Crosswalking the NPI Chasm

June 24, 2011
Following is part one of a two-part piece on how payers can revamp their systems to handle National Provider Identifiers. Part one provides an

Following is part one of a two-part piece on how payers can revamp their systems to handle National Provider Identifiers. Part one provides an overview of the issues, while the second part, to run in March, examines the "crosswalk" approach.

The fast-approaching deadline for National Provider Identifier (NPI) compliance is cause for concern for many health plans still struggling to sort through myriad changes required to accommodate these new ID numbers. Some plans are well on their way to compliance, while others are just grasping the impact the NPI will have on their business processes, information systems and trading partner relationships.

Provider IDs are one of the most ubiquitous pieces of information in healthcare, critical to capturing key elements in a patient-provider encounter, and used in subsequent transactions and business processes, including claims, authorizations, payments, utilization management and credentialing.

The NPI transforms the historical process in which health plans assigned their own unique proprietary IDs to individual providers and provider organizations and, in many cases, more than one ID to the same provider to distinguish different business relationships, provider locations, contract agreements and payment schedules. Come May 23, 2007, however, plans must cross the chasm to a single identifier standard.

Although compliance creates a host of unique organizational and technical challenges, industry analysts have reported that many NPI implementation managers are using a similar basic strategy — mapping legacy IDs to new NPIs. In considering this "crosswalk" approach, there are general steps any plan, regardless of size or network architecture, can follow on a path to compliance.

Steps to a comprehensive gap analysis

Task force: Compliance with the NPI HIPAA mandate will require more than a high-level assessment to fully understand the impact the NPI will have within the organization. As with any project, the first step is to create a task force with representation from various departments and which will provide the necessary process and technical expertise to ensure a smooth transition.

This task force needs first to perform a comprehensive assessment to identify and understand current provider enumeration practices, business processes, internal systems and trading partner relations that will be affected by NPI implementation. The accompanying gap analysis will enable organizations to formulate a plan that addresses the process changes and system modification required to accommodate the new NPI standard.

Step 1: Review enumeration processes

How a health plan currently enumerates and identifies its participating and non-participating providers will largely determine its unique compliance approach. A critical step in the assessment is a detailed account of an insurer's current process for assigning identifiers to individual and organization providers. For instance, many health plans currently assign several numbers to a single provider with separate IDs differentiating care locations or reimbursement arrangements.

This system will result any one of the following situations:

  • a one-to-one relationship between legacy and NPI numbers (mostly in the case of individual providers that have been assigned a single proprietary ID by health plans);
  • a many-to-one relationship, when more than one proprietary ID is assigned to the same provider (which could be the case for both individual and organization providers);
  • a one-to-many relationship, if a provider assigned with a single proprietary ID chooses to obtain more than one NPI for itself and some of its subparts (only applicable to organization providers, since individual providers can obtain one and only one NPI);
  • and in the case of provider organizations consisting of multiple providers, locations, and specialties, a possible many-to-many relationship.

Organizations must then review the purpose for which they assign provider IDs. If "intelligence" is embedded in their proprietary ID format, health plans may need to utilize additional information and data fields to represent these elements in another capacity.

Two additional factors that add complexity to the enumeration process are the designation of "subparts" and the use of provider taxonomy codes.

Provider organizations, such as hospitals or large physician groups, may apply for and be assigned an organizational NPI, but can also designate one or more subparts with unique NPIs, such as a separate clinic, or a hospital system with different departments, such as inpatient, outpatient and long-term care facilities.

Since provider organizations have complete control in deciding what components are designated as "subparts" and assigned a separate NPI, health plans must closely communicate with these organizations to understand NPI subpart-assignments and align legacy IDs and payment processing accordingly.

The Healthcare Provider Taxonomy Code set is a HIPAA-designated standard non-medical code set that identifies the type of service or specialty of a provider. When applying for an NPI, providers self-select one or more taxonomy codes which best describes their education, license, certification, or specialty. A single provider may be associated with multiple taxonomy codes, but still have a single NPI. In considering their business processes, particularly claims, health plans must consider whether to require the submission of taxonomy codes in addition to NPIs.

