The Department of Health and Human Services (HHS) has published a proposed rule requiring that health plans be certified for compliance with the standards of the Health Insurance Portability and Accountability Act (HIPAA). The proposal also envisions fines for plans that do not certify their compliance.

The proposal states:

This rule proposes that controlling health plans (CHPs) must submit certain information and documentation that demonstrates compliance with the adopted standards and operating rules for three electronic transactions: eligibility for a health plan, health care claim status, and health care electronic funds transfers (EFT) and remittance advice. Such documentation would be an indication that a CHP has completed some internal and external testing.