A National Provider Identifier (NPI) is a unique 10-digit identification number issued to health care providers in the United States by the Centers for Medicare and Medicaid Services (CMS). The NPI has replaced the Unique Physician Identification Number (UPIN) as the required identifier for Medicare services, and is used by other payers, including commercial healthcare insurers. The transition to the NPI was mandated as part of the Administrative Simplifications portion of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).[1]
HIPAA–covered entities such as providers completing electronic transactions, healthcare clearinghouses, and large health plans were required by regulation to use only the NPI to identify covered healthcare providers by May 23, 2007. CMS subsequently announced that as of May 23, 2008, CMS will not impose penalties on covered entities that deploy contingency plans to facilitate the compliance of their trading partners (e.g., those healthcare providers who bill them). The posted guidance document can be used by covered entities to design and implement a contingency plan. Details are contained in a CMS document entitled, "Guidance on Compliance with the HIPAA National Provider Identifier (NPI) Rule." Small health plans have one additional year to comply.
All individual HIPAA–covered healthcare providers or organizations must obtain an NPI for use in all HIPAA standard transactions, even if a billing agency prepares the transaction. Individual HIPAA–covered healthcare providers include physicians, pharmacists, physician assistants, midwives, nurse practitioners, nurse anesthetists, dentists, denturists, licensed opticians, optometrists, chiropractors, clinical social workers, professional counselors, physical therapists, occupational therapists, prosthetists, orthotists, pharmacy technicians and athletic trainers. Organizations include hospitals, home health care agencies, nursing homes, residential treatment centers, group practices, laboratories, pharmacies and medical equipment companies. Once assigned, a provider's NPI is permanent and remains with the provider regardless of job or location changes.
Other health industry workers who provide support services but not health care (such as admissions and medical billing personnel, housekeeping staff and orderlies) are not required to obtain an NPI.
The NPI must be used in connection with the electronic transactions identified in HIPAA. In addition, the NPI may be used in several other ways:
The NPI number can be obtained online through the National Plan and Provider Enumeration System (NPPES) pages on CMS's website.[3] Turnaround time for obtaining a number is from 1 to 20 days. NPI numbers can be searched on the CMS website listed in external links 'National Plan and Provider Enumeration System information from CMS'.
The NPI is a 10-position, intelligence-free numeric identifier (10-digit number). This means that the numbers do not carry other information about healthcare providers, such as the state in which they live or their medical specialty. The NPI must be used in lieu of legacy provider identifiers in the HIPAA standards transactions. As outlined in the federal regulation, The Health Insurance Portability and Accountability Act of 1996 (HIPAA), covered providers must also share their NPI with other providers, health plans, clearinghouses, and any entity that may need it for billing purposes.[4]
Ten-digit NPI numbers may be validated using the Luhn algorithm by prefixing "80840" to the 10-digit number.[5]
NPI data is downloadable from CMS. The downloadable database was updated monthly until December 2012, and has been issued weekly since. A data structure file is available separately from CMS.[6] As of June 2024, the file download size is 947.84 MB, and the raw database file (npidata_pfile_20050523-20240512.csv) is 9.3 GB when extracted.[7] The size of the data has been steadily growing over time. The size of the raw database file was 8.8GB in June 2023, and 8.2GB in June 2022.
The NPI is a data key that identifies a substantial portion of healthcare providers and other entities in the US, it is a frequently used data key in other data sources. For instance, the DocGraph data set is a crowdfunded open data[8] set that details how healthcare providers collaborate to deliver care (i.e. referral patterns) that uses the NPI as its data key.[9]
The NPI is often a common denominator between various healthcare provider identifier numbers, such as CMS Certification Number[10] (CCN; formerly OSCAR number), Employer Identification Number, and PECOS Associate Control ID[11] (PAC ID). With an increasing number of publicly available datasets containing these identifiers, some organizations have extracted the most plausible links between these identifiers. For example, a crosswalk between CCN and NPI can be obtained by analyzing the facility ownership datasets.[12] As another example, a subset of the crosswalk between EIN and NPI can be derived by analyzing the provider reference files from various payers.[13]