Q. Must providers who submit claims electronically comply with HIPAA if they submit claims on paper?

A. Providers who bill electronically must comply with the HIPAA requirements of the Privacy Rule unless, before the compliance date, the provider stopped conducting any of the HIPAA transactions electronically.

The HIPAA transactions commonly used by providers include claims, eligibility queries, claim status queries, and referrals. It is important to note that you cannot avoid the HIPAA requirements by hiring another entity, such as a billing service, to conduct these transactions electronically for you.

While you and other health care providers could revert to conducting solely paper transactions, doing so would have many negative effects for most providers. The provider’s business processes would be disrupted by having to prepare paper claims and check eligibility and claim status by phone. Reverting to paper would cause particular problems for those providers who receive Medicare payments.

First, these providers would experience delays in receiving payments, because Medicare by law cannot pay paper claims until 28 days after receipt (as opposed to 14 days for electronic claims).

Second, effective October 16, 2003, Medicare was prohibited by law from paying paper claims except for those from small providers and under certain other limited circumstances.

After that date, any provider that does not meet the “small provider” or other exception would have to return to electronic claims submission in order to continue to receive Medicare reimbursement. At that time, the provider would again be required to comply with the Privacy Rule requirements.

Source: Centers for Medicare & Medicaid Services.