CMS and ONC have posted a fact sheet that details progress HHS has made in promoting the growth of health information technology since the enactment of the Health Information Technology for Economic and Clinical Health (HITECH). The fact sheet addresses, among other things, statistics on participation in the Electronic Health Record Incentive Programs and electronic prescribing and information on HHS plans to accelerate health information exchange development.
On May 3, 2013, CMS and the Office of the National Coordinator for Health Information Technology (ONC) are hosting a meeting to discuss electronic health records, the increase in code levels billed for some Medicare services, and appropriate coding in an increasingly-electronic environment. The meeting, which is aimed at providers, health information technology vendors, and other interested stakeholders, will address issues such as the impact of EHRs on high quality clinical care, provider efficiency and coding, and coding challenges and opportunities facing various groups, including hospitals and clinicians. Attendees may participate in person, via telephone, or web streaming. Registration is required.
Recent Congressional hearings have addressed a number of health policy issues. For instance, the House Energy and Commerce Committee held a series of hearings on health information technologies, covering the Administration’s perspectives on innovation and regulation (including a discussion of the Administration’s policies on regulation of mobile medical apps), how innovation benefits patients, and “harnessing wireless innovation.” http://energycommerce.house.gov/press-release/three-day-hearing-series-produces-much-needed-certainty-patients-providers-and-innovators. Separately, a Health Subcommittee hearing focused on Medicare and Medicaid entitlement reform. In addition, the Senate Finance Committee held a hearing on health care delivery reform, focusing on the Center for Medicare and Medicaid Innovation efforts.
CMS and the Office of the National Coordinator for Health Information Technology (ONC) are seeking comments on a series of potential policies intended to accelerate electronic health information exchange (HIE) across providers. The notice identifies various gaps that the policies and programs are intended to address, such as low rates of electronic health record (EHR) adoption and HIE among post-acute and long-term care providers; low rates of EHR adoption and HIE across settings of care and providers (including ambulatory care, post-acute and long-term care, behavioral health, and lab providers); and low rates of consumer and patient engagement. The notice also includes specific questions for stakeholders, such as what changes in payment policy would have the most impact on the electronic exchange of health information (particularly among organizations that are market competitors); how policies should be developed to maximize the impact on care coordination and quality improvement; how CMS can leverage regulatory requirements for acceptable quality (such as conditions of participation for hospitals or requirements for skilled nursing facilities (SNFs) and home health) to support electronic, interoperable HIE; and how new authorities under the ACA for testing innovative payment and service delivery models can best accelerate standards- based electronic HIE across treating providers. Comments will be accepted until April 22, 2013.
CMS Announces 90-Day Enforcement Discretion Period for HIPAA Eligibility & Claim Status Operating Rules
On January 2, 2013, CMS announced a 90-day “enforcement discretion period” with respect to operating rules mandated by the ACA for two transactions: eligibility for a health plan and health care claim status. Specifically, the CMS Office of E-Health Standards and Services (OESS) will not initiate enforcement action until March 31, 2013, with respect to HIPAA-covered entities (including health plans, health care providers, and clearinghouses, as applicable) that are not in compliance with the two operating rules published July 8, 2011. Notwithstanding OESS’s discretionary application of its enforcement authority, CMS emphasizes that the compliance date for using the operating rules remains January 1, 2013. Applicable HIPAA-covered entities that are ready to conduct transactions using the adopted operating rules should do so, and all applicable covered entities are encouraged to “expeditiously become compliant.” Moreover, while enforcement action will not be taken, OESS will accept complaints regarding compliance with the rules beginning January 1, 2013 and, if requested by OESS, covered entities that are the subject of complaints must produce evidence of either compliance or a good faith effort to become compliant during the 90-day period.
The HHS Office of the National Coordinator for Health Information Technology (ONC) is seeking comments on its draft “Health IT Patient Safety Action and Surveillance Plan,” a blueprint for using health information technology (IT) to make care safer and to continuously improve the safety of health IT. The draft plan offers a list of actions in three broad strategic areas: increasing the quantity and quality of data and knowledge about health IT safety; targeting resources and corrective actions to improve health IT safety and patient safety; and promote a culture of safety related to health IT. The plan, which addresses recommendations made in the 2011 Institute of Medicine Report, “Health IT and Patient Safety: Building Safer Systems for Better Care,” emphasizes shared responsibly among the government, industry, clinicians, patients, accrediting bodies, health IT developers, and other parties. Comments on the plan will be accepted until February 4, 2013.
