HIPAA Statement by EHG

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) has created a flurry of activity within every sector of the healthcare industry. Adopted as part of HIPAA, the Administrative Simplification Act (ASA) is designed to facilitate the flow of healthcare information in a standardized, secure and private manner. It includes seven sets of regulations but focuses primarily on:

• Data Privacy - Final Rule published December 28, 2000 (65 Fed Reg 82462) - Effective April 14, 2003.
• Transaction and Code Sets - Final Rule published August 17, 2000 (65 Fed Reg 50312) - Effective October 16, 2002. Note: The adopted code sets apply to financial and administrative transactions and do not include clinical transactions as of yet.
• Data Security - Final rule published February 20, 2003. Requires the securing of all data that falls under the Privacy Rule.

EDI Health Group, Inc. (EHG) welcomes the opportunities presented by HIPAA and specifically the ASA. We believe that the standardization promised by these regulations will ultimately reduce the cost of healthcare and have a tangible positive effect on patient care.

EHG has formed an internal HIPAA task force consisting of experienced healthcare professionals. Our team understands the regulations and is attentive to the impact these requirements will have on our business processes as well as those of our customers. We have already changed our internal process to achieve compliance.

In addition to our own implementation, we are committed to assisting you, our customers, in turning today's challenges into tomorrow's opportunities.

HIPAA Certification

EDI HEALTH GROUP, Inc. (EHG) has obtained certification for compliance for claims transactions under HIPAA's final transactions and code sets rule. EDI HEALTH GROUP, Inc., is a California-based Clearinghouse for Electronic Data Interchange(EDI) transactions for Health Care Providers.

The HIPAA certification, from Edifecs, means that EHG generates ANSI X12 Transactions that comply with the HIPAA implementation guides. Edifecs (www.edifecs.com) is a proven provider of solutions for rapidly deploying and managing today's trading partner networks. The Edifecs HIPAA solution provides enablement technologies to accelerate the implementation of HIPAA and healthcare trading communities. HIPAA-Desk, powered by Edifecs' CommerceDesk, is the first free and full service HIPAA compliance checking & testing facility for the healthcare industry. Founded in 1996, Edifecs serves an installed base of more than 1,200 customers and partners including numerous B2B providers such as GE Global eXchange Services, Microsoft, Harbinger/Inovis, Quovadx, Sterling Commerce and TIBCO. Edifecs healthcare clients include Abbot Labs, Baxter Healthcare, BCBS Association, BCBS of Alabama, BCBS of Oregon, Regence and many others. The Department of Health and Human Services deems Edifecs certification as proof that an organization's transactions are compliant with HIPAA.

Below is a link to the certification certificates given by Edifecs to EHG for submitting HIPAA compliant transactions. All EHG's transactions go through Edifecs for testing before they are implemented with each Payer or Clearinghouse that EHG has a direct connection too.

HIPAA Links

Links to additional information on HIPAA:

• Department of HHS Home Page
• HIPAAdvisory Web Site
• National Dental EDI Council (NDEDIC)
• National Provider ID (NPI) Enumerator