Folder Contents Agenda 10:00AM 10:20AM Registration 10:20AM - - PowerPoint PPT Presentation

Folder Contents

Agenda

10:00AM – 10:20AM Registration 10:20AM – 10:30AM Welcome and Introduction 10:30AM – 11:15AM Highlights of the MACRA Rule 11:15AM – 12:00PM Tips and Tricks for MU and PQRS 12:00PM Lunch 12:15PM – 1:15PM Panel: Optimizing Your Practice for MU, PQRS, MACRA Success 1:15PM – 1:30PM Break 1:30PM – 2:00PM HIPAA Scan: Top Threats and Success Strategies for Practices 2:00PM – 2:30PM Getting Ready for Practice Transformation 2:30PM – 3:00PM Open Q & A/Closing Remarks

Follow us on Twitter: @KentuckyREC Like us on Facebook: facebook.com/EHRResource Follow us on LinkedIn: www.linkedin.com/company/kentucky-rec Check out our website: www.kentuckyrec.com Sign up for our e-newsletters and weekly blog updates

Today’s Hashtag: #kytransform Today’s Hashtag: #kytransform

Carol Steltenkamp, MD, MBA CMIO, UK HealthCare Trudi Matthews, Managing Director, Kentucky REC

Highlights of MACRA Final Rule

Moving to Value-Based Payment

Understanding the What & Why

What is Value Based Payment?

Quality Cost

VALUE

Volume to Value Based Shift

Recent legislative, regulatory and marketplace developments suggest that the transition from volume to value-based payment is accelerating from a “testing” phase to a “scaling” phase Affordable Care Act Enacted

March 2010 January 2012

Pioneer ACO Program Launched

October 2012

Hospital Value Based Purchasing Program

April 2013

Bundled Payments for Care Improvement (BPCI) CMS Announces Value- Based Payment Goals; Value Modifier Program Begins

January 2015

Medicare Access and CHIP Reauthorization Act (MACRA) Enacted

April 2015

Testing Phase Scaling Phase

April 2016

MACRA NPRM, Medicaid Managed Care Final Rule Released

July 2016

Cardiac & CJR Episode Payment NPRM Released MACRA Final Rule Released

October 2016

In January 2015, the Department of Health and Human Services announced new goals for value-based payment and APMs in Medicare

2015: CMS Accelerates Shift to Value-Based Payment

April 2016: Medicaid Managed Care Regulations

Among other provisions State Medicaid Agencies may require an MCO to:

• Implement value based purchasing models for

provider reimbursement

• Participate in multi-payer delivery system reform
• r performance improvement
• Phase out of supplemental payments – with
• ption to move payments into value-based

payment models

Commercial Insurers Accelerate VBP

“Our industry is in the midst of a profound shift from fee-for- service, or volume-based care, to value-based care. Aetna has successfully built more than 72 ACO relationships with providers, growing from very small numbers in 2011 to more than 2 billion dollars in revenue today. …We plan to maintain 75 percent of

• ur medical spending in value-based contracts by 2020.”
• Charles Kennedy, MD, chief population officer for Healthagen, Aetna

Source: Health Care Learning & Action Network

Highlights of the Medicare Access and CHIP Reauthorization Act (MACRA) Final Rule Released in October 2016

APM MIPS

April 2016 MACRA Final Rule:

New Medicare Part B Payment Program

Merit-based Incentive Payment System Alternative Payment Models

88%

CMS estimate of Medicare-eligible clinicians under MIPS track in 2019

For most health care

• rganizations,

the only real MACRA survival strategy:

SUCCEED IN MIPS

MACRA Glossary of New Terms

• New program name for MACRA’s change in Medicare

Part B payments

Quality Payment Program (QPP)

• New pay for performance approach under Medicare

Merit-Based Incentive Payment System (MIPS)

• New payment models (e.g., ACOs) that move away from

fee-for-service reimbursement

Alternative Payment Models (APMs)

