HIPAA Training,HIPAA regulations
HIPAA regulations home Visit the HIPAA Store for HIPAA Training Products FAQ Contact us  
         
Back        

Standards for Electronic Transactions and Code Sets

V. Collection of Information Requirements

Under the Paperwork Reduction Act of 1995 (PRA), agencies are required to provide a 30-day notice in the Federal Register and solicit public comment on a collection of information requirement submitted to the Office of Management and Budget (OMB) for review and approval. In order to fairly evaluate whether an information collection should be approved by OMB, section 3506(c)(2)(A) of the PRA requires that we solicit comment on the following issues:

  • Whether the information collection is necessary and useful to carry out the proper functions of the agency.
  • The accuracy of the agency's estimate of the information collection burden.
  • The quality, utility, and clarity of the information to be collected.
  • Recommendations to minimize the information collection burden on the affected public, including automated collection techniques.

We are soliciting public comment on each of these issues for the following sections of this document that contain information collection requirements:

In summary, each of the sections identified below require health care plans, and/or health care providers to use the standards referenced in this regulation for all electronically transmitted standard transactions that require it on and after the effective date given to it.

Subpart I - General Provisions for Transactions

§162.923 Requirements for covered entities.

§162.925 Additional requirements for health plans.

Discussion: As referenced in the proposed rule, the emerging and increasing use of health care EDI standards and transactions has raised the issue of the applicability of the PRA. As such, we solicited comment on whether a regulation that adopts an EDI standard used to exchange certain information constitutes an information collection is subject to the PRA. Public comments were presented which suggested that the use of an EDI standard is not an information collection and under the PRA. The Office of Management and Budget, however, has determined that this regulatory requirement (which mandates that the private sector disclose information and do so in a particular format) constitutes an agency sponsored third-party disclosure as defined under the Paperwork Reduction Act of 1995 (PRA).

HIPAA mandates the Secretary to adopt standards that have been developed, adopted, or modified by a standard setting organization, unless there is no such standard, or unless a different standard would substantially reduce administrative costs. OMB has concluded that the scope of its review under the PRA would be limited to the review and approval of this regulatory requirement, that is, the Secretary’s decision to adopt or reject an established industry standard, based on the HIPAA criterion of whether a different standard would substantially reduce administrative costs. For example, if OMB concluded under the PRA that a different standard would substantially reduce administrative costs as compared to an established industry standard, the Secretary would be required to reconsider its decision under the HIPAA standards. The Secretary would be required to make a new determination of whether it is appropriate to adopt an established industry standard or whether it should enter into negotiated rulemaking to develop an alternative standard (section 1172(c)(2)(A)).

The burden associated with these requirements, which is subject to the PRA, is the initial one-time burden on the entities identified above to modify their current computer system requirements. However, the burden associated with the routine or ongoing use of these requirements is exempt from the PRA as defined in 5 CFR 1320.3(b)(2).

Based on the assumption that the burden associated with HIPAA, Title II systems modifications may overlap and the HIPAA standards would replace the use of multiple standards, resulting in a reduction of burden, commenters should take into consideration when drafting comments that: 1) one or more of these standards may not be used; 2) some of the these standards may already be in use by several of the estimated entities; 3) systems modifications may be performed in an aggregate manner during the course of routine business and/or; 4) systems modifications may be made by contractors such as practice management vendors, in a single effort for a multitude of affected entities.

As required by section 3504(h) of the Paperwork Reduction Act of 1995, we have submitted a copy of this document to the Office of Management and Budget (OMB) for its review of these information collection requirements.

If you comment on these information collection and recordkeeping requirements, please e-mail comments to Paperwork@hcfa.gov (Attn:HCFA-0149) or mail copies directly to the following:

Health Care Financing Administration,
Office of Information Services,
Information Technology Investment Management Group,
Division of HCFA Enterprise Standards,
Room C2-26-17, 7500 Security Boulevard,
Baltimore, MD 21244-1850.
Attn: HCFA-0149.

And,

Office of Information and Regulatory Affairs,
Office of Management and Budget,
Room 10235, New Executive Office Building,
Washington, DC 20503,
Attn: Allison Herron Eydt, HCFA Desk Officer.
HIPAA Training,HIPAA regulations