Circular No. 48/2017/TT-BYT dated December 28, 2017 of the Ministry of Health on prescribing transfer of electronic data used in management and payment of covered health care costs

THE MINISTRY OF HEALTH

Circular No. 48/2017/TT-BYT dated December 28, 2017 of the Ministry of Health on prescribing transfer of electronic data used in management and payment of covered health care costs

Pursuant to the Government s Decree No. 75/2017/ND-CP dated June 20, 2017, defining the functions, tasks, powers and organizational structure of the Ministry of Health;

Pursuant to the Government s Decree No. 166/2016/ND-CP dated December 24, 2016 that prescribes electronic transactions arising in the social security, health insurance and unemployment insurance sector;

Upon the request of the Director of the Health Insurance Department;

The Minister of Health hereby issues the Circular that prescribes transfer of electronic data used in management and payment of covered health care costs.

Chapter I

GENERAL PROVISIONS

Article 1. Scopeof adjustment

This Circular shall deal with electronic data, electronic data formatting, processes, protocols and time of transfer of electronic data and responses sent on receipt of transferred electronic data for the purposes of management, verification and payment of health care costs covered by the health insurance plan.

Article 2. Definition

For the purposes of this Circular, terms used herein shall be construed as follows:

1. General nomenclaturerefers to general information about medical technology services, medicines, medical equipment, blood and other formulated products, names of illnesses, healthcare establishments and others related to healthcare activities which have already been encoded and divided into separate classification schedules (General nomenclature codes) approved by the Minister of Health and enforceable at healthcare establishments providing health insurance -covered medical services, and entities carrying out inspection and payment of covered medical costs across the nation.

2. Information technology infrastructurerefers to a combination of computing devices (servers or workstations), peripheral devices, network connected devices, auxiliary devices, local networks, wide area networks, IT applications and other equipment.

3.XMLrefers to the abbreviation for the English phrase “eXtensible Markup Language" that means the markup language that can be extended and is created to share electronic data between different IT systems.

4.UTF-8refers to the Unicode 8-bit transformation format.

Article 3. Principles of transfer and receipt of electronic data

1. Electronic data must conform to requirements set out herein.

2. Transfer and receipt of electronic data must ensure clarity, integrity, equality, safety, confidentiality, effectiveness and conform to laws on electronic transactions.

Chapter II

TRANSFER OF ELECTRONIC DATA

Article 4. Input data and output data acquired in management and payment of health care costs covered by the health insurance plan

1. Electronic data used in management, assessment and payment of covered medical costs shall include input data and output data.

2. Input data and output data shall be established based on and in strict compliance with regulations of the general nomenclature codes issued by the Minister of Health, and shall be required to ensure linkage and interconnectivity between electronic data for management, inspection and payment of covered medical costs.

3. Electronic data formatting:

a) XML shall be used to format electronic data while UTF-8 may be used to represent alphabetical letters in the Unicode character system.

b) Each XML file may contain one or multiple covered health check-up or treatment records each of which stores information about a patient’s health care visit even if such health care visit is made by a patient holding at least two health insurance cards.

Article 5. Protocols for transfer of electronic data

1. Protocols for transfer of electronic data shall comprise:

a) 1^stprotocol: Transfer carried out by using web service connections;

b) 2^ndprotocol: Transfer carried out by synchronizing electronic data by using the server software;

c) 3^rdprotocol: Transfer carried out by directly inputting data;

d) 4^thprotocol: Transfer carried out by transmitting FTP (File Transfer Protocol) files.

2. Health care establishments shall be accorded the discretionary power to decide on one of the protocols stated in paragraph 1 of this Article, but shall be required to ensure that transferred data are accurate and input data are identical to output data.

