The ANSI ASC X12 (American National Standards Institute Accredited
Standards Committee X12) Standard version 4010 applies to which one
of the following HIPAA categories?

A.
Security

B.
Privacy

C.
Transactions

D.
Code sets

Explanation:
The transactions addressed by HIPAA are:
Health claims or similar encounter information
Health care payment and remittance advice
Coordination of Benefits
Health claim status
Enrollment and disenrollment in a health plan
Eligibility for a health plan
Health plan premium payments
Referral certification and authorization
The HIPAA EDI transaction standards to address these HIPAA
transactions include the following:
Health care claims or coordination of benefits
Retail drug NCPCP (National Council for Prescription Drug
Programs) v. 32

Dental claim ASC X12N 837: dental
Professional claim ASC X12N 837: professional
Institutional claim ASC X12N 837: institutional
Payment and remittance advice ASC X12N 835
Health claim status ASC X12N 276/277
Plan enrollment ASC X12 834
Plan eligibility ASC X12 270/271
Plan premium payments ASC X12 820
Referral certification ASC X12 N 278
The American National Standards Institute was founded in 1917
and is the only source of American Standards. The ANSI Accredited
Standards Committee X12 was chartered in 1979 and is responsible for
cross-industry standards for electronic documents. The HIPAAprivacy
standards, answer a, were finalized in April, 2001, and implementation
must be accomplished by April 14, 2003. The privacy rule covers
individually identifiable health care information transmitted, stored in
electronic or paper form, or communicated orally. Protected health
information (PHI) may not be disclosed unless disclosure is approved
by the individual, permitted by the legislation, required for treatment,
part of health care operations, required by law, or necessary for
payment. PHI is defined as individually identifiable health information
that is transmitted by electronic media, maintained in any
medium described in the definition of electronic media under HIPAA,
or is transmitted or maintained in any other form or medium. Answer
b, code sets, refers to the codes that are used to fill in the data elements
of the HIPAAtransaction standards. Examples of these codes are:
ICD-9-CM (vols. 1 and 2) International Classification of Diseases,
9th Ed., Clinical Modification Diseases, injuries, impairments,
other health related problems, their manifestations, and causes of
injury, disease, impairment, or other health-related problems
CPT (Current Procedural Terminology, 4th Ed. [CPT-4]), CDT
(Code on Dental Procedures and Nomenclature, 2nd Ed. [CDT-2])
or ICD-9-CM (vol. 3) Procedures or other actions taken to prevent,
diagnose, treat, or manage diseases, injuries, and impairments
NDC (National Drug Codes) drugs
HCPCS (Health Care Financing Administration Common
Procedure Coding System)
Other health-related services, other substances, equipment,
supplies, or other items used in health care services
The proposed HIPAA Security Rule, answer d, mandates the
protection of the confidentiality, integrity, and availability of

protected health information (PHI) through:
Administrative procedures
Physical safeguards
Technical services and mechanisms
The rule also addresses electronic signatures, but the final rule
will depend on industry progress on reaching a standard. In
addition, the proposed security rule requires the appointment of a
security officer.