EDI Security

EDI Security-Related Requirements for A/B MACs and CEDI Arrangements With Clearinghouses and Billing Services (Part 1)

A billing service is an entity that markets claim preparation services to providers and should also be able to perform related transactions for providers, such as eligibility and claim status inquiries. The billing service collects a provider’s claim information and then bills the appropriate insurance companies, including Medicare. A billing service may submit claims only, or provide full financial accounting and/or other services.  are considered to be provider business associates. As such, HIPAA requires that they comply with each of the privacy and security requirements that apply directly to providers. They are also required to ensure that they require that any clearinghouses, subcontractors or other business associates of their own that may be involved with handling of Medicare beneficiary data also meet those same security and privacy requirements. A billing service may view beneficiary or provider data to carry out their billing obligations for a provider, when a provider authorizes them to have that access. To qualify as a billing service, an entity must at a minimum submit initial claims on the provider’s behalf.

A clearinghouse transfers or moves EDI transactions for a provider or billing service, and generally translates the EDI transactions from or into a proprietary format. A clearinghouse generally accepts multiple types of incoming transactions and sends them to various payers, including Medicare. Clearinghouses often perform general and payer-specific edits on claims, and may handle multiple types of EDI transactions for a given provider. Clearinghouses frequently reformat data for various payers, and manage acknowledgments, remittance advice transactions, and claim status and eligibility queries.

Some entities that refer to themselves as clearinghouses, however, do not edit or translate data, but simply serve as a “telecommunication switch,” moving transactions from point A to Point B or wherever directed under the terms of the agreement with a provider. A clearinghouse may also be called a value added network (VAN). A clearinghouse/VAN may not view privacy-protected Medicare data unless a signed authorization has been filed by the provider for whom the clearinghouse/VAN will submit or received Medicare EDI transactions. For EDI, a transaction that contains individually identifiable information about a Medicare beneficiary is considered to be privacy protected data.

To learn more about EDI and become a certified EDI Professional please visit our course schedule page.

Leave a Reply

Your email address will not be published.

Post Navigation