• Overall clinician score from 0-100 calculated based on

four weighted performance categories

Final Score

• Category that replaces PQRS; worth 60% of final score in

Yr 1

Quality

• New name for resource use category; replaces value

modifier program; not assessed in Yr 1

Cost

• Category that replaces the Medicare EHR Incentive

Program for meaningful use; worth 25% in Yr 1

Advancing Care Information (ACI)

• New category; worth 15% of final score; includes

activities aimed at improving care

Improvement Activities

MACRA Eligible Clinicians (ECs)

• Physicians, PAs, NPs, CNS, CRNA
• After 2020, CMS may expand to other clinicians in Medicare FFS: PT, OT,

NMW, CSW, Clinical Psychologists, Dieticians and Nutrition professionals 5 Types of Eligible Clinicians (ECs)

• Hospitals/Medicare Part A payments
• FQHCs/RHCs and Medicaid Providers

Not covered by MACRA:

• 1st year ECs
• “Non-patient facing” provider
• Low volume providers who do not bill at least $30,000 under the Medicare

Physician Fee Schedule or care for more than 100 Medicare patients yearly

• Advanced APM Qualifying Provider not scored under MIPS

Exclusions:

MACRA Timeline

October 14, 2016: Release of Final Rule Jan – Dec 2017: 1st Performance Period for MACRA March 31, 2018: Reporting Deadline for First Year Jan – Dec 2019: 1st Payment Year = +/- up to 4%

Physician Compare

Coming Soon – Your MACRA performance score!

2017 Transition Year: “Pick Your Pace” Options

Option 1: Test Submission Option 2: Partial Submission Option 3: Full Submission Option 4: Advanced APM

QPP

MERIT-BASED INCENTIVE PAYMENT SYSTEM (MIPS)

Physician Value-Based Modifier Physician Quality Reporting System EHR Incentive Program and Meaningful Use

MIPS: A Consolidation of Programs

Providers will receive a MIPS final score based on 4 weighted performance categories:

MIPS Final Score 0-100

Quality Cost Advancing Care Information





Improvement activities

How will MIPS measure performance?

CY19

60% 0% 15% 25%

CY20 50% 10% 15% 25% CY21 30% 30% 15% 25%

Maximum MIPS Payment Adjustments

Source: Leavitt Partners - MACRA: Quality Incentives, Provider Considerations, and the Path Forward

Quality

% Score: Measures: Requirements Methods: Makes up 60% of your final score for PY 2017  Replaces PQRS; # of measures from 9 down to 6 measures  200+ measures to choose from  6 Measures Except:  Groups using CMS web interface report 15 quality measures  MIPS – APMS report via CMS web interface 1 measure must be:  Outcome measure OR  High-priority measure  Measures updated each year  Specialist sets available  QCDR  EHR  Qualified Registry  Web interface (groups only)  Claims (individual

• nly)

Improvement Activities

% Score: Measures: Requirements: Method: Makes up 15% of your final score for PY 2017 Full points for:  Certified PCMH/PCSP  Medical Home Model or Advanced APMs MIPS - APMs get 50% of full pts 90+ Activities in 9 subcategories  Access  Population Management  Beneficiary Engagement  Care Coordination  Patient Safety  Equity 2- 4 Activities required: Highly weighted = 20 pts  Medium weighted = 10 pts  Special consideration for small groups and ECs in rural and underserved areas Simple attestation suffices for reporting Must be performed for a 90 consecutive day period

Advancing Care Information

% Score: Measures: Requirements: Reporting: Makes up 25% of your final score for PY 2017 Replaces Medicare MU Program New Data Blocking Requirements Base Score:  Submit 5 Required Objectives Performance Score:  Submit up to 9 measures for additional credit Flexible Scoring:

• 1. Base
• 2. Performance
• 3. Bonus

Bonus Credit:  Public Health/Clinical Data Registry  Use of CEHRT for improvement activities Individual or Group/TIN Level reporting available 2017 Options: 1. ACI Objectives 2. 2017 ACI Specific measures

Cost

% Score: Measures: Requirements: Method: Makes up 0% of your final score for PY 2017  2018 – category - 15% weight  ECs will get feedback on this category in Quality and Resource Use Report (QRUR) Score is based

• ff of Medicare

Part B claims, including: Measure 1: Spending per Beneficiary (MSPB) Measure 2: Total costs per capita for all attributed beneficiaries  New 10 episode-specific cost measures  When clinician bills Medicare for diagnosis code gets included in episode  Minimum # of patients sample. Typically 20 or > 35 for MSPB  No data submission required  Validation of data is important!

