Health Care Finance The New England Healthcare EDI Network
Lessons Learned Preparing for HIPAA

By Pam Abramowitz
June 2000
URL: http://www.hcfinance.com/june /mc_1.htm

Say the word “HIPAA” and many hospital CFOs and CIOs begin to shake.“It's worse than the Y2K problem.” “It's going to eat up my budget  for years.” “It makes no sense.” “What if I have to go to jail?” But the “Administrative Simplification” section of the Health Insurance  Portability and Accountability Act of 1996 — the part of HIPAA that so daunts hospitals — may not be government-speak for “disaster.” In  fact, a group of hospital systems and insurers in Massachusetts have developed what its participants feel is an ideal solution: the New  England Healthcare EDI (Electronic Data Interchange) Network, or NEHEN.

HIPAA's Administrative Simplification section requires that health care payers and providers alike accept a standard format for electronic  transactions. There are three main options for compliance with this law, say health care experts. These include clearinghouses and  intermediaries such as Healtheon, which offer electronic data interchange between providers and payers for which they charge a transaction  fee; building point-to-point EDI systems between each provider and each payer; or joining an EDI network such as NEHEN.

The participants in NEHEN — originally CareGroup Healthcare System, Harvard Pilgrim Health Care, Lifespan, Partners HealthCare System,  and Tufts Health Plan, and now the more recently added Boston Medical Center, Children's Hospital Boston, and UMassMemorial Healthcare  — rejected the first two potential solutions, the first because of its expense and the second because of its cumbersome nature. 

“NEHEN's value is that it enables us to carry out this business function — which results in lower costs and a better ability to capture revenue  — in such a way that is remarkably inexpensive,” said John Glaser, CIO of Partners. “In addition to compliance [with HIPAA], there's a great  business advantage to NEHEN. We've seen denial rates cut in half … and revenue improvements in the tens of millions. We also have lots of  people on staff whose job it is to deal with claims, and over time we can reduce that. HIPAA helps me do something I should have done  anyway.” 

A CONCEPT BEGINS

The NEHEN concept began with Computer Sciences Corp., according to Sira Arabian Cormier, senior consultant at CSC and program manager  of NEHEN. In the summer of 1997, Cormier said, while working on a project for a client, CSC proposed a collaborative effort between New  England payers and providers that would allow them to not only comply with coming HIPAA regulations, but also to gain efficiencies and  reduce red tape. NEHEN is a method of translating and transmitting data between providers and payers using HIPAA compliant standards.  Each provider has a direct frame-relay connection to each of the payers, so there is no need for a central server or database. It runs on a  Windows NT platform and meets HIPAA security requirements for transaction sets. Users can incorporate the software into their own internal  systems or can use a Web-based application developed by CSC called NEHENLite.

The information that flows across the NEHEN system goes directly from provider to payer or payer to provider. There is no central server or  database that must act as intermediary. This benefits the participants in two ways: first, there is no entity in the middle of the transactions  charging fees or collating data; second, because there is no database created from the information that flows across NEHEN, the HIPAA  security components that cover databases do not apply.

Each of the players agrees that the key in getting this system off the ground was convincing everyone that electronic delivery of data would  not be a strategic advantage to any one participant. “It's not an easy road to sit in a room with other companies who want to bid on your  contracts or see you out of business,” said Joseph Imbimbo, associate vice president of MIS at Tufts Health Care. “Yet NEHEN creates  common ground.” 

In June 1998, NEHEN began a pilot program covering benefits eligibility verification transactions. Historically, eligibility verification has been  an arduous and labor-intensive process and most companies had not done it, Cormier explained. But eligibility verification is one of the  categories covered by HIPAA, and the swift and accurate completion of the task adds profits to the bottom line. “If you can get a clear answer  that day, you're more likely to submit a claim with the correct information and are more likely to get paid, and paid quickly,” she said.

In March 2000, the NEHEN system began a pilot program automating referrals, which had also previously caused administrative headaches  and increased claim rejections. “Referrals in the managed care world are key,” said Imbimbo. “If the referral doesn't get to the payer in time, it  gets denied,” he explained. Furthermore, since it is to the advantage of the payer to have providers refer patients to other providers who are  within the payer's network, allowing electronic communications back and forth between payer and provider also promotes in-network  referrals, he said. “It improves my bottom line and saves me a lot of paper,” Imbimbo added.

The next processes planned are for claims, including submission, inquiry, and remittance.“The biggest pain [providers] see now is on the  rejected claims side. They have a lot of staff whose primary responsibility it is to chase down these claims,” Cormier said. “If they can reduce  this pain by using the HIPAA standards, including eligibility verification and referral numbers, they won't have all of these rejected claims,  they'll get their funding quicker, have less bad debt, and have lower staff requirements.”

“It costs $6 to process a claim manually,” said John D. Halamka, CIO of CareGroup Healthcare System and the chairman of NEHEN, “but only  $0.25 on NEHEN.” 

MINIMAL TRAINING NEEDED

Training issues have been minor, as most providers already have hospital information systems, and the NEHEN software is simply  incorporated on the back end. The total cost to NEHEN participants is $6,000 per month, plus minor quarterly administrative fees covering  such items as accounting firm fees, according to Cormier. Other HIPAA solutions, such as clearinghouses, charge their customers transaction  fees. Participants also need a routing software product, or gateway, which NEHEN has, as well as a Windows NT server, which most  organizations have.