Article 6. Processes for sending of electronic data and responses sent on receipt of transferred electronic data for the purpose of management of covered costs

1. Time of sending of electronic data for the purpose of management of covered costs:

Health care establishments shall upload electronic data on the data receipt Portal of the Health Insurance Verification Information System administered by the Vietnam Social Security (hereinafter referred to as Health Insurance Verification Portal) immediately after an outpatient medical check-up and treatment visit or an inpatient health care stay, unless otherwise provided in Article 8 hereof.

2. Responses sent on receipt of transferred electronic data for the purpose of management of covered costs

a) Right after receipt of information from healthcare establishments carrying out verification of current status and information of the health insurance card held out by a contact patient, the Health Insurance Verification Portal shall be required to respond with information about the current status and details of that patient’s health insurance card, and provide a statement showing a full history of that patient’s health care visits that includes at least the following information: medical check-up and treatment time, primary diseases and secondary diseases (if any) specified in ICD-10 disease codes or traditional medicine classification codes of diseases, and description of his/her health care condition existing within 06 (six) latest months.

b) After receipt of electronic data containing a health care establishment’s information about end of a health check-up visit, or an outpatient or inpatient treatment visit, the Health Insurance Verification Portal shall inform that health care establishment of receipt of such electronic data.

3. Authentication of electronic date shall not be required for transfer of electronic data containing a health care establishment’s information about end of a health check-up visit, or an outpatient or inpatient treatment visit to the Health Insurance Verification Portal for the purpose of management of covered medical services.

Article 7. Processes for sending electronic data and responses sent on receipt of transferred electronic data for the purpose of request for verification and payment of covered medical costs

1. Within the duration of 07 (seven) working days from the date of end of a patient’s health care visit, healthcare establishments shall be obliged to:

a) Carry out checking and comparison to adjust electronic data in the event of any deviation as compared with those existing in the reality and provide additional information in case of insufficient information or eliminate irrelevant information before sending out electronic data to request payment of covered medical costs;

b) Authenticate the electronic data sent as a request for inspection and payment of covered medical costs before the responsible or authorized person sends his/her data.

c) Send electronic data to the Health Data Receipt Portal of the Ministry of Health and the Health Insurance Information Verification Portal, unless otherwise prescribed in subparagraph d paragraph 1 of this Article.

d) Send electronic data indicating the request for verification and payment of covered medical costs that may be incurred at the end date of a month, quarter or year to the Health Data Receipt Portal of the Ministry of Health and the Health Insurance Information Verification Portal prior to the 5^thday of the succeeding month.

2. Responses from the Health Data Receipt Portal of the Ministry of Health:

Right after receipt of electronic data from healthcare establishments, the Health Data Receipt Portal of the Ministry of Health must reply to them to give confirmation.

3. Responses from the Health Insurance Information Verification Portal:

a) Immediately after receipt of electronic data showing the request for verification and payment of covered medical costs from healthcare establishments, the Health Insurance Information Verification Portal shall be obliged to inform these healthcare establishments of whether such electronic data have been received;

b) Within the duration of 07 (seven) working days of receipt of electronic data used for requesting verification and payment of covered medical costs, the Health Insurance Information Verification Portal shall be obliged to inform in detail the results of verification of such electronic data;

c) In case of any alert or rejection, or both alert and rejection, of electric data the Health Insurance Information Verification Portal shall have the burden of clarifying the reason for such alert or rejection with respect to each detail of XML table and informing healthcare establishments for their knowledge and timely modification.

Article 8. Delay in transfer of electronic data required by the prescribed deadline

1. Transfer of electronic data used for management, verification and payment health care costs covered by the health insurance plan may be delayed in comparison with the date prescribed by this Circular if:

a) there is any act of god or force majeure resulting in the information technology infrastructure system’s failure to transfer or receive such electronic data.

b) the information technology infrastructure system’s failure to transfer or receive such electronic data is resulted from the fact that electricity or Internet connection is not available.

