National Provider Identifier Compliance Deadline Draws Near

  1. Home
  2. News & Insights
  3. National Provider Identifier Compliance Deadline Draws Near

Health care providers have just a few months before they are required to begin using the National Provider Identifier ("NPI"). Effective May 23, 2007, the NPI will be the only health care provider identifier accepted by health plans, including Medicare, Medicaid and all other public and private payors, in connection with a standard transaction under the Health Insurance Portability and Accountability Act ("HIPAA").1 Although only those covered health care providers that conduct HIPAA standard transactions are required to obtain an NPI, all health care providers are eligible to apply for and should acquire an NPI. The Centers for Medicare and Medicaid Services ("CMS") estimates that it may take health care providers up to 120 days to incorporate the NPI into their business and recommends that providers begin testing and using NPIs in electronic health care transactions by the end of January 2007 to ensure full implementation by the compliance deadline. In light of this timeline, health care providers who have not applied for or begun implementing the NPI into their business systems should act quickly to avoid potential delays or denials in reimbursement following the May 23, 2007 compliance deadline.

Overview of the NPI

The NPI was created as a part of the HIPAA to uniquely identify health care providers and replace the various other "legacy" provider identifiers currently in use, such as the Medicare UPIN, OSCAR or State Medicaid numbers. The NPI is a ten-digit number that is permanently assigned to a health care provider. Unlike other legacy identifiers, the NPI is intelligence free, meaning that it does not contain any information about the provider, such as the provider's location or specialty.

Requirements for Obtaining an NPI

Every "covered health care provider" is required to obtain and use an NPI.2 Covered health care providers include any health care provider (as defined under HIPAA3) that transmits the HIPAA standard electronic transactions. HIPAA standard transactions include, among others, health care payment and remittance advice, coordination of benefits, eligibility inquiries and responses, claim status inquiries and responses, and referral certification and authorization.4 The definition of a covered health care provider includes both individuals and organizations, such as physicians, pharmacists, dentists, nurses, group practices, hospitals, nursing homes, hospices, home health agencies, durable medical equipment suppliers, clinical laboratories and health maintenance organizations. Although only covered health care providers that transmit HIPAA standard transactions are required to obtain and use the NPI, private health plans and employers may require that non-covered health care providers obtain an NPI. For this reason, it is recommended that all non-covered health care providers also apply for and obtain an NPI.

Applying for an NPI

Health care providers that have not done so already should apply for an NPI as soon as possible. Providers may apply for an NPI in one of three ways:

  1. Submitting an online application on the NPPES website. Online applications are processed more quickly than paper applications. In addition, online applicants may later update the information initially submitted on the application through the online system.
  2. Submitting a paper application that is obtained by calling 800-465-3203. Providers who submit a paper application are limited to submitting updates to their information on paper.
  3. Authorizing an employer or other organization to obtain an NPI on the provider's behalf through Electronic File Interchange or bulk enumeration.

There is no charge to obtain an NPI and the estimated time to complete the application is 20 minutes. CMS recommends that providers include existing legacy identifiers on the NPI application so that health plans and clearinghouses may use this information to develop crosswalks to facilitate the transition to the NPI system. If any information furnished by a provider on its NPI application changes in the future, providers have 30 days to notify the National Plan & Provider Enumeration System of the change.

Organizational health care providers with subparts should apply for an NPI for itself and for all of its subparts. A subpart is defined as any component of a health care provider that would qualify as a covered health care provider if it was a separate legal entity.5 In determining whether an organization has subparts that require a separate NPI, providers should consider whether any parts of the organization separately furnish any health care services (often evidenced by separate licensure), maintain unique identifiers separate from the parent organization, conduct HIPAA standard transactions separate from the parent organization, or enroll separately from the parent organization in health plans. It is important to note that only organizational health care providers, not individuals, have subparts.

Implementing the NPI

After applying for and receiving an NPI, health care providers should begin implementing the NPI into their business as soon as possible to avoid delays or denials in reimbursement following the compliance deadline. The implementation process will require providers to evaluate their business systems to determine what actions must be taken. At a minimum, the following should be considered:

  • Communicating with health plans and payors to determine what information the payor will require the provider to include when submitting claims or conducting other transactions. Non-covered health care providers should inquire whether the health plans or payors in which the provider participates will require the provider to obtain and use an NPI to submit claims or otherwise correspond with the plan or payor.
  • Sharing the provider's NPI with other providers, health plans, health care clearinghouses and any other entity that may need it for billing purposes. NPI information may be shared with the Centers for Medicare and Medicaid Services by submitting claims using the provider's NPI and appropriate legacy identifiers; submitting an update to the provider's Medicare enrollment application (CMS Form 855); or, for new providers, submitting an initial Medicare enrollment application.
  • Testing the provider's NPI to ensure that it is accepted by health plans and other payors.
  • Developing any necessary policies or procedures. This may include identifying the individuals who are responsible for training staff on the use of the NPI, adapting billing and software systems to accept the NPI, and developing a crosswalk to track the provider's NPI and other legacy identifiers.
  • Working with information technology staff, billing and other vendors to incorporate the NPI into existing business systems. Because the NPI does not include any information about the provider, a provider may be required to develop new methods to track required information, such as location codes or other information previously included in legacy identifiers.
  • Requiring business associates that conduct HIPAA standard transactions on the provider's behalf to use the NPI, where applicable. At a minimum, business associates, including practice management or billing companies, should be informed of the provider's NPI. It may also be necessary to review and amend business associate agreements to require the business associates to appropriately use the NPI when performing services on the provider's behalf.

Additional Information

Additional information regarding the NPI is available through the CMS website. You may also contact a member of the Reinhart Boerner Van Deuren s.c. Health Care Department, at 414-298-1000, with questions or for assistance in applying for or implementing the NPI into your business.

1 Health plans and health care clearing houses are required to accept the NPI in standard transactions as of May 23, 2007. Small health plans, with annual receipts of $5 Million or less, have until May 23, 2008 to accept the NPI.
2 45 C.F.R. § 162.404(a).
3 HIPAA defines a "health care provider" as a provider of services under 42 U.S.C. § 1395x(u), a provider of medical or health services under 42 U.S.C. § 1395x(s), and any other person or organization who furnishes, bills or is paid for health care in the normal course of business. See 45 C.F.R. § 160.103.
4 See 45 C.F.R. § 160.103 for the full list of HIPAA standard transactions.
5 See 45 C.F.R. § 162.410.


Related Practices