APM MIPS

April 2016 MACRA Final Rule:

New Medicare Part B Payment Program

Merit-based Incentive Payment System Alternative Payment Models

What’s the big deal about APMs?

Stated intention of CMS that more and more of its $ will be spent in APMs over time 5% Annual Participation Bonus for Advanced APM participants from 2019-2025 Favorable scoring under MIPS for all APM participants Annual update after 2025 is 0.75% for APM entities versus 0.25% for MIPS entities

 Next Generation ACO Model  Medicare Shared Savings Program – Tracks 2 & 3  Comprehensive Primary Care Plus (CPC+)  Comprehensive ESRD Care Model  Oncology Care Model Two-Sided Risk Arrangement (in 2018)  Cardiac & CJR Episode Model (in 2018)

In new MACRA Final Rule, Advanced APMs include:

Advanced APM participants are eligible for 5% bonus payment.

But, only some APMs are risk-bearing Medicare payment models that qualify for this bonus payment. 3

• MACRA does not change how any particular APM rewards value.
• APM participants who are not “Qualifying Providers” (QPs) will receive favorable

scoring under MIPS.

Advanced Alternative Payment Models

All APM Participants QPs in Advanced APMs

Only providers in Advanced APMs will be deemed qualifying APM participants (“QPs”):

• 1. Report APM quality measures
• 2. Use of Certified EHR
• 3. Meet Advanced APM criteria (risk-bearing
• r medical home model)
• 4. Must meet APM thresholds for payment and

patient volumes Most physicians and practitioners who participate in APMs will be subject to MIPS and will receive favorable scoring under the MIPS clinical practice improvement activities performance category.

Not Every APM Will Qualify for 5% APM Bonus

Impact of MACRA on Medicare Providers

Financial & Strategy Implications

• MACRA moves Medicare

payment from one size fits all to a meritocracy

• Market share will shift from

low performers to high performers over time

• Delay means disaster;

exponential leaps in value will be needed to catch up with those that perform better as thresholds increase over time

Reputational Status

Publicly available scores on quality and value that compare

• rganizations/professionals will

affect:

• Health plan negotiations
• Talent recruitment
• Consumer choice

How can clinicians and staff prepare?

"People's lives can be absolutely transformed by being nudged along a slightly altered route.“

• Dr. Ben Fletcher

Sample QRUR

Immediate Actions to Consider

• Engage leadership & key

clinicians

• Medical home recognition a

critical first step

• Dominate your quality data
• Analyze QRUR and other

payer feedback

• Review compensation

models

Some clinicians think MACRA means…

• Stop seeing sick, non-compliant patients
• Start accepting only patients who are healthy
• But successful VBP/APM leaders understand

the 5-50 Rule. 5% of patients are responsible for 50% of costs.

Focus on Common Elements on the Payment Innovation Journey

Culture of Continuous Quality Improvement & Team Based Care Patient Attribution & Empanelment Performance Measurement, Data Analysis and Identification of Gaps in Care Identification of Higher Risk, High Cost Patients & Targeted Care Management Care Coordination across the Medical Neighborhood Patient Engagement & Experience of Care

Kentucky REC & the Great Lakes PTN

• Great Lakes PTN is one of 29 Practice

Transformation Networks (PTNs)

• GLPTN works with 10 Support and Alignment

Networks (SANs) GLPTN State Level Leadership:

• Indiana University (primary grant recipient)
• University of Kentucky (Kentucky)
• Purdue Healthcare Advisors (Indiana)
• Northwestern University (Illinois)
• Altarum Institute (Michigan)

CMS established the Transforming Clinical Practices Initiative (TCPI) to help clinicians achieve large-scale health transformations through collaborative and peer-based learning networks

Thank you!

