§162.1000 General requirements.
When conducting a transaction covered by this part, a covered entity must meet the following requirements:
(a) Medical data code sets. Use the applicable medical data code sets described in §162.1002 as specified in the implementation specification adopted under this part that are valid at the time the health care is furnished.
(b) Nonmedical data code sets. Use the nonmedical data code sets as described in the implementation specifications adopted under this part that are valid at the time the transaction is initiated.
Make sure you are Omnibus Rule Compliant: HIPAA Privacy Checklist.