Skip to content

HIPAA 5010 mandate frequently asked questions

On January 16, 2009, the U.S. Department of Health and Human Services (HHS) released two final rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) regarding updated standards for electronic health care transactions: X12 Version 5010 HIPAA Transactions Standards and Code Sets.

This FAQ page is updated regularly to provide answers to common questions about HIPAA 5010 and reflect Blue Shield of California’s progress towards compliance.

  • Why has Blue Shield of California initiated the HIPAA 5010 Mandate Project?

    On August 22, 2008, the Centers for Medicare & Medicaid Services (CMS) published in the Federal Register, for public comment, a Notice of Proposed Rulemaking (NPRM) to adopt the updated standards (Version 5010) for electronic data interchange (EDI) transactions - originally adopted in the Health Insurance Portability and Accountability Act (HIPAA).

    In addition to the new 5010 version of the X12 standards for HIPAA EDI transactions, this project will need to address the changes to support the new version of the National Council for Prescription Drug Program (NCPDP) standard for pharmacy and supplier transactions (Version D.0), and the new NCPDP standard for Medicaid pharmacy subrogation (Version 3.0). Covered entities must use these new standards for pharmacy and supplier transactions including: claims, eligibility requests and responses, referral certification and authorization, and Coordination of Benefits.

    These updated standards will improve the functionality of HIPAA-regulated transactions and meet many new needs for current business requirements, such as better Present on Admission (POA) reporting on claims, improved use of National Provider Identifier (NPI) numbers, and a more functional eligibility transaction that will provide greater detailed information needed by healthcare providers when making treatment decisions.

  • What are the compliance due dates mandated by CMS?

    On January 16, 2009, CMS published final rules to adopt updated HIPAA standards. For Version 5010 and Version D.0, the compliance date for all covered entities is January 1, 2012.

    CMS received more than 100 comments suggesting a 36-month compliance period in light of the extensive changes in Versions 5010 and D.0, and the need for a coordinated implementation and testing schedule. The National Committee on Vital and Health Statistics (NCVHS) suggested that it is crucial for plans like Blue Shield to meet the following milestones to ensure full, successful, and timely compliance:

    Level 1 Compliance, when the plan can demonstrate that it can create and receive version 5010 compliant transactions. The expected time for completion of Level 1 is two years, by December 31, 2010.

    Level 2 Compliance, when the plan has completed end-to-end testing with all of its partners and is ready to move into full production with the new version. Level 2 Compliance is expected by December 31, 2011.

  • Why do we need to make changes and begin testing now?

    There are nearly 850 changes between Version 4010/4010A and Version 5010. Other plans’ impact assessments suggest that there might be a need to change business procedures and system capabilities as well as modify or create new databases. The complexity requires in-depth analysis conducted through formal procedures (impact analysis, requirements definition) before design, building, and testing can take place.

    Plans like Blue Shield are urged to begin preparations now, to incorporate effective planning, collaboration, and testing in their implementation strategies, and to identify and mitigate any barriers long before the deadline.

  • What are the HIPAA standard transactions for electronic submitters/receivers?
    The standard transaction formats that are mandated by the HIPAA Transactions & Code Sets are:
    • 837i, 837p, 837d - Health Care Claim Institutional, Professional, Dental
    • 835 - Health Care Claim Payment/Advice
    • 270/271 - Health Care Eligibility Benefit Inquiry and Response
    • 276/277 - Health Care Claim Status Request and Response
    • 278 - Health Care Services Review Request for Review and Response
    • 834 - Benefit Enrollment and Maintenance
    • 820 - Payroll Deducted and Other Group Premium Payment for Insurance Products
    • NCPDP, Version D.0 - Electronic Pharmacy-Related Transactions and a Standard for Medicaid Pharmacy Subrogation Transactions
  • What are the penalties if Blue Shield of California and its trading partners fail to comply by the deadline dates?

    While CMS has authorized contingency plans in the past, they do not intend to do so in this case, as such an action would likely impact ICD-10 implementation activities adversely. HIPAA gives CMS authority to invoke civil money penalties against plans and their trading partners who do not comply with the standards.