Questions?

Getting Ready for 2016 Reporting: Tips and Tricks for PQRS

Healthcare Transformation Regional Roadshows Date here

Tip 1: List of Eligible Providers (EPs)

Tip 2: Reporting Methods

Individual Reporting Methods: Claims Qualified PQRS Registry EHR Direct using certified EHR Technology (CEHRT)* CEHRT via Data Submission Vendor (DSV) Qualified Clinical Data Registry (QCDR) Group Reporting Methods:

Qualified PQRS Registry Web Interface (for groups of 25 or more) EHR Direct using certified EHR Technology (CEHRT)* CEHRT via Data Submission Vendor (DSV) CAHPS for PQRS via CMS-certified survey vendor (for group practices of 2+)

* Requires obtaining a CMS Enterprise Identity Management (EIDM) account formerly known as the IACS

account

Tip 3: Reporting Criteria

Required to submit 9 measures over 3 domains and one cross cutting measure Cross-cutting measures are defined as measures that are broadly applicable There are 6 National Quality Strategy Domains Satisfactorily reporting measures requires that the measure performance percentage must be greater than 0%

Tip 4: Reporting Timeframe

Claims – report through out the program year, note cannot re-submit claim just to add PQRS modifiers Qualified PQRS Registry – selected registry will have from Jan.1,2017 through Mar. 31, 2017 to submit on behalf of the EP EHR Direct using certified EHR Technology (CEHRT) – EPs will be able to submit appropriate data files through the CMS portal from Jan.1, 2017 through

• Feb. 28, 2017

CEHRT via Data Submission Vendor (DSV) – Vendor can start submitting data on behalf of EPs from Jan. 1, 2017 through Feb. 28, 2017 Qualified Clinical Data Registry (QCDR) – selected QCDR will have from Jan.1,2017 through Mar. 31, 2017 to submit on behalf of the EP

Trick 1: PQRS Measure Selection Considerations

Step 1: Review reporting year Measures list on PQRS website Step 2: Consider Important Factors

Clinical conditions usually treated Types of care typically provided – e.g., preventive, chronic, acute. Other quality reporting programs in use or being considered – e.g. Value-Based Modifier Program, upcoming Quality Payment Program

Step 3: Review Measure Specifications

After making a selection of potential measures, review the specifications for the selected reporting mechanism for each measure under consideration. Select those measures that apply to services most frequently provided to Medicare patients by the EP or PQRS group practice.

Trick 2: Leverage all Available Information

Download PQRS feedback reports from previous years to see past performance to identify improvement trends Obtain annual Quality Resource User Reports (QRURs) to review quality previous quality scores *

* Requires obtaining a CMS Enterprise Identity Management (EIDM)

account formerly known as the IACS account

Trick 3: Obtain EIDM Account Early

Registration for an account is online using the CMS portal Individual requesting access will be required to enter their Social Security Number and Date of Birth for verification

Trick 4: Importance of Focusing on PQRS

2016 the last performance year for PQRS as you know it Starting performance year 2017 PQRS measures will be used to calculate 60% of the Merit-Incentive Payment System (MIPS) performance score proposed under the Medicare Access and CHIP Reauthorization Act (MACRA)

QUESTIONS?

Lynn Grigsby Tiller, MBA, MSIS Project Manager, Kentucky REC

Tips & Tricks for MU

Meaningful Use Tips & Tricks 2016

Meaningful Use is Still Here Meaningful Use Measure Summary CQMS Requirements for 2016

Incentives and Payment Adjustments

Meaningful Use is Still Here

Meaningful Use – Medicare versus Medicaid

• Continue to attest – 2016 LAST year for the Medicare EHR

Incentive Program

• MACRA Implements, Sunsets and Incorporates Medicare MU

Program for EPs

• No changes yet to Medicaid MU requirements for both EPS

and EHs

• Continue on 2016 path monitoring regulations
• Since Medicaid MU program continues to 2021, dual

reporting will be required under current regulations

Breaking News: OPP Final Rule

• Aligns MU & Advancing Care

information objectives

Aligns

• 2016 reporting period: 90 days
• 2017 reporting period: 90 days

Reporting Period

• Removes CPOE
• Removes CDS Rules

Objective Changes

Important Deadlines for 2016

*Medicare – February 28, 2017 *Medicaid – March 31, 2017

• 60 days from start of reporting period
• Last reporting period will be Oct 3 – Dec 31
• PH addendums must be signed by Dec 1
• Electronic Lab Reporting – If missed Oct 1 deadline – contact KHIE

