Skip to main content


HIPAA standards


The Health Insurance Portability and Accountability Act (HIPAA) mandates the standardization of EDI formats for health care data transmission, which includes claims, remittance, eligibility, and claim status inquiries. HIPAA regulations replace the CMS 1500 and UB04 Claims formats with ASC X12N 837 Transactions.

The Blue Cross and Blue Shield of North Carolina (Blue Cross NC) Blue Book Companion Guides are available to assist trading partners in understanding  Blue Cross NC code and situation handling used in processing the ANSI ASC X12N Transactions. The X12 version 5010 of the Companion Guide is available.

HIPAA agreements, forms, and instructions

Trading partner agreement

The Trading Partner Agreement establishes the formal business relationship between a sender / receiver of electronic files and Blue Cross and Blue Shield of North Carolina.

New trading partners will receive this agreement electronically after the new trading partner has submitted the Electronic Connectivity Request (ECR) form to Blue Cross NC eSolutions and eSolutions has processed the request. 

Complete one of the ECR forms and submit to eSolutions to begin the process. 

Electronic Connectivity Request (ECR) forms

Any entity wishing to exchange HIPAA (X12) files with Blue Cross NC must submit the appropriate ECR form. Select the appropriate forms based on your role as either a healthcare provider or a clearinghouse / billing service.

For clearinghouses or billing services Electronic Connectivity Request (ECR)

If you do not currently exchange HIPAA (X12) files with Blue Cross NC or you want to add a transaction type to the transactions you currently exchange, complete this ECR form and submit it online.

For providers submitting directly Electronic Connectivity Request (ECR)

If you do not currently exchange HIPAA (X12) files with Blue Cross NC or you want to add a transaction type to the transactions you currently exchange, complete this ECR form and submit it online.

Don't use this form to request an Electronic Remittance Advice (835 transaction).

For healthcare providers requesting Electronic Remittance Advice (ERA) 835

Use this form to request receipt of an Electronic Remittance Advice (835) if you need to submit the request via fax. You will need to print and fax this form to Blue Cross NC. See the 835 Enrollment Form Guidelines on the form for instructions.

Medicare Crossover 835 Electronic Connectivity Request (ECR) form

Use this form when giving Medicare services to members who have additional coverage with a different Blue Cross and Blue Shield (BCBS) plan.

Blue Cross NC electronically forwards 835 remittances for Medicare crossover claims received from other BCBS plans to providers with NPIs registered with Blue Cross NC to receive them.

You must also receive 835 Remittances (not associated with Medicare) to be able to submit this form.

HIPAA testing

Trading Partners who send electronic transmissions directly to Blue Cross NC must test for HIPAA compliance before they can transmit to Blue Cross NC production environment. Blue Cross NC offers free testing for its trading partners through a web-based application. This testing tool provides analysis of test files, specific information on errors, and enables users to keep a history of files tested. The site can also be used to run production files for senders who would like to verify the compliance of their files prior to transmission.

Trading partners must register at the website prior to submitting files for testing. For detailed information about registering and submitting test files, download the Instructions for HIPAA testing with Blue Cross NC Community Portal (PDF).

HIPAA versions 5010 Companion Guides

Introduction to the Blue Cross NC Companion Guide for Version 5010 EDI Transactions (for all Trading Partners)Chapter Version 2.5 (PDF)
837 Institutional Health Care Claim (Version 5010)Chapter Version 5.6 (PDF)
837 Professional Health Care Claim (Version 5010)Chapter Version 5.10 (PDF)
270 and 271 Health Care Eligibility Inquiry and Response (Version 5010)Chapter Version 3.2 (PDF)
276 and 277 Claim Status Request and Response (Version 5010)Chapter Version 1.5 (PDF)
278 Health Care Services Review and Response (Version 5010)Chapter Version 1.1 (PDF)
835 Health Care Claim Payment/Advice (Version 5010) (for participating providers only)Chapter Version 3.0 (PDF)
Blue Cross NC HIPAA GlossaryChapter Version 2.0 (PDF)

HIPAA sample documents

You can expect to receive the following electronic format transactions or reports as a result of your batch transmission:

Claims audit report sample

This sample document illustrates the Blue Cross NC proprietary Claims Audit Report. Providers can download the Claims Audit Reports from their Blue Cross NC electronic mailboxes or receive them from their clearinghouses. The Claims Audit Report is returned for 837 Health Care Claim transactions only.

