Compliance: HIPAA Data Reporting

IMPORTANT INFORMATION BEGINNING FOR THE REPORTING PERIOD 2023:

In 2022 the Arizona legislature amended §20-1382 to include section (E) which states;

         E. Notwithstanding any other law, an insurer is not required to comply with the reporting requirements of this section if the federal laws that require providing a certificate of creditable coverage are superseded by the prohibition on preexisting condition exclusions.

Therefore, so long as the federal prohibition on preexisting condition exclusions exists, the HIPAA data reporting is no longer required of insurers.

The following information remains for historical reference only.

Are you subject to ARS § 20-1382 HIPAA reporting requirements?
Arizona Revised Statutes (ARS) § 20-1382 requires certain health care insurers to annually
report information related to the number of covered individuals, earned premium, products
offered in the individual marketplace, and available marketing materials.
The reports required by ARS § 20-1382 are intended to demonstrate compliance with sections
20-1379, 20-1380, and 20-1381 of the Arizona statutes. These statutes were implemented to
comply with the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Determining applicability:

Only companies offering what ARS § 20-1379 and the federal HIPAA statute define
as individual health insurance coverage are subject to the reporting requirements.


● A health care insurer that offers limited benefit coverage or short-term limited duration
insurance to individuals and no other health insurance coverage to individuals in the
individual market is not considered a health care insurer that offers health insurance
coverage in the individual market. The Department would not expect to receive a
HIPAA report from a health care insurer that offers only limited benefit coverage
or short-term limited duration insurance
.

● A company who continues to do business in ACA-compliant, grandfathered, or
transitional (grandmothered) individual major medical coverage is subject to the HIPAA
reporting requirements. Companies may wish to consult the definitions of creditable
coverage, health care insurer, and individual health insurance coverage at ARS §
20-1379(U)(3), (7), and (10), respectively, to confirm that they are required to file these
reports.

● While not defined in Arizona statute, student health insurance coverage is defined in
federal regulation and exempt from federal requirements for guaranteed availability and
guaranteed renewability. See 45 CFR § 147.145. Because student health insurance
coverage is exempt from guaranteed availability requirements, the Department would
not expect to receive the report required by ARS § 20-1382 from a health care insurer
that offers only student health insurance coverage.

Questions about HIPAA reports may be directed to [email protected]

 

How to submit HIPAA reports
HIPAA reports should be submitted via SERFF using the forms listed below. Detailed
instructions for filing the HIPAA reports, including direction on the selection of TOI and filing
type, may be found in SERFF as an attachment to the Arizona Life & Health General
Instructions page ("Life and Health Report Filing Instructions").

 

Compliance: HIPAA Data Reporting