Industry Resources Links, Articles and Commentary

 

MACRA - Here to Stay 2017

December 2016

MACRA:  Value based care is here to stay

The Final Rule, released in October 2016 signified a shift to a more modern, patient-centered Medicare program. The Centers for Medicaid and Medicare Services (CMS) have listened to administrative task concerns, ensuring providers the flexibility they need in the transition towards value-based care.

The Final Rule establishes how eligible clinicians and medical groups will participate in either MIPS (Merit-Based Incentive Payment System) or AMP (Advanced Alternative Payment Model.  Starting in 2017, Medicare physicians will have to participate in one or the other, so the time to plan is now.

What is MIPS?

You can think of MIPS as the backbone of MACRA. If providers don’t participate or gain an exemption (in such case a physician received a percentage of payments through qualifying advanced APMs, granting their exemption) they’ll receive a serious payment cut.

MIPS basically consolidates components of these programs:

  • Physician Quality Reporting System (PQRS)
  • Value-Based Payment Modifier
  • Electronic Health Record (EHR) Incentive Program
  • Clinical Practice Improvement Activities

And assesses physicians in four categories. Let’s delve deeper into those categories, as well as their score weights for 2017.

Quality Activities

For full performance, clinicians must report on either A) six quality measures to report that best reflect their unique practice, B) One specialty-specific measure set or C) One subspecialty-specific measure set.

Score weight – 60%

Clinical Practice Improvement Activities

In this category, clinicians choose the activities (there are over 90 of them to choose from under the rule) best suited for their practice. The Final Rule allows clinicians to report on four medium-weighted clinical practice improvement activities or two high-weighted, an improvement from the initially proposed six. Here’s a tip: If you can report on EHR activity under this category, do it! It will help you meet requirements. If you’re a home health organization, you’ll earn full credit in this category, and those participating in Advanced APMs will earn at least half credit.

Score Weight – 15%

Advancing Care Information Performance Category

Just so you know, this section is actually replacing the Meaningful Use Program. Also improved greatly, eligible practices are required to report on only five EHR use-related measures, a reduction from the proposed 11. According to CMS, “based on significant feedback, this area is simplified into supporting the exchange of

patient information and how technology specifically supports the quality goals selected by the practice.” These are the measures:

  • Security risk analysis
  • E-prescribing
  • Provide patient access
  • Send summary of care
  • Request/accept summary of care
    • But wait, there’s more! For the transition year, CMS will award a bonus score for the following:
  • Improvement activities that utilize certified EHR technology.
  • Reporting to public health or clinical data registries.

Score Weight – 25%

Cost/Resource Use

CMS has simplified this cost performance category, eliminating it from the calculation of providers’ overall performance for 2017. CMS adds, “that as performance feedback becomes available from claim analysis, the cost category’s contribution to the overall performance score will increase to the statutory 30% level by 2021.

Score Weight – 0%

How should practices report under MIPS?

MIPS-eligible clinicians now have the ability to submit information individually or as a group. CMS now allows for MIPS reporting as a group sharing a common Tax Identification Number, regardless of specialty or practice site. This could potentially help smaller providers receive a payment adjustment based on the group’s performance. Note: Groups must register by June 30, 2017.

For the transitional year of 2017, four paths have been established that providers may follow to report, each with the minimum performance threshold to avoid a payment penalty reduced.  *This does not include bonus information.

  • Report under MIPS for less than a year but more than 90 days, report more than one quality measure, more than one improvement activity, or more than the required measures in advancing care information performance category.
  • Report performance on minimum 90-day continuous period in 2017 or more than one measure in the quality component, more than one clinical practice improvement quality, or more than the required measures for advancing care information for minimum of 90- day continuous period.
  • Report results on all required measures for minimum 90-day continuous period in 2017.
  • Participate in an Advanced APM.

Providers who feel comfortable can begin collecting performance data on New Year’s Day. However, you can collect data anywhere between January 1, 2017 and October 2, 2017. All performance data is due March 31, 2018.

Be sure to choose your date for data collection and path in which to report as soon as possible, because there will be consequences! No participation means a 4% negative payment adjustment in 2019.

Hawthorn

Hawthorn’s MIPS/MACRA task force has been following the Quality Payment Program to ensure that we are on top of program to pass along information to all our clients.  Hawthorn will be assisting clients through MIPS reporting as a team approach.  If you have any questions please feel free to reach out to your Client Service Manager today.

