Case Studies
Developing Web-based Tools for Enforcing HIPPA Compliance
Client: Centers for Medicare & Medicaid Services (CMS)
The Maricom Team developed the Administrative Simplification Enforcement Tool (ASET) and HIPAA Information Tracking System (HITS) for the Centers for Medicare & Medicaid Services to help improve the efficiency and effectiveness of the nation’s health care system.
CMS was tasked by Congress with implementing certain provisions of the Federal Health Insurance Portability and Accountability Act (HIPAA). HIPAA’s “Administrative Simplification” provisions aimed to simplify and secure the vast streams of electronic health care transactions and data that CMS processed.
To meet these aims, CMS established rules to standardize electronic health care transactions and the code sets for encoding data (such as medical procedures) used in these transactions. Rules were also set up to establish unique identifiers (10-digit numbers) for each health care provider, as well as security standards for all electronic health care information.
The Challenge:
CMS needed to ensure that the health care community adopted and consistently followed these standards. Due to the extensive number of health care providers, enforcing these standards posed a considerable challenge.
CMS decided to take a complaint-driven approach to enforcing compliance. Consequently, they wanted a web-based electronic tool that could assist health care providers, payers, and others in submitting complaints regarding noncompliance with the HIPAA standards. The system needed to be easy to use by complainants from a variety of backgrounds. From the other end, CMS needed to be able to collect, organize, and analyze all of the complaints. And access to the system needed to comply with HIPAA security safeguards.
The Solution:
The Administrative Simplification Enforcement Tool (ASET)
To meet CMS’ needs, Maricom developed the Administrative Simplification Enforcement Tool (ASET). This system was built using a component-based architecture consisting of a web server, an application server, and a relational database. Complainants can access ASET over the web at the following link: https://htct.hhs.gov/aset/userRegistration to register and identify the rule they believe was being violated, and explain in detail the nature of the noncompliance. CMS can then provide needed follow-up response.
One example, for transaction and code set violations, a testing engine allows complainants to upload the suspect files and have them tested against the standards for various transactions and code sets.
The HIPAA Information Tracking System (HITS)
To provide CMS the capability to analyze and manage the complaints without affecting the collection process, Maricom also developed the HIPAA Information Tracking System (HITS). CMS uses the research and reporting capabilities of HITS to analyze complaints according to such factors as region, noncompliance type, and resolution status. Complaints can be reviewed by an administrator and electronically assigned to a CMS staff person for resolution. Only pre-approved users gain access to confidential data.
The Outcome:
Prior to HIPAA, complainants submitted claims in hundreds of different ways, often using different and conflicting codes. Now, CMS is able to standardize its claims procedure around a single transaction format, thanks in part to the compliance enforcement tools provided by Maricom. Now, when anyone is faced with noncompliant transactions, they have a ready, user-friendly means to file their grievances.
Click below to read about our
recent news
connect with us
