HIPAA ANSI Version 5010

HIPAA (Health Insurance Portability and Accountability Act of 1996) requires that covered entities (Health plans, health care clearinghouses, information trading partners, health information networks, or health care providers who conduct HIPAA-standard transactions.) comply with its standards when conducting certain electronic health care administrative transactions such as claims, remittance, eligibility, and claims status requests and responses. For EDI (Electronic Data Interchange) transactions, HIPAA requires use of the ANSI (American National Standards Institute) technical content and format specifications. HIPAA also requires use of the ICD (International Classification of Diseases) coding system for medical diagnoses and inpatient procedures. 

The current, federally mandated HIPAA-AS standard covered EDI transactions (ANSI 4010/4010A1) and medical code sets (ICD-9) are changing. These latest mandatory changes represent major revisions to ICD-9 diagnosis and procedure codes for a new ICD tenth revision (ICD-10). Implementation of ANSI 5010, replacing ANSI 4010, is a prerequisite to the change from ICD-9 to ICD-10 codes. 

The implementation of 5010 and ICD-10 are intended to improve patient care quality at lower costs, enhance claim processing with fewer errors, improve data reporting and promote increased interoperability across all industry stakeholders. Significant impacts to provider billing and payment processing will be realized across the health care industry if stakeholders fail to collaborate, coordinate and communicate throughout these periods.

A transition period for implementing the new 5010 standards is January 1, 2011 through December 31, 2011. Version 5010 testing should be complete by December 31, 2011. Successful conversion to ANSI 5010 is required by January 1, 2012. There is no transition period for the new ICD-10 medical code set standards. The ICD-10 compliance deadline is October 1, 2014.

You can read more about HIPAA 5010 and as a provider what you need do at


M-Scribe Commitment

M-Scribe is committed to implementing the required policies, procedures and systems in response to the requirements of the HIPAA. Under this, M-Scribe shall meet the requirements as set forth therein by the dates and deadlines imposed by the Final Rules. These areas include but are not limited to: (1) standards for administrative simplification, including the standards for electronic transactions, the national standard healthcare provider identifier, and the national standard employer identifier; (2) standards for electronic signatures and the security of electronic individually identifiable health information; and (3) standards for privacy of individually identifiable health information. M-Scribe has developed and implemented the necessary Business Associate Agreement, protocols, methods, practices, software and other measures which insure meeting the security required for the maintenance of the confidentiality of PIH (Protected Health Information) as well as the security and encryption methods and applications to insure the security of our systems, products, applications and networks.

The Health Insurance Portability and Accountability Act (HIPAA) has had a profound impact on the healthcare industry. HIPAA mandates the establishment of standards governing the security and privacy of individually identifiable protected health information (PHI) that is electronically transmitted or maintained by providers, payers and clearinghouses.

As your business partner, M-Scribe will mirror the responsibilities you have as a Business Associate and can even help you achieve HIPAA compliance. Three of the most important features of the proposed regulations — as they relate to medical transcription — cover the subjects of transmission, protection and accountability of PHI.

Transmission: M-Scribe systems are designed for secure, fully encrypted transmission of PHI in both voice and text formats. Currently, many secure formats are in operation, all of which ensure 128-bit encryption.

Protection: M-Scribe takes a multi-faceted approach to protection of PHI in its domain. Access to data by company personnel and third party contractors is controlled by clear protocols and contracts detailing privacy requirements as well as sophisticated username/password rule sets which ensure clear data segregation and limited access as required solely to perform work required.

Accountability: All employees are trained on privacy requirements, and compliance is ensured via contract and ongoing audit procedures. The M-Scribe proprietary workflow engine provides a point-to-point audit trail for every individual job, enabling the company to manage compliance with its privacy procedures at each step of the transcription process.

M-Scribe works to ensure compliance with HIPAA within a distributed workflow model. As long as all work can be transmitted and protected in the ways described above and accountability is ensured, then compliance will have been fully met by the Business Associate. M-Scribe is committed to HIPAA compliance regulations. We not only look at current requirements but also anticipate future requirements in order to stay one step ahead. We will continue to expand our technology to provide our clients with the latest in PHI security.