • 888-580-8373 • www.hcca-info.orgAugust 2008

34

NPI and Data Integrity: A Ticking Time Bomb ...continued from page 33

aren’t likely to have the specialized analytical expertise in NPI, data cleansing, and matching that they need to spot the problems. So, if there are mistakes today, you probably won’t know about them until it’s too late.

What can you do now that the NPI deadline has come and gone? The fol-lowing are key steps that you can use to know exactly where your organiza-tion stands today when it comes to NPI compliance:n Assess the number of NPI records that have been identified against the

legacy provider file.n Complete an independent quality review of the NPI number match to the

legacy provider record.n Determine what provider types are missing NPI numbers.n Use a hosted solution or develop an internal solution that can assess and identify

soft matches between internal provider files and the NPI file.n Seek outside assistance for matching and analysis if that is not a core com-

petency. Detailed matching, data analysis, and bridging of records require significant expertise that is not always available via internal resources, particularly within a short time frame.

n For those payers that decide to research and fill in NPI on a claim-by-claim basis after May 23, utilize a provider information solution that combines NPI information with other critical provider information to facilitate identification and matching.

n If a high number of claims start to reject or are delayed, notify your mem-bers, clients, providers, and internal boards.

n Develop a communication plan and strategy for identified providers whose claims are denied or delayed for lack of NPI, including assessment of whether the provider has a claim submission issue or simply does not have an NPI.

n For payers that are not prepared for compliance, develop a specific action plan to achieve NPI compliance.

n Prepare for the long term. NPI, in particular Type 2, is extremely complex and accurate matching is an iterative, ongoing process.

n Ensure that the organization is educated about the rules for NPI. Check out the following information on the CMS Web site: http://www.cms.hhs.gov/NationalProvIdentStand/

Disruption Prevention

NPI is new and unique, and getting it right is a delicate diffusion process. Each day, your bottom line is impacted by claims that don’t auto-adjudicate, directory errors, unnecessary phone calls, returned mail, the cost of your special investigations unit, and more. You’ve budgeted for those ongoing inef-ficiencies, but what about the disruption and delay that you have experienced since May 23?

There is still time to mitigate the fallout. Start your NPI assessment today. n