Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

CMS’ HIPAA Risk Analysis Myths and Truths

Posted on October 21, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve been writing about the need to do a HIPAA Risk Assessment since it was included as part of meaningful use. Many organizations have been really confused by this requirement and no doubt it will be an issue for many organizations that get a meaningful use audit. It’s a little ironic since this really isn’t anything that wasn’t already part of the HIPAA security rule. Although, that illustrates how well we’re doing at complying with the HIPAA security rule.

It seems that CMS has taken note of this confusion around the HIPAA risk assessment as well. Today, they sent out some more guidance, tools and resources to hopefully help organizations better understand the Security Risk Analysis requirement. Here’s a portion of that email that provides some important clarification:

A security risk analysis needs to be conducted or reviewed during each program year for Stage 1 and Stage 2. These steps may be completed outside OR during the EHR reporting period timeframe, but must take place no earlier than the start of the reporting year and no later than the end of the reporting year.

For example, an eligible professional who is reporting for a 90-day EHR reporting period in 2014 may complete the appropriate security risk analysis requirements outside of this 90-day period as long as it is completed between January 1st and December 31st in 2014. Fore more information, read this FAQ.

Please note:
*Conducting a security risk analysis is required when certified EHR technology is adopted in the first reporting year.
*In subsequent reporting years, or when changes to the practice or electronic systems occur, a review must be conducted.

CMS also created this Security Risk Analysis Tipsheet that has a lot of good information including these myths and facts which address many of the issues I’ve seen and heard:
CMS HIPAA Security Risk Analysis Myths and Facts

Finally, it’s worth reminding people that the HIPAA Security Risk Analysis is not just for your tech systems. Check out this overview of security areas and example measures to secure them to see what I mean:
CMS HIPAA Security Risk Analysis Overview

Have you done your HIPAA Risk Assessment for your organization?

Meaningful Use Hardship Exceptions Reopened

Posted on October 8, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

CMS has announced its intent to reopen the Meaningful Use Hardship Exceptions filing period and set the new deadline for MU hardship exceptions to November 30, 2014. With the new hardship exception extension, providers can now choose from a number of reasons why they were unable to attest in time. Here’s the details from the CMS announcement:

This reopened hardship exception application submission period is for eligible professionals and eligible hospitals that:
* Have been unable to fully implement 2014 Edition CEHRT due to delays in 2014 Edition
CEHRT availability; AND
* Eligible professionals who were unable to attest by October 1, 2014 and eligible hospitals that were unable to attest by July 1, 2014 using the flexibility options provided in the CMS 2014 CEHRT Flexibility Rule.

These are the only circumstances that will be considered for this reopened hardship exception
application submission period.

This is a big move since the meaningful use hardship exceptions deadline for hospitals was April 1, 2014 and July 1, 2014 for eligible professionals. I imagine there are many organizations that will benefit from this extension. Although, there are probably quite a few organizations that wish they’d known about this exception before now or that think the exceptions are too narrow (ie. they can’t benefit from them).

What are your thoughts on this extension?

What Healthcare Must Plan for in Q4

Posted on September 19, 2014 I Written By

The following is a guest blog post by Ben Quirk, CEO of Quirk Healthcare Solutions.
Ben Quirk
In some ways, 2014 turned out to be not quite as cataclysmic. The early announcement of delaying the adoption of ICD-10 and the more recent announcement to allow hospitals/CAHs and Eligible Professionals participating in CMS’ Meaningful Use programs to attest using their existing Certified Electronic Health Record Technology (CEHRT) took the pressure off healthcare providers scrambling to upgrade their CEHRT to a version that was both ICD-10 and MU-compliant. However, this is only a temporary reprieve through the end of 2014 and there are other priorities that must be addressed before the year ends.

Navigating the ever-evolving healthcare environment will seem much less daunting if you focus on these four areas:

  • Meaningful Use
  • Value-Based Payment Modifiers
  • Transparency
  • Open Enrollment for ACA

Meaningful Use (MU)

If you were not able to upgrade to the 2014 Edition EHR, you will still be able to attest for MU using 2013 criteria. This provides reprieve from the 2014 criteria that requires the implementation of and patient enrollment in a patient portal.

In order to be MU-ready, your organization must proactively:

  • Determine your strategy based on the final rule. Gather data and be prepared to attest for MU by the deadline for the MU program you participate in..
  • Create an audit binder which should include screenshots of required EHR configuration during the reporting period. Should you get an audit 2 years from now, you can refer to this binder for accurate information.
  • Prepare a statement citing why you should be allowed to opt out of those MU measures that you think do not pertain to your practice. Auditors will ask for this on any audit preformed.

All organizations should be prepared to start collecting data for MU 2 by January 1, 2015. This includes having a strategy around the implementation of a patient portal and patient enrollment, sharing data amongst community and other healthcare providers, and radiology interfaces.

Value-Based Payment Modifier

The current Value Based Payment Modifier for providers who serve Medicare beneficiaries is a descendent of the Physician Quality Reporting System (PQRS). It is a way to keep the ACA cost-neutral, but there are some important things you need to know about this newer system. Value-Based Payment Modifier takes claims, Meaningful Use, and physician quality data and rates the quality of care you provide against your peers. Consequently,

  • When you report your Clinical Quality Measures or any clinical data to CMS, make sure your thresholds demonstrate that your practice is providing high quality care.
  • If your practice suffered from vendor problems with data accuracy in the past, this should be fixed.

