• E-mail
• Print
• RSS

Watch for NPI pitfalls and database flaws: Information gaps and missing links cause trouble

HIPAA Training Advisor, July 26, 2007

When CMS published its long-awaited NPI data dissemination notice (also known as the national plan and provider enumeration system [NPPES]) in May, it gave healthcare organizations access to much-but not all-of the data that they need to fully implement the NPI. There are gaps in the data, as well as other hurdles to overcome before providers can fully use the information, experts say.

"People are relying too heavily on the accuracy and completeness of the data," says Chris Apgar, CISSP, president of Apgar & Associates, LLC, in Portland, OR. There is still a fair amount of data that organizations need to go out and collect, he says. The dissemination notice is an excellent starting place, but it's not the end of the process either.

There are some flaws in the database itself. The database doesn't link providers to their employers or affiliates, for example, nor does it provide room for more than one address for providers. That may be a problem for those who need a treatment address to bill properly, Apgar says. Additionally, the database does not provide Social Security or tax identification numbers, because CMS publishes the database on the Internet, making it available to anyone with Internet access. The trouble is that health plans may need those numbers in order to process payments. Much of the data in the database, such as legacy numbers or taxonomy codes, are voluntary, and providers can choose to delete them, which could leave the final product filled with gaps and lacking important information, Apgar says.

How it works

The NPPES database will come in two forms. One form is a downloadable file containing information about all 2.2 million NPIs issued to date, and the other is an Internet query function. Many organizations will want to download the file and have internal IT staff set up a searchable relational database. Although this will make the data more usable, it will take considerable work. With data on 2.2 million providers, the database is huge; it contains far more data than most organizations will need.

IT departments should have the capacity to handle a large comma delimited file-the file format of the downloadable NPI information-but it will take some time for IT staff members to sort through all of the providers to retrieve the data relevant to your facility. For instance, to keep the information manageable, you may want to include only the providers in your local area with whom you do business regularly. Remember that it may take some time for IT staff members to figure out how to sort the data in order to exclude long-distance providers. You'll also need to go out and collect additional data, such as taxonomy codes, from relevant providers, because the database is unlikely to be accurate and complete. IT staff members will also need time to test the database to make sure that it works for your needs. Also, providers should make sure to set up a system that allows you to download updates to the data as CMS provides them, Apgar says.

Certain organizations may wish to use the public query function. However, this function will be limited to searches based on name, NPI, or location. You won't be able to enter a provider's legacy number to find his or her NPI, for example. Or if a provider has a common name, you may have trouble sorting through the many search results.

Besides that, most providers have already started building their own NPI databases, because CMS didn't release its database until very late in the process. The original deadline for NPI implementation was in May, but CMS has given a one-year contingency period to providers, which allows them to delay full implementation as long as they can show a good faith-effort to comply in the meantime.

Benefits

Still, there are definite benefits to having the NPPES data available, says Sally Klein, RN, MBA, PNP, ­project manager for consulting firm FOX Systems, Inc., in Scotts­­dale, AZ. It provides a way for healthcare organizations to verify their own databases and fill in any information gaps that they might find. Providers can check their information and make sure that they are processing claims correctly. It also provides another source where organizations may look for NPIs for providers whom they may be missing in their own databases. Because CMS will update information monthly in the downloadable file, it will also offer a way to receive current information for providers who may not have notified all of their payers or affiliates of changes to their NPI. However, be aware that it's unclear how long CMS will continue to perform monthly updates to the downloadable files.

Providers can also check the database and make sure that all of the information they provided is correct, Klein says. Providers had until July 16 to correct the initial downloadable file for its August 1 release. After that deadline, any corrections that providers make will be available in the next monthly update to the downloadable file. CMS will update the query function in real time, so changes that providers make will be immediately accessible by query.

Pitfalls

Be sure to look for any Social Security or tax identification numbers that you might have entered as a legacy or other number. The database only hides numbers in the Social Security/tax identification field from public viewing-the rest will be available on the Web site. Because some plans used Social Security numbers as legacy numbers under their old systems, some providers may have accidentally put their Social Security number on public display, Klein says.

"Every provider in the country should go back into the database and make sure that everything that's in there is correct," says Klein. "They should also check to make sure that everything that's in there is something they want to be in there." However, if providers strip out too much information, the database will be less useful, Klein says.

Many provider organizations are advising providers to take out all of the information they can, which includes Medicaid numbers, legacy numbers, and additional taxonomy codes, Apgar says. This is because the organizations fear that easy access to this information makes it easier to file fraudulent claims, or that vendors seeking to target providers will deluge them with unwarranted marketing. But the less information providers make available in the database, the more trouble they may have getting their claims paid properly. Health plans need some of the optional data to expedite claims.

Think thoroughly about what information you are going to delete before you actually go through with it, Apgar says. If you delete legacy numbers that an insurer needs, "that insurer is going to be knocking on your door."

Pay particular attention to taxonomy codes, Klein suggests. Some health plans will now need them in order to pay you properly. Many providers will need more than one taxonomy code because they may have multiple specialties. For example, an orthopedist may do general work but also specialize in sports medicine. The orthopedist would need a separate taxonomy code for each type of claim. There are 12 taxonomy codes for sports medicine, so it's important to use the correct one. Because NPPES requires only one primary taxonomy code to get an NPI, many providers may not have provided numbers for all of the services that they provide, Klein says.

"It can make a difference in getting paid," Klein says. "You should make sure all the taxonomy codes that are appropriate for you are in there and they are correct."

"There are some significant advantages here as long as people understand what the limitations are," Apgar says. "Just make sure you know what you're getting and if you're a provider deleting data, make sure it's not data that [a payer will need]."

• E-mail to a Colleague
• Print
• RSS
• Archive