Sources:

https://www.cms.gov/

https://www.Imaginesoftware.com

https://qpp.cms.gov/

http://healthaffairs.org/

___________________________________________

MACRA - Final Rule

October 2016

On April 27, 2016, the Centers for Medicare & Medicaid Services (CMS) released a highly anticipated proposed rule outlining physician payment reforms as required by the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA). The proposed rule introduced the Quality Payment Program – a two track quality program that includes key guidelines for the new Merit-Based Incentive Payment System (MIPS) and Alternative Payment Models (APMs) that will take effect as early as January 1, 2017.

MIPS is a new program that combines parts of PQRS, VM, and the EHR incentive program into one single program in which Eligible Clinicians (ECs) will be measured on four specific performance categories:

  • Quality (formerly PQRS):  Incentivized clinicians engage in improvement measures and activities that have a proven impact on patient health and safety.
  • Resource Utilization (formerly the cost component of the Value Modifier (VM)):  Goal to lower costs while significantly improving outcomes for high priority cases and chronic conditions.
  • Clinical Practice Improvement (new program):  Activities where the goal is to lower costs while significantly improving outcomes for high priority cases and chronic conditions.
  • Advancing Care Information (formally Meaningful Use of Certified EHR technologies):  Use of Certified EHR Technology with a shift to patient engagement, information exchange and care coordination to promote better outcomes.

On Friday, 10/14/2016 The Centers for Medicare and Medicaid (CMS) released the MACRA MIPS/APM final rule. As you can imagine, this is a rather lengthy document and it will take a little time to fully digest and understand the ramifications of the final rule. We are reviewing the final rule and working with your specialty originations to analysis the final rule and give you a summary as quickly as possible.
 
In the meantime, we wanted to give you a few links to additional resources from CMS if you would like to review them.

https://qpp.cms.gov/docs/Quality_Payment_Program_Overview_Fact_Sheet.pdf 

https://qpp.cms.gov/docs/QPP_Executive_Summary_of_Final_Rule.pdf

https://qpp.cms.gov/docs/CMS-5517-FC.pdf 

_________________

Cybercrime & Ransomware Update

August 2016

Cybercrime is once more in the news as ransomware attacks in 2016 have targeted hospitals. Ransomware criminals lock computers in place and charge a fee to unlock the system.

In February of 2016 the Hollywood Presbyterian Medical Center in Los Angeles was attacked by ransomware, and the hospital later admitted they paid the $17,000 ransom in bitcoins. It has been reported that the success of this attack has led to the subsequent targeting of other hospitals.

In March of 2016 the Methodist Hospital in Henderson, Kentucky was forced to shut down its desktop computers and transfer operations to its backup system. The main system was apparently hacked through phishing emails that contained the Locky malware. Patient files were locked and the hackers demanded a ransom to unlock the system. Officials at the hospital worked through the emergency and declined to pay the ransom.

A local TV station reported that the Kansas Heart Hospital in Wichita was attacked by ransomware in May of 2016. According to this report the hospital admitted to paying an unspecified amount of ransom, but the criminals failed to decrypt the hostage files. The hospital then declined to pay a second ransom for the same attack.

Additional hospitals targeted in 2016 include the Chino Valley Medical Center in Chino, California and Desert Valley Hospital of Victorville, California. Not all attacks are reported, and it is possible that some hospitals have paid ransoms to avoid negative publicity.

The urgency of patient care makes hospitals more vulnerable to ransomware than other businesses and institutions. Health care providers need instant access to patient records, and lives are literally on the line while the hospital is held hostage. Additionally, security measures at hospitals lag behind other institutions, such as banks and other businesses. Hospitals have been very focused on HIPAA compliance and patient privacy, but many hospitals have not trained their employees on security awareness.

Most experts are recommending that hospitals improve their security protocols. One of the simplest procedures is to simply arrange for backup files and frequently scheduled backups. In the case of Methodist Hospital, cited above, it was the hospital’s backup systems that enabled rapid restoration of data and resolution of the problem.

In July 2016 the Centers for Medicare & Medicaid Services (CMS) issued guidance on ransomware. The new guidance indicates that ransomware attacks should be reported as a breach of HIPAA security, even if the hospital believes no data was lost and no files were locked.

Another source:  http://www.lewisrice.com/publications/hostage-situation-new-guidance-to-health-care-organizations-on-ransomware-attacks/

_____________________________________

ICD10 Readiness of Hawthorn Physician Services

June 2015

October 1, 2015 is the federal mandated date for the United States to convert from ICD-9 to ICD-10.  ICD-10 is one of the building blocks enabling greater specificity and standardized data which can improve the coordination of a patient’s care across the variety of providers.  ICD-10 per CMS is a foundation for modernizing health care and improving quality.