Transparency

Transparency is something all providers should be aware of. Although available only in a few markets right now, all patients will soon be able to look up information about physicians before deciding where they would like to have their medical procedures done. For instance, if a patient decides to have an ACL repair, s/he can go online to compare exact costs and quality measures (based on the Patient Quality Reporting System) for ACL repair. Practices need to be aware that their prices and quality are being reported publicly. The implications go beyond losing reimbursement. You can actually be delisted from an insurance network. To ensure that your practice remains a viable option for patients:

  • Market your own practice and post your own prices.
  • Make sure you are reporting good quality data.
  • Use sources such as MGMA or OPTUM to see what providers in your area are charging and how you compare.
  • Determine how your reimbursement ranks vs. your competitors on the Medicare website and ensure data accuracy.

Open Enrollment for the ACA

November 15 marks the beginning of the second Open Enrollment period for the Affordable Care Act and there is no indication that this time around will be any easier than the first. Patients will be choosing plans, dealing with things very unfamiliar, and perhaps unaffordable, to them, like deductibles. This directly impacts clinics and the bottom line, especially with those patients who cannot pay their share of the costs. Last year, patients became the number one payor for many practices, even more than insurance companies, because so much revenue came from deductibles. That all resets January 1, but there are things you can do to avoid a possibly painful Q1 of 2015:

  • Check and confirm all patients’ eligibility, what plan they are on, and what their deductible is prior to their scheduled appointment, preferably through an automatic batch eligibility service. Keep this information in the practice management system.
  • Notify patients about their deductibles before they come into the clinic, and make sure to collect payments upfront, or keep a card on file.

The healthcare industry as we knew it for the past many years has ceased to exist. As we move into a new era of integrated delivery systems and a greater emphasis on value-based rather than volume-based reimbursements, the industry is going to remain in a state of flux before it stabilizes once again. The only way organizations are going to survive in this shifting landscape is by anticipating and planning for the next change so that they can stay ahead of the curve. The more an organization knows, the better it can be prepared to confront any potentially negative impact of the ever-evolving nature of the industry.

About Ben Quirk
Ben Quirk is CEO of Quirk Healthcare Solutions, a consulting firm specializing in EHR strategic management, workflow optimization, systems development, and training. The company’s clients have enjoyed remarkable success, including award of the Medicare Advantage 5-star rating. Quirk Healthcare presents a weekly webinar series, Insights, to inform clients and the general public about government programs and industry trends. Mr. Quirk is also Executive Director of the Quirk Healthcare Foundation, a learning institution which fosters innovation in the healthcare industry.

What If Meaningful Use Were Created by Doctors?

Posted on September 17, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

It’s safe to say that meaningful use is growing through its challenges right now. My post yesterday about killing meaningful use and the new Flex-IT Act should be illustration enough. While it’s easy to play Monday Morning Quarterback on meaningful use, I think it’s also valuable to consider what meaningful use could have been and then use that to consider how we can still get there from where we are today.

Many of you might have read my post on The Purpose of the EHR Incentive Program Accordign to CMS. CMS clearly stats that the purpose of the EHR incentive money and meaningful use is to move providers towards advanced use of health IT to:

  • Support Reductions in Cost
  • Increase Access
  • Improve Outcomes for Patients

This has very clearly been CMS’ goal and it’s reflected in what we now know today as meaningful use. Let’s think about those from a physician perspective.

Support Reductions in Cost – So, you’re going to pay me less for doing the same work?

Increase Access – So, you’re going to send me patients who can’t pay their bill? Or does this mean I have to do more work making my records accessible?

Improve Outcomes for Patients – Every doctor can support this. However, many are skeptical (with good reason) that the various elements of meaningful use really do improve outcomes for patients.

If I were to step back and think what a doctor might consider meaningful use of an EHR system, this might be what they’d list (in no particular order):

  • More Efficient
  • Improved Care
  • Increased Revenue

More Efficient – Will the technology help me see patients more efficiently? Will it allow me to spend more time with the patient?

Improved Care – Will the technology help me be a better doctor? Will the technology help me make better use of my time with the patient?

Increased Revenue – Will the technology help me get paid more? Will the technology lower the cost of my malpractice insurance and reduce that risk? Will the technology create new revenue streams beyond just churning patient visits?

I’m sure there are other things that could be listed as well, but I think the list is directionally accurate. When you look at these two lists, there’s very clearly a major disconnect between what end users want and what meaningful use requires. With a lot of the EHR incentive money already paid out, this divide has become a major issue.

EHR Certification Flexibility Final Rule Commentary and Analysis

Posted on September 3, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The news came out late on Friday that the EHR Certification flexibility was published as a final rule. I covered my initial take on the EHR Certification Flexibility on Hospital EMR and EHR. I’ve now had a chance to dig through the delicious 90 pages of government rule making and comments that make up the final rule. For those following along at home, you can skip to page 10 of the document to start the fun read. Although, I’ll also direct you to specific sections that might be of interest to you below.

