The HIT Transition Weblog

Be cognizant of the fact that in accordance with the NPI final rule, when an identifier is reported on a claim for ordering/referring/attending provider, operating/other/service facility provider, or for any provider that is not a billing, pay-to or rendering provider, that identifier must be an NPI. For Medicare purposes this means that submission of an NPI for an ordering/referring provider is mandatory effective May 23, 2008. Legacy numbers cannot be reported on any claims sent to Medicare on or after May 23, 2008.

Medicare has always required that a provider identifier be reported for ordering/referring providers. Effective May 23, 2008, that number must be an NPI, regardless of whether that referring or ordering provider participates in the Medicare program or not or is a covered entity.

In other words, if you're a reference lab, send Luigi the Persuader out to collect your samples.

Let's assert some bullet points to clarify the Medicare providers' Catch-22:

• HIPAA applies to all payers, all clearinghouses, but only those providers who meet the definition of "covered entity."
• A covered entity provider is defined as "a health care provider who transmits any health information in electronic form in connection with a [standard] transaction" (HIPAA TCS Final Rule, §160.103).
• Under the HIPAA statute, the NPI Final Rule requires covered entity providers to obtain an NPI.
• Though a few  Medicare providers continue to submit claims on paper, Medicare previously required its participating providers to obtain NPIs, whether or not they consider themselves to be covered entities.
• Many non-Medicare practitioners and some small practices do not conduct standard transactions, and/or do not consider themselves to be covered entities.
• Many of these have passively neglected to, or actively refused to, obtain NPIs.
• While these providers have opted out of Medicare, they may still see Medicare patients.  However, if they observe something they cannot treat, they may refer that patient to, or order a test from, a provider who participates in Medicare.
• IMPORTANT: There are no "surrogate" NPIs (analogous to UPIN numbers OTH000, VAD000, etc.).
• Therefore, if that Medicare clinic, facility, lab, etc. tries to bill Medicare for the service, the claim will be denied, because they have not identified the referring/ordering physician by an NPI -- because that practitioner has no NPI and may legally refuse to obtain one.

We Don't Enforce the Rules, We Just Make the Rules
Below this, in fine print, appears this ironic disclaimer (emphasis mine):

This article was prepared as a service to the public and is not intended to...impose obligations..... The information provided is only intended to be a general summary. It is not intended to take the place of either the written law or regulations. We encourage readers to review the specific statutes, regulations and other interpretive materials for a full and accurate statement of their contents.

You Asked for It
What does the NPI Final Rule actually mandate that covered entity providers do?  Let's see (emphasis mine):

Use the NPI it obtained from the NPS to identify itself on all standard transactions that it conducts where its health care provider identifier is required. §162.410(a)(2)

You mean it doesn't say that NPIs need to be used to identify other providers?  What about the X12 specifications that define standard transactions and the rules that apply to specific data elements?  You're welcome to dig, but I've been through them all and, though they do require that an NPI be used to identify a provider who is known to have obtained one, a universal mandate just isn't there. How could it be?  As Johnny Cochran might have put it, "You can't insist on what don't exist."

Except, of course, if you're Medicare.

Breaking the Code
I've known about this gap between the prevailing understanding of NPI (a universal identifier that will replace all legacy provider IDs in standard transactions) and the regulatory truth of NPI (a broad but limited mandate that will continue to require exceptions), but I've held back from pointing out the discrepency.  This decision was made in deference to colleagues who share my belief that the morass of legacy IDs lays an unneccessary and costly burden on providers and drives up healthcare costs.  But this news from Medicare threatens vital services to patients, and that crosses the line.

This emperor has no clothes.  They can refuse to pay if they dare, but, their "in accordance with the NPI final rule" double talk notwithstanding, they have no law to hide behind.

My Own Disclaimer
This is not legal advice.  Read the regulations, implementation guides and CMS's own (not necessarily consistent) interpretations for yourself. I'm not an attorney. If you feel your revenue or patients may be at risk, I encourage you to hire one.

http://hittransition.com/flashpoint/ad_rhio2.htm