Other factors to consider in the enumeration process include:

  • Bulk Enumeration. Health plans may want to coordinate with organizations that enumerated their providers via bulk electronic submission to subsequently obtain their bulk NPI files, as this may represent a significant portion of provider records.
  • Atypical Provider Enumeration. Atypical providers are individuals and organizations that do not meet HIPAA's definition of a healthcare provider, such as non-emergency transportation services, billing service providers, and others. These non-healthcare providers will not be able to obtain an NPI and health plans will need to consider maintaining legacy identifiers for these providers while a national approach to enumerate them emerges.
  • Varying Rates of NPI Adoption. It's important to remember that the enumeration process is entirely provider-driven. Even if a health plan has ensured system compliance with the NPI, it will not be able to begin testing and using NPIs in mass until providers start obtaining and submitting their numbers. Likewise, other trading partners, such as clearinghouses, may not be ready to receive and transmit NPIs at the same time.

Step 2: Inventory processes and systems

Very few healthcare processes and systems are unaffected by NPI. Health plans must identify all the places in their business processes and information systems, where a provider identifier is currently used or will have to be used in order to comply with the NPI final rule. Checklist #1 contains some key processes that may be affected. Health plans must carefully review and consider each in order to understand NPI impact.

Checklist #1: Potentially Affected Processes

¨ Administrative transaction processing

¨ Provider enrollment / credentialing

¨ Provider contracting / reimbursement

¨ Provider relations

¨ Claims capture

¨ Claims adjudication and pricing

¨ Payment, EFT and RA

¨ Prior authorizations

¨ Referrals

¨ Reporting

¨ Member enrollment / member services

¨ Premium payments

¨ Eligibility inquiries/response

In regards to information systems, many may need to be modified to accommodate the new NPI format. How much time this requires will depend on the organization, the flexibility of its systems and the available IT resources. Many plans are making system changes internally, while others are relying on vendors or consulting firms to help make necessary modifications.

Checklist #2: Potentially Affected Systems

¨ Provider record databases

¨ Provider contracting and reimbursement

¨ Claims processing

¨ Payment systems

¨ Enterprise workflow management

¨ Health plan Intranet

¨ Health plan Internet

¨ Member and employee portals

¨ Online provider directories

¨ Member record systems

¨ Data warehouses

Checklist #2 includes some of the information systems health plans must consider.

Claim processing systems are complex applications that include millions of lines of code supporting claims automation and payment functions. It is advisable that health plans examine these systems at the code level in order to determine the extent of remediation required. For example, automated processing logic may be embedded in code or may use proprietary identifier "intelligence" in the ID format. In these situations, code must be modified, tested, and implemented. This can be a very tedious and lengthy process.

Organizations must also analyze the impact the NPI will have on both paper and electronic transactions, particularly claims, as this is an area where the greatest amount of system modification may likely have to occur. New national standard professional, institutional and dental claim forms that accommodate for the reporting of the NPI have been developed and are being adopted prior to May 23, 2007.

Step 3: Assess trading partners

Health plans should request NPI implementation plans from vendors, clearinghouses and other trading partners with which they deal. Trading partners' plans should include a projected timeline for NPI adoption. Likewise, insurers should share their NPI strategy and transition plan with their trading partners.

Step 4: Develop a plan

With key information and considerations obtained from the gap analysis, the task force will outline the scope of work required, assign tasks to various team members, develop recommendations for a multi-phase roll-out and create a corresponding timeline for the implementation.

Health plans should utilize what is known in the industry as the "NPI-Legacy ID Dual Use Strategy," which means accepting transactions containing both the NPI and the corresponding legacy or proprietary ID. This will allow providers to use transactions as a way to communicate to payers their NPIs, and will serve as a mainstream mechanism for payers to build, populate, test and implement their crosswalks and their end-to-end transaction processing systems.

Health plans must develop a strategy to collect NPIs from providers and provider organizations, including a procedure to potentially obtain NPI data files from the National Plan and Provider Enumeration System (NPPES), or from larger provider organizations.

Insurers should also establish a comprehensive communication plan that will convey NPI expectations and required policies to providers, vendors and trading partners, ensuring that these entities clearly understand the expectations health plans have with regard to their role in compliance with NPI mandates.

Walter Suarez, M.D., MPH, is president and CEO of the Institute for HIPAA/HIT Education and Research and co-chair of the WEDI NPI Implementation Workgroup and the NPI Outreach Initiative.

Joel Portice is COO and co-founder of Enclarity Inc.

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...