In this post, I’ll just cover the EHR certification flexibility. You can see the meaningful use extension and delay timelines here. Here’s the important chart when talking about the EHR Certification flexibility (CMS Calls it CEHRT):
2014 EHR Certification Flexibility - CEHRT

The EHR Certification flexibility has a number of major talking points:

  • What Does “unable to fully implement” and “2014 Edition CEHRT availability delays” mean?
  • Fairness of EHR Certification Flexibility
  • 90 Day Reporting Period in 2015 Instead of 365 Days
  • Future Audits

What Does “unable to fully implement” and “2014 Edition CEHRT availability delays” mean?
On page 62 of the rule is the best description of the rule’s intent. It says that if you want to take advantage of this EHR flexibility, then they (Eligible providers or hospitals) “must attest that they are unable to fully implement 2014 Edition CEHRT because of issues related to 2014 Edition CEHRT availability delays when they attest to the meaningful use objectives and measures.” This basically covers the asterisk in the chart above.

This piece of the rule was so unclear that CMS in the final rule used 12 pages (pg. 36-48) to describe when this rule would apply and when it would not apply. CMS tried to make this apply as broadly as possible, but I think they also wanted to encourage as many organizations as possible to not use the exception.

My short summary of these 12 pages is: If you have the 2014 Certified EHR software and can attest to meaningful use stage 2, then you better go ahead and do it. Trying to find a loophole that allows you to avoid meaningful use stage 2 and just do MU stage 1 puts you at risk during a future meaningful use audit.

Of course, if you’re EHR vendor hasn’t provided you the proper software/updates/training, etc that you require to attest to meaningful use stage 2, then this rule will apply. CMS’ intent seems pretty clear. If you can attest to meaningful use stage 2, then you should. However, if your EHR vendor prevents you from being able to attest, then they don’t want to hold the providers accountable for the EHR vendors failure. Although, CMS notes multiple times in the final rule that they don’t want to point blame at the EHR vendors since it could have been other outside issues (ie. final rule was late, ONC-ACB’s were backlogged, etc) that caused the EHR vendors to not be ready.

I wonder if one of the unintended side effects of this rule will be EHR vendors taking their sweet time releasing and rolling out their 2014 Certified EHR product and updates. It’s too late for this in the hospital setting since hospitals have to do a full year of MU 2 on a 2014 Certified EHR starting October 1, 2014. However, the same might not be true on the ambulatory side where they have until the end of the year to start on meaningful use stage 2.

I’ll be interested to see how many organizations are able to take advantage of this delay. Had this rule been finalized in early 2014, it would be a very different story. However, at this late date, I’m not sure that many providers or hospitals will be able to change course.

I mostly feel bad for those organizations that rushed their EHR implementations onto barely-beta-tested 2014 Certified EHR software and will now have no choice but to go forward with meaningful use stage 2. This change in rule makes many of these organizations wish they’d slowed their implementation to make sure they’d done it right and they’d have also only been required to do MU stage 1.

Fairness of EHR Certification Flexibility
The last paragraph above highlights part of the reason why many providers feel that this EHR certification flexibility is unfair. While it’s not a direct penalty on organizations that were on top of things, the change rewards those organizations that didn’t take the risks, push their EHR vendors, and push their implementation timelines to meet the MU stage 2 requirements. The reward an organization gets for going after MU stage 2 is that they have to do a lot more work (Yes, MU2 is A LOT more work) while their procrastinating competitors get to do the much simpler MU1.

This was such an important complaint that CMS addressed these comments in two different places in the final rule (pg. 21-22 and pg. 48-50). CMS tries to argue that in their research they didn’t see providers that were deliberately trying to delay MU stage 2, but found that providers wanted to do MU stage 2, but their EHR vendors weren’t ready. I’d suggest that CMS may want to dig a little deeper.

However, let’s set providers aside for now and assume that they all want to do MU stage 2, but their EHR vendors just aren’t ready for it. This EHR certification flexibility still lets EHR vendors who procrastinated their 2014 EHR certification off the hook. In fact, it rewards them and their users for not performing well. Once again, CMS doesn’t want to point the finger at EHR vendors, but will blame themselves for not finalizing the rule fast enough and ONC-ACB’s for having a backlog. However, if you’re an EHR vendor who’s been 2014 Certified for a while now, no doubt this rule makes you angry since it rewards your competitors in a big way (intended or otherwise).

Certainly there are a lot of reasons why an EHR vendor isn’t yet ready to be 2014 Certified. However, most of them have little to do with the rule making process and the EHR certification backlog. Some freely admit it, and others hide behind excuses. I think CMS realized this EHR Certification flexibility would benefit these EHR vendors, but they didn’t want to punish the providers who use these EHR software.

I still think the simple solution here was to extend this same flexibility to all providers and all EHR vendors. However, in the final rule CMS argues that doing so would reduced the amount of meaningful use stage 2 data that they’d have available to make the adjustments needed to meaningful use stage 3. I understand how a provider doing MU stage 2 this year might feel like the government’s guinea pig. We need you to do MU stage 2 so we can figure out how to make it right in MU stage 3. CMS also argues that they need more people on meaningful use stage 2 in order to push their agenda and the intent of the HITECH act forward. What doesn’t seem aligned to me is the goals of meaningful use and providers’ goals. I think that’s why we see such a disconnect.

90 Day Reporting Period in 2015 Instead of 365 Days
This seems to be one of the most heated discussion points with the final rule. CHIME President and CEO, Russell P. Branzell, even suggested that “Now, the very future of Meaningful Use is in question.”

CMS’ comments about this (pg. 34-36) basically say that a change to the EHR reporting periods was not part of this proposed rule. Then, they offered this reason for why they’re not considering changes to the reporting periods:

We are not considering changes to the EHR reporting periods for 2015 or subsequent years in this final rule for the same reasons we are not considering changing the edition of CEHRT required for 2015 or subsequent years. Changes to the EHR reporting period would put the forward progress of the program at risk, and cause further delay in implementing effective health IT infrastructure. In addition, further changes to the reporting period would create further misalignment with the CMS quality reporting programs like PQRS and IQR, which would increase the reporting burden on providers and negatively impact quality reporting data integrity.

