« Back to Glossary

What Is an UPIN Number?

Published: July 8, 2026

A UPIN, or Unique Physician Identification Number, is a six-character alphanumeric identifier that Medicare once used to identify physicians and certain other providers on Medicare claims. It was created by the Centers for Medicare & Medicaid Services and used for decades, until it was retired in 2007 and replaced by the National Provider Identifier (NPI).

If you have run into a UPIN recently, it was almost certainly in old data.

The identifier itself has not been issued in years, which is exactly why it causes confusion when it turns up in legacy records.

What was the UPIN used for?

The UPIN existed to solve a basic problem: Medicare needed a consistent way to identify the physicians involved in a claim without relying on Social Security numbers.

Congress authorized it through the Consolidated Omnibus Budget Reconciliation Act of 1985, and CMS assigned a UPIN to each physician who accepted Medicare. 

It was used to identify both the physician who performed a service and, importantly, the referring or ordering physician on a claim. Each physician was meant to carry one UPIN throughout their career, regardless of where they practiced.

For years, it was the backbone of physician identification in Medicare billing, which is why it still appears throughout older claims data and provider verification records.

What did a UPIN look like?

A UPIN was six characters long, combining a leading letter with numbers, and that first character actually carried meaning.

The opening letter signaled the provider type. Medical doctors and doctors of osteopathy fell in the A through M range, non-physician practitioners such as physician assistants and nurse practitioners in the P through S range, other doctors like chiropractors and podiatrists in the T through V range, and group entries in the W through Z range.

That is a notable contrast with the NPI that replaced it. The NPI number is a 10-digit, intelligence-free number, meaning it deliberately carries no information about the provider’s type, specialty, or location.

A UPIN was six characters long, combining a leading letter with numbers, and that first character actually carried meaning.

Why was the UPIN retired?

The UPIN was replaced as part of the broader move to a single national provider standard under HIPAA. CMS stopped issuing new UPINs in mid-2007, and the UPIN Registry was discontinued the following year. 

The official transition from UPINs to NPIs was driven by a simple limitation: the UPIN was a Medicare-specific tool. The NPI, by contrast, is used across all HIPAA standard transactions and by all payers, not just Medicare, and it covers the full range of providers and organizations rather than mainly physicians.

In short, the UPIN did one job for one program. The NPI does the same job across the entire system.

UPIN vs. NPI

The distinction is worth keeping clear, because the two are often mentioned together in older documentation.

A UPIN was six characters, specific to Medicare, and centered on physicians. An NPI is 10 digits, required across all HIPAA transactions and payers, and issued to individuals and organizations alike. An NPI is also permanent and follows the provider for their entire career.

To bridge the transition, CMS built an NPI to UPIN crosswalk, and providers were encouraged to list their old UPIN when they applied for an NPI. Those mappings are what let researchers and auditors connect a provider’s historical UPIN-era records to their current NPI.

Does the UPIN still matter today?

For anything happening now, the answer is essentially no. No new UPINs have been issued in well over a decade, and the identifier is almost never populated on claims after 2009.

Where it still matters is history. Pre-2008 Medicare claims data continues to reference UPINs, so the identifier remains relevant for historical claims analysis, legacy record review, and audits that reach back into that era. When those older records need to be tied to a provider’s present-day identity, the crosswalk to the NPI is what makes the connection.

For current identification, verification, and screening, though, the NPI is the identifier that counts.

Where provider identifiers fit into compliance

A provider identifier is the anchor that ties a provider to their claims, their credentials, and their compliance record, which is why identifying the right provider by the right number matters so much.

Today that anchor is the NPI, and it is central to exclusion screening. 

When an organization screens a provider, the NPI is one of the primary identifiers matched against the OIG exclusion list, the SAM exclusion list, and applicable state lists. A legacy UPIN on its own cannot do that work, which is another reason the move to the NPI mattered for compliance.

How Streamline Verify uses provider identifiers

Screening only works when it is tied to the correct, current identifier, applied consistently across a full roster of providers and vendors.

Streamline Verify screens by NPI against the OIG LEIE, the SAM exclusion list, and applicable state Medicaid lists, matching name variations and identifiers so potential matches are not missed. The platform continues ongoing exclusion monitoring over time and records each check in a time-stamped audit trail. 

Where older records still reference a UPIN, it is the crosswalk to the NPI that brings that provider into current screening.

By anchoring screening to the identifier in use today, Streamline Verify helps healthcare organizations keep provider verification accurate and current.

Want to see how provider screening fits into your compliance workflow?

CONTACT US

You may also want to read on…

Understanding OIG Exclusions

OIG Exclusions Screening Process

Exclusion FAQS

Quick OIG Exclusion Basics

Employing Excluded Individuals

Consequences to Employing an Excluded Individual

OIG Compliance Law

Laws and Publications on OIG Compliance

Our Culture Icon Small

Blog

Stay ahead of healthcare compliance - updates that matter.

Ask Me Anything

Clear answers. Cleaner compliance.

Exclusion Compliance

Understand exclusions. Reduce risk.

Security First

  • ✓ Cloud hosted
  • ✓ Encrypted data
  • ✓ Real-time backups

Trusted for Accuracy

  • ✓ Physical security
  • ✓ Restricted access
  • ✓ Single sign-on
  • ✓ Password security
  • ✓ Certified secure
  • ✓ Cross checking

HEALTHCARE ESTABLISHMENTS NATIONWIDE COUNT ON STREAMLINE VERIFY

5

60%

Average workload reduction by implementing the Streamline Verify program

5

10K

Establishments trust Streamline Verify nationwide

5

2011

Serving the healthcare industry’s unique compliance needs since 2011

5

24X

Setting standards with hourly synchronization to primary source data

AICP SOC Compliance Logo
HIPAA Compliance Logo
Our Culture Icon Small

Our Culture

We build the best, so you can perform at your best.

Trusted for Good Reason

  • ✓ Guaranteed accurate
  • ✓ Certified Secure
  • ✓ Audit Proof
  • ✓ Feature-rich reporting
  • ✓ Round the clock real-time-data
  • ✓ Processing fully automated

Security First

  • ✓ Cloud hosted
  • ✓ Encrypted data
  • ✓ Real-time backups

Trusted for Accuracy

  • ✓ Physical security
  • ✓ Restricted access
  • ✓ Single sign-on
  • ✓ Password security
  • ✓ Certified secure
  • ✓ Cross checking

HEALTHCARE ESTABLISHMENTS NATIONWIDE COUNT ON STREAMLINE VERIFY

5

60%

Average workload reduction by implementing the Streamline Verify program

5

10K

Establishments trust Streamline Verify nationwide

5

2011

Serving the healthcare industry’s unique compliance needs since 2011

5

24X

Setting standards with hourly synchronization to primary source data

AICP SOC Compliance Logo
HIPAA Compliance Logo