The Office of the National Coordinator for Health Information Technology (ONC) is seeking comments on revisions to health information technology certification regulations for 2015. CMS is updating these criteria more frequently to provide more incremental regulatory changes, give stakeholders earlier information and greater opportunity for input, and respond more quickly to newer industry standards to enhance interoperability. ONC observes that its previous two to three-year regulatory cycle was “sub-optimal” because it “created cycles of significant peaks and valleys from a health IT development standpoint; resulted in missed opportunities to improve interoperability and programmatic alignment because of mismatched regulatory and standards balloting cycle timelines; and adversely affected EHR technology developers’ ability to strategically plan their development and product rollout processes due to uncertain regulatory timelines.” The proposed rule provides that the 2015 Edition EHR certification criteria would be voluntary; providers would not need to adopt this edition, and no EHR technology developer who has certified its EHR technology to the 2014 Edition would need to recertify to the 2015 Edition for users to participate in the Medicare and Medicaid EHR Incentive Programs. The proposed rule also includes revisions to the ONC HIT Certification Program intended to improve regulatory clarity, simplify certification of EHR Modules not used for achieving meaningful use; and discontinue the use of the “Complete EHR” certification concept. ONC will accept comments on proposed rule until April 28, 2014.
CMS has released additional tools to help health plans, vendors, and providers prepare to demonstrate that they are compliant with Administrative Simplification Transaction Testing standards and operating rules and that they have completed end-to-end testing with their trading partners. Specifically, CMS has released payer, large provider, small provider, vendor-to-provider, and vendor-to-payer checklists to assist these segments as they perform multiple levels of testing, including end-to-end testing.
President Obama has signed into law the Consolidated Appropriations Act of 2014, which provides $1.012 trillion in discretionary funding for the operations of the federal government through September 30, 2014. In addition to setting overall funding levels for HHS agencies, the law specifies funding for numerous HHS policies and initiatives, such as additional funding for program integrity effort involving the 340B drug pricing program and research on the impact of health information technology on patient safety, and reduced funding for the IPAB and certain other ACA activities. The agreement also includes directives for HHS to improve fraud and abuse efforts, including using the latest technology to ensure only valid beneficiaries and valid providers receive benefits (although on the other hand, the agreement raises concerns that the Recovery Audit Contractor program includes incentives “to take overly aggressive actions”). In addition, the agreement highlights more Congressional interest in more narrow HHS policies, such as objections to the criteria CMS uses to package drug costs under the hospital outpatient prospective payment system, and concerns that rural patients maintain access to needed health services if CMS proceeds with a proposal to remove critical access hospital status from certain facilities.
The OIG has concluded that the HHS Office for Civil Rights (OCR) is not adequately overseeing and enforcing the HIPAA Security Rule. In short, the OIG found that OCR failed to provide for periodic audits, as mandated by HITECH, to ensure that covered entities were in compliance with the Security Rule, and instead continued to follow the complaint-driven approach to assess Security Rule compliance. OCR also failed to consistently follow its investigation procedures and maintain documentation needed to support key decisions made during investigations conducted in response to reported violations of the Security Rule. The report findings and recommendations are discussed in a posting on our Life Sciences Legal Update blog.
Congressional committees continue to focus on the experience of consumers and insurers since the HealthCare.gov insurance portal launched on October 1, along with potential issues related to the security of personal data transmitted through the site. For instance, House hearings this week include an Oversight and Government Reform Committee hearing on “ObamaCare Implementation: The Rollout of HealthCare.gov”; a Homeland Security Committee on “Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov?"; and an Energy and Commerce Committee hearing titled “Obamacare Implementation Problems: More than Just a Broken Website.” Next week, the Energy and Commerce Committee also will examine the security of the HealthCare.gov site.