What this comment doesn’t seem to consider is what will happen if almost no organizations choose to attest to meaningful use because of the 365 day reporting period. Talk about killing the “forward progress” of the program. From a financial perspective, maybe that’s great for the MU program. CMS will pay out less incentive money and they’ll make back a bunch more money in the eventual penalties. However, it seems counter to the goal of increasing participation in the program. Personally, I’m not sure that the end of organization’s participation in meaningful use would be such a bad thing for healthcare. It would lead back to a more rationale EHR marketplace.

Future Audits
On page 55-56, the final rule addresses the concerns over audits. We can be sure that some organizations will be audited on whether they were “unable to fully implement 2014 Edition CEHRT because of issues related to 2014 Edition CEHRT availability delays.” Sadly, the final rule doesn’t give any details on what documentation you should keep to illustrate that you meet these requirements for which you will have to attest. The final rule just says that they’ll provide guidance to the auditors on this final rule and that audit determinations are finalized on a case by case basis that will cover the varied circumstances that will exist.

This wouldn’t give me much comfort if I was going through an audit. Not to mention comfort that the auditors wouldn’t interpret something differently. I’ll defer other audit advice to my auditor friends, since I’m not an audit expert. However, in this case you likely know how far you’re stretching the rule or not. That will likely determine how comfortable you’ll be if an audit comes your way. Now you can see why my advice is still, “If you have the 2014 Certified EHR software and can attest to meaningful use stage 2, then you better go ahead and do it.

Conclusion
I really see the meaningful use program on extremely shaky ground. I don’t think this final rule does much to relieve any of that pressure. In fact, in some ways it will solidify people’s bad feelings towards the program. We’ll see for sure how this plays out once we see the final numbers on how many organizations attest to meaningful use stage 2. I don’t think those numbers are going to be pretty and 2015 could even be worse.

Note: For those following along at home (or work), here’s the final rule that I reference above.

What Would Make Us Not Delay ICD-10 in 2015?

Posted on July 3, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

While at the HFMA ANI conference in Las Vegas, I talked to a lot of people about the future of healthcare reimbursement. Talk of ICD-10 and the ICD-10 delay came up regularly with most of us rolling our eyes that ICD-10 was delayed again. Some argued that we still need to be prepared, but from what I’m seeing the majority of the market just pushed their plans out a year and will pick them up again later this year or early next year.

With that said, we all agreed that every organization will be much more hesitant preparing for ICD-10 next year since they’re afraid that ICD-10 will just be delayed again.

As I had these discussions, I started thinking about what will be different in 2015 when it comes to ICD-10? As I asked people this question, all of the same arguments that we made in 2014 are what we’re going to have in 2015. Some of them include: the rest of the world adopted this years ago, we’re falling behind on the data we’re capturing, we need more specificity in the way we code so we can improve healthcare, etc etc etc.

Considering these arguments, what will be different next year?

All of the above arguments for not delaying ICD-10 were valid in 2014 and we’ll be just as valid in 2015. Can you think of any reasons that we should not delay ICD-10 in 2015 that weren’t reasons in 2014? I can’t think of any. The closest I’ve come is that with the extra year, we’re better prepared for ICD-10. Although, given people’s propensity to delay, does anyone think we’ll be much better prepared for ICD-10 in 2015 than we were in 2014? In some ways I think we’ll be less prepared because many will likely think the delay will happen again.

Given that the environment will be mostly the same, why wouldn’t we think that ICD-10 will be delayed again in 2015?

Personally, I’ll be watching CMS and HHS closely and see what they say. I think this year they looked really bad when they very publicly proclaimed that ICD-10 was coming at HIMSS just to be hit from the side by the ICD-10 delay. I’d hope that this time CMS will work with Congress to know what they’re planning or thinking before they make such strong assertions. Of course, this would mean that they’d have to understand what Congress is thinking (not an easy task).

What’s unfortunate is that many of the things you need to do to prepare for ICD-10 can also benefit you under ICD-9. The smart organizations understand this and are focusing on clinical documentation improvement (CDI) as the best way to prepare for ICD-10, but still benefit from the program today.

Surviving 2014: The Toughest Year in Healthcare

Posted on March 26, 2014 I Written By

The following is a guest blog post by Ben Quirk, CEO of Quirk Healthcare Solutions.
Ben Quirk
How bad is 2014 for the healthcare industry? We’ve all read about ICD-10, EHR incentives, Medicare cuts, and the Affordable Care Act. But the most telling moment for me occurred during this year’s HIMSS conference in Orlando. There was quite a bit of B2B enthusiasm, but among the civilians it was mostly a lot of stunned looks and talk about how to get through the year. Here are some of my observations:

ICD-10. CMS has made it abundantly clear there will be no further delays to the October 1 deadline for ICD-10 implementation. This is possibly the most significant change to the healthcare industry in 35 years, affecting claims payment/billing systems, clearinghouses, and private and public software applications. Anyone who provides or receives healthcare in the US will be touched by this in some way.

In a recent poll of healthcare providers conducted by KPMG, less than half of the respondents said they had performed basic testing on ICD-10, and only a third had completed comprehensive tests. Moreover, about 3 out of 4 said they did not plan to conduct tests of any kind with entities outside their organizations.