CMS is hosting a national provider call on January 16, 2013 on Meaningful Use requirements under the Medicare and Medicaid Electronic Health Record Incentive Programs. The target audience is hospitals, critical access hospitals, and professionals eligible for incentives. Registration is required.
The Medicare electronic health record (EHR) incentive program is vulnerable to paying incentives to professionals and hospitals that do not fully meet meaningful use requirements due to gaps in CMS oversight, according to a recent OIG report. Based on a review of CMS’s oversight of self-reported meaningful use of certified EHR technology in 2011, the OIG found that CMS did not have strong prepayment or postpayment safeguards. The OIG also noted that CMS cannot use EHR reports to verify all self-reported meaningful use information because the Office of the National Coordinator for Health Information Technology (ONC) does not require certified EHR technology to be capable of producing reports for all measures. As a result of these findings, the OIG recommends that CMS: (1) obtain and review supporting documentation from selected professionals and hospitals prior to payment to verify self-reported information (although CMS argued that this would increase the burden on providers); and (2) issue more detailed guidance on documentation requirements (CMS agreed). The report also contained recommendations for ONC, including recommendations that the agency: (1) require that certified EHR technology be capable of producing reports for yes/no meaningful use measures where possible; and (2) improve the certification process for EHR technology to ensure accurate EHR reports (ONC concurred with both recommendations). For more information, see the full report, “Early Assessment Finds That CMS Faces Obstacles in Overseeing the Medicare EHR Incentive Program."
The Health Information Technology for Economic and Clinical Health (HITECH) Act provided funding to promote the adoption and meaningful use of certified EHR technology, including a Medicaid EHR program. In 2011, the first year of the Medicaid EHR program, 1,964 hospitals and 45,962 professionals were awarded a total of approximately $2.7 billion in Medicaid EHR incentive payments, according to a GAO report describing the characteristics of providers that participated in the program in 2011. Hospitals claimed $1.7 billion in these Medicaid EHR incentive payments, with a median payment amount of $613,512. Almost half of the hospitals (46%) receiving payments were located in the south, while the smallest proportion (15%) were located in the northeast. Also among hospitals receiving payments, 62% were located in urban areas, 80% were acute care hospitals, 57% percent were nonprofits, and 57% were not members of a chain, while hospitals with the highest number of total beds were twice as likely to receive an incentive payment than those with the fewest number of beds. With regard to professionals, who were awarded a total of $967 million in incentive payments, more than three times as many eligible professionals participated in the Medicaid EHR program than in the Medicare EHR program. The largest proportion of professionals who received a Medicaid EHR incentive payment for 2011 were in the south (37%), compared to 20% in the midwest. As with hospitals, most professionals receiving EHR incentive payments (83%) were located in urban areas. Additional details can be found in the full report, “Electronic Health Records: Number and Characteristics of Providers Awarded Medicaid Incentive Payments for 2011."
On December 7, 2012, CMS published an interim final rule with comment period that updates the Data Element Catalog (DEC) standard and the Quality Reporting Document Architecture (QRDA) Category III standard adopted in a September 4, 2012 final rule. The interim final rule with comment period also revises the Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs by adding an alternative measure for the Stage 2 meaningful use objective for hospitals to provide structured electronic laboratory results to ambulatory providers. The regulation also revises regulatory text for measures pertaining to hospitals providing patients with the ability to view online, download, and transmit information about a hospital admission. In addition, the rule addresses the applicability of the case number threshold exemption for clinical quality measure (CQM) reporting to eligible hospitals and critical access hospitals beginning with FY 2013. CMS also announces its intention to issue technical corrections to the electronic specifications for CQMs released October 25, 2012. Certain provisions within the interim final rule are effective January 7, 2013, and comments will be accepted until February 5, 2013.
CMS has scheduled a December 18, 2012 National Provider Call on the Physician Quality Reporting System (PQRS) and Electronic Prescribing (eRx) Incentive Program. The call will provide an overview of the Program Year 2012 Data Submission for the PQRS-Electronic Health Record Incentive Program Pilot and Program Year 2013 self-nomination process for group practice reporting options, registries, maintenance of certification, and electronic health record data submission vendors.
