Not a Member?  Become One Today!

Prepare for Medicare's Secondary Payer Reporting Requirements
New mandatory requirements take effect on Jan. 1, 2009

By Andy R. Anderson and Sage Fattahian, Morgan Lewis  10/14/2008


The Medicare, Medicaid and SCHIP Extension Act (the MMSEA), signed into law on Dec. 29, 2007, requires health insurers and third-party administrators (TPAs) to submit data to the Centers for Medicare and Medicaid Services (CMS) identifying situations where a group health plan is secondary to Medicare. This mandatory reporting requirement is the latest attempt to ensure proper coordination of benefits between Medicare and group health plans (including employer-sponsored group health plans covering Medicare-eligible employees).

On Aug. 1, 2008, the CMS published a supporting statement outlining the mandatory data elements that must be reported under the MMSEA.

Effective Date

Section 111 of the MMSEA establishes separate mandatory reporting requirements for group health plans, liability insurance programs (including self-insurance), no-fault insurance and workers’ compensation programs. The effective date for reporting group health plan data is Jan. 1, 2009; the effective date for all other programs is July 1, 2009.

This means that for group health plans, effective Jan. 1, 2009, the required data elements (outlined below) must be reported to CMS on a quarterly basis. The penalty for failing to report the required data elements is $1,000 per day per person for which the data should have been submitted.

Effect on Health Plan Sponsors
Insurers and TPAs will need to implement internal policies and adequate procedures to identify, collect and submit data on all Medicare-eligible participants and to make the appropriate benefit determinations.

The collection of some data elements—such as a participant’s health insurance claim (HIC) number, which TPAs might not be using currently to identify a participant—might prove to be challenging. The data collection will likely require a cooperative process between the plan sponsor and the service provider.

This process will carry an additional administrative expense, which the insurer or TPA will likely want to pass on to the plan sponsor along with a requirement that the plan sponsor indemnify the insurer or TPA for any failures to identify and report all Medicare-eligible participants.

Plan sponsors should request adequate assurances in writing that their insurers or TPAs are assuming responsibility for the data collection and reporting process. Plan sponsors in negotiations with service providers should negotiate the cost and responsibility for the data collection and reporting process and ensure that the responsibility for the process is stated clearly in the service agreement.

Reporting Process

CMS currently has a voluntary electronic data-sharing program in place for group health plans; the mandatory reporting process will build on this existing voluntary program. Group health plans that are currently participating in CMS’s voluntary data-sharing program will have little or no additional compliance responsibility related to the new mandatory reporting data elements. However, the data collection and reporting process might be onerous for group health plans not currently participating in CMS’s voluntary data-sharing program because of the detail of data elements required to be reported.

Data Elements

Group health plans must collect and report the following data elements to CMS on a quarterly basis:

Required Data Elements

    1. Beneficiary’s health insurance claim number (HICN; Medicare ID number).

    2. Beneficiary’s Social Security number (SSN; required if the HICN is not available).

    3. Beneficiary surname (first five letters required).

    4. Beneficiary first initial.

    5. Beneficiary date of birth.

    6. Beneficiary sex code.

    7. Document control number (assigned by insurer).

    8. Transaction type (add, delete or update).

    9. Coverage type (type of insurance coverage).

    10. Effective date (effective date of current coverage).

    11. Termination date (termination date of current coverage).

    12. Relationship code (relationship to policy holder).

    13. Policy holder first name.

    14. Policy holder last name.

    15. Policy holder SSN.

    16. Employer size.

    17. Small employer MSP exception.

    18. Group policy number.

    19. Individual policy number.

    20. Employee coverage election (who the policy covers).

    21. Employee status (reasons why group health plan (GHP) is primary).

    22. Employer employee identification number (EIN) and business address.

    23. Insurer EIN and business address.

Optional Data Elements

    1. Rx insured ID number.

    2. Rx group number.

    3. Rx pharmacy benefit processor control number (PCN).

    4. Rx benefit identification number (BIN).

    5. Rx toll-free number (to call with questions regarding Rx coverage).

    6. Person code (assigned by insurer).

The required data elements for liability insurance programs (including self-insurance), no-fault insurance and workers’ compensation programs are similar to those listed above and are specified in Attachment D of the CMS's supporting statement.

Copyright © 2008 by Morgan, Lewis & Bockius LLP

Reposted with permission

Andy R. Anderson is of counsel in Morgan Lewis's employee benefits and executive compensation practice. Saghi (Sage) Fattahian is an associate in Morgan Lewis’s employee benefits and executive compensation practice.

Related Resources:

New Secondary Payer Reporting Requirements Take Effect January 1, 2009, Fisher & Phillips LLP, October 2008

New Medicare Secondary Payer Reporting Requirements, Dorsey & Whitney LLP, August 2008

Copyright Image Obtain reuse/copying permission