2. When acts of god or force majeure, referred to in subparagraph a paragraph 1 of this Article, occur on the side of the healthcare establishment that sends electronic data or on the side of the entity that receives electronic data, the party affected by such unexpected events shall promptly notify the other party of causes of its failure to transfer or receive electronic data. Notification shall be delivered by telephone or email or written documents. Transfer and receipt of electronic data shall resume promptly after any failure or defect is repaired or corrected.

3. If the cause specified in subparagraph b paragraph 1 of this Article is determined, the Head of a healthcare establishment and Head of a Social Security agency entering into a contract for provision of covered medical services with that healthcare establishment shall have the discretionary power to decide on the manner and time of sending of electronic data; the Head of that healthcare establishment and the head of a social security agency shall be responsible for reporting on that decision to the regulatory body having direct authority over these two entities.

Article 9. Data confidentiality and management

1. Sending, transferring, receiving, responding to, exchanging and managing electronic data as prescribed herein shall be secured and managed under laws on information technology, network security, health check-up, medical treatment and others.

2. In addition to complying with paragraph 1 of this Article, entities, organizations or individuals engaged in sending, transferring, receiving, responding to, exchanging and managing electronic data shall assume the following responsibilities:

a) Ensure safety, confidentiality, accuracy and integrity of electronic data and use electronic data assigned within the scope of their functions, duties and powers; collaborate with entities, organizations or individuals concerned in implementing necessary technical approaches to ensure authenticity of such electronic data, system security and safety;

b) Follow legislative regulations and procedures concerning protection of health information privacy in the network environment.

Chapter III

IMPLEMENTARY RESPONSIBILITIES

Article 10. Responsibilities of the Ministry of Health

1. Lead, provide instructions on, inspect transfer of electronic data containing information about covered medical services, verification and payment of covered medical costs, with respect to Departments of Health, healthcare establishments of Ministries, sectoral departments, healthcare establishments providing covered medical services and entities charged with receiving and managing electronic data.

2. Take charge of and collaborate with the Vietnam Social Security and other entities, organizations or individual concerned in:

a) Compiling, updating, modifying, revising and supplementing the general nomenclature, formats and standards of output data and other relevant regulations for the purpose of implementation of this Circular;

b) Regulating transfer, receipt, responding to, verifying electronic data containing information about covered medical services in certain particular cases;

c) Establishing the system of information regarding management of covered medical services and issuing directive documents thereof;

d) Receiving and handling any difficulty or problem that may arise in the course of implementation.

3. Assure receipt, management and use of electronic data containing information about covered medical services and other data used for the state management purpose at the Health Insurance Data Receipt Portal of the Ministry of Health.

4. Assign Departments, Authorities, Administrations or relevant affiliates or subordinate entities of the Ministry of Health to organize activities to meet requirements concerning management and payment of covered medical costs.

Article 11. Responsibilities of the Vietnam Social Security

1. Provide sufficient personnel and infrastructure systems like servers, workstations, transmission lines, software and databases of health insurance cards and Health Insurance Information Verification Portal to meet demands for access to information about covered medical services, manage health insurance network linkage, receive, respond to, protect security for electronic data indicating the request for verification and payment of covered costs which are sent from healthcare establishments to social security agencies in a quick, sufficient and accurate manner.

2. Apply general nomenclature codes in a full and accurate manner, regulations on standards and formats of output data approved by the Minister of Health, satisfy request for receipt and management of electronic data sent from healthcare establishments for the purposes of verification and payment of covered costs.

3. Submit the general nomenclature that the Vietnam Social Security has already established or planned to establish or supplement for the Minister of Health’s official approval.

4. Establish, issue and release the database of health insurance cards, processes or rules for electronic inspection carried out through the software system that ensures connection between the system for verification and payment of health insurance-covered costs and the software system for management of covered health examinations or treatments of healthcare establishments, and bear its responsibility for the status, accuracy, confidentiality, safety and security of the database of health insurance cards and electronic data of cardholders which have been transferred to the Health Insurance Verification Information Portal administered by a social security body.

