WASHINGTON, D.C. (July 6, 2016)—CMS finalized new rules that will enrich the Qualified Entity Program by expanding access to analyses and data that will help providers, employers and others make more informed decisions about care delivery and quality improvement. The new rules, as required by the Medicare Access and CHIP Reauthorization Act (MACRA), allow organizations approved as qualified entities to confidentially share or sell analyses of Medicare and private sector claims data to providers, employers and other groups who can use the data to support improved care. In addition, qualified entities may provide or sell claims data to providers and suppliers, such as doctors, nurses and skilled nursing facilities among others. The rule also includes strict privacy and security requirements for all entities receiving patient identifiable and beneficiary de-identified analyses or data, as well as expanded annual reporting requirements. For example, if entities receive patient identifiable data or analyses, they must use protections that are at least as stringent as what is required of covered entities and their business associates for protected health information (PHI) under the HIPAA Privacy and Security Rules.
This initiative is part of a broader effort by the Obama Administration to use data to help create a health care system that delivers better care for patients, spends dollars more wisely and results in healthier people.
“Increasing access to analyses and data that include Medicare data will make it easier for stakeholders throughout the health care system to make smarter and more informed health care decisions,” said CMS Chief Data Officer Niall Brennan.
The Qualified Entity Program was authorized by Section 10332 of the Affordable Care Act and allows organizations that meet certain qualifications to access patient-protected Medicare data to produce public reports. Qualified entities must combine the Medicare data with other claims data (e.g., private payer data) to produce quality reports that are representative of how providers and suppliers are performing across multiple payers, for example Medicare, Medicaid or various commercial payers. Currently, 15 organizations have applied and received approval to be a qualified entity. Of these organizations, two have completed public reporting while the other 13 are preparing for public reporting. Additional information on the qualified entity program can be found at the Qualified Entity Certification Program website here.
Today’s rules seek to enhance the current qualified entity program to allow innovative use of Medicare data for non-public quality improvement and care delivery efforts while ensuring the privacy and security of beneficiary information. For example, qualified entities can conduct analyses on chronically ill or other resource-intensive populations to increase quality and drive-down costs in the health care system. The final rule contains few changes from the proposed rule. Future rulemaking is anticipated to expand the data available to qualified entities to include standardized extracts of Medicaid data. The final rule is on display at the Office of the Federal Register federalregister.gov.
Visit cms.gov for more information.
