ASETT_Assessment_Final_Assessment_Report_v_1.1_Final_508

Department of Health & Human Services
Centers for Medicare & Medicaid Services
7500 Security Boulevard, Mail Stop S2-26-17
Baltimore, Maryland 21244-1850
Notice of Final Assessment
Date of Report: FULLDATE
CONTACTNAME
JOBTITLE
CENAME
ADDRESS1
ADDRESS2
CITY, ST ZIP
Re: Assessment Number XXXXX
Dear TITLE LASTNAME:
On (month, day, year), the Department of Health and Human Services (HHS), Division of
National Standards (DNS) within the Centers for Medicare & Medicaid Services’ (CMS)
finalized the  administrative simplification assessment.
The assessment process included a review of transactions, code sets, unique identifiers, and
operating rules. It was comprised of employing a validation software tool to determine whether
HIPAA transactions were compliant with the applicable 5010 ASC X12 standards and
implementation guides. In addition, it included a manual review of companion guides and
operating rule attestations.
The validation tool report(s) contain(s) detailed information pertaining to the violations found
during the assessment. If a unique violation occurred multiple times within the report(s), they
were considered one violation for assessment purposes. In addition, “Warning” or
“Informational” violations were not considered. See the validation error report(s) located in the
assessment secure site for .
This final report is to inform you that the assessment findings for 
demonstrates noncompliance in the following areas: transactions, code sets, unique identifiers,
and operating rules. The enclosed violations summary report includes a list of all violations cited
for assessment purposes. Each violation includes the unique error number from the validation
error report, if applicable, and a reference to the pertinent Technical Report (TR3) and/or
Operating Rule. In addition, the validation error report for the description of the violation, if
applicable, and the corresponding business message.

DNS considers your compliance to be an essential part in preventing administrative
simplification burdens to industry trading partners and covered entities. Therefore, DNS expects
your full cooperation and that  will correct all violations cited within
this report.
In summary, there were one or more violations found during the assessment process that
warrants a subsequent corrective action.  will be notified in a separate
letter that will provide the corrective action information and details within 30 days.
If you have any questions about this report, contact the HIPAA compliance team via email at
[email protected]. Please include the assessment reference number located at the top
of this report.
Sincerely,
Madhu Annadata, Director
Division of National Standards
Office of Information Technology
Enclosure – Violations Summary Report

In accordance with the Paperwork Reduction Act (1995), no persons are required to respond to a collection of information, unless it
displays a valid Office of Management and Budget (OMB) control number. The valid OMB control number for this information
collection is 0938-XXXX (Expires XX/XX/XXXX). The time required to complete this information collection is estimated to average
[10 hours] per response (4 forms x 60 minutes/form), including the time to review instructions, search existing data resources,
gather the data needed, and complete and review the information collection. If you have comments concerning the accuracy of the
time estimate(s) or suggestions for improving this form, please write to:
Centers for Medicare & Medicaid Services
Attn: PRA Reports Clearance Officer, Mail Stop C4-26-05
7500 Security Boulevard
Baltimore, Maryland 21244-1850
Please do not send applications, claims, payments, medical records or any documents containing sensitive information to the PRA
Reports Clearance Office. Any correspondence not pertaining to the information collection burden approved under the associated
OMB control number listed on this form will not be reviewed, forwarded, or retained. If you have questions or concerns regarding
where to submit your documents, please contact: Cecily Austin at [email protected] or Kevin Stewart at
[email protected] .

Violations Summary Report (Example)
File Name(s): Health_Plan_835_14.txt
Violation #1
Validation Error ID: 0x3938eda
Assessment Category: Transaction
Violation Description: 835 transaction does not balance at the transaction level.
Reference: 005010X221A1, Section 1.10.2.1.3 Transaction Balancing
Covered Entity Response

DNS Reply to Covered Entity (DNS Only)

Violation #2
Validation Error ID: 0x39393b5
Assessment Category: Unique ID
Violation Description: 835 transaction contains an invalid NPI number.
Reference: 005010X221A1, 1000B, N1 Payee Identification, N103 Identification Code Qualifier XX,
External Code Source 537, N104 Payee Identification Code
Covered Entity Response

DNS Reply to Covered Entity (DNS Only)

Violation #3
Validation Error ID: 0x3938bbe
Assessment Category: Code Set
Violation Description: 835 transaction contains a claim(s) with a second iteration of a CAS

segment, with the same group code, before exhausting the first trio of the first CAS segment.

Reference: 005010X221A1, Section 1.10.2.4 Claim Adjustment and Service Adjustment Segment Theory
Covered Entity Response

DNS Reply to Covered Entity (DNS Only)

Operating Rules
Violation #4
Reference: Operating Rule 360, Requirement 4.1.2
Assessment Category: Operating Rule
Violation Description: Attestation indicates health plan has not mapped their CARC/RARC/CAGC
crosswalk to their internal codes since 2014, and is out of alignment with the current code
combinations.
Covered Entity Response

DNS Reply to Covered Entity (DNS Only)