In other policy areas, on November 14, the House Small Business Committee is holding a hearing on “Self-Insurance and Health Benefits: An Affordable Option for Small Business.” On November 15, the Energy and Commerce Subcommittee on Health will review the FDA’s implementation of the Food and Drug Administration Safety and Innovation Act, and on November 19 the panel will focus on federal regulation of mobile medical apps and other health software.
Recent Congressional hearings on health policy issues include the following:
- A House Energy and Commerce Health Subcommittee a hearing entitled “PPACA Pulse Check: Part 2,” focusing on ACA readiness and implementation issues (Part 1 of the hearing was on August 1, 2013).
- A House Homeland Security Cybersecurity Subcommittee hearing on “The Threat to Americans’ Personal Information: A Look into the Security and Reliability of the Health Exchange Data Hub.”
- A Senate Health, Education, Labor and Pensions Committee hearing on the “Dental Crisis in America: The Need to Address Cost.”
Recent Congressional hearings have addressed the following health policy issues:
- The House Energy and Commerce Committee has held hearings on Medicaid reform, implementation of the ACA, and reform of drug compounding regulations. An August 1 hearing entitled “PPACA Pulse Check” will feature testimony by CMS Administrator Marilyn Tavenner.
- The Senate Finance Committee held two hearings on health information technology, along with a hearing on repealing the SGR.
- The Senate Judiciary Committee examined “pay for delay” settlements between generic and brand-name drug companies.
- The House Ways and Means Committee held two hearings on the Administration’s delay of the ACA employer insurance mandate, and an August 1 hearing will focus on the status of ACA implementation. The House Education and the Workforce Committee also held a hearing on the ACA employer mandate delay.
- The House Oversight and Government Reform Committee and House Homeland Security Committee are holding a joint hearing on July 30 entitled on “Evaluating Privacy, Security, and Fraud Concerns with ObamaCare's Information Sharing Apparatus.”
- The Senate Budget Committee is holding a July 30, 2013 hearing on containing health care costs.
A number of recent Congressional hearings have focused on health policy issues, including the following:
- The House Energy and Commerce Committee held hearings on bipartisan proposals to redesign the Medicare benefit structure and challenges facing businesses under the ACA. A June 28 hearing will focus on Medicare Part B drug program reforms.
- House Ways and Means Health Subcommittee hearings addressed Medicare post-acute care and the 2013 Medicare Trustees Report.
- The Senate Finance Committee held a hearing entitled “High Prices, Low Transparency: The Bitter Pill of Health Care Costs,” along with hearings on oversight of Medicare Recovery Audit Contractors and a review of health care quality efforts.
- The Senate Committee on Homeland Security and Governmental Affairs held a hearing on curbing prescription drug abuse in Medicare.
- The Senate Special Committee on Aging held a hearing entitled “Renewing the Conversation: Respecting Patients' Wishes and Advance Care Planning."
- A House Small Business Committee hearing on "Mobile Medical App Entrepreneurs: Changing the Face of Health Care."
On a June 27, 2013 call, CMS and the Office of the National Coordinator for Health Information Technology (ONC) will provide an overview of the Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs, including the use of certified EHR technology to meet meaningful use.
CMS and ONC have posted a fact sheet that details progress HHS has made in promoting the growth of health information technology since the enactment of the Health Information Technology for Economic and Clinical Health (HITECH). The fact sheet addresses, among other things, statistics on participation in the Electronic Health Record Incentive Programs and electronic prescribing and information on HHS plans to accelerate health information exchange development.
On May 3, 2013, CMS and the Office of the National Coordinator for Health Information Technology (ONC) are hosting a meeting to discuss electronic health records, the increase in code levels billed for some Medicare services, and appropriate coding in an increasingly-electronic environment. The meeting, which is aimed at providers, health information technology vendors, and other interested stakeholders, will address issues such as the impact of EHRs on high quality clinical care, provider efficiency and coding, and coding challenges and opportunities facing various groups, including hospitals and clinicians. Attendees may participate in person, via telephone, or web streaming. Registration is required.