The HHS Office of Civil Rights (OCR) recently released guidance on methods to de-identify protected health information in compliance with the HIPAA Privacy Rule. The guidance, which is summarized on the Reed Smith’s Life Sciences Legal Update blog, is intended to assist covered entities and business associates in understanding what de-identification is and how de-identified information is created.
The Office of the National Coordinator for Health Information Technology (ONC) has issued a Request for Comment (RFC) on Stage 3 meaningful use recommendations, which will “target a collaborative model of care with shared responsibility and accountability.” In releasing the RFC, the ONC acknowledges “today’s challenges in setting up data exchanges,” but recommends that Stage 3, which takes effect in 2016, represents “the time to begin to transition from a setting-specific focus to a collaborative, patient- and family- centric approach.” The 37-page RFC highlights three broad areas: Meaningful Use Objectives and Measures; Quality Measures; and Privacy and Security. The comment deadline is January 14, 2013. After the comment period, the ONC Health Information Technology Policy Committee intends to hold public meetings on development of the Stage 3 policy.
On November 14, 2012, the House Science, Space, and Technology Committee is holding a hearing entitled “Is 'Meaningful Use' Delivering Meaningful Results -- An Examination of Health Information Technology Standards and Interoperability.” Two hearings are scheduled to examine the recent outbreak of fungal meningitis: a November 14 House Energy and Commerce Oversight Subcommittee hearing on "The Fungal Meningitis Outbreak: Could It Have Been Prevented?" and a November 15 Senate Health, Education, Labor, and Pensions Committee hearing entitled “Pharmacy Compounding: Implications of the 2012 Meningitis Outbreak.”
CMS has posted a set of electronic specifications for clinical quality measures (eCQMs) for eligible professionals and eligible hospitals for use in the EHR incentive program for electronic reporting in 2014.
A recent GAO report warns of information security risks – such as unauthorized changes of device settings resulting from a lack of appropriate access controls -- associated with the growing use of wireless technology in certain active implantable medical devices (e.g., implantable cardioverter defibrillators and insulin pumps). On the other hand, officials and technology experts caution that efforts to mitigate information security risks need to be balanced against potential adverse impact on devices’ performance, including limiting battery life. The GAO also highlights potential gaps in the FDA’s use of its traditional adverse event reporting system to address information security in active implantable medical devices, particularly since reporting entities might not understand the relevance of information security risks. In the report, “Medical Devices: FDA Should Expand Its Consideration of Information Security for Certain Types of Devices,” the GAO recommends that the FDA develop and implement a more comprehensive plan to enhance the agency’s review and surveillance of medical devices. The plan should address how FDA can: (1) increase its focus on manufacturers' identification of potential unintentional and intentional threats, vulnerabilities, the resulting information security risks, and strategies to mitigate risks during the premarket approval review process; (2) utilize available resources, including those from other federal agencies; (3) leverage postmarket efforts to identify and investigate information security problems; and (4) establish specific milestones for implementing this plan. HHS concurred with GAO’s recommendation and described efforts FDA has initiated in this area.
CMS Issues Final "Stage 2" Medicare/Medicaid Electronic Health Record (EHR) Incentive Program Rules, EHR Certification Standards
On September 4, 2012, CMS published a final rule specifying the “Stage 2” meaningful use criteria that eligible professionals (EPs), eligible hospitals, and critical access hospitals (CAHs) must meet in order to qualify for Medicare and/or Medicaid EHR incentive payments. By way of background, under Stage 1 (which began in 2011), “meaningful use” consists of transferring data to EHRs and being able to share information such as electronic copies and visit summaries for patients (note that certain Stage 1 criteria are modified under the Stage 2 final rule). Stage 2 meaningful use criteria, which are the focus of this final rule, seek to increase the exchange of clinically relevant information between providers and promote patients’ secure online access to their health information. With regard to timing, the final rule provides that any provider who first attested to Stage 1 criteria in 2011 will have until 2014 to attest to Stage 2 criteria (instead of 2013 as provided under the Stage 1 final rule). The final rule also specifies Medicare payment adjustments that will apply beginning in 2015 for covered professional services and hospital services provided by EPs, eligible hospitals, and CAHs failing to demonstrate meaningful use of certified EHR technology and other program participation requirements according to the applicable schedule. CMS adopted certain hardship exceptions to the payment adjustments related to: availability of internet access or barriers to obtaining information technology infrastructure; newly practicing EPs who would not otherwise be able to avoid payment adjustments; unforeseen circumstances such as natural disasters; and certain scope of practice issues, such as lack of face-to-face or telemedicine interaction with patients or lack of control over the availability of Certified EHR Technology at their practice location, to recognize certain barriers concentrated among specialties such as anesthesiology, radiology, and pathology. Looking ahead to Stage 3, under which “meaningful use” will include demonstrating improvement in quality of health care, CMS states in the preamble to the rule that it intends to finalize Stage 3 criteria through rulemaking in 2014, with Stage 3 starting in 2016.