Hawthorn Physician Services Corp (HPS) will be compliant and ahead of this mandated deadline to benefit our clients in preparation for this transition.  HPS is actively working on ICD-10 to ensure that all our systems that support our business processes and policies & procedures meet the implementation standards without interruption to its day-to-day operations.         

HPS wants our clients to recognize the significant efforts required to meet this mandate with communication and collaboration with all stakeholders.  We have a strategic planned approach working with our clients and business partners to ensure we are ready.

What we have done:

Formed our ICD-10 Committee and Project Team
Developed ICD-10 internal training/education for staff
Conducted an initial impact assessment on core billing system, clearinghouses, interfaces, coding edits, hardware changes, software applications, et al.   
Working with clients on modest steps to improve clinical documentation and offering resources to help them with their transition piece.

Outline of next steps:

Q1  2015– Internal  system updates to be completed
Q2 2015- Internal and external testing and updating of assessment. Test batches sent out.
Q2 and Q3 2015- Continued development of staff and clients. Final testing
Q4 2015- GO LIVE! HPS will be conducting reviews to assure charges are being received.

HPS will be communicating with our clients during this transition to keep all lines of communication open for a smooth transition to ICD-10.  We are committed to facilitating this industry mandate successfully for all our clients and staff.   

_____________________________________

Medicare SGR Formula Triggers 21% Pay Cut Today

Medscape Medical News, Robert Lowes  April 01, 2015

Today is April Fools' Day, but for physicians, it also could be called Day One of Medicare Payment Limbo.

After all, Medicare technically is reducing its reimbursement rates for physician services rendered after March 31 by roughly 21% as of today, a cut triggered by the program's notorious sustainable growth rate (SGR) formula. However, physicians may not see any change in their Medicare pay if the Senate passes a bipartisan SGR repeal bill by April 14, a bill President Barack Obama has promised to sign.

Given this big "if," physicians are left wondering.

The House did its part in trying to avert a pay cut that threatened to drive many physicians out of Medicare and leave seniors in a lurch. On March 26, in an overwhelming bipartisan 392–37 vote, it passed an SGR repeal bill that raises reimbursement rates 0.5% in the last half of 2015 and annually through 2019, while shifting the program from fee-for-service to pay-for-performance.

On the other side of the US Capitol, however, the Senate recessed on March 27 for its spring break without taking any action on the legislation. Senate Majority Leader Mitch McConnell (R-KY) said his chamber needed more time to resolve disagreements about the bill, called the Medicare Access and CHIP Reauthorization Act (MACRA) of 2015, and promised a vote as soon as the Senate reconvened on April 13.

The timing is fortuitous for physicians. By regulation, the Centers for Medicare and Medicaid Services (CMS) cannot pay clean electronic claims any sooner than 14 calendar days after receipt (29 days for hard copy claims). Senate passage of MACRA and the president's signature by April 14 would allow CMS to retroactively cancel the 21% rate reduction and pay all claims for services performed after March 31 at pre-April levels.

Read more:  http://www.medscape.com/viewarticle/842461

_____________________________________________________________________________________________      

 

House leaders negotiate permanent SGR repeal

Published on FierceHealthFinance (http://www.fiercehealthfinance.com) March 19,2015  by Zack Budryk

After lawmakers derailed what looked like a permanent legislative fix to the widely unpopular sustainable growth rate (SGR) formula last year, Congress members plan to craft another long-term fix ahead of a looming deadline, MedPageToday reports--and this time they just might pull it off.

The leader of the House Ways and Means and Energy committees are involved in active discussions to try to "achieve an effective permanent resolution to the SGR problem, strengthen Medicare for our seniors, and extend the popular Children's Health Insurance Program," the committees said in a joint statement last week.

The SGR patch Congress approved in 2014 will expire March 31, after which physicians face a 21.2 percent cut to their Medicare reimbursements. The negotiation process is a familiar one, but this time, House Minority Leader Nancy Pelosi (D-Calif.) and House Speaker John Boehner (R-Ohio) are actively discussing how to fund the repeal, according to Vox. Repealing the SGR permanently this year would cost $177 billion; rather than tackle the entire cost at once, current negotiations involve roughly $70 billion in spending cuts with the balance attached to the deficit. The cuts would involve a combination of slower growth in post-acute care reimbursement; small reimbursement cuts for hospitals; cost-shifting to seniors in MediGap plans; and a premium hike for wealthy Medicare beneficiaries.

