[Federal Register: May 31, 2002 (Volume
67, Number 105)]
[Rules and Regulations]
[Page 38009-38020]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr31my02-13]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Office of the Secretary
45 CFR Parts 160 and 162
[CMS-0047-F]
RIN 0938-AI59
Health Insurance Reform: Standard Unique Employer Identifier
AGENCY: Centers for Medicare and Medicaid Services
(CMS), HHS.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: This final rule establishes a standard for
a unique employer
identifier and requirements concerning its use by health
plans, health
care clearinghouses, and health care providers. The
health plans,
health care clearinghouses, and health care providers
must use the
identifier, among other uses, in connection with certain
electronic
transactions.
The use of this identifier will improve the Medicare
and Medicaid
programs, and other Federal health programs and private
health
programs, and the effectiveness and efficiency of the
health care
industry in general, by simplifying the administration
of the system
and enabling the efficient electronic transmission of
certain health
information. It will implement some of the requirements
of the
Administrative Simplification subtitle of the Health
Insurance Portability and Accountability Act of 1996.
EFFECTIVE DATE: This regulation is effective July 30,
2002.
FOR FURTHER INFORMATION CONTACT: Patricia Peyton, (410)
786-1812.
SUPPLEMENTARY INFORMATION:
Copies: To order copies of the Federal Register containing
this
document, send your request to: New Orders, Superintendent
of
Documents, P.O. Box 371954, Pittsburgh, PA 15250-7954.
Specify the date
of the issue requested and enclose a check or money
order payable to
the Superintendent of Documents, or enclose your Visa
or Master Card
number and expiration date. Credit card orders can also
be placed by
calling the order desk at (202) 512-1800 or by faxing
to (202) 512-
2250. The cost for each copy is $9. As an alternative,
you can view and
photocopy the Federal Register document at most libraries
designated as
Federal Depository Libraries and at many other public
and academic
libraries throughout the country that receive the Federal
Register. You
may also obtain a copy from the following web sites:
[[Page 38010]]
http://www.access.gpo.gov/nara/index.html; http://aspe.hhs.gov/
admnsimp/.
I. Background
Employers may need to be identified when they transmit
information
to health plans to enroll or disenroll an employee as
a participant in
a health plan. Employers, health care providers, and
health plans may
need to identify the source or receiver of eligibility
or benefit
information. Although the source is usually a health
plan, it could be
an employer. Employers and health plans may need to
identify the
employer when making or keeping track of health plan
premium payments
or contributions relating to an employee. In all cases,
in health care
transactions, where information about the employer is
transmitted
electronically, it will be beneficial to identify the
employer using a
standard identifier.
A. Legislation
The Congress included provisions to address the need
for a standard
unique employer identifier and other administrative
simplification
issues in the Health Insurance Portability and Accountability
Act of
1996 (HIPAA), Public Law 104-191, which became effective
on August 21,
1996. Through subtitle F of title II of that law, the
Congress added to
title XI of the Social Security Act a new part C, titled
Administrative
Simplification (Public Law 104-191) affects several
titles in the
United States Code. Hereafter, we refer to the Social
Security Act as
the Act; we refer to the other laws cited in this document
by their
names.) The purpose of this part is to improve the Medicare
and
Medicaid programs in particular and the efficiency and
effectiveness of
the health care system in general by encouraging the
development of a
health information system through the establishment
of standards and
requirements to facilitate the electronic transmission
of certain
health information.
Part C of title XI consists of sections 1171 through
1179 of the
Act. These sections define various terms and impose
several
requirements on the Secretary, health plans, health
care
clearinghouses, and certain health care providers concerning
electronic
transmission of health information, and security and
privacy.
We discussed the legislation in greater detail in a
final rule for
Standards for Electronic Transactions (the Transactions
Rule) published
on August 17, 2000 (65 FR 50312), and in a final rule
for Privacy of
Individually Identifiable Health Information (the Privacy
Rule),
published on December 28, 2000 (65 FR 82462). Rather
than repeating the
discussion here, we refer the reader to those documents
for further
information.
Section 1172 of the Act makes any standard adopted under
part C
applicable to (1) all health plans, (2) all health care
clearinghouses,
and (3) any health care provider who transmits any health
information
in electronic form in connection with a transaction
referred to in
section 1173 (a)(1).
In complying with the requirements of part C of title
XI, the
Secretary must rely on the recommendations of the National
Committee on
Vital Health Statistics (NCVHS), consult with appropriate
State,
Federal, and private agencies or organizations, and
publish the
recommendations of the NCVHS in the Federal Register.
Paragraph (b) of section 1173 of the Act requires the
Secretary to
adopt standards for unique health identifiers for all
employers (in
addition to identifiers for individuals, health plans,
and health care
providers) for use in the health care system, and requires
further that
the adopted standards specify for what purposes unique
health
identifiers may be used.
II. Provisions of the Proposed Regulations
On June 16, 1998 (63 FR 32784), we proposed a national
standard
employer identifier and requirements concerning its
implementation.
That rule would have established requirements that health
plans, health
care clearinghouses, and health care providers would
have to meet to
comply with the requirements for use of a unique employer
identifier in
electronic transactions.
We proposed to add a new part to title 45 of the Code
of Federal
Regulations (63 FR 32784) for health plans, health care
providers, and
health care clearinghouses in general. The new part
would have been
part 142 of title 45 and would have been titled Administrative
Requirements. Subpart F would have contained provisions
specific to the
employer identifier. In this final rule, we have codified
these
provisions in Part 162.
The proposed rule for the employer identifier (63 FR
32784)
discussed applicability of HIPAA to all health plans,
all health care
clearinghouses, and those health care providers that
transmit any
health information in electronic form in connection
with transactions
referred to in section 1173(a)(1) of the Act.
The Transactions Rule (65 FR 50312) contains general
requirements
for administrative simplification, including applicability
of the
regulations, general effective dates, and definitions.
We refer the
reader to that rule for the discussion of comments and
responses and
for the actual regulations that were codified in the
Code of Federal
Regulations for the general requirements (45 CFR part
160 Subpart A,
and 45 CFR part 162 Subparts A and I). In addition,
some provisions in
part 160 were further revised by the Privacy Rule published
on December
28, 2000 (65 FR 82462).
A. Definitions
We proposed to define ``employer'' as 26 U.S.C. 3401(d)
does: a
person (or an entity) for whom an individual performs
or performed any
service, of any nature, as the employee of that person
(or that entity)
except for the following:
(1) If the entity for whom the individual performs or
performed the
services does not have control of the payment of the
wages for the
services, the term ``employer'' means the entity having
control of the
payment of the wages.
(2) If the entity pays wages on behalf of a nonresident
alien
individual, foreign partnership, or foreign corporation,
not engaged in
trade or business within the United States, the term
``employer'' means
that entity.