Also on September 4, HHS published a final certification criteria rule establishing the technical capabilities and related standards and implementation specifications that Certified EHR Technology will need to include, at a minimum, to support the achievement of “meaningful use” by EPs, eligible hospitals, and CAHs under the Medicare and Medicaid EHR incentive programs beginning with the 2014 EHR reporting periods. The final rule also makes changes to the permanent certification program for health information technology, including changing the program’s name to the ONC HIT Certification Program. The rule is effective October 4, 2012.
On September 5, 2012, the HHS published a final rule that establishes new requirements for administrative transactions that are intended to improve the utility of the existing HIPAA transactions and reduce administrative burden and costs. Specifically, the rule adopts the standard for a national unique health plan identifier (HPID) and establishes requirements for the implementation of the HPID. Health plans generally must obtain an HPID by November 5, 2014, although the deadline for small health plans to obtain an HPID is November 5, 2015. Covered entities must use HPIDs in the standard transactions on or after November 7, 2016. HHS estimates that implementing the HPID will result in net savings of approximately $1.3 billion to $6 billion for the entire health care industry over 10 years. In addition, the rule establishes a data element that will serve as an “other entity identifier” (OEID), or an identifier for entities that are not health plans, health care providers, or individuals, but that need to be identified in standard transactions. The rule also specifies the circumstances under which an organization covered health care provider must require certain noncovered individual health care providers who are prescribers to obtain and disclose a National Provider Identifier (NPI); the compliance date is for this provision is May 6, 2013.
The rule also postpones the implementation date for the International Classification of Diseases, 10th Revision, Clinical Modification (ICD-10-CM) for diagnosis coding, and the International Classification of Diseases, 10th Revision, Procedure Coding System (ICD–10–PCS) for inpatient hospital procedure coding, from October 1, 2013 to October 1, 2014. This delay is intended to give covered entities more time to prepare and fully test their systems to ensure a smooth transition to these new code sets. CMS notes that any extension of the current limited freeze on code updates based on the delay adopted in the rule will be discussed and decided by the ICD-9-CM Coordination and Maintenance Committee.
On September 13, 2013, CMS is hosting a call on the agency’s September 4, 2012 final rule on Stage 2 EHR requirements and other changes to the EHR Incentive Programs.
HHS Publishes Operating Rules for Health Care Electronic Funds Transfers (EFT) and Remittance Advice Transactions
On August 10, 2012, the Department of Health and Human Services (HHS) published an interim final rule with comment period setting forth operating requirements for EFTs and electronic remittance advice (ERA) transactions. The rule, which was mandated by the ACA, is the third in a series of regulations intended to streamline health care administrative transactions, following a July 8, 2011 rule addressing electronic eligibility and claims status transactions, and a January 10, 2012 rule setting forth standards for health care claim payments made via EFT and corresponding ERAs. Under the August 10 rule, health plans are required to offer a standardized, online enrollment for EFT and ERA to facilitate provider enrollment with multiple health plans to receive these transactions electronically. The rule also, among other things, sets time limits for health plans to send EFTs, and establishes requirements for the initial set-up for electronic communications between providers and plans. CMS estimated that the EFT and ERA operating rules will save industry (primarily physician practices) between $300 million and $3.3 billion over 10 years. The rule is effective August 10, 2012, with a compliance date of January 1, 2014. HHS will accept comments on the rule until October 9, 2012.