It's no secret that the government mandated dynamic duo - that being HIPAA 5010 and ICD-10 - requires changes enormous in both number and scope. What's not as well understood is all the challenges they present.

HIPAA 5010 carries at least 1331 modifications spanning all 9 standard electronic transactions, while ICD-10 adds five times as many codes.

The most significant hurdle healthcare organizations face on the path toward both HIPAA 5010 and ICD-10, however, can be whittled down to the “T-word,” as in “testing.” All three panelists agreed on that, during the Preparing for the Future: 5010 Implementation webinar in late March; they included representatives from Blue Cross and Blue Shield of Florida, Tampa General Hospital, and PNC Healthcare. Thus, a provider, payer, and clearinghouse.

[Related: Top 5 ICD-10 myths, debunked. See also: 7 Questions to ask yourself about the HIPAA 5010 conversion.]

Testing might be the single most important challenge that HIPAA 5010 and ICD-10 pose, but it's neither the only nor the first. Here's a list of the top five.

1. Education
Increasing awareness of technological and process changes that the new mandates will create is not only a huge undertaking but perhaps the foundation of project success. In the case of Blue Cross and Blue Shield of Florida, that means making sure that some 1,300 trading partners are included, according to George Vancore, an IT systems integrator within BCBS Florida's regulatory mandates and compliance program office.

“We need to do a great deal of education to make sure everyone understands the changes, both internally and externally,” adds Pamela Grosze, vice president, manager healthcare operations payer services, PNC Healthcare.

2. Engagement of vendors and partners
Providers are ultimately responsible for compliancy, says Gale Scott, the HIPAA transaction compliance administrator at Tampa General. But providers cannot succeed alone. Scott recommends getting firm delivery dates from vendors as a start.

“Don't accept the mantra from trading partners that 'we'll be compliant on January 1, 2012,'” Vancore adds. “That's not my problem. I need to know when you can test with me.”

3. Testing
“Testing is going to be the issue,” Grosze says. “It all gets back to testing,” because PNC, and others, need to identify customizations, such as provider- or payer-specific modules that need to be changed, and ultimately “evaluate all our transactions, end-to-end.”

Organizations also need to take into account how the updated software interfaces with other products to make sure HIPAA-related wares don't introduce problems elsewhere.

[Related: Studies split on who's in charge of HIPAA 5010 and ICD-10 conversions. Podcast: Leveraging ICD-10 to clean up your business.] 

Vancore says that by December of this year organizations should achieve Level 1 compliance, which means testing inbound and outbound transactions, so that during 2011 they can move from HIPAA 4010 to 5010. Scott takes it a step further by explaining that the most critical testing needs to be done in a production environment. “Without that you won't have the full picture...You wouldn't want to turn it on without seeing it work a time or two.”

4. Phased migration
Consider it “a gradual transition to full migration,” Scott advises. Phased migration is “the culmination of all the partners' work.” It's where providers, payers, and clearinghouses find out if it all works in accordance with the changes to claims. “We fully expect a phased migration to take a year,” Scott says.

Vancore and Grosze both agree on the virtues of a phased migration. “We need to receive both 4010 and 5010 and send out both formats during phased migration,” Grosze explained, while Vancore said that BCBS Florida has to live in both 4010 and 5010 worlds as well.

5. Dual-use after compliance
Even after a phased migration, healthcare organizations will still have HIPAA 4010 claims to handle, sorry to say. No one, in fact, should expect to bid 4010 adieu on January 1, 2012.

“We need to be prepared to support both formats even after the compliance date to keep our business running,” PNC's Grosze says.

Working with those partners that are HIPAA 5010 compliant, and managing to patch together workarounds with those that are not, will be something of an inevitable nightmare. “There's no question in my mind, all the coordination is going to be problematic,” Vancore says. 

Not on anyone's side
Considering that the industry as a whole is running behind on both projects, that “T-word” could just as easily be “time.”

“The clock is ticking with a vengeance,” Tampa General's Scott cautions, adding that subsequent to HIPAA 5010, the ICD-10 conversion is right around the corner.

What's more, any healthcare IT professionals still stuck in denial, thinking the deadlines won't remain firm, ought to think twice, panelists said.

“It's pretty clear that no contingency plan will be granted,” Scott adds. “The federal government already gave us that grace period.”