Incorrect claims denial will be the most likely result. CMS will not process ICD-9 Medicare/Medicaid claims after October 1, and there is a high potential for faulty ICD-10 coding or bad mapping to ICD-9 codes. Error rates of 6 to 10 percent are anticipated, compared to an average of 3 percent under ICD-9. ICD-10 will result in a 100 to 200 percent increase in denial rates, with a related increase in receivable days of 20 to 40 percent. Cash flow problems could extend up to two years following implementation. This will be a costly issue for providers, and a very visible issue for patients.

We advise our clients to be proactive in their financial planning. This should include preparation for delayed claims adjudication and payments, adjustments to cash reserves, or even arranging for a new/increased line of credit. Having sufficient cash on hand to cover overhead during the final quarter of 2014 could be very important, as could future reserves to cover up to six months of payment delays. Companies not in a position to set aside reserves should consider working with lenders now before any issues arise.

Meaningful Use. As with ICD-10, CMS has stated there will be no delays to MU deadlines in 2014. That means providers who have never attested must do so by September 30, or else be subject to penalties in the form of Medicare payment adjustments starting in 2015. Providers who have attested in the past will have a bit longer (until December 31), but the penalties are the same.

There is much dissatisfaction with the government’s “all or nothing” approach to MU, where even the slightest misstep can invalidate an otherwise accurate attestation. While the ONC has proposed a more lenient model for EHR certification in coming years, everything will be measured against a hard deadline in 2014.  CMS is offering some mitigation through hardship exemptions, based on rules that are somewhat broad at this point. Providers should consider applying for an exemption if no other options are available.

We advise against taking shortcuts or rushing to beat the clock on MU. Up to ten percent of eligible professionals and hospitals will be subject to audit, and large hospitals may have millions of dollars at stake. Being prepared for an audit means more than just making sure an attestation is iron-clad; internal workflow and communication are also important. A mishandled audit notification can result in a late response and automatic failure.  Data security should also not be overlooked. Medical groups have failed audits due to lapsed security risk assessments as required under HIPAA.

Medicare Payment Cuts. Medicare Sustainable Growth Rate (SGR) cuts continue to hover over Medicare providers. Enacted by Congress in 1997, the SGR was intended to control costs by cutting reimbursements to providers based on prior year expenditures. But every year costs continue to rise, as do ever-worse SGR cuts (almost 24% in 2015). And every year Congress prevents the cuts via so-called “doc fix” legislation.

In early 2014 there was surprising bi-partisan agreement on a permanent doc fix, whereby Medicare reimbursements would be based on quality measures rather than overall expenditures. However, the legislation was derailed by linking it to a delay of the ACA’s individual mandate. As of mid-March there is still no permanent or temporary solution. Congress will almost certainly intervene to prevent SGR cuts, but by how much is uncertain.

The ACA. As the cost of insurance has increased over the past decade, high-deductible plans have become more and more common. Due to the Affordable Care Act, this trend has become the norm. Media outlets focus on the impact to consumers, and argue about whether more “skin in the game” leads to better choices or less care. What we’re hearing from the front lines is much more concrete: high deductibles are having a negative impact on revenues.

Very few people understand their liabilities under a typical health insurance plan. Last year George Loewenstein, a health-care economist with Carnegie Mellon University, published a survey showing that only 14 percent of respondents understood the basics of traditional insurance policies. At the same time, hospitals report that about 25 percent of bad debt originates from patients who are currently insured. With millions of new enrollees in high-deductible plans and an ongoing economic slump, the situation can only get worse.

The ACA had a further impact by reducing the amount of Disproportionate Share Hospital (DSH) charity funds available, based on a projected increase in insurance coverage.  But with some states not participating in Medicaid expansion, combined with an increase in patients lacking the knowledge or resources to manage large medical expenditures, the reduction in funds comes at exactly the wrong time.

Providers can cope by adjusting revenue cycle processes. For example, new programs should focus on estimating patient liabilities pre-arrival, educating the patient at check-in, and instituting proactive billing/collection at the point of service. In general, providers must pay more attention to the self-pay process, focusing on patient education and offering transparent, easy-to-use billing and payment methods.

Value Modifier. This program has not been a worry for most providers thus far. Not because it won’t have an impact on revenue, but because they don’t know about it. A little-known provision of the ACA, the Value-Based Payment Modifier mandates adjustments to Medicare reimbursement based on quality and cost measures. The program is being phased in, and so far has applied only to group practices of 100 or more Eligible Professionals (EPs). In 2014, smaller groups of 10 or more EPs will be subject to the legislation. These groups must apply and report to the program by October 1. Otherwise, they will be subject to a 2 percent cut in Medicare reimbursements starting in 2016.

One of the most important aspects of the program is its definition of “eligible professional” when defining the size of a group practice. For the purposes of Value Modifier, eligible professionals include not only physicians but also practitioners and therapists. That means that a practice with 8 physicians, a nurse practitioner, and a physical therapist would qualify as a practice with 10 EPs.

Value Modifier is part of the growing trend toward quality-based reimbursement. Even commercial payers are considering some version of the program. The scoring calculations are complex and poorly understood, so we advise clients to get up-to-speed as soon as possible. Groups with high quality and low cost will receive incentives rather than cuts, with additional upward adjustment for services to high-risk beneficiaries. Groups that are not paying attention may be surprised by an additional hit to revenue in 2016. In addition, quality scores will eventually be published to the general public on the Medicare.gov Physician Compare website.  Sub-par or missing scores could have a negative financial impact on a practice.