999 Functional Acknowledgment sample

This sample provides illustrations of three different 999 Functional Group Acknowledgments. The 999 transaction serves as both a positive acknowledgment and a report of Implementation Guide errors within a Functional Group (GS GE) or a Transaction Set (ST SE).

TA1 Interchange Acknowledgment sample

This sample provides two illustrations of the TA1 Interchange Acknowledgment Transaction. The TA1 may provide a positive acknowledgment of the transmission or a negative acknowledgment that includes a report of Implementation Guide errors within an Interchange Control (ISA IEA).


HIPAA information

HIPAA stands for the Health Insurance Portability and Accountability Act of 1996. HIPAA affects almost the entire health care industry, including employers. For health plans, providers and health care clearinghouses, the critical portions of the act are the Administrative Simplification provisions, which include new standards for electronic transactions that took effect Oct. 16, 2003, as well as regulations on the privacy and security of personal health care information.

The provisions, developed by the US Department of Health and Human Services (HHS), establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. They also address the security and privacy of protected health information. These standards are intended to improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in health care.

The provisions cover the following:

  •  Electronic transactions, code sets and identifiers (effective October 16, 2003)
  •  Privacy of protected health information (effective April 14, 2003) 
  •  Security (effective March 2005)

Payers, healthcare providers and clearinghouses must use specified standards when exchanging these data types in electronic form:

  •  Claims and claim status
  •  Remittances (Notice of Payment or Explanation of Payment)
  •  Eligibility
  •  Authorizations and referrals

HIPAA is a federally mandated law. If providers do not make an effort to become compliant, they will be subject to penalties.

HIPAA edits and reporting tools

Blue Cross NC has elected to use the TA1 and 997 Acknowledgment transactions to confirm transmissions. These reporting tools are in addition to the traditional Claims Audit Reports that providers are accustomed to receiving for claims submissions. Detailed information about the TA1 and 997 is contained in each transaction chapter of the Blue Cross NC Companion Guide to EDI Transactions.

The HIPAA compliant 997 and TA1 Acknowledgments, as well as the Blue Cross NC Claims Audit Report, are returned to the sender of the transmission. Providers using a clearinghouse or billing service are not likely to use the 997 and TA1. However, all providers should have access to their Blue Cross NC Claims Audit Report. Most clearinghouses collate the proprietary reports of payers for each of their providers and return the reports to the provider in some format, if not the original. If you have not been receiving the Blue Cross NC Claims Audit Report from your clearinghouse, contact them and inquire as to why. It is critical for all providers to use their Claims Audit Report to correct claims that have errors and resubmit those claims electronically.

Providers should also discuss with their clearinghouse how they will be informed when a negative TA1 or 997, involving their data, is received.

Implementation Guide edits address issues such as the presence of required fields or fields required under certain conditions, the validation of data structure (e.g. alpha-numeric requirements, field length), and the correct usage of medical and non-medical code sets. Implementation Guide edits are identified through the TA1 or 997 Acknowledgment transactions.

Blue Cross NC business edits address only those data elements that are required for business processing. For health care claims, our business edits are defined in the context of the 837 transactions in both Chapters 1 and 2 of the Blue Cross NC Companion Guide to EDI Transactions. The Blue Cross NC business edits are also listed in Appendices B and C of the Blue Cross NC Companion Guide to EDI Transactions. Business edits are identified by either the Blue Cross NC Claims Audit Report (for 837 Claims filings) or by the paired transaction to a 270, 276, or 278. Those transmitting 834 files are notified of business edits via phone or email.

Providers need to speak to their vendor/clearinghouse about this issue. Blue Cross NC is not providing alternative reporting tools to the TA1 and 997 Acknowledgments.

The TA1 Acknowledgment is returned immediately upon receipt of the transmission. Senders should expect to see the TA1 within 5 minutes. The 997 Acknowledgment is also generated immediately, but because the 997 can vary in length, it may take slightly longer. The Claims Audit Report is generated nightly, reflecting all claims that were transmitted by 4:45 p.m. that business day, and received by senders the next business day by 8:00 a.m.