Despite the potential cuts, providers overwhelmingly support SGR repeal, as more than 750 physician groups urged Congress to pass a permanent fix in a letter to House and Senate leaders. "We made significant progress in the previous Congress to find common ground for a Medicare fix that would establish a clear pathway for developing and implementing new healthcare delivery and payment models that improve quality, coordinate care and reduce costs," Robert M. Wah, M.D., president of the American Medical Association, wrote. "It would be a shame to once again let that solution, which took months to develop, go to waste."

Find more information also athttp://www.healthcarefinancenews.com

________________________________________________

RBMA Radiology Business Management

Information from www.rbma.org  February 2015

Let's Talk-  Odds of Another ICD-10 Delay Grow Longer

In February, two significant events happened in Washington, D.C., that made Congressional passage of another mandatory delay in the implementation of the 10th revision in the International Classification of Diseases codes (ICD-10) much more unlikely.

Late on Friday, February 6, the non-partisan Government Accounting Office (GAO) — which Congress relies on for trustworthy information on policy issues — made public its report to the Senate Finance Committee on the status of the Centers for Medicare and Medicaid Services (CMS) efforts to prepare for the switch from ICD-9 to ICD-10 claims coding on Oct. 1, 2015. The report concluded that CMS had taken “multiple steps to help prepare covered entities for the transition,” and noted that most of the stakeholders the GAO contacted said that CMS’s educational materials and outreach had been helpful.

Senate Finance Committee Chairman Orrin Hatch (R-Utah) and Ranking Member Ron Wyden (D-Ore) noted their optimism in their press release about the report. “I see no reason for any delay past the October deadline,” stated Sen. Hatch in the release.

On Wednesday of the following week, members of the influential House Energy and Commerce Health Subcommittee got an opportunity to hear testimony from seven stakeholders who all but one said the implementation needed to happen on October 1. And judging by the opening remarks of ranking members of the committee, they were preaching to the choir.

For example, Ranking Member Gene Green (D-Tex) said in his opening remarks that “it was time to move forward without further delay,” citing existing significant investment in the switch as well as advancements in medicine better captured by ICD-10.

One cannot, of course, completely rule out the possibility that a provision to delay ICD-10 might be inserted in legislation as a concession to a particular constituency. However, at the present time, with CMS, healthcare industry stakeholders, Democrats and Republicans all endorsing the Oct. 1, 2015 deadline, it is looking like this implementation date is for real. 

Last Edited by RBMA General at 2/13/2015 3:11 PM

__________________________________________________________________________________________________________

PQRS Physician Quality Reporting System

Information from www.CMS.gov   January 2015

Physician Quality Reporting System (Physician Quality Reporting or PQRS) formerly known as the Physician Quality Reporting Initiative (PQRI)   

About PQRS

PQRS is a reporting program that uses a combination of incentive payments and negative payment adjustments to promote reporting of quality information by eligible professionals (EPs). 

The program provides an incentive payment to practices with EPs (identified on claims by their individual National Provider Identifier [NPI] and Tax Identification Number [TIN]). EPs satisfactorily report data on quality measures for covered Physician Fee Schedule (PFS) services furnished to Medicare Part B Fee-for-Service (FFS) beneficiaries (including Railroad Retirement Board and Medicare Secondary Payer). 

Beginning in 2015, the program also applies a negative payment adjustment to EPs who do not satisfactorily report data on quality measures for covered professional services.  This website serves as the primary and authoritative source for all publicly available information and CMS-supported educational and implementation support materials for PQRS.

 PQRS Quick Links

For step-by step instructions on how to implement PQRS, view the How to Get Started page. In addition, learn more about PQRS and how to participate by visiting the following pages:

• For information on how to select measures, review the Measures Codes page
• For information on reporting mechanisms, review the following pages:

o Registry Reporting page
o Medicare EHR Incentive Program Reporting page
o Group Practice Reporting Option page
o Qualified Clinical Data Registry (QCDR) page.

• For information on incentive payments, review the Analysis and Payment page
• For information on adjustments, review the Negative Payment Adjustment Information page

Help Desk:  If you have questions or need assistance with PQRS reporting please contact the Quality Net Help Desk. The help desk is available Monday – Friday; 7:00 AM–7:00 PM CST:
Phone: 1-866-288-8912 TTY: 1-877-715-6222 Email: Qnetsupport@hcqis.org 

http://www.cms.gov/Medicare/Quality-Initiatives-Patient-Assessment-Instruments/PQRS/index.html?redirect=/PQRS/

__________________________________________________________________________________

 

Cybersecurity and Healthcare

by Stan Hosler

November 2014

We are building our lives around our wired and wireless networks. The question is, are we ready to work together to defend them? This headline appears on the About Us page of the FBI website (www.fbi.gov), which describes that agency’s efforts to investigate cyber-based terrorism, espionage and computer fraud. The text goes on to describe how the FBI combats cyber crime and cyber terrorism by gathering and sharing information with public institutions and private businesses worldwide.

