Minnesota answers HIPAA’s call

Greg Anderson had two choices when he learned what states had to do to comply with the Health Insurance Portability and Accountability Act of 1996. Minnesota’s supervisor of e-commerce and electronic data interchange for the Department of Human Services needed to procure a new system or redesign the current one.Anderson chose the latter, putting Minnesota ahead of many other states in complying with the federal mandate. By October 16, states must make sure they can accept electronic information for all administrative and financial health care transactions using national standards. States may request a deadline extension but must be ready to test their systems by April 2003.“We have taken a conservative approach,” Anderson said. “We utilized proven technologies and made our current system more up-to-date. This is not leading-edge stuff, but we know it works.”Others states, such as Texas, are implementing new systems.Anderson is in charge of only a small piece of Minnesota’s HIPAA puzzle, but the EDI section is one of the most complicated aspects, he said. EDI exchanges formatted data between the provider and the claims processor, in this case the state.The cost of the EDI part alone will range between $10 million and $15 million, said Jayne Draves, HIPAA project director for EDI transactions and code sets for Minnesota.“A lot of people compare this to Y2K,” she said. “It is a very expensive effort because it is more like procuring a whole new system even though we are just adding on to our current system.”The federal government provides 75 percent of the funding to meet the mandate. A state can apply for an additional 15 percent once the Centers for Medicare and Medicaid Services, which is responsible for implementing some HIPAA provisions, has approved the state’s plan. Draves said Minnesota has applied for the extra funding.Anderson said two new pieces of software—a data translator and an Oracle9i database application—will let the system accept online forms and batch data from health care providers, meeting the law’s EDI requirements.The data translator from Mercator Software Inc. of Wilton, Conn., pulls data from providers, stores some of it in the Oracle database and sends some of it to the legacy mainframe running IBM’s VSAM database, which the state is converting to DB2. The mainframe processes the claim and sends the data back through the translator to be recombined with information in the Oracle database.“We have to identify each transaction and cross-walk what is required for our old system and what is required under HIPAA,” Anderson said. “This was a huge process because we had to get all the business processes down before we could deal with the technical aspects.”The translator software and Oracle database run on dual Sun Microsystems Sun Fire 4800 servers.The processed claim information goes to a Sun Fire 280R server running an in-house mailbox application from which a provider can access the data over the Internet.The integration of the translator and Oracle software is being done in-house, Anderson said.“We wanted to make sure the state staff was on the ground floor in creating this system so we can support it later,” he said. “We also can control the costs better by keeping it in-house.”Anderson expects 30,000 providers to send claims to the system, which means security and privacy are big concerns.