Conclusion

These are only the most high-profile impacts to the healthcare industry during the current year. Much else flows from them: changes to workflow, to computer systems, to financial expectations. Tremendous pressures are coming to bear within a limited timeframe.  We’re seeing an industry in the midst of tectonic change, with 2014 as the fault line. It’s unclear whether these disruptions will be for better or worse. But there certainly will be winners and losers, and those who plan ahead are most likely to survive.

______________________

Ben Quirk is CEO of Quirk Healthcare Solutions, a consulting firm specializing in EHR strategic management, workflow optimization, systems development, and training. The company’s clients have enjoyed remarkable success, including award of the Medicare Advantage 5-star rating. Quirk Healthcare presents a weekly webinar series, Insights, to inform clients and the general public about government programs and industry trends. Mr. Quirk is also Executive Director of the Quirk Healthcare Foundation, a learning institution which fosters innovation in the healthcare industry.

ICD-10 – Is Everyone Ready? – ICD-10 Tuesdays

Posted on March 25, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The following is a guest post by Barry Haitoff, CEO of Medical Management Corporation of America.
Barry Haitoff
One of the biggest challenges to revenue a practice will face in 2014 is the move to ICD-10 on October 1, 2014. One of the biggest challenges with ICD-10 is that it impacts the entire healthcare ecosystem. This means that revenue flow could be impacted if any one part of the healthcare billing continuum isn’t ready.

The first key step every organization can take to prepare for the switch to ICD-10 is to do an audit of which systems, people, and processes will be impacted by the change. Second, you should evaluate the ICD-10 readiness of each system, people and process. Finally, you should make a plan for how you’ll ensure that each piece of the puzzle is ready for ICD-10.

Here’s a quick look at some of the places you’ll want to look when doing an audit of your ICD-10 readiness:
EHR Software
This is an obvious one. We all know that the EHR vendor needs to be ready for ICD-10. However, as John posted previously, Is Your EHR Ready for ICD-10, Not Just Say They’re Ready? it’s really easy for an EHR vendor to say they’ll be ready for ICD-10. At the core of being ready for ICD-10 is just being able to use a new code. Every EHR vendor will be able to enter the new code. Instead of asking if they are ready for ICD-10, you should ask your EHR vendor what interface they’ve created for you to be able to find the ICD-10 codes. You’ll want to get in and test this new interface for finding codes well before the ICD-10 deadline so they can make any changes to the software.

Providers
Every doctor I know understands they they’re going to have to be ready for ICD-10. They’ve heard about the expanded set of codes and how finding the right code is likely going to take extra time. What many doctors haven’t realized yet is that with increased coding specificity, the doctor’s documentation is going to have to change as well. Coding 101 is that the coding has to match the documentation. This will require every doctor to change the way they document their visit even if it’s only a small change.

Billing Software
This is another obvious one and many of the lessons mentioned above about EHR software apply to billing software. However, you’ll definitely want to make sure that your billing software is ready for ICD-10. Can you imagine the impact to your organization if they’re not ready? You might not think this is possible, but I’ve heard some billing software already announce that they’re not planning to revise their software for ICD-10.

Billers and Coders
This is the group that seems most prepared for ICD-10. Most people realize that the coders or billers in their organization need to be ready for ICD-10. Unfortunately for many organizations, that’s where they think all the ICD-10 preparation needs to happen. As this list shows, they are so wrong. However, if you haven’t invested in getting your billers and coders ready for ICD-10, then you better start doing so now. In some cases you may have an older coder that chooses to retire instead of learning ICD-10. Make sure you learn if this is the case now instead of October 1st.

Billing Company
It’s really hard to imagine a billing company not being ready for ICD-10. It’s a basic fundamental of them being a business. If they can’t do ICD-10 they’ll be out of business. However, it makes sense for you to check with them to see what they’ve done to prepare for ICD-10. You’re their customer and it never hurts to hold them accountable. If they don’t thank you up front, they’ll thank you on October 1st when they’re ready for the change.

Labs and Radiology
You’d think that these wouldn’t be that big of an issue since we’re just talking about a new code that gets sent to the lab or radiology. However, if they’re not expecting ICD-10 codes, your patients could run into issues. Plus, many of you have interfaces which send this information automatically. You’ll want to make sure that these interfaces can handle the new codes as well.

Payors
This is probably the most important one and also one of the most challenging. It is the most important, because if they’re not ready for ICD-10 that could mean that you stop getting paid. In many organizations, a hit to their cash flow could have serious ramifications. My guess is that some of you don’t think that this could ever really happen. I assure you that it could happen. Certainly they’ll eventually fix whatever issues they have and they’ll get rolling with ICD-10. Although, will it take them a week, a month, a couple months, to fix whatever issues they may be experiencing? Can you handle not getting paid for a week, month, or multiple months? The challenge is that there’s no simple way for you to know if the payors are indeed ready for ICD-10. The best advice I can offer is a famous statement, “The squeaky wheel gets greased.” Don’t be afraid to make some noise to make sure they’re ready.

Hospitals and HIE
Many vendors are starting to build interfaces with their hospital or an outside HIE (Health Information Exchange). If you have one of these interfaces, you’ll want to make sure that it can support the new ICD-10 codes. Don’t forget to check and test both sides of the interface for their ICD-10 readiness.