Sharing information and best practices is a fundamental principle in the fight against cyber crime and terrorism. Earlier this year, another federal government agency, the National Institute of Standards and Technology (NIST), issued a press release announcing Executive Order 13636, “Improving Critical Infrastructure Cybersecurity.” This 41-page document describes the Cybersecurity Framework for protecting 16 of our nation’s critical infrastructures, including banking, transportation, telecommunications and healthcare.

READ MORE

 

NIST is not a regulatory body.  It is an agency of the Department of Commerce, and its mission is to “promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.” The NIST Cybersecurity Framework is a collaborative effort between public and private organizations, and its purpose is to provide a set of industry standards and best practices for managing cybersecurity risks.

At this point the Cybersecurity Framework is a voluntary program. The 16 critical infrastructure sectors—including healthcare—are expected to assess their own risks and implement their own best practices. By meeting the guidelines of the framework, organizations may be able to avoid additional federal regulation of cybersecurity.

The framework includes three primary components: Core, Tiers and Profiles. There are five Core functions for reducing cybersecurity risk: Identify, Protect, Detect, Respond and Recover. There are four Tiers of organizational engagement and preparation: Partial, Risk Informed, Repeatable and Adaptive. The Profiles describe the organization’s current state of cybersecurity activities. Each organization is responsible for addressing the Core functions, moving up the Tiers of engagement and developing its own Profiles of goals and outcomes.

The five Core principles describe how an organization should establish practices for 1) identifying its most critical intellectual property and assets, 2) developing and implementing procedures to protect them, 3) having resources in place to recognize a cybersecurity breach, 4) having procedures in place to respond to a breach, and 5) having procedures in place to recover from a breach when one occurs.

There are direct benefits for organizations that respond to the Cybersecurity Framework and implement its components. Proponents of the framework cite benefits such as collaboration, risk reduction, cost savings and improved internal practices. Additionally, some proponents have observed a benefit related to the demonstration of due care. If, for example, an organization is victimized by hackers or terrorists, its directors may have to defend its security practices to insurance companies, consumers or litigants. Organizations that have implemented the Cybersecurity Framework will be able to demonstrate that they have taken due care to protect their information and assets. According to SEC Commissioner Luis Aguilar, the Cybersecurity Framework has been suggested as a potential baseline for “best practices by companies, including in assessing legal or regulatory exposure to these issues or for insurance purposes.”

The healthcare sector has benefitted greatly from technological improvements in telemedicine, remote diagnosis, record transfers and billing efficiencies, to cite just a few examples. Now it is time to defend the healthcare infrastructure against cyber attacks from criminals and terrorists. The NIST Cybersecurity Framework offers a common vocabulary and collaborative methods for assuring a positive, proactive, collective approach to security.

CLOSE

Changing priorities shift hospital focus to outpatient strategies

by Jeffifer Zanino, Contributing Writer for Healthcare Finance News.

Greater efficiences and consumer demand are drivers

It wasn’t all that long ago that most surgeries, and many medical and diagnostic procedures, required patients to plan for an inpatient hospital stay. But times have changed.

According to a 2013 report from Moody’s Investors Service, ambulatory service centers' same-location revenues have been growing in the low- to mid-single digits since 2007, while hospitals have seen same-facility inpatient surgery cases decline 0.22 percent annually.

Most hospitals are adjusting. “Many revenues that used to be generated from an inpatient setting are being diverted to outpatient settings,” said Brad Spielman, vice president and senior credit officer at Moody’s Investor Services, and the lead writer of the company’s new report, Building Value: Investments Aimed at New Priorities Create Opportunities for Not-For-Profit Hospitals.

Hospitals are investing more in outpatient facilities, from full-scale service centers to urgent care centers to standalone emergency departments, he noted. So intense is the drive to capture outpatient revenue that the strategy is approaching critical-mass status. “Certain hospital-based systems are starting to have more than 50 percent of revenues generated outside of the inpatient setting,” he said. “The trend is accelerating and the scales are starting to tip a bit.”

More


Slideshow:  Top 10 biggest HIPAA breaches

by Erin McCann - Associate Editor, Healthcare IT News.

The numbers are scary. Healthcare providers and payers, together with their business associates, are still failing to protect patient privacy and ensure the security of their personal health information. The drumbeat of data violations continues: To date, more than 38.7 million individuals have had their protected health information compromised in HIPAA privacy and security breaches. Here are the biggest offenders.

More