CMS Announces 90-Day Grace Period for Compliance with Eligibility and Claim Status Operating Rules Under HIPAA


CMS’s Office of E-Health Standards and Services (OESS) has announced on January 2, 2013, that it will not initiate any enforcement action prior to March 31, 2013, with respect to HIPAA covered entities’ compliance with operating rules pertaining to eligibility for a health plan and health care claim status. Applicable HIPAA covered entities include health plans, health care providers, and clearinghouses.  The grace period was announced to “reduce the potential of significant disruption in the health care industry” after OESS received industry feedback indicating that a majority of covered entities would not be in compliance by January 1, 2013.  The announcement emphasizes, however, that the compliance date for using the operating rules remains January 1, 2013, and OESS began accepting complaints regarding covered entities’ non-compliance with the operating rules on that date.  Filed-against entities will be required to submit evidence of compliance or their good faith efforts to become compliant during the 90-day grace period.  CMS’s announcement is available by clicking here.

Reporter, Susan Banks, Washington, D.C., +1 202 626 2953,