5. Direct social security agencies at all levels to implement this Circular; pay in time and in full covered costs to healthcare establishments in accordance with laws in force.

6. Collaborate with the Ministry of Health in computerizing covered health check-ups and treatments and sharing all necessary information used for the state management accorded the Ministry of Health and implementing duties assigned by the Vietnam Social Security.

Article 12. Responsibilities of Departments of Health of centrally-affiliated cities and provinces, and healthcare establishments of Ministries and sectoral departments

1. Organize activities to initiate, direct, guide, inspect and expedite use of general nomenclature codes, standards and formats of output data which have been approved by the Minister of Health, ensure the due transfer of electronic data for the purposes of management, payment of covered costs of health check-ups and medical treatments provided by healthcare establishments under their jurisdiction, and compliance with provisions laid down herein.

2. Exploit and use the database available on the Health Insurance Information Verification Portal and the Health Data Receipt Portal of the Ministry of Health for the purposes of management which is relevant to their assigned functions, duties and powers. In the course of exploitation and use of the electronic database, ensure confidentiality and security for information and data on patients’ health check-ups and treatments in accordance with laws on information technology, network security, health check-up and medical treatment as well as others.

3. Take charge of and collaborate with relevant bodies in resolving any difficulty that may arise in the course of implementation of this Circular. In the event of failure to do so, they must report to competent authorities to seek their decision.

Article 13. Responsibilities of healthcare establishments

1. Apply general nomenclature codes; standards and formats of output data; electronic certifications which have been approved by the Minister of Health, ensure the due, sufficient, accurate and authentic transfer of electronic data exactly describing the history of a patient’s health check-ups and medical treatments for the purpose of management of health check-ups and medical treatments, and verification and payment of covered medical costs.

2. Have access to information of patients’ health insurance cards in order to ensure benefits and interests between parties concerned in accordance with laws.

3. Have the burden of ensuring accuracy of healthcare data, confidentiality of healthcare information and data of patients in accordance with laws.

4. Report to regulatory bodies and social security agencies in case of any change to the persons authorized to manage, grant the electronic certification and use accounts related to transfer of electronic data used for management of health checkups and medical treatment activities and payment of covered medical costs.

5. Comply with any direction or requirements concerning examination, inspection and supervision which are laid down under laws.

6. Affix their signature to validate covered costs of health checkups and medical treatments provided by healthcare establishments in the event that patients or representatives thereof do not submit required documentation for payment of covered medical costs to social security bodies. Heads of healthcare establishments shall be liable for affixation of their outgoing electronic certification signature and data.

7. Promptly transfer electronic data as prescribed by Article 6 and 7 hereof on the next working day in the event that healthcare establishments close dossiers on health care visit, outpatient or inpatient treatment of a patient on the dates when normal covered healthcare activities are not carried out (e.g. days-off, national or public holidays and lunar New Year holidays).

8. Send electronic data indicating the request for verification and payment of covered healthcare costs and concurrently send electronic data used for management of covered healthcare services if they are capable of doing so.

9. Revise electronic data indicating the request for payment of covered healthcare costs in the event of any inaccuracy of such data, but owe obligations to give clear explanation for such revision and obtain consent from social security bodies.

10. Regulate, provide, use and store health information used for health checkup and medical treatment activities, and payment of covered healthcare costs and other healthcare activities in the network environment existing at healthcare establishments, but ensure that these activities do not breach laws.

Chapter IV

IMPLEMENTARY PROVISIONS

Article 14.Effect

This Circular takes effect on March 01, 2018.

Article 15. Transitional provisions

Healthcare establishments that have yet to get connected to the Health Data Receipt Portal of the Ministry of Health and the Health Insurance Verification Information Portal for objective reasons shall not be governed by this Circular.

Any difficulties in the course of implementation of this Circular, entities, organizations and individuals should promptly inform the Ministry of Health (Health Insurance Department) for its review and decision on possible actions.

For the Minister

The Deputy Minister

Pham Le Tuan