CMS delays HIPAA enforcement until March

Providers can temporarily breathe a sigh of relief, as the Centers for Medicare & Medicaid Services (CMS) yesterday announced the agency will delay enforcement of the required Health Insurance Portability and Accountability Act (HIPAA) 5010 transition until March 31, 2012, instead of the original date slated for Jan. 1, 2012.

Based on industry feedback and reported low compliance, CMS said it decided to provide a 90-day discretionary enforcement period. Even though the agency will not take enforcement action before April 1, 2012, CMS said providers still must make "a good faith effort" to comply with the implementation deadline of Jan. 1, 2012. Although the three-month window allows providers extra time to get software upgrades to meet the new compliance standards, the CMS Office of E-Health Standards and Services (OESS) said it still will accept compliance complaints regarding Version 5010, NCPDP D.0, and NCPDP 3.0 transaction standards during that time.

"OESS encourages all covered entities to continue working with their trading partners to become compliant with the new HIPAA standards, and to determine their readiness to accept the new standards as of January 1, 2012," CMS said in a statement.

For more information:
- read the CMS announcement (.pdf)

Related Articles:
Office of Civil Rights to begin HIPAA audits
MGMA: Doctors not ready for 5010, ‘contingency plan' needed
Break the silos for successful ICD-10 transition

Suggested Articles

Nearly 10,000 patients involved in research studies were impacted by a third-party privacy breach that may have exposed their medical diagnoses.

Veterans Health Administration medical facilities currently have a paper medical record backlog that if stacked up would be 5.15 miles high, according to the…

The Department of Health and Human Services announced proposed changes to privacy restrictions on patients' substance use treatment records.