We did not receive any comments on our definition of
``employer.''
We note here that our proposed definition incorrectly
omitted a
reference to 26 U.S.C. 3401(a) of the Internal Revenue
Code that is
part of the definition at 26 U.S.C. 3401(d) of the Internal
Revenue
Code. We clarify in this rule that our definition of
``employer'' is as
it appears in 26 U.S.C. 3401(d). We also note that the
use of the term
``individual'' in the definition at 26 U.S.C. 3401(d)
is not the same
as in the final Privacy Rule. In the Privacy Rule, the
word
``individual'' means a person who is the subject of
protected health
information. In the definition of employer, the word
``individual''
means a person who is an employee.
The EIN is defined in 26 CFR 301.7701-12. We proposed
to define
``Employer identification number'' (EIN) as 26 CFR 301.7701-12
does:
``the taxpayer identifying number of an individual or
other person
(whether or not an employer) which is assigned pursuant
to 26 U.S.C.
6011(b) or corresponding provisions of prior law, or
pursuant to 26
U.S.C. 6109, and in which nine digits are separated
by a hyphen, as
follows: 00-0000000.''
In this final rule, we deleted the formatting description
from our
definition of EIN. We continue to define EIN as the
employer
identification number, as assigned by the IRS.
[[Page 38011]]
Deletion of the formatting description from our regulatory
definition
gives us flexibility, in case the IRS should decide
in the future to
change the format of the EIN.
B. Employer Identifier Standard
We proposed that Sec. 142.602, National employer identifier
standard, would describe the employer identifier standard.
There
currently exists no standard for employer identification
that has been
developed, adopted, or modified by a standard setting
organization
after consultation with the National Uniform Billing
Committee (NUBC),
the National Uniform Claim Committee (NUCC), the Workgroup
for
Electronic Data Interchange (WEDI), and the American
Dental Association
(ADA). Therefore, we would designate a new standard.
We proposed as the standard the employer identification
number
(EIN), which is assigned by the Internal Revenue Service
(IRS),
Department of the Treasury. As stated in II. Provisions
of the Proposed
Regulations, A. Definitions, we define EIN as the employer
identification number assigned by the IRS, and we delete
the formatting
description in our definition.
Proposed Sec. 142.602 has become Sec. 162.605.
C. Requirements
In the proposed rule (63 FR 32787), we noted that
the Act does not
bind employers to use the standard. However, covered
health care
providers, health plans, and health care clearinghouses
are bound to
use the standard, where required, in electronic health
transactions.
1. Health plans.
In Sec. 142.604, Requirements: Health plans, we proposed
to require
health plans to accept the EIN on all standard transactions
and
transmit the EIN on all standard transactions that require
an employer
identifier to identify a person or entity as an employer.
2. Health care clearinghouses.
We proposed to require in Sec. 142.606, Requirements:
Health care
clearinghouses, that each health care clearinghouse
use the EIN on all
standard transactions that require an employer identifier
to identify a
person or entity as an employer.
3. Health care providers.
In Sec. 142.608, Requirements: Health care providers,
we proposed
to require each health care provider to use the EIN,
wherever required,
on all standard transactions that require an employer
identifier to
identify a person or entity as an employer.
4. Employers.
In Sec. 142.610, Requirements: Employers, we proposed
to require
each employer to disclose its EIN, when requested, to
any entity that
conducts standard electronic transactions that require
that employer's
identifier to identify a person or entity as an employer.
Proposed Secs. 142.604, 142.606, and 142.608 have been
consolidated
into Sec. 162.610, and proposed Sec. 142.610 has been
removed in this
final rule.
D. Effective Dates and Compliance Dates of the Employer
Identifier
We proposed that health plans would be required to
comply with our
requirements as follows:
Each health plan that is not a small health plan would
have to comply with the requirements of Sec. 142.604,
now consolidated
into Sec. 162.610, no later than 24 months after the
effective date of
the final rule. (Note, proposed Sec. 142.104, General
requirements for
health plans, is addressed in the final Transactions
Rule (65 FR
50369).)
Each small health plan would have to comply with the
requirements of Sec. 142.604, now consolidated into
Sec. 162.610, no
later than 36 months after the effective date of the
final rule. (Note,
proposed Sec. 142.104, General requirements for health
plans, is
addressed in the final Transactions Rule (65 FR 50369).)
If the Secretary adopts a modification to a standard
or
implementation specification, the implementation date
of the
modification would be no earlier than the 180th day
following the
adoption of the modification. The Secretary would determine
the actual
date, taking into account the time needed to comply
due to the nature
and extent of the modification. The Secretary would
be able to extend
the time for compliance for small health plans.
We proposed that health care clearinghouses and health
care providers must begin using the standard specified
in Sec. 142.602,
now Sec. 162.605, no later than 24 months after the
effective date of
the final rule.
III. Comments and Responses Concerning the Proposed
Provisions
All general comments on applicability of the HIPAA
standards were
addressed in the Transactions Rule. These comments will
not be repeated
here.
There were 61 commenters on the proposed rule. These
commenters
included Federal and State government agencies, private
organizations
(including health plans and health care provider professional
organizations), and individuals.
A. Employer Identifier Standard
Comment: Two commenters said there should be no regulation
as to
the use or non-use of the hyphen as part of the format
for the EIN.
Eight commenters stated the hyphen should be omitted
when transmitting
standard transactions. One commenter said it should
be omitted on
standard transactions but used in human-readable formats.
One commenter
stated that the use of a modifier would be beneficial
for identifying
specific State agencies under a single EIN; another
commenter
recommended that the EIN not be used with a modifier.
A few commenters
recommended a check digit be used with the EIN; a larger
number of
commenters recommended a check digit not be used.
Response: The hyphen is part of the EIN, as it is defined
at 26 CFR
301.7701-12 and assigned by the IRS. The standard transaction
formats
use alphanumeric fields for the EIN. These fields can
accommodate the
EIN with or without the hyphen. The implementation guides
for the
standard transactions are silent on whether the hyphen
must be
transmitted. Most translator software can easily add
the hyphen to or
remove it from the EIN field within standard transactions.
In spite of
the flexibility of the standard transaction formats
and the capability
of translators to handle EINs with and without the hyphen,
we believe
that we should require standardization of the identifier
format within
the standard transactions, in order to promote simplification
and
savings. We further believe that it would be confusing
to adopt the EIN
as the standard unique employer identifier, but then
to direct that the
adopted standard be modified, by removing the hyphen,
before use in
standard transactions. It would be equally confusing
to adopt ``the EIN
minus the hyphen'' as the standard, because this identifier
would still
be referred to informally as the EIN, and it would not
be clear when
the hyphen is needed and when it is not. We believe
it is advantageous
to adopt the EIN exactly as assigned by the IRS. This
strategy is
clearer and more flexible, should the IRS, at some time
in the future,
modify its defined format of the EIN for any reason.