Recent Congressional hearings have addressed a number of health policy issues. For instance, the House Energy and Commerce Committee held a series of hearings on health information technologies, covering the Administration’s perspectives on innovation and regulation (including a discussion of the Administration’s policies on regulation of mobile medical apps), how innovation benefits patients, and “harnessing wireless innovation.” http://energycommerce.house.gov/press-release/three-day-hearing-series-produces-much-needed-certainty-patients-providers-and-innovators. Separately, a Health Subcommittee hearing focused on Medicare and Medicaid entitlement reform. In addition, the Senate Finance Committee held a hearing on health care delivery reform, focusing on the Center for Medicare and Medicaid Innovation efforts.
CMS and the Office of the National Coordinator for Health Information Technology (ONC) are seeking comments on a series of potential policies intended to accelerate electronic health information exchange (HIE) across providers. The notice identifies various gaps that the policies and programs are intended to address, such as low rates of electronic health record (EHR) adoption and HIE among post-acute and long-term care providers; low rates of EHR adoption and HIE across settings of care and providers (including ambulatory care, post-acute and long-term care, behavioral health, and lab providers); and low rates of consumer and patient engagement. The notice also includes specific questions for stakeholders, such as what changes in payment policy would have the most impact on the electronic exchange of health information (particularly among organizations that are market competitors); how policies should be developed to maximize the impact on care coordination and quality improvement; how CMS can leverage regulatory requirements for acceptable quality (such as conditions of participation for hospitals or requirements for skilled nursing facilities (SNFs) and home health) to support electronic, interoperable HIE; and how new authorities under the ACA for testing innovative payment and service delivery models can best accelerate standards- based electronic HIE across treating providers. Comments will be accepted until April 22, 2013.
CMS Announces 90-Day Enforcement Discretion Period for HIPAA Eligibility & Claim Status Operating Rules
On January 2, 2013, CMS announced a 90-day “enforcement discretion period” with respect to operating rules mandated by the ACA for two transactions: eligibility for a health plan and health care claim status. Specifically, the CMS Office of E-Health Standards and Services (OESS) will not initiate enforcement action until March 31, 2013, with respect to HIPAA-covered entities (including health plans, health care providers, and clearinghouses, as applicable) that are not in compliance with the two operating rules published July 8, 2011. Notwithstanding OESS’s discretionary application of its enforcement authority, CMS emphasizes that the compliance date for using the operating rules remains January 1, 2013. Applicable HIPAA-covered entities that are ready to conduct transactions using the adopted operating rules should do so, and all applicable covered entities are encouraged to “expeditiously become compliant.” Moreover, while enforcement action will not be taken, OESS will accept complaints regarding compliance with the rules beginning January 1, 2013 and, if requested by OESS, covered entities that are the subject of complaints must produce evidence of either compliance or a good faith effort to become compliant during the 90-day period.
The HHS Office of the National Coordinator for Health Information Technology (ONC) is seeking comments on its draft “Health IT Patient Safety Action and Surveillance Plan,” a blueprint for using health information technology (IT) to make care safer and to continuously improve the safety of health IT. The draft plan offers a list of actions in three broad strategic areas: increasing the quantity and quality of data and knowledge about health IT safety; targeting resources and corrective actions to improve health IT safety and patient safety; and promote a culture of safety related to health IT. The plan, which addresses recommendations made in the 2011 Institute of Medicine Report, “Health IT and Patient Safety: Building Safer Systems for Better Care,” emphasizes shared responsibly among the government, industry, clinicians, patients, accrediting bodies, health IT developers, and other parties. Comments on the plan will be accepted until February 4, 2013.
CMS is hosting a national provider call on January 16, 2013 on Meaningful Use requirements under the Medicare and Medicaid Electronic Health Record Incentive Programs. The target audience is hospitals, critical access hospitals, and professionals eligible for incentives. Registration is required.