  • Does Blue Shield of California have an implementation schedule?

    As we develop a comprehensive implementation schedule, we are heavily dependent on the readiness of trading partners and providers to facilitate this process. We will make every effort possible to leverage trading partner/provider schedules into our implementation plans.

  • How can trading partners ensure their implementation schedules are incorporated and aligned with Blue Shield’s implementation schedule?

    We will send out a trading partner readiness survey. It is important to complete this survey and return it to Blue Shield within the requested timeframe. When we have received your responses, we’ll begin our coordination and scheduling efforts, based on EDI transactions.

  • When can trading partners expect to receive technical requirements and companion guides from Blue Shield?

    We will send companion guides based on HIPAA 5010 EDI transaction type. Trading partners/direct EDI submitters can expect to have access to some 27x transaction companion guides beginning in September 2011. Trading partners will receive technical specifications/companion guides with schedule and contact information to help them coordinate testing with the EDI Support team during the implementation phase of the project.

  • What does Blue Shield need from each of its EDI trading partners?

    The readiness survey will request EDI resource contact information and projected implementation schedule information. In addition to this information, any EDI exception processes that may potentially impact acceptance testing should be shared, to allow Blue Shield to address issues during the design/development phases of the project.

  • What other forums are available for EDI trading partners?

    Trading partners and providers may join the Workgroup for Electronic Data Interchange (WEDI), whose objective is “improving healthcare through electronic commerce”. Blue Shield of California actively participates in WEDI. For more information about how to join WEDI, visit the website at

  • Will Blue Shield of California accept and support dual formats; both 4010 and 5010 EDI versions? If so, for how long?

    Yes. Blue Shield of California (BSC) will continue to accept 4010 EDI transactions until one of the following conditions has been met:

    1. Trading Partner has successfully migrated to 5010, or
    2. January 1, 2012 deadline has been met.


    4010 transactions will be rejected as of January 1, 2012. An exception to the January 1, 2012 deadline applies to 834 EDI transactions. Blue Shield will continue to accept 4010 834 EDI transactions from existing Trading Partners until they have been successfully migrated to 5010. Completion of migrating Trading Partners from 4010 834 EDI transactions to 5010 834 EDI transactions is expected to be completed by end of February, 2012.

  • Whom should I contact about HIPAA-compliant electronic transactions, or to schedule testing with Blue Shield?

    For general EDI 5010 questions, please contact the EDI Support team at: (800) 480 -1221 or e-mail:

    Once we receive the trading partner readiness survey responses with your implementation schedules and EDI contact information, we will begin scheduling testing by transaction set type. One of our EDI testing coordinators will contact your organization to schedule 5010 testing.

  • How does Blue Shield of California intend to support the CMS extention of HIPAA 4010A1 Transactions?

    Blue Shield of California will accept requests to continue support of HIPAA 4010A1 transactions through March 31, 2012. In order to continue to submit HIPAA 4010A1 837 transactions beyond January 1, 2012, each Trading Partner must contact Blue Shield of California and provide the following details:

    • Which EDI transactions require extended HIPAA 4010A1 support?
    • Which Trading Partner requires extended HIPAA 4010A1 support?
    • Provide a timeline of when the Trading Partner is able to support HIPAA 5010 transactions?


    Blue Shield of California will provide a contingency plan, based on the details provided above. Each Trading Partner will be required to follow the contingency plan or submit a separate request for further extensions. Blue Shield of California will not support HIPAA 4010A1 837 & 835 EDI transactions beyond March 31, 2012. Please be sure to take all appropriate actions necessary to either 1) support HIPAA 5010 837 & 835 transactions, or 2) elect to have a Clearinghouse support HIPAA 5010 transactions on your behalf.

HIPAA 5010 and ICD-10 implementation

If you conduct business electronically, read about these two significant changes to HIPAA standard transactions and code sets.

Read about the changes in codes

How to enroll in EDI

Follow these easy steps to enroll in EDI for your organization.

Learn how to enroll

EDI Companion Guides

Access our companion guides for trading partners who exchange electronic transactions with us.

Get the guides