We therefore
require that the EIN as assigned by the IRS be used
in the standard
transactions, which means at present that the hyphen
must be
transmitted as part of the EIN.
The EIN was selected as a cost-effective choice for
the standard
employer identifier because the IRS is already issuing
it and employers
already have this identifier. The IRS has no
[[Page 38012]]
project initiated at this time to modify the format
of the EIN or to
add a check digit to the EIN.
The presence of a check digit can help in detection
of keying
errors made in data entry of a number. We could have
specified a check
digit to be used with the IRS-issued EIN. However, we
believe that in
many cases where the EIN is used in standard transactions,
it will be
on file electronically and will not need to be inserted
through data
entry. Therefore, the benefits of a check digit would
be modest.
Modification of the IRS-issued identifier by addition
of modifiers
or a check digit for use in health care transactions
would require
costly additional processes and would negate the benefits
of using the
existing IRS infrastructure; therefore, we do not add
modifiers or a
check digit to the IRS format.
Comment: Several commenters thought that the EIN was
proposed to
identify health care providers. Some stated that the
EIN was not
specific enough to uniquely identify health care providers.
Others
expressed privacy concerns if the EIN were used to identify
health care
providers.
Response: The same entity may have multiple roles in
health care
transactions. On May 7, 1998, we proposed that the National
Provider
Identifier, not the EIN, be adopted to uniquely identify
health care
providers (63 FR 25320). The EIN will be used to identify
an entity in
the employer role. For example, a hospital may be both
an employer and
a health care provider. The hospital would use its EIN
to identify
itself when conducting transactions in an employer role,
for example,
making premium payments on behalf of its employees.
When making claims
for health care services furnished, it would use its
National Provider
Identifier.
Comment: Several commenters thought that the EIN was
proposed to
identify the patient's health plan or insurance coverage.
One commenter
stated one identifier should be used for both payer
and employer. One
commenter stated it would be confusing to use a different
identifier
for employee welfare benefit plans and employers, since
such plans are
sponsored by employers.
Response: The EIN will be used to identify an entity
acting in the
employer role in standard transactions. It will not
identify the
patient's health plan or insurance coverage. It will
not replace the
group number, account number, policy number, or subscriber
number.
Although it is true that the employee welfare benefit
plans are often
sponsored by employers, the EIN will be used to identify
only the
employer, not the health plan. In a future proposed
rule, HHS intends
to propose a health plan identifier to identify health
plans. Employee
welfare benefit plans would be identified by a health
plan identifier.
Comment: Several commenters supported the choice of
the EIN. Two
commenters stated the EIN did not meet the 10 criteria
established for
selection of a standard under the Act.
Response: Of the two commenters stating that the EIN
did not meet
the criteria (see 65 FR 50351-50352 for the list of
criteria), one
commenter was not specific about how the EIN did not
meet the criteria.
The second commenter incorrectly believed that the EIN
was being
proposed to identify the insurance coverage of a patient
rather than to
identify an employer in standard transactions.
B. Requirements
Comment: One commenter stated that we should clarify
the meaning of
the terms ``required'' and ``situational.'' Many commenters
stated that
the usage of the EIN of the employer in health care
transactions was
unclear and requested clarification, i.e., whether the
EIN was
required, situational, etc. One commenter said the EIN
of the employer
should be a situational data element on all electronic
data interchange
(EDI) transactions. Several commenters stated that the
EIN should be
required only on transactions exchanged between an employer
and a
health plan. Several commenters said they needed clarification
on which
transactions would use the EIN.
Response: As used with respect to a data element in
a standard
transaction, the word ``required'' means that the data
element is
required according to the standard implementation guide
for that
transaction. The word ``situational'' means that the
data element or
choice of a specific code value is required if the data
condition
described in the standard implementation guide occurs.
For purposes of
this rule, if use of the employer identifier is situational
and the
data condition occurs, the EIN is considered to be required.
The X12N Version 4010 transaction implementation guides
are the
authority for specific information on the use of the
EIN to identify
the employer in X12N transactions. The following summarizes
use of the
EIN to identify the employer in X12N transactions:
X12N 270/271 Eligibility for a Health Plan--Situational
(Used to identify the employer as the source of eligibility
information
when the employer maintains that information.) (Note:
Although the
implementation guide does support the use by employers,
and the
information receiver can be identified specifically
as an employer,
employer participation in this transaction is not a
HIPAA business
purpose.)
X12N 276/277 Health Care Claims Status--Situational
(Used
to identify the employer in worker's compensation claims.
This usage
covers situations where the employer is considered the
subscriber for a
patient when the claim is a result of a work-related
injury or illness.
In this circumstance, the health care provider and health
plan are
using the standard named in the final Transactions Rule
although this
is not required by the Final Rule because one or both
are not covered
entities or this is a business purpose not covered under
the final
Transactions Rule. In most cases, the health care provider
will already
know the EIN because it will have a relationship with
the employer for
worker's compensation cases or because provision of
the EIN is required
by local, State, or other regulation.)
X12N 820 Health Plan Premium Payments--Situational (Used
to identify an entity who is an employer as the remitter
of the premium
or as the entity to which the premium payment applies.)
X12N 834 Enrollment and Disenrollment in a Health Plan--
Required (when used to identify the sponsor of the health
plan when the
sponsor is an employer.) Situational (when used to identify
the
employer of a person covered under a health plan when
that employer is
not the sponsor. The non-sponsor employer is identified
only when the
contract between the sponsor and the health plan requires
that the
sponsor report this information.)
An employer identifier is not used to identify an entity
as an
employer in the following X12N standard transactions:
X12N 278 Referral Certification and Authorization
X12N 835 Health Care Payment and Remittance Advice
X12N 837 Health Care Claims or Equivalent Encounter
Information-- Dental
X12N 837 Health Care Claims or Equivalent Encounter
Information--Professional
X12N 837 Health Care Claims or Equivalent Encounter
Information--Institutional
The EIN of the employer is optional in the NCPDP retail
pharmacy
transactions. The implementation guides for the NCPDP
transaction
standards are the authorities for specific information
on the use of
the EIN of the
[[Page 38013]]
employer in the NCPDP standard transactions.
