The Health Insurance Portability and Accountability Act was enacted by the U.S congress in 1996. A key component of HIPAA is the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans and employers.

The standards are meant to improve the efficiency and effectiveness of the North American health care system by encouraging the widespread use of EDI in the U.S health care system.

NOTE - The HIPAA EDI transaction sets are based on X12, version 5010

The key message types are described below:

837 - EDI Health Care Claim

The 837 is usually the first transaction set you will need to implement. It's used to submit health care claim billing information, encounter information, or both, except for retail pharmacy claims (see EDI Retail Pharmacy Claim Transaction). It can be sent from providers of health care services to payers, either directly or via intermediary billers and claims clearinghouses. It can also be used to transmit health care claims and billing payment information between payers with different payment responsibilities where coordination of benefits is required or between payers and regulatory agencies to monitor the rendering, billing, and/or payment of health care services within a specific health care/insurance industry segment.

The 837 is a relatively complicated transaction set, but it comes in 2 different flavors which helps simplify it slightly. There are 837 Institutional (“I”) and 837 Professional (“P”) transactions. They are both based on the standard 837, but do not include all possible variations of the 837. 

835 - Health Care Claim Payment/Remit Advice

Can be used to make a payment, send an Explanation of Benefits (EOB) remittance advice, or make a payment and send an EOB remittance advice only from a health insurer to a health care provider either directly or via a financial institution.

270/271 - Inquiry/Response for Eligibility

Allows determination of subscriber or dependent eligibility as well as the benefit information for the subscriber or dependent. The 270 is sent to a health plan to determine the eligibility, or benefit availability.  The 271 is the eligibility/benefit response. Because this information can be critical, many health plans make these interactive or real time.

276/277 - Inquiry/Response for Claim Status

Used by providers to request status on a submitted claim (276) and to receive a status response (277). The 276 is utilized by institutional, professional and dental providers, and supplemental health care claims processors as defined by the regulations. The 277 response transactions are utilized by payers and other entities that process claims. 

278 - Referral Certification, Authorization, Extensions and Appeals

Referral Certification: Used by providers to request certification for a patient to receive health care services. Also provides capacity to appeal a UM decision. Authorization: Provider receives permission from review entity/UM to refer the patient to a specialist, admit the patient to a facility, or administer medical services or treatment to the patient. This transaction also covers pre-certification prior to elective hospitalization or treatment, as required, for determination of medical necessity. This transaction allows the provider to request an extension to a previously approved authorization, pre-certification, or referral. The 278 is implemented as an interactive transaction.

Below are all the possible X12 transactions for Healthcare including all HIPAA

The key X12 EDI transaction sets for Healthcare including HIPAA are:

    • EDI 270 Eligibility, Coverage or Benefit Inquiry
    • EDI 271 Eligibility, Coverage or Benefit Information
    • EDI 275 Patient Information
    • EDI 276 Healthcare Claim Status Request
    • EDI 277 Healthcare Claim Status Notification
    • EDI 278 Healthcare Services Review – Request for Review
    • EDI 278 Healthcare Services Review – Response to Request for Review
    • EDI 820 Payment Order/Remittance Advice
    • EDI 824 Format Example
    • EDI 834 Benefit Enrollment and Maintenance
    • EDI 835 Healthcare Claim Payment/Advice
    • EDI 837-P Healthcare Claim: Professional
    • EDI 837-D Healthcare Claim: Dental
    • EDI 837-I Healthcare Claim: Institutional
    • EDI 997 Functional Acknowledgment for Healthcare Insurance
    • EDI 999 Implementation Acknowledgment for Healthcare Insurance
    • EDI TA1 Interchange Acknowledgment

(Note: As of 2012, healthcare providers must be compliant with version 5010 of the HIPAA EDI standards.)

Any entities covered by the HIPAA EDI Rule should be aware that penalties for non-compliance are high. There are 4 tiers of non-compliance: 

  • Tier 1, which refers to unknowing violations
  • Tier 2, which refers to a reasonable cause for violations
  • Tier 3, which refers to willful violations that have been corrected
  • Tier 4, which refers to willful violations that have not been corrected

The penalties for the last tier are the highest, with a minimum penalty of $50,000 per violation.