Understanding NPI Numbers and Their Importance in Preventing Healthcare Fraud

What is an NPI Number?

The National Provider Identifier (NPI) is a standard that establishes a unique health identifier for healthcare providers and entities.

An NPI is a unique identification number created to improve the efficiency and effectiveness of electronic transmission of health information. The NPI Final Rule, published on January 23, 2004, established the NPI as the Health Insurance Portability and Accountability Act (HIPAA) administrative standard. An NPI is a 10-digit numeric identifier. It does not carry information about a provider, such as the state where they practice, their provider type, or their specialization. An NPI number will not change, even if the provider’s name, address, taxonomy, or other information changes.

The Centers for Medicare and Medicaid (CMS) requires an NPI for all HIPPA covered providers and entities spanning both the government and the private sector, as well as a provider or supplier that bills Medicare.

There Are Two Categories of NPI Numbers

There are two categories of NPI numbers; Entity Type 1 and Entity Type 2 numbers. Entity Type 1 NPI numbers are assigned to individual healthcare providers and only one number will be assigned to that individual. Entity Type 2 NPI numbers are given to healthcare organizations or group healthcare providers. These organizations can have a single employee or thousands of employees. With Entity Type 2 NPI numbers both the organization and each provider it employs must have an NPI.

The Benefits of Having an NPI Number

Benefits of an NPI include:

• Simple electronic transmission of HIPAA standard transactions
• Standard unique health identifiers for healthcare providers, healthcare plans, and employers
• Efficient coordination of benefit transactions

What an NPI Number Doesn’t Do

Obtaining an NPI will not:

• Change or replace your current Medicare enrollment or certification process
• Enroll you in a health plan
• Ensure you are licensed or credentialed
• Guarantee payment by a health plan
• Require you to conduct HIPAA transactions

Who Can Obtain an NPI?

All healthcare providers or entities such as physicians, suppliers, or hospitals that render healthcare services can obtain an NPI number. If a provider enrolls in Medicare, they must have an NPI. Additionally, all healthcare providers who are HIPAA-covered are required to have an NPI number.

The following are a few of the healthcare providers or entities who are HIPAA-covered and thus required to obtain an NPI:

• Physicians
• Nurses
• Pharmacists
• Dentists
• Physical Therapists
• Hospitals
• Laboratories
• Pharmacies
• Nursing Homes
• Group Practices

NPI May Be Used in Other Ways

Since the introduction of HIPAA in 1996, NPIs must be used with electronic transactions. But, the NPI can be used in many other ways, such as:

• to identify healthcare providers in healthcare transactions
• to process transactions for health insurance plans in their internal provider files
• to coordinate benefits with other plans
• to identify other healthcare providers in healthcare transactions
• to create and process standard transactions by healthcare clearinghouses in their internal files
• to identify treating healthcare providers in patient medical records for electronic record systems
• to cross-reference healthcare providers in fraud and abuse files by the national, state, and local Department of Health and Human Services

How Do You Apply For an NPI?

Individual providers and entities can apply for NPIs through the CMS National Plan and Provider Enumeration System (NPPES) who will then assign them their NPI number.

According to the Department of Health and Human Services Centers for Medicare & Medicaid Services, there are three ways to apply for an NPI:

• Option 1: Apply through a web-based application process. Visit the National Plan and Provider Enumeration System (NPPES). Individual providers must create a username and password and log in to NPPES using that username and password.
• Option 2: Complete, sign, and mail an application to the NPI Enumerator address listed on the application. For a copy of the application (Form CMS-10114, “NPI Application/Update Form”) go to the CMS website or send an email to customerservice@npienumerator.com.
• Option 3: Give permission to an Electronic File Interchange Organization (EFIO) to submit application data on your behalf through a bulk enumeration process. 

How Do I Look Up an NPI Number?

You can look up a provider’s NPI number using the NPI Registry, which is an online system that allows users to search for a healthcare provider’s NPI. The NPI Registry Public Search is a free directory of all active National Provider Identifier records. NPI information accessible by the public includes the provider’s name, specialty, and address of their practice.

Keys to Preventing Healthcare Fraud

The National Provider Identifier (NPI) is a key to preventing fraud in Medicare put in place by the Centers for Medicare and Medicaid (CMS) Final Rule on Fraud Prevention. It is designed to ensure quality care because it allows the verification of credentials of a provider who is treating patients or prescribing and ordering equipment and supplies. Keep in mind, however, that having an NPI number does not ensure that a provider is licensed or properly credentialed. Those verifications still need to occur to support patient safety and regulatory compliance.

There are a number of ways NPI numbers can be used fraudulently. A provider or entity may use multiple NPI numbers (which would indicate medical identity theft) or an excluded provider may use an affiliated entity’s NPI number to continue practicing or prescribing. Thorough provider screening is the best way to prevent these types of fraudulent actions.

It is critical to deactivate the NPI number assigned to a deceased provider, a dissolved entity, or if theft is suspected to further mitigate fraudulent behavior.

Verisys focuses on improving patient safety and elevating the overall quality of healthcare in our country by carefully screening healthcare providers and entities. A large part of our mission is to identify and eliminate excluded providers as well as providers who abuse the healthcare system with fraudulent or unethical behavior. Verisys screens healthcare providers and entities against more than 5000 primary sources to verify their credentials and eligibility to treat patients and bill for services rendered. Having a thorough credentialing process in place is key to preventing healthcare fraud.

Written by Verisys Verisys transforms provider data, workforce data, and relationship management. Healthcare, life science, and background screening organizations rely on our comprehensive solutions to discover their true potential. Visit verisys.com to learn how we turn problems into power. Secure, configurable, and proven solutions Accurate, compliant, and complete information NCQA, URAC, and ISO accreditations/certifications Follow us on LinkedIn