Other ICD-10 Readiness Advice
When assessing the readiness of the various entities listed above (and you will likely have others), it’s important that you ask the right questions to make sure you get the right answers. Much like when you’re evaluating between EHR vendors, you want to avoid asking Yes/No questions. For example, if you ask your EHR vendor, “Are you ready for ICD-10?” then you will quickly get a response of Yes. If instead you ask, “What have you done to get ready for ICD-10?” you will get a much more informative answer that helps you understand their true ICD-10 readiness.

Also, when doing your assessment of their readiness, don’t forget to also verify that they can handle ICD-9 for those situations where an organization still hasn’t moved to ICD-10. Yes, it’s crazy that some government organizations aren’t moving to ICD-10. However, it’s the stark reality, so make sure that when needed to you can still support ICD-9 as well.

In all of this, there’s a challenging balance between doing your training too early or too late. If you train your doctors on ICD-10 too early, then they’re likely to forget it by the time October 1st rolls around. However, if you wait until the ICD-10 deadline approaches, the resources for ICD-10 won’t be available. Can you imagine what it will be like to try and hire an ICD-10 coder or ICD-10 trainer in September?

Medical Management Corporation of America, a leading provider of medical billing services, is a proud sponsor of EMR and HIPAA.

Eyes Wide Shut: Meaningful Use Stage 2 Incentive Program Hardships

Posted on March 5, 2014 I Written By

Mandi Bishop is a healthcare IT consultant and a hardcore data geek with a Master's in English and a passion for big data analytics, who fell in love with her PCjr at 9 when she learned to program in BASIC. Individual accountability zealot, patient engagement advocate, innovation lover and ceaseless dreamer. Relentless in pursuit of answers to the question: "How do we GET there from here?" More byte-sized commentary on Twitter: @MandiBPro.

In my January update on Meaningful Use Stage 2 readiness, I painted a dismal picture of a large IDN’s journey towards attestation, and expressed concern for patient safety resulting from the rush to implement and adopt what equates to, at best, beta-release health IT. Given the resounding cries for help from the healthcare provider community, including this February 2014 letter to HHS Secretary Kathleen Sebelius, I know my experience isn’t unique. So, when rumors ran rampant at HIMSS 2014 that CMS and the ONC would make a Meaningful Use announcement, I was hopeful that relief may be in sight.

Like AHA , I was disappointed in CMS Administrator Marilyn Tavenner’s announcement. The new Stage 2 hardship exemptions will now include an explicit criteria for “difficulty implementing 2014-certified EHR technology” – a claim which will be evaluated on a case-by-case basis, and may result in a delay of the penalty phase of the Stage 2 mandate. But it does nothing to extend the incentive phase of Stage 2 – without which, many healthcare providers would not have budgeted for participation in the program, at all, including the IDN profiled in this series. So how does this help providers like mine?

Quick update on my IDN’s progress towards Stage 2 attestation, with $MM in target incentive dollars at stake. We must meet ALL measures; there is no opportunity to defer one. The Transition of Care (both populating it appropriately, and transmitting it via Direct) is the primary point of concern.

The hospital EHR is ready to generate and transmit both Inpatient Summary and Transition of Care C-CDAs. The workflow to populate the ToC required data elements adds more than 4 minutes to the depart process, which will cause operational impacts. None of the ambulatory providers in the IDN have Direct, yet; there is no one available to receive an electronic ToC. Skilled resources to implement Direct with the EHR upgrades are not available until 6-12 weeks after each upgrade is complete.

None of the 3 remaining in-scope ambulatory EHRs have successfully completed their 2014 software upgrades. 2 of the 3 haven’t started their upgrades. 1 has not provided a DATE for the upgrade.

None of the ambulatory EHRs comes with a Clinical Summary C-CDA configured out-of-the-box. 1 creates a provider-facing Transition of Care C-CDA, but does not produce the patient-facing Clinical Summary. (How did this product become CEHRT for 2014 measures?) Once the C-CDA is configured, each EHR requires its own systems integrator to develop the interface to send the clinical document to an external system.

Consultant costs continue to mount, as each new wrinkle arises. And with each wrinkle, the ability to meet the incentive program deadlines, safely, diminishes.

Playing devil’s advocate, I’d say the IDN should have negotiated its vendor contracts to include penalty clauses sufficient to cover the losses of a missed incentive program deadline – or, worst case scenario, to cover the cost of a rip-and-replace should the EHR vendor not acquire certification, or have certification revoked. The terms and conditions should have covered every nuance of the functionality required for Stage 2 measures.

But wait, CMS is still clarifying its Stage 2 measures via FAQs. Can’t expect a vendor to build software to specifications that weren’t explicitly defined, or to sign a contract that requires adherence to unknown criteria.

So, what COULD CMS and the ONC do about it? How about finalizing your requirements BEFORE issuing measures and certification criteria? Since that ship’s already sailed, change the CEHRT certification process.