Comment: Many commenters expressed concern that health
care
providers would be required to report the EIN of the
patient's or
subscriber's employer on standard transactions. They
requested more
specific data related to the costs to health care providers
of
reporting these EINs. They noted that health care providers
do not
routinely obtain and patients do not generally know
these EINs. Some
commenters noted that, with the exception of the X12N
834 enrollment
transaction, the X12N implementation guides specify
the employer
identifier is situational in all occurrences. Health
care providers are
not a party to the X12N 834 and thus would not be required
to report a
patient's employer's EIN. Many commenters therefore
recommended that
all references to the use of employer identifiers by
health care
providers be deleted from the regulation. One commenter
noted that
third party administrators sometimes require health
care providers to
report the employer on eligibility transactions, and
that
subcontracting health care providers in Provider Sponsored
Organizations sometimes direct eligibility transactions
to the
employer. Some commenters stated that if health care
providers were
required to report or use the EIN of the patient's employer,
health
insurance cards should carry this EIN; otherwise, health
cards should
not carry the EIN.
Response: Health care providers do not conduct the X12N
834
enrollment transaction, the only standard transaction
where the
employer identifier is required. In all standard transactions
that a
health care provider might conduct, the employer identifier
is either
not a permitted value or is one of a choice of alternate
values. In the
situations where the employer identifier may be used
in a standard
transaction used by covered entities under HIPAA, the
employer
identifier is used only if the party being identified
is an employer
and its identifier has been given to the health care
provider as the
electronic transaction identifier for the employer as
an information
source in an eligibility transaction. The standard transaction
for
eligibility inquiry and response does not contain data
elements for
identifying the subscriber's employer. We expect that
health care
providers will be able to obtain the EIN from the employer,
as is the
current practice, for the limited cases when an EIN
is needed in
covered standard transactions initiated by the health
care provider.
Comment: Some commenters stated that employers may not
want to
disclose their EINs and requested that the final rule
explicitly state
the penalties for an employer that does not disclose
its EIN. Some were
concerned that the EIN may not be accessible to parties
needing the EIN
for health care transactions. One commenter said that
because of
administrative costs, employers will not want to provide
their EINs.
Another commenter stated that employers would be so
overwhelmed by
requests for their EINs that they would place them on
everything to
limit staff time required for answering these requests.
Response: These concerns were generated because commenters
incorrectly thought that EINs would be required in transactions
initiated by health care providers or others who would
not know the
EIN. Although identification of the subscriber's employer
was part of
the data content of the institutional health care claim
transaction in
the proposed Transactions Rule, that data element was
removed from the
institutional health care claim transaction that was
adopted by the
final Transactions Rule. In fact, the EIN will be used,
for the most
part, in transactions initiated by the employer itself.
The EIN is
required for the enrollment in a health plan standard
transaction,
which is usually initiated by employers (which are not
covered
entities). In other transactions, such as the eligibility
for a health
plan transaction, the employer identifier only occurs
in conjunction
with the use of the standard transaction between one
or more
organizations who are noncovered entities under HIPAA,
or as one of the
possible choices of identifiers for the employer. In
the eligibility
for a health plan transaction, the employer identifier
can be used as
one of the permitted identifiers for the employer as
the source or
receiver of eligibility information. Thus, when a health
care provider
is initiating the eligibility for a health plan transaction
to an
employer, in the process of determining the proper electronic
routing
identifiers and other electronic identifiers, the health
care provider
has the opportunity to obtain an EIN if required by
the employer as its
electronic routing or other electronic identifier. We
believe that use
of the EIN will not generally create compliance problems
for covered
entities.
We had proposed to require each employer to disclose
its EIN, upon
request, to any covered entity that needed to use that
employer's EIN
in a standard transaction. This requirement is not adopted
in this
final rule because employers are not covered entities
under the
Administrative Simplification provisions of HIPAA. However,
we believe
that employers will have a strong incentive to continue
the common
business practice of providing their EINs voluntarily
in those rare
cases where it is not already known in order to maintain
or improve the
efficiency of administrative processes.
Comment: Many commenters thought that the EIN of the
patient's
employer or of the patient would be required in health
care claim and
encounter transactions. These commenters stated that
use of the EIN in
these transactions is an invasion of privacy, both personal
and
medical. Several commenters stated that implementation
of a national
standard employer identifier will permit unwarranted
Federal monitoring
of patient care and linking of medical records through
employers. They
stated that the possibility of Federal monitoring and
linking of
medical records will create barriers of distrust between
doctors and
patients and between employers and employees. They stated
use of the
EIN will eventually lead to a numbering system on citizens
that will
make it easier to track citizens from one employer to
another, build
citizen profiles, or discriminate against citizens based
upon health
status. One commenter thought that the use of the EIN
would result in
the collection of centralized medical records and had
potential for
abuse. Several commenters stated this regulation was
an improper role
of government. Several commenters said they would like
to shelve the
proposed rule, while others said there should be a nationally
publicized hearing or that the use of the EIN should
go to a public
vote and not be decided by the government. Several commenters
were
concerned about the security of medical records stored
in central
computer locations. One commenter supported a ``Patients'
Bill of
Rights'' with enforcement through the court systems.
One commenter
requested clarification of penalties for patients who
refuse to give
the names or EINs of their employers. One commenter
said that States
should not be required to give employers access to benefit
information.
This commenter stated this would be unacceptable, based
on
confidentiality and administrative burden.
Response: Many commenters misunderstood the proposed
application of
the employer identifier. The inclusion of the employer
identifier is
optional in the NCPDP retail pharmacy claim. The employer
identifier is
not used at all to identify an entity as an employer
in the X12N
standard health care claim or equivalent encounter information
transactions. It is used
[[Page 38014]]
primarily to identify employers that are sending or
receiving
transactions for enrollment in a health plan or payment
of premiums.
Those transactions do not carry information about the
treatment of
individuals. We do not believe the employer identifier
will facilitate
federal monitoring of patient care, collection of central
medical
records, or tracking of citizens. We do not believe
it will lead to
barriers of distrust between doctors and patients, or
between employers
and employees. HHS proposed standards for security of
health
information, including medical records, in a proposed
rule (63 FR
43242) published on August 12, 1998. HHS also adopted
standards for
privacy of individually identifiable health information
in the Privacy
Rule (65 FR 82462) published December 28, 2000. We do
not require
patients to give the EIN of their employers to anyone
or require States
to give employers access to benefit information.
Comment: One commenter recommended the revision of Secs.
142.604
and 142.608 as follows: ``Each health plan/health care
provider must
accept and transmit the national employer identifier
of any employer
that must be identified in any standard transaction.''
One commenter
stated that Sec. 142.606 should be deleted since clearinghouses
do not
collect, validate, or supply data elements to the transaction.
Response: We agree that Secs. 142.604 and 142.608 should
be revised
for clarity. We do not agree that Sec. 142.606 should
be deleted
because health care clearinghouses are covered entities
and are
required to use the standards, but we made a similar
revision as that
made to Secs. 142.604 and 142.608. These revisions are
reflected in
Sec. 162.610.
C. Implementation Concerns
Comment: One commenter recommended HHS notify employers
of this
proposal for national use of EINs.