The Medicare electronic health record (EHR) incentive program is vulnerable to paying incentives to professionals and hospitals that do not fully meet meaningful use requirements due to gaps in CMS oversight, according to a recent OIG report. Based on a review of CMS’s oversight of self-reported meaningful use of certified EHR technology in 2011, the OIG found that CMS did not have strong prepayment or postpayment safeguards. The OIG also noted that CMS cannot use EHR reports to verify all self-reported meaningful use information because the Office of the National Coordinator for Health Information Technology (ONC) does not require certified EHR technology to be capable of producing reports for all measures. As a result of these findings, the OIG recommends that CMS: (1) obtain and review supporting documentation from selected professionals and hospitals prior to payment to verify self-reported information (although CMS argued that this would increase the burden on providers); and (2) issue more detailed guidance on documentation requirements (CMS agreed). The report also contained recommendations for ONC, including recommendations that the agency: (1) require that certified EHR technology be capable of producing reports for yes/no meaningful use measures where possible; and (2) improve the certification process for EHR technology to ensure accurate EHR reports (ONC concurred with both recommendations). For more information, see the full report, “Early Assessment Finds That CMS Faces Obstacles in Overseeing the Medicare EHR Incentive Program."
The Health Information Technology for Economic and Clinical Health (HITECH) Act provided funding to promote the adoption and meaningful use of certified EHR technology, including a Medicaid EHR program. In 2011, the first year of the Medicaid EHR program, 1,964 hospitals and 45,962 professionals were awarded a total of approximately $2.7 billion in Medicaid EHR incentive payments, according to a GAO report describing the characteristics of providers that participated in the program in 2011. Hospitals claimed $1.7 billion in these Medicaid EHR incentive payments, with a median payment amount of $613,512. Almost half of the hospitals (46%) receiving payments were located in the south, while the smallest proportion (15%) were located in the northeast. Also among hospitals receiving payments, 62% were located in urban areas, 80% were acute care hospitals, 57% percent were nonprofits, and 57% were not members of a chain, while hospitals with the highest number of total beds were twice as likely to receive an incentive payment than those with the fewest number of beds. With regard to professionals, who were awarded a total of $967 million in incentive payments, more than three times as many eligible professionals participated in the Medicaid EHR program than in the Medicare EHR program. The largest proportion of professionals who received a Medicaid EHR incentive payment for 2011 were in the south (37%), compared to 20% in the midwest. As with hospitals, most professionals receiving EHR incentive payments (83%) were located in urban areas. Additional details can be found in the full report, “Electronic Health Records: Number and Characteristics of Providers Awarded Medicaid Incentive Payments for 2011."
On December 7, 2012, CMS published an interim final rule with comment period that updates the Data Element Catalog (DEC) standard and the Quality Reporting Document Architecture (QRDA) Category III standard adopted in a September 4, 2012 final rule. The interim final rule with comment period also revises the Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs by adding an alternative measure for the Stage 2 meaningful use objective for hospitals to provide structured electronic laboratory results to ambulatory providers. The regulation also revises regulatory text for measures pertaining to hospitals providing patients with the ability to view online, download, and transmit information about a hospital admission. In addition, the rule addresses the applicability of the case number threshold exemption for clinical quality measure (CQM) reporting to eligible hospitals and critical access hospitals beginning with FY 2013. CMS also announces its intention to issue technical corrections to the electronic specifications for CQMs released October 25, 2012. Certain provisions within the interim final rule are effective January 7, 2013, and comments will be accepted until February 5, 2013.
CMS has scheduled a December 18, 2012 National Provider Call on the Physician Quality Reporting System (PQRS) and Electronic Prescribing (eRx) Incentive Program. The call will provide an overview of the Program Year 2012 Data Submission for the PQRS-Electronic Health Record Incentive Program Pilot and Program Year 2013 self-nomination process for group practice reporting options, registries, maintenance of certification, and electronic health record data submission vendors.