Company | Support | Contact Us
Privacy | Transactions and Code Sets | Security | Identifiers
HIPAA Navigator | HIPAA SLP | Manuals
Approach | Assessment | Implementation | Training | Evaluation | Maintenance
For Providers | For Health Plans | FAQ | Free Downloads
For Providers | For Health Plans | For Attorneys | For Security Professionals
subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link | subglobal7 link
subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link | subglobal8 link

Resources for providers

HIPAAssociates provides this page as a service to the provider community. There is a variety of resources available on the Internet, and some of the most relevant to physicians, dentists and other providers are listed below. We will be updating this page periodically to provide additional resources, and welcome suggestions.

Wondering if you qualify as a 'provider'? Here is a list released by CMS.


First of all, you should check our Privacy pages for the most up to date information on HIPAA Privacy.

Occassionally, HHS releases guidance documents which explain HIPAA basics and provide answers to frequently asked questions.

Physicians and Small Practices

WEDi SNIP (Strategic National Implementation Process) Small Practice Implementation White Paper [Version 1.2 5/10/02 Discussion Draft] PDF [406 K]

Practice-Specific Resources

The links below provide resources specific to your specialty - associations, periodicals, and other resources.

There are also listservs which have been used by the industry to discuss various issues pertaining to HIPAA - the best ones available are HIPAAlive on, and the WEDI lists. Bricker & Eckler, LLP, and the Ohio Hospital Association also have compiled an impressive list of resources. We have mined these databases for practice-specific practical situations, and compiled results for those issues where we found consensus. Keep in mind that while these suggestions come from experts and practitioners, they should not be construed as legal advice - when in doubt, consult your legal counsel.

NOTE: Some of the sites may not contain the most up to date information, for example Privacy information may not reflect the changes made in August 2002. Make sure that you review the information carefully for dates and revisions.

Dental Practices


Family Physicians



Optometry / Ophthalmology Practices







First of all, you should check our Transactions pages for the most up to date information on HIPAA Transactions and Code Sets.

Medicare claims

If you submit Medicare claims, have more than 10 FTE (full time equivalent) employees, and are subject to HIPAA Transactions, you should worry. CMS will stop accepting paper claims as of October 16 for any provider not qualifying as a ‘small provider’.

Small provider exemption

If you are a ‘small provider’, or one with less than 10 FTE (employees), you are not subject to the October 16 deadline for Medicare claims. More details can be found here.

Questions for your vendor

If you haven’t been in touch with your vendors, it’s time to do so – don’t wait for them to contact you, and don’t assume that they are as knowledgeable about HIPAA Transactions requirements as they need to be. Ask them specific questions about what they are doing, such as:

1. What HIPAA transactions does your product support?
2. What software updates are needed?
3. What hardware upgrades are required?
4. Are the software updates incremental? (for example, if you only do claims, will you end up paying for more than you need)
5. Do you have a process for cross-walking local codes to approved codes?
6. Do you provide training and support?

Here is a document with a full list of questions for your vendors, TPAs (Third party administrators) and clearinghouses.


Many providers feel ‘locked-in’ because they purchased software and/or upgrades, and are not aware of what other vendors are available. Here is a list of vendors.

Questions you may have

1. What are the benefits of electronic transactions?

There are three main benefits – it reduces errors, speeds up the claim submission and remittance process, and reduces administrative costs of handling claims and correcting errors in submissions.

2. If I do some claims electronically, do I have to convert all of my paper transactions?

No. Providers can continue to submit paper claims – but if you are already doing some transactions electronically, you should consider converting to all electronic – you’ve already made the investment, and you should take advantage of the benefits offered by electronic transactions.

3. Why should I be concerned – isn’t this my vendor’s problem?

Your vendor may or may not be a covered entity – it depends on whether they fit the definition of a clearinghouse, and process transactions. You are the main covered entity, and are held accountable for compliance.

4. If my vendor presents me with a large upgrade bill for my software, what are my options?

See the section on Options, and Questions for your Vendor.

5. What are the penalties if I don’t comply?

Penalties for non-compliance are $100 per transaction, limited to a maximum of $25,000 per year per provider.

Did you know that…

• Health plans must not only convert to electronic transactions for existing electronic transactions, they must also be ready to conduct electronic transactions when requested to do so – which means that if you are ready to go electronic, all you need to do is request that your health plan set it up.

• Health plans cannot force you to conduct electronic transactions? If you elect to remain ‘all paper’, they must continue to support handling your claims.

• If you are already doing claims electronically, you can take advantage of some of the other transactions – for example, checking eligibility, or doing a claim status inquiry, instead of doing this over the phone or fax.

• Health plans have a number of other requirements they have to comply with, such as the prompt payment rule (must pay or respond to claims within a certain period of time; in addition, many states have enacted prompt pay legislation)

What should I be doing now?

Here is a checklist of the activities required for compliance with HIPAA Transactions and Code Sets. Document what you have done, are doing, or use the checklist to determine what you need to do.


We are compiling a list of resources to help providers tackle Security requirements. For now, please check our Security pages for the most up to date information on HIPAA Security.


Additional information can be found here:

Privacy Policy | Legal Notice | ©2001-2008 HIPAAssociates, Inc.