Health Insurance Portability and Accountability Act of 1996 (HIPAA)

• National Provider Identifier
• Table of allowable use or disclosure of Protected Health Information without authorization

National Provider Identifier assignment begins

May 23, 2005 marked the first date that all physicians, health care professionals and facilities can apply for their National Provider Identifier (NPI). The NPI will replace the health care provider identifiers used today in standard health care transactions. The Health Insurance Portability and Accountability Act (HIPAA) of 1996 mandates that all covered entities except small health plans must begin using the NPI on May 23, 2007; small health plans have until May 23, 2008.

Regence is working to ensure our systems and procedures will accept and use NPIs by the compliance date.

Please continue to submit your claims (electronic or paper) with your Regence BCBSO provider number as you do today. Currently, if an NPI is submitted, we will not store it in our systems or use it in claims processing.

We have published articles in our BluePrint® Newsletter with information about NPI and will continue to do so throughout the implementation period. This section of our Provider Information Site will also be updated as information becomes available.

Articles can be found in these online issues of our BluePrint Newsletters:

• Volume 23 Number 4- November 2004
• Volume 24 Number 2 - May 2005
• Volume 24 Number 3 - August 2005

See the CMS Web site at https://nppes.cms.hhs.gov for additional information related to NPIs.

Table of allowable use or disclosure of Protected Health Information without authorization (treatment, payment and health-care operations)

A collaborative effort among several health plans including Regence BlueCross BlueShield of Oregon, ODS, Providence Health Plans, Kaiser, PacificSource, LifeWise and Health Net resulted in a table outlining when protected health information (PHI) may be exchanged without an authorization from an individual according to the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA). The table includes regulatory cites supporting PHI exchange without authorization, and has been shared with the Oregon Medical Association, and the Oregon Association of Hospitals and Health Systems and HIPAA workgroups. Click here to view the table.

If you have any questions regarding this table or your ability to release PHI without an authorization, please contact your Medical Association, provider relations representative, or go to the Health and Human Services Office for Civil Rights HIPAA site.