Yes. Both the 997 and TA1 Acknowledgment include the acronym "ACK" in the file naming convention so that these files are immediately recognizable. In addition, transaction files include the transaction number in the file name. The 271, 277, 278, and 835 include those numbers in the file name. As in the past, senders receive their Batch IDs when they receive the EDI Production Services Notification Letter confirming their connectivity and readiness date.

EDI requirements

Direct Senders of electronic transactions will need to do the following:

  • Complete a copy of the Blue Cross NC Trading Partner Agreement (TPA), available on the HIPAA information page. You need to complete a TPA even if you do not need to test.
  • Return an original copy of the TPA, signed by authorized personnel, to Blue Cross NC EDI Services (see Trading Partner Agreement Instructions online for more details).
  • Complete an Electronic Connectivity Request (ECR) form for each type of transaction you want to transmit. These ECR forms are available on the HIPAA information page.

Indirect Senders who transmit electronic transactions to Blue Cross NC via another party (billing service, clearinghouse, or service bureau) will need to do the following:

Complete ECR forms for each type of transaction you want to submit or receive. These ECR forms are available on the HIPAA information page and may be completed and submitted on your behalf by your clearinghouse or service bureau.

The TPA outlines the roles and responsibilities that bind both Blue Cross NC and its trading partner, to ensure secure electronic transmissions. A TPA is not required by HIPAA, but the ASC Insurance Subcommittee that was charged with developing the Implementation Guides for EDI transactions strongly recommends that trading partners have binding agreements to provide security and assurance in the transfer of electronic information (See Section 1.1.1 of any ASC X12 Implementation Guide). Blue Cross NC has made a business decision to make trading partner agreements a requirement for EDI transmission based on this recommendation.

Blue Cross NC requires the execution of its own TPA with all entities that are sending us direct transmissions. The Blue Cross NC Trading Partner Agreement is comprehensive and should address any issues or legal concerns of our trading partners.

No. However, a newly credentialed practitioner should be assigned a Blue Cross NC Provider Identifier Number by Network Management, another department of Blue Cross NC. Contact your local Network Management field consultant for more information.

You can call the eSolutions HelpDesk at 888-333-8594 to verify the status on your Trading Partner Agreement or ECR.

Right now there is only one version of HIPAA-compliant transactions in release for transmission. However, as new versions are approved in the future, there will be multiple version options available. Each version will have distinct requirements, so it will be important to identify which version you are transmitting on your ECR form.

If you are a company that sends transactions on behalf of health care providers or you are a large provider institution that submits transactions on behalf of multiple provider groups, you will need to identify each group Blue Cross NC Provider ID for which you transmit files. However, you can send all group provider identifiers for which your organization is responsible on one form, using additional sheets of paper if necessary. However, separate forms must be submitted for 837 Institutional Provider Identifiers and 837 Professional Provider Identifiers.

Trading partners, vendors, and clearinghouses

Blue Cross NC will consider new suppliers based upon business needs, existing contractual relationships and supplier product and service offerings.

Contract duration varies. When a contract is up for renewal, Blue Cross NC may invite qualified suppliers to participate in a bid opportunity. Blue Cross NC reserves the right to continue pre-existing relationships without conducting new bids.

Certification means your organization has been reviewed and confirmed by a third-party certifying agency as a diverse-owned business. Suppliers are responsible for acquiring and maintaining valid certification.

Yes. However, you must complete an 835 Electronic Connectivity Request form if the vendor handling the 835 is different from the vendor handling your 837 Claims.

All paired transactions (the 271, 277, 278-11) are returned to the sender of the initiating transaction (the 270, 276, 278-13). The 835 is returned either to the sender of the 837 OR to the entity identified on the 835 Electronic Connectivity Request form if it should be returned to an entity other than that which transmitted the 837.

No. Only direct senders of transmissions need to test with Blue Cross NC. If you are using a clearinghouse billing service, or software from a vendor that has tested, you do not need to test with Blue Cross NC.

Blue Cross NC cannot tell you if your clearinghouse or billing service has begun testing. Contact them directly.