Response: Employers are not covered entities, and this
rule places
no requirements upon them. In many cases, employers
already use the EIN
to identify themselves in standard transactions. Use
of the EIN by
employers in standard transactions will continue to
be voluntary. While
employers are not covered entities under this rule,
health plans are
free, as part of their business arrangements with employers,
to require
employers to use the standard transactions and to provide
their EINs
for this purpose. We have provided public notice of
this proposal by
publication of the proposed rule in the Federal Register
on June 16,
1998 (63 FR 32784) and by publication of this final
rule in the Federal
Register.
Comment: Several commenters requested clarification
of the employer
enumeration process and how information in the employer
identifier
system would be maintained. They also stated that timely
and accurate
updates to this system are critical to accurate public
health data
collection efforts. One commenter wanted confirmation
that the plans
for authenticating prior to the IRS's issuance of an
EIN would remain
the same as today. It was suggested that one or more
centers be
established to answer questions about the employer identifier
and
redirect questions to the IRS or other Departments.
Response: The IRS maintains the EIN enumeration system
and
database, and makes information on the EIN available
through its web
site at http://www.irs.ustreas.gov/. The IRS authentication,
enumeration and update processes and the IRS enumeration
system will
not be changed as a result of this regulation. The IRS
answers
questions about the EIN through its web site. HHS answers
questions
about the Administrative Simplification regulations
through its web
site at http://aspe.hhs.gov/admnsimp.
Comment: One commenter asked whether the EIN is always
the same as
the taxpayer identifying number.
Response: The taxpayer identifying number may be an
EIN, a Social
Security Number, or an IRS individual taxpayer identification
number.
The IRS, at 26 CFR 301.7701-12, defines the Employer
Identification
Number as ``the taxpayer identifying number of an individual
or other
person (whether or not an employer) which is assigned
pursuant to
section 6011(b) or corresponding provisions of prior
law, or pursuant
to section 6109, and in which nine digits are separated
by a hyphen, as
follows: 00-0000000.''
Comment: A commenter wanted to know the IRS policy on
reusing an
EIN.
Response: Currently, the IRS does not reuse EINs; that
is, it does
not assign a previously used EIN to a new applicant
for an EIN. IRS
Publication Number 1635, ``Understanding Your EIN, Employer
Identification Numbers,'' includes information on business
and
corporate changes that would allow continued use of
an organization's
EIN or would require issuance of a new EIN. This publication
can be
ordered by calling (800) 829-3676 or can be downloaded
from the IRS web
site at http://www.irs.ustreas.gov/plain/bus_info/pub1635.html.
Comment: Several commenters recommended the use of an
online EIN
database and suggested an IRS directory be established.
Several
commenters recommended use of a standards-based directory
schema.
Another stated it would be necessary to have a directory
only if
transactions other than the X12N 834 Health Care Benefit
Enrollment
were to require use of the EIN. This commenter stated
the X12N 834
transaction would not require a directory since it is
initiated by
employers.
Response: For the most part, the EIN will be used in
HIPAA
transactions initiated by the employer. The employer
will know its own
EIN; therefore, an on-line public directory will not
be necessary. In
the few cases where a standard transaction that requires
an employer's
identifier is initiated by an entity other than the
employer, we expect
that the entity will obtain the EIN from the employer,
as is the
current practice.
Comment: A concern was raised by one commenter about
the length of
time it would take to receive an EIN and how both Medicare
and Medicaid
claims would be paid if the employer did not have an
EIN. One commenter
said that the proposed rule makes electronic transmissions
impossible
for any employer that lacks an EIN or refuses to disclose
its EIN. Two
commenters suggested that the IRS determine those employers
that do not
already have EINs and that HHS require those named by
the IRS to obtain
EINs. Another commenter suggested that instructions
be made available
on what to do if an employer does not have an EIN. One
commenter stated
that employers utilizing Social Security Numbers for
tax reporting
purposes should be required to apply for EINs.
Response: Many of these concerns were based on an incorrect
belief
that the patient's employer's EIN would be required
in standard claim
transactions. Actually, the patient's employer's EIN
is not included in
the X12N standard claim transactions and is optional
in the NCPDP
retail pharmacy claim. We know of no situation where
an employer
identifier would be required in a standard transaction
and the employer
would not have an EIN. The employer identifier is used
in standard
transactions to identify the employer of employees who
are subjects in
the transaction. Any business that pays wages to one
or more employees
is required to have an EIN as its taxpayer identifying
number. A sole
proprietor who has no employees or who files no excise
or pension tax
return is the only business person who is not required
to obtain an
EIN; a sole proprietor with no employees would not need
to be
identified as an employer in standard transactions.
The IRS
publication,
[[Page 38015]]
``Understanding Your EIN, Employer Identification Numbers,''
Publication 1635, states that the IRS generally assigns
an EIN within
4-5 weeks of receiving an application by mail or assigns
an EIN
immediately via the tele-TIN telephone process. For
the telephone
number in each state, see the ``Where to Apply'' section
in Publication
1635. Publication 1635 can be downloaded from the IRS
web site at
http://www.irs.ustreas.gov/plain/bus_info/pub1635.html
or can be
ordered by calling (800) 829-3676.
Comment: One Medicaid State agency requested clarification
on
whether Medicaid State agencies would use the EIN when
making health
plan premium payments or when making capitation payments
to managed
care plans. Other commenters had concerns of how health
plan sponsors
that are not employers would be identified in standard
transactions.
One commenter requested that the description on how
to obtain an EIN
(63 FR 32793) be expanded to include those non-employer
entities that
will need an identifier for HIPAA transactions.
Response: HIPAA requires that the Secretary adopt a
standard unique
health identifier for each individual, employer, health
plan, and
health care provider for use in the health care system.
If the Medicaid
State agency is making premium payments or capitation
payments as an
employer on behalf of its own employees, it would use
its EIN. The law
does not provide for adoption of a standard identifier
for health plan
sponsors that are not employers but that may enroll
or make premium
payments on behalf of other persons. We recognize that
in some
situations, the EIN is used to identify health plan
sponsors that are
not employers. This practice will not be affected by
this final rule.
Comment: One commenter asked how foreign employers would
be
identified in standard transactions.
Response: Foreign employers are treated the same as
all other
employers under this rule. In this rule, we have intentionally
adopted
a definition of ``employer'' that is identical to the
definition used
by the Internal Revenue Service in 26 U.S.C. 3401(d).
This definition
covers foreign employers who pay wages to employees
for whom tax
withholding is required by the IRS. For purposes of
this rule, it is
important that any employer that enrolls or disenrolls
employees in a
health plan or that makes premium payments on behalf
of employees to a
health plan be able to be identified by the standard
employer
identifier. Since any business that pays wages to one
or more employees
is required to obtain an EIN as its taxpayer identifying
number, we
know of no employer that would not be able to be identified
by an EIN
when enrolling or disenrolling employees in a health
plan or making
premium payments on behalf of employees to a health
plan.