“We bought into Administrative Simplification,” said Carole Cotter, senior vice president and CIO at Lifespan. Now, she said, each payer has  its own standards, into which providers must translate their data in order to be paid. So providers have to do this work anyway, but under  HIPAA can translate all of it into the same standardized format which must be accepted by all payers.

Joseph Imbrimbo, AVP of MIS, Tufts Health Care

With NEHEN, “All I need to do is to route my transactions there,” Cotter said. Whatever expense is incurred to format to HIPAA standards  would have been incurred anyway, she explained. “It's so much more simple than you can imagine,” she said. But, Cotter cautions, NEHEN  does not cover all of the HIPAA issues, just the transactions and code sets component. Security and privacy are huge issues which will take a  long time to resolve. “This is the easy part of HIPAA, because it's the part that's defined,” she added. “

NEHEN is largely provider-based,” said Cotter, “because we have the greatest need. We're the ones that in the end get paid or not,  depending on how well we [administrate claims information]. NEHEN is a great way to interact with the payers that are on NEHEN, but it has  been difficult bringing payers to the table.”

Yet payers reap benefits as well. “The replication of effort to deal with all of the providers [who use different systems] is eliminated through  NEHEN,” Tufts' Imbimbo said. And since HIPAA is going to force everyone to use the same standards anyway, “the benefit is that we have a  lot of it done already,” he said. “The benefit comes in maybe not the first time [you format the data], but in the second, third, and fourth  times.”

Some industry players express concern about NEHEN's long-term survival. One of the top three payers in New England, Blue Cross-Blue  Shield of Massachusetts, has not yet joined the NEHEN network, and may be pursuing a different strategy altogether. BCBS CIO Mark Caron  declined comment.

“[NEHEN] would be more effective with all of the players in the region,” said Imbimbo. Furthermore, he continued, once the HIPAA standards  are fully in effect, because everyone will be on the same page already, “HIPAA may negate the need for NEHEN, except to provide a free  network, and Internet privacy — once it's solved — may eliminate the need for that.”

“NEHEN works great for a hospital,” Halamka said. “But if you're an unaffiliated five-member doctors office it's not as easy. It will probably be  the Healtheons of the world that service these providers and not NEHEN.” Care Group's CIO doubts, furthermore, that he will see NEHEN on  the Internet, because of concerns with security and availability. “People are paranoid about security,” he explained, “and there is no guarantee  of service on the Internet, no guarantee that when you'redownloading mission-critical medical data you're not competing with 20,000  sixteen-year-olds trying to download MP3.” 

LARGER IMPLICATIONS

“What we're telling clients,” said Wes Rishel, research director at GartnerGroup, “is that HIPAA is an opportunity.” But CFOs have to think  of HIPAA based on a return-on-investment model rather than on a compliance-costs model, he said. “The organizations that are going to do  the best are those that try to do better than their competitors by exploiting this opportunity rather than trying to spend less than their  competitors to meet minimal compliance,” Rishel said. Money spent on administration is found money, he added.“When you crank down the  number of nurses, there's risk. When you crank down the number of people stuffing claims envelopes, that's found money,” he added.

Carole Cotter, SVP and CIP, Lifespan

How much money can be saved? The latest number Rishel has heard for health care administrative costs is $200 billion per year. The important  question, though, is what percentage of that can be realized by Administrative Simplification. Even if it's only 5%, that's a significant amount  of money, Rishel said. His preliminary estimate is that it will cost some large organizations over $10 million to become HIPAA compliant. And  the variation among the providers and payers in terms of the cost of implementing HIPAA is their attitude, he believes. “The industry's  problem is in accepting change,” Rishel added.

HHS recently promised a final rule by June 2000, but GartnerGroup estimates are for a publication of a final rule on electronic transaction  standards in the third quarter of 2000, resulting in a compliance date in the fourth quarter of 2002.

What about ignoring HIPAA altogether? “The option to not comply with HIPAA is to not send claims electronically,” Rishel said. “Most  hospitals have already bought systems that can do this, and have reduced their staff size. It is unlikely that they can stop sending  transactions electronically without incurring huge staff increases. And if they deal with Medicare, they have to do it electronically. So  ignoring Administrative Simplification on transactions is not a good option.”

“Security and privacy is a different model,” Rishel continued. The privacy regulations are not final, will likely be different than the proposed  rules. But in general, he thinks that enforcement will focus on the egregious violators — those who sell health data or write passwords on little  yellow Post-It Notes on the terminals. Then they'll focus on smaller offenses as the industry gains experience. But they'll look at how this  organization is doing compared to its competitors, Rishel added, so the optimal level of compliance is right at the mean.

The main lesson others can learn from the participants in NEHEN, according to Partners' Glaser, is that “it's a big-time business opportunity.”  But he cautions that care must be taken to determine if the NEHEN model is portable to other markets.

“NEHEN works because there are a small number of players who know each other well and trust each other,” he said. “The question is: can  you, with a relatively small number of people, get a critical mass? If you'd need an auditorium full of people to get 50% of the market, it  probably won't work.”

“[Institutions] can also reduce risk by minimizing the capital that's in the middle and minimizing the changes required of each organization,”  Glaser said.