Back when the "administrative simplification" portion of HIPAA was still a gleam in the eye of a legislator, the primary intent was to standardize certain critical electronic health care transactions and code sets to help the health care industry achieve efficiencies and reduce costs associated with a myriad of transaction formats. The HIPAA privacy and security regulations were somewhat of an afterthought, in recognition of the fact that increased use of electronic health care transactions means increased risk to data.
Which brings us to HHS's August 22 notice of proposed rulemaking, which would require a switch from ICD-9 code sets to International Classification of Diseases, 10th Revision, Clinical Modification in HIPAA standard transactions. The estimated cost to the U.S. health care industry is estimated in the billions of dollars.
Don't get me wrong, I do believe that the HIPAA Privacy and Security Rules have helped raise the bar for protection of medical information. In addition, the move to ICD-10 appears to be necessary; the ICD-9 code sets were developed nearly 30 years ago and can no longer be adequately expanded to address advances in diagnoses and procedures. However, I do question whether the industry is ever going to realize the efficiencies and cost savings that HIPAA was intended to achieve when it was first enacted.