Comment: In the proposed rule (63 FR 32793) we noted
that some
employer organizations have more than one EIN. We asked
for comment on
whether one EIN should be used consistently in health
care
transactions. One commenter noted that in some cases
employer
organizations with multiple EINs may be doing business
with multiple
health plans and using a different EIN with each plan,
resulting in
coordination of benefits problems. Several commenters
recommended that
specific guidelines be defined for using a single EIN
across the board
in health-related transactions. Several commenters stated
that the use
of multiple EINs would not be a problem. Several commenters
made
suggestions on which EIN should be designated for use
in health care
transactions, for example, the one that appears on the
IRS Form W-2,
Wage and Tax Statement, of the employee that is a subject
of the
transaction, the one that identifies the employee's
employment address,
or the one with the lowest numeric value. Some commenters
noted that
the intended purpose of the employer identifier is to
identify the
employer and that the employer should decide which EIN
to use. Several
commenters suggested that an IRS publication include
information on IRS
protocols for multiple EINs. Two commenters requested
information about
the IRS maintenance of EINs when corporate changes such
as mergers
occur.
Response: When a business entity is a consolidated group
consisting
of several corporations, each corporation may be separately
identified
for certain Federal tax reporting purposes, and may
have its own EIN.
The consolidated group may also have an EIN, under which
it files a
consolidated income tax return. For any relationship
of an employer to
an employee of that employer, only one unique EIN designates
the
employer. The standard unique employer identifier of
an employer of a
particular employee is the EIN that appears on that
employee's IRS Form
W-2, Wage and Tax Statement, from the employer.
The IRS regulations at 26 CFR 301.7701 contain definitions
of
entities that may be identified for Federal tax purposes.
The
instructions accompanying IRS Form SS-4, ``Application
for Employer
Identification Number,'' detail the kinds of entities
that must have
EINs and the situations that require an entity to obtain
a new EIN. IRS
publication 1635, ``Understanding Your EIN, Employer
Identification
Numbers,'' gives further information on business or
corporate changes
that do and do not require an entity to obtain a new
EIN. IRS
publications can be downloaded from the IRS web site
at http://
www.irs.ustreas.gov/plain/forms_pubs/index.html or ordered
by calling
(800) 829-3676.
Comment: One commenter was concerned about possibly
conflicting
Federal and State regulations for use of the EIN.
Response: This commenter did not note any particular
conflicts in
use of the EIN and we are not aware of any conflicts.
Section 1178 of
the Act discusses the effect of the Administrative Simplification
provisions on State law. The general rule is that the
standards adopted
under the Act supersede any contrary provision of State
law. For a more
detailed discussion of the statutory preemption provisions
and the
regulatory implementation of those provisions, see 65
FR 82480 through
82481 and 65 FR 82579 through 82588.
D. Approved Uses
Comment: One commenter stated that the regulations
should not
require the EIN on ``past'' health information. Another
commenter
expressed concern over the lack of guidelines and controls
in
dissemination and use of EINs for health care purposes.
These
commenters said that the regulation should clearly define
the approved
uses and cross-refer to penalties for misuse.
Response: This regulation does not require use of the
EIN in
transactions conducted before the compliance date. HHS
intends to
publish a proposed rule concerning enforcement of the
HIPAA standards.
Civil penalties for failure to comply with requirements
and standards
are covered in Section 1176 of the Act. Criminal penalties
for misuse
of an employer identifier are covered in Section 1177
of the Act.
Comment: One commenter questioned if the EIN would replace
the
United Business Identifier used in non-health transactions.
Another
asked if the EIN would replace other employer identifiers,
or be used
in addition to them.
Response: This rule does not address non-health care
transactions.
We cannot speak to the issue of what will happen in
such transactions.
The EIN is the only employer identifier in standard
transactions.
[[Page 38016]]
Comment: Some commenters were concerned that employers
would not
want to use their EINs because of privacy issues. One
commenter stated
that effective security and confidentiality measures
should protect the
EIN. Three commenters stated that health data organizations
and public
policy researchers should have access to the EIN for
public health
surveillance. They wanted this access to be clarified.
Response: The confidentiality of the EIN is protected
under the
Internal Revenue Code. Section 26 U.S.C. Sec. 6103 provides
that,
generally, taxpayer return information, including taxpayer
identity
(which includes a taxpayer identifying number), must
be kept
confidential and may not be disclosed by, among others,
federal
officers or employees, except as permitted by Title
26.
In this rule we make no changes to the existing access
that health
data organizations and public policy researchers have
to the EIN.
Health data organizations and researchers desiring access
to data from
a Federal system of records that contains the EIN should
address their
requests to the Freedom of Information Act official
in the agency
responsible for the system.
E. The Specific Impact of the Employer Identifier
Comment: One commenter stated that the cost to implement
the EIN
would add to premiums paid by individuals and their
families. Several
commenters said the expense and resources to implement
this identifier
are greater than estimated. One commenter stated that
more specific
data related to the exact costs to health care providers
should be made
available for public comment prior to publication of
the final rule.
Response: Those concerned with the cost of the identifier
consisted
primarily of commenters that incorrectly thought that
health care
providers would be required to use the EIN on health
care claims. As
noted in our previous responses, the EIN will be used
primarily by
employers on transactions they initiate; therefore,
we do not expect
the costs to be higher than those estimated in the proposed
rule. When
the employer identifier is used in standard transactions
initiated by
entities other than the employer, we expect that these
entities will
obtain the EIN from the employer, as is the current
practice.
IV. Provisions of Final Rule
We are implementing the employer identifier standard,
which we now
refer to as the standard unique employer identifier,
as we proposed in
the proposed rule, incorporating minor revisions. Any
revisions are
noted in Section VI (Summary of Changes to the Proposed
Rule).
V. Implementation of the Standard Unique Employer Identifier
A. Obtaining an EIN
The Internal Revenue Service (IRS) maintains the process
for
assigning EINs. A business can obtain an EIN by submitting,
to the
Internal Revenue Service, Internal Revenue Service Form
SS-4,
Application for Employer Identification Number. Any
business that is
required to furnish a taxpayer identification number
(generally one
that pays wages to one or more employees) must use an
EIN as its
taxpayer identifying number. (26 CFR 301.6109-1(a)(1)(ii)(C)).
A sole
proprietor who has no employees or who files no excise
or pension tax
returns is the only business person who does not need
to have an EIN as
the taxpayer identifying number. We know of no situations
where an
employer having employees would not be able to obtain
an EIN. The EIN
is currently the employer identifier in most widespread
use in the
enrollment and disenrollment in a health plan, the eligibility
for a
health plan, and the health plan premium payment transactions.
