February 15, 2007

The Honorable Michael O. Leavitt
Secretary
Department of Health and Human Services
200 Independence Avenue SW
Washington, D.C.  20201

Dear Secretary Leavitt:

The National Committee on Vital and Health Statistics (NCVHS) is responsible for assisting and advising the Department of Health and Human Services (HHS) in adopting the administrative simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).  In that role we have continued to monitor the health care industry’s progress towards meeting the May 23, 2007, compliance date for implementation of the National Provider Identifier (NPI).  We last reported NPI status to you on November 29, 2006, and at that time concluded there were several key impediments to meeting the statutory deadline.  While we have observed some progress since November, we remain skeptical that the industry will be able to meet the target date for NPI compliance.

On January 24, 2007, we again heard testimony from the health care industry and the Centers for Medicare & Medicaid Services (CMS) regarding the industry’s general readiness to implement NPI by the May 23rd deadline.  There were participants from associations representing providers, pharmacies, plans, health care software vendors and third-party billing companies.  All expressed a great degree of concern, and agreed that many in the industry will not be able to meet the May 23, 2007 compliance date.

Two types of challenges were identified.  The first is the challenge of achieving full enumeration.  More than 1.7 million NPIs have been issued, but many providers have still not applied for a number.  Reasons include procrastination and/or lack of awareness of the need to obtain the number.  Despite significant outreach efforts on behalf of CMS in partnership with industry groups, some providers remain unaware of the need to obtain an NPI and the critical need to test the NPI with health plans prior to the compliance date.  Some providers believe themselves to be exempt because they do not do electronic billing or they do not participate in Medicare.  Still others, who care for underserved populations, may not bill for services.  Testifiers stressed that additional educational efforts and outreach are required.

Most industry representatives also conceded that significant progress could still be made towards increasing the number of providers who obtain NPIs by May 23rd, but there was not unanimity, and no testifiers believed full enumeration was possible by the compliance date.

The second challenge is of data exchange and software testing.   A significant impediment to software testing is a continued lack of access to data from the National Plan/Provider Enumeration System (NPPES).  Many plans need NPPES data to build crosswalks between legacy provider identifiers and NPIs in their own systems to ensure validation of the NPIs given to them by providers and to ensure timely processing of transactions.  In addition, providers also need to obtain the NPIs of other providers, because claims require the provision of both the primary billing provider and the ordering or referring provider.  For example, pharmacies need the NPI of the prescribing physician in order to submit a valid claim.

Testifiers stressed that successful implementation depends heavily upon access to NPPES data.  Testing among trading partners is also critical to assuring that accurate payments are made to the right providers.  This testing would include providers submitting transactions (for example, claims) containing NPIs to plans, and plans processing the transactions and creating appropriate transactions (for example, remittance advices).  Very little testing has occurred to date, and testifiers indicated that all industry segments require more time to complete testing to ensure a seamless exchange of data between trading partners.  Without this testing, providers especially are concerned that payments for their services will be substantially delayed.  Delay in filling a patient’s prescription is also a possibility.

As we stated in our last letter to you on this subject, NPPES data cannot be released until HHS publishes a data dissemination notice in the Federal Register.  We continue to strongly encourage HHS to publish this notice, as delays in doing so will further impede progress toward industry compliance and improving health system efficiency.

Based on expert testimony at the Subcommittee hearings and our own public deliberations, we have the following additional observations and recommendations:

Observation #1: There is a clear need for more outreach to inform providers, especially small program and minority providers, of the need to acquire NPIs.  Education is also needed for the wider range of providers and plans so they understand the need for sharing NPIs among their trading partners.

Recommendation #1:  NCVHS recommends that HHS/CMS take the lead to provide this education, while also enlisting the participation of organizations that represent the  healthcare industry.  Several of these organizations expressed a willingness to provide assistance in the effort.

Observation #2:  The industry must have access to the NPPES data.  This is critical to its ability to build crosswalks and reprogram its systems to accommodate NPI-based transactions.  This is possible only if HHS publishes a data dissemination notice describing the data that will be made available and the mechanisms for obtaining it.

Recommendation #2:  NCVHS strongly recommends that HHS decide what NPPES information will be made available to the industry, issue a data dissemination notice, and make the data available at the earliest date possible.  We believe this is essential to the success of NPI implementation.

Observation #3: All covered entities should be able to accomplish the internal tasks needed to comply with the May 23, 2007 date.  That is, providers should be able to obtain their NPIs, and plans and clearinghouses should be able to complete the systems changes needed to accept NPIs on HIPAA transactions.

Recommendation #3:  NCVHS recommends that covered entities be required to accomplish these tasks by the May 23, 2007 compliance date.

Observation #4:  Many covered entities will likely not be able to complete the collaborative tasks needed to fully test NPI usage by the May 23, 2007 compliance date.  That is, provider software may not accommodate the NPI on HIPAA transactions, and plans and clearinghouses may not be able to complete crosswalk construction. After hearing testimony, we are convinced that requiring complete compliance with the NPI standard on May 23, 2007, is unrealistic.

Recommendation #4:  NCVHS recommends that HHS publish contingency guidance similar to the one utilized for the transaction and code set standards in 2003.   Such guidance would protect otherwise compliant covered entities from enforcement action if they develop and implement contingency plans, such as continuing to accept legacy identifiers, to assure continuity of operations. We suggest it would be prudent to institute a six-month contingency using the following conditions:

  • If HHS issues the data dissemination notice and makes NPPES data available to the industry prior to or on May 23, 2007, the contingency period would end six months later, on November 23, 2007.
  • If HHS issues the data dissemination notice and makes NPPES data available after May 23, 2007, the contingency period would end six months after the date the data are available.

We will continue to monitor NPI implementation progress and report to you.

Sincerely,

/s/

Simon Cohn, M.D., M.P.H.
Chairman, National Committee on Vital and Health Statistics

Cc:       HHS Data Council Co-chairs

Enclosure