1. Require vendors to submit heuristics on both initial implementation and upgrades, indicating the typical timeline from kick-off to go-live, number of internal and external resources (i.e., third-party systems integrators), and cost.
2. Require vendors to submit customer-base profile detailing known customers planning to implement and/or upgrade within calendar year. AND require implementation/upgrade planning to incorporate 3 months of QA time post-implementation/upgrade, prior to go-live with real patients.
3. Require vendors to submit human resource strategy, and hiring and training program explicitly defined to support the customer-base profile submitted, with the typical timeframes and project resource/cost profiles submitted.
4. Require vendor products to be self-contained to achieve certification – meaning, no additional third-party purchase (software or professional services) would be necessary in order to implement and/or upgrade to the certified version and have all CMS-required functionality.
5. Require vendor products to prove the CEHRT-baseline functionality is available as configurable OOTB, not only available via customization. SHOW ME THE C-CDA, with all required data elements populated via workflow in the UI, not via some developer on the back-end in a carefully-orchestrated test patient demo script.
6. Require vendor products adhere to an SLA for max number of clicks required to execute the task. It is not Meaningful Use if it’s prohibitively challenging to access and use in a clinical setting.

Finally, CMS could redefine the incentive program parameters to include scenarios like mine. Despite the heroic efforts being made across the enterprise, this IDN is not likely to make it, with the fault squarely on the CEHRT vendors’ inability to deliver fully-functional products in a timely manner with skilled resources available to support the installation, configuration, and deployment. Morale will significantly decline, next year’s budget will be short the $MM that was slated for further health IT improvements, and the likelihood that it will continue with Stage 3 becomes negligible. Vendor lawsuits may ensue, and the incentive dollar targets may be recouped, but the cost incurred by the organization, its clinicians, and its patients is irrecoverable.

Consider applying the hardship exemption deadline extension to the incentive program participants.

PQRS Incentives, Penalties and the Coming Value Based Payment Modifier

Posted on February 20, 2014 I Written By

The following is a guest post by Barry Haitoff, CEO of Medical Management Corporation of America.
Barry Haitoff
Much of the focus of healthcare has been on meaningful use and the EHR incentive money. Considering we just reached $19 billion of payouts, it’s definitely a topic worthy of attention. However, a topic which hasn’t gotten nearly as much attention, but is nearly or possibly more important than meaningful use is PQRS and the Value Based Payment Modifier.

Before I dig into some of the details and timelines for PQRS and the Value Based Payment Modifier, it’s really important to note that both of these programs are really just a preview of what’s happening with Medicare reimbursement. These programs are the core of the shift towards paying physicians differentially based on the quality and cost of the care they provide and away from the traditional fee for service model. We’ve seen similar value based payment arrangements with the advent of ACOs, CINs and other clinical networks establishing innovative payment models with payers. Understanding where these programs are going will give you a preview of what’s happening with healthcare reimbursement.

PQRS
When it comes to PQRS, much like meaningful use, there is both a PQRS incentive and PQRS penalty (carrot and stick if you prefer). 2014 is the final year to receive the PQRS incentive money (0.5% of Medicare Part B claims) and participants must submit 12 months of 2013 CQM data by February 28, 2014 if reporting by claims data, March 21, 2014 if reporting by GPRO web interface, and March 31, 2014 if reporting by registry data. (Note: The 2013 MU reporting deadline was moved to March 31, 2014, but the PQRS deadlines have not changed.). However, more important is that providers who don’t report PQRS 2013 data will be penalized 1.5% in 2015. Those who don’t participate in PQRS in 2014 will be penalized 2% in 2016.

Value Based Payment Modifier
While most people have heard about PQRS and are hopefully participating to avoid the penalties, many people haven’t heard about the Value Based Payment Modifier that is built on the PQRS foundation. While you could look at the Value Based Payment Modifier final rule, this Value-Based Payment Modifier summary is a much better overview of the program.

Essentially, the Affordable Care Act (ACA) required that CMS implement a value based payment modifier that would apply to Medicare fee for service payments. This program will start with physicians in groups of 100 or more eligible professionals under the same TIN beginning January 1, 2015, and apply to all physicians and groups by January 1, 2017. CMS also recently announced that this applies to both par and non-par Medicare providers with 100 or more eligible professionals.

Here’s a look at how this new Value Modifier will work for groups of physicians with 100 or more eligible professionals and will likely be a preview of what’s to come for all Medicare physicians:
CMS Value Modifier

While the program starts with relatively small 1% adjustments, this quote from CMS also provides a clear indication of where they want to take this program:

We also anticipate that we would propose to increase the amount of payment at risk for the Value Modifier as we gain additional experience with the methodologies used to assess the quality of care, and the cost of care, furnished by physicians and groups of physicians.

What should you do to be prepared for this new Value Based Payment Modifier?
1. Participate in the PQRS program since it’s the foundation of what’s to come.
2. Keep an eye on changes to the PQRS and Value Based Modifier programs. They are changing regularly and it’s worth knowing what’s changing with these programs.
3. Work with your professional organization to provide feedback on these programs. No doubt they’re keeping an eye on them and providing feedback as part of the government rule making process. Make sure your voice is heard.

CMS looks at this new value based modifier as a budget neutral program. That means that there are going to be winners and losers. By understanding how these programs work, you can better assess if you want to work to avoid the payment adjustments or if you’re ok taking them on.

Like it or not, PQRS is the start of the movement towards quality based reimbursement and likely a small preview of coming attractions. Of course, if the SGR Fix gets funded by congress, then PQRS, Meaningful Use and the Value Based Modifier will be sunset at the end of 2017 and rolled into a new Merit-Based Incentive Payment System (MIPS) that will start in 2018. More on MIPS in the future, but I think we can safely say that MIPS will be an amalgamation of all these incentive programs.

Medical Management Corporation of America, a leading provider of medical billing services, is a proud sponsor of EMR and HIPAA.