Employers are not required by the Act to use the EIN
or conduct
standard transactions. However, we believe that many
employers will
find that it will be to their advantage to do so.
B. Approved Uses
The IRS, in a letter to us dated January 16, 1998,
stated that
``the use of the EIN as a unique identifying number
in all health care
transactions would not present a problem for the (Internal
Revenue)
Service in any way.'' The IRS further expressed the
``hope that the use
of the EIN in this capacity will bring about the consistency
and
accuracy that are required for these types of transactions.''
Two years
after adoption of this standard (3 years for small health
plans)
covered entities must use the EIN as the employer identifier
in the
health-related financial and administrative transactions
for which
standards have been adopted by the Secretary under 45
CFR Subchapter C
that require an employer identifier. We note that employers
that are
not health plans, health care clearinghouses, or health
care providers
are not bound by the Act, and use of the EIN by employers
to identify
themselves in the employer role is voluntary.
Examples of approved uses in standard health care transactions
are
the following:
Employers could use their EINs to identify themselves
in
transactions making health plan premium payments to
health plans on
behalf of their employees.
Employers could use the EIN to identify themselves or
other employers as the source or receiver of information
about
eligibility.
Employers could use their EINs to identify themselves
in
transactions to enroll or disenroll their employees
in a health plan.
VI. Summary of Changes to the Proposed Rule
We changed the title of this regulation from National
Standard
Employer Identifier to Standard Unique Employer Identifier
to
accurately reflect the requirement under the Act for
the Secretary to
adopt a standard unique health identifier for each employer
for use in
the health care system.
We deleted the formatting description from the definition
of EIN.
We continue to define EIN as the employer identification
number as
assigned by the IRS.
We clarified that our definition of employer is as it
appears in 26
U.S.C. 3401(d).
We removed the requirement for each employer to disclose
its EIN,
upon request, to covered entities that need to use that
employer's EIN
in standard transactions.
We consolidated the requirements for health care providers,
health
plans, and health care clearinghouses in Sec. 162.610.
VII. Collection of Information Requirements
Under the Paperwork Reduction Act of 1995 (PRA), agencies
are
required to provide a 30-day notice in the Federal Register
and solicit
public comment on a collection of information requirement
submitted to
the Office of Management and Budget (OMB) for review
and approval. In
order to fairly evaluate whether an information collection
should be
approved by OMB, section 3506(c)(2)(A) of the PRA requires
that we
solicit comment on the following issues:
Whether the information collection is necessary and
useful
to carry out the proper functions of the agency.
The accuracy of the agency's estimate of the information
collection burden.
The quality, utility, and clarity of the information
to be
collected.
Recommendations to minimize the information collection
burden on the
[[Page 38017]]
affected public, including automated collection techniques.
We are soliciting public comment on each of these issues
for the
following section of this document that contains information
collection
requirements.
Subpart F--Standard Unique Employer Identifier
Sec. 162.610 Requirements for covered entities
Discussion
While this standard would replace the use of multiple
identifiers,
resulting in a reduction of burden, the requirement
to use and disclose
information using this standard meets the definition
of an agency-
sponsored third-party disclosure under the Paperwork
Reduction Act of
1995 (PRA). However, the burden associated with the
routine or ongoing
use of this requirement is excluded under the definition
of ``burden''
at 5 CFR 1320.3(b)(2). Health care clearinghouses do
not normally
obtain or use the EIN except to reformat it as part
of translating one
transaction format to another. Adoption of the EIN does
not require any
changes to the way health care clearinghouses process
employer
identifiers. Thus, the cost of this regulation for health
care
clearinghouses is negligible.
As explained earlier in this document in section III.
Comments and
Responses Concerning the Proposed Provisions, health
care providers do
not conduct the only standard transaction in which the
employer
identifier is a required data element. In standard transactions
that
include the employer identifier and which may be conducted
by a health
care provider, the employer identifier use is situational.
In such
transactions, if the employer identifier is not known
by the health
care provider, the health care provider does not have
to furnish it.
The cost of this regulation for health care providers,
therefore, is
negligible.
The remaining burden associated with this requirement,
which is
subject to the PRA, is the initial one-time burden on
health plans and
covered health care providers to modify their current
computer systems.
In most cases where a health plan would need to use
an employer
identifier, the health plan would have received the
identifier on an
incoming transaction from the employer. We estimate
the one-time burden
over a 3-year period on the estimated 2.55 million health
plans to
modify their current computer systems software would
be 2 hours/$60 per
entity, for a total burden of 5.1 million hours/$153
million. The
maximum annual burden would be 5.1 million hours divided
by 3, or 1.7
million hours, and $153 million divided by 3, or $51
million. These
figures are based on the assumption that this and the
other burden
calculations associated with HIPAA, Title II systems
modifications, may
overlap. This average also takes into consideration
that: (1) this
standard may already be in use by several of the estimated
entities;
(2) modifications may be performed in an aggregate manner
during the
course of routine business and/or; (3) modifications
may be made by
contractors such as practice management vendors, in
a single effort for
a multitude of affected entities.
As required by section 3504(h) of the Paperwork Reduction
Act of
1995, we have submitted a copy of this document to the
Office of
Management and Budget (OMB) for its review of these
information
collection requirements.
Centers for Medicare & Medicaid Services, Office
of Information
Services, DCES, SSG, Attn: John Burke, Room N2-14-26,
7500 Security
Boulevard, Baltimore, MD 21244-1850; ATTN: CMS 0047-F
and
Office of Information and Regulatory Affairs, Office
of Management and
Budget, Room 10235, New Executive Office Building, Washington,
DC
20503, Attn: Brenda Aguilar, CMS Desk Officer
VIII. Final Impact Analysis of the Employer Identifier
We have examined the impacts of this rule as required
by Executive
Order 12866 (September 1993, Regulatory Planning and
Review), the
Regulatory Flexibility Act (RFA) (September 16, 1980,
Pub. L. 96-354),
section 1102(b) of the Social Security Act, the Unfunded
Mandates
Reform Act of 1995 (Pub. L. 104-4), and Executive Order
13132.
Executive Order 12866 directs agencies to assess all
costs and benefits
of available regulatory alternatives and, if regulation
is necessary,
to select regulatory approaches that maximize net benefits
(including
potential economic, environmental, public health and
safety effects,
distributive impacts, and equity). A regulatory impact
analysis (RIA)
must be prepared for major rules with economically significant
effects
($100 million or more in any 1 year). We estimate the
total maximum
annual costs for all health plans to modify their computer
systems
software to implement the employer identifier standard
to be $51
million per year, for 3 years. Therefore, we do not
believe that this
rule is a major rule under Executive Order 12866 or
5 U.S.C. 804(2).
Section 1102(b) of the Act requires us to prepare a
regulatory
impact analysis if a rule may have a significant impact
on the
operations of a substantial number of small rural hospitals.
This
analysis must conform to the provisions of section 604
of the RFA. For
purposes of section 1102(b) of the Act, we define a
small rural
hospital as a hospital that is located outside of a
Metropolitan
Statistical Area and has fewer than 100 beds. We have
determined that
this final rule will not have a significant impact on
the operations of
a substantial number of small rural hospitals.
We note that the costs and savings for the administrative
simplification standards were presented in the final
Transactions Rule
(65 FR 50350). Due to a lack of data that would permit
an analysis of
each individual standard, the Department chose to analyze
the impact of
all of the standards in total, with the exception of
the privacy
standards. As the effect of any one standard is affected
by the
implementation of other standards, it can be misleading
to discuss the
impact of one standard by itself. Therefore, we have
done an impact
analysis on the total effect of all the standards in
the final
Transactions Rule (65 FR 50350). This employer identifier
rule is
expected to represent a minor portion of the costs or
savings expected
from the administrative simplification standards, because
of the
voluntary nature of the use of this identifier by employers
and the
limited use of an employer identifier in standard transactions
conducted by covered entities.
A. Unfunded Mandates
This final rule has been reviewed in accordance with
the Unfunded
Mandates Reform Act of 1995 (UMRA) (2 U.S.C. 1501 et
seq.) and
Executive Order 12866. Section 202 of UMRA requires
that agencies
assess anticipated costs and benefits before issuing
any rule that may
result in expenditure in any 1 year by State, local,
or tribal
governments, in the aggregate, or by the private sector,
of $110
million. As discussed in the combined impact analysis
published at 65
FR 50350, HHS estimates that implementation of the administrative
simplification standards overall will require the expenditure
of more
than $110 million by the private sector. However, we
do not believe the
implementation of the employer identifier standard to
be a significant
regulatory action under UMRA.
B. Regulatory Flexibility Analysis
The Regulatory Flexibility Act (RFA) of 1980, Pub.
L. 96-354,
requires us to prepare a regulatory flexibility analysis
[[Page 38018]]
if the Secretary certifies that a regulation would
have a significant
economic impact on a substantial number of small entities.
On November
17, 2000, the Small Business Administration (SBA) published
a final
rule (65 FR 69432) changing the small business size
standards for the
health care industry. This SBA final rule became effective
December 18,
2000. The size standards that the SBA now uses are those
defined by the
North American Industry Classification System. Prior
to that, the SBA
used size standards as defined by the Standard Industrial
Codes. The
size standard is no longer a uniform $5 million in annual
revenues for
all components in the health care sector. Rather, the
size standard now
ranges from $6 million to $29 million. The regulatory
flexibility
analysis for the employer identifier is linked to the
aggregate
regulatory flexibility analysis for all the administrative
simplification standards that appeared in the final
Transactions Rule
published on August 17, 2000, which predated the SBA
change. It is
appropriate, for the purposes of this rule, to continue
to use the $5
million small business size standard that was in effect
at the time of
publication of the final Transactions Rule. Nonprofit
organizations are
considered small entities. Small government jurisdictions
with a
population of less than 50,000 people are also considered
small
entities. Individuals and States are not considered
small entities.
We do not believe that this regulation will have a significant
economic impact on a substantial number of small entities.
The EIN is
already one of the identifiers most frequently used
to identify the
employer in electronic health care transactions. Most
clearinghouses,
including small clearinghouses, already have the ability
to accept and
transmit the EIN when an employer identifier is required.
Many health
plans and health care providers already use the EIN
to identify the
employer in any transactions that require an employer
identifier. Their
current practice is to obtain the EIN from the employer,
if they are
the initiator of the transaction and they do not already
know the EIN.
We believe these entities will incur few conversion
costs as a result
of this regulation. There are few situations when an
employer
identifier is required in standard transactions initiated
by health
plans and no such situations for those initiated by
health care
providers. Converting from other employer identifiers
to the EIN
primarily involves the database administration task
of substituting one
record identifier for another in a limited number of
records, which is
not a costly activity. Therefore, we believe this regulation
will not
impose a significant economic impact on small health
plans or small
health care providers that convert their systems to
use the EIN to
identify the employer in those few situations. As stated
in the
Collection of Information Requirements section in this
rule, we
estimate the total maximum annual costs for all health
plans to modify
their computer systems software to be $51 million per
year, for 3
years. Employers are not bound by the Act to use the
standards;
therefore, any use of the EIN by employers will be voluntary.
Most of
the use of the employer identifier in transactions will
be voluntary
use by employers in transactions they initiate. Therefore,
we believe
this regulation will not impose a significant economic
impact on small
employers.
C. Executive Order 12866
In accordance with the provisions of Executive Order
12866, this
final rule was reviewed by the Office of Management
and Budget.
This portion of the impact analysis relates specifically
to the
standard that is the subject of this regulation--the
employer
identifier. This section describes specific impacts
that relate to the
employer identifier. As we indicated in the introduction
to this impact
analysis, however, we do not associate the specific
costs and savings
to the specific standards.
1. Affected Entities
a. Health Care Providers
In all standard transactions conducted by the health
care provider,
the employer identifier is not used or is situational.
The employer
identifier is used only if the data condition described
in the
implementation guide occurs. In the instances when an
EIN could be used
by a health care provider, the EIN is situationally
required only if
the entity being identified is an employer and the identifier
is known
to the health care provider. We expect health care providers
will
obtain the EIN from the employer in these limited cases.
However, if
the health care provider cannot obtain the EIN, then
the data condition
has not been met and its use is not required. There
are no situations
in which an employer identifier is required in a standard
transaction
initiated by a health care provider. Any negative impact
on health care
providers generally will be related to the initial implementation
period for health care providers that currently use
an identifier other
than the EIN to identify the employer in electronic
health
transactions. Those health care providers will incur
implementation
costs for converting systems from use of other employer
identifiers to
use of the EIN. Some health care providers will incur
those costs
directly and others will incur them in the form of fee
increases from
billing agents and health care clearinghouses.
b. Health Plans
Health plans that engage in electronic commerce will
have to modify
their systems to use the EIN if they do not currently
use the EIN to
identify the employer in standard electronic health
transactions that
require an employer identifier. In most cases, health
plans currently
obtain and use the EIN of the employer in those standard
transactions
that require an employer identifier. Health plans currently
using an
employer identifier other than the EIN will have a one-time
cost
impact. We estimate the total maximum cost for all health
plans to be
$51 million per year, over 3 years, to make these systems
modifications.
c. Health Care Clearinghouses
Health care clearinghouses will have to modify their
systems to use
the EIN if they do not curre |