Last Y ear to Enroll in Medicaid EHR Incentive Program Attestation Deadlines Public Health Clinical Quality Measures – Reporting Mechanism

• 2016 is last year for EPs to enroll in the Medicaid EHR Incentive Program
• Feb 28, 2017 – Last day to register for 2016 Medicaid EHR Incentive Program
• Dual eligible providers in danger of PQRS – VM Penalty – determine reporting

mechanism ASAP

Objective Measure

Protect Patient Health Information

• Security Risk Analysis*

Clinical Decision Support

• 5 CDS Rules tied to 4 CQMS

Computerized order entry

• >60 % Medication Orders
• >30 % Lab Orders
• >30 % Radiology Orders

Electronic Prescribing

• >60% ePrescribing*

Health Information Exchange

• >10 % Exchange information with other physicians*

Patient Education

• >10 % Patient-Specific Education**

Medication Reconciliation

• >50% Patient Transitioned into EPs care has medication

reconciliation performed Patient Electronic Access

• >50% Patient Access*
• 2016: 1 patient 2017: >5% View, Download and Transmit

(VDT)** Secure Electronic Messaging

• 2016: 1 patient 2017: >5 % Secure Messaging**

Public Health Reporting

• Immunization registry reporting** (& Bonus)
• Syndromic surveillance reporting (Bonus)
• Specialized registry

Stage 2 Objectives 2016 - 2017

*ACI Base Score ** ACI Performance Score

• All participants in Medicaid MU will attest to Stage 3 beginning in

2018 Exception: Medicaid providers in their first year of demonstrating meaningful use report on 90 days

• All providers must use EHR technology certified to 2015 Edition for

a full calendar year for 2018 EHR reporting period

• Providers choosing option to attest to Stage 3 in 2017 MUST have

2015 CEHRT

Stage 3 Objectives

2016 CQM Reporting Options:

• Submit though Medicare attestation
• Submit through PQRS Portal

Medicare

• Submit individual through PQRS Portal
• Submit group through PQRS Portal
• Report group through ACO

Quality Programs

• Submit through Medicaid attestation

Medicaid

CQM Requirements for 2016 Dual EH & CAHs

• Option 1: Attest to 16 of 29 possible CQMs through the EHR

Registration & Attestation System

• Option 2: eReport 4 CQMs through Hospital Inpatient Quality

Reporting (IQR) through QualityNet Secure Portal

• Note: The CQM reporting options for EPs and hospitals in 2016 are the

same as the options that were available in 2015. Medicaid-only hospitals report their CQMs via their state's portal.

• For more information on the 2016 program requirements and clinical

quality measures, visit the 2015 CQM Reporting Options page on the CMS EHR Incentive Programs website.

Medicare EHR Incentives

Payment Amount First Payment 2011 First Payment 2012 First Payment 2013 First Payment 2014 2011 $18,000 2012 $12,000 $18,000 2013 $7,840 Reduction ($160) $11,760 Reduction ($240) $14,700 Reduction ($300) 2014 $3,920 Reduction ($80) $7,840 Reduction ($160) $11,760 Reduction ($240) $11,760 Reduction ($240) 2015 $1,960 Reduction ($40) $3,920 Reduction ($80) $7,840 Reduction ($160) $7,840 Reduction ($160) 2016 $1,960 Reduction ($40) $3,920 Reduction ($80) $3,920 Reduction ($80) Total Incentive Payments $43,720 $43,720 $38,220 $23,520

Medicaid EHR Incentives

2018 Payment Adjustments Based on 2016 Eps Participation

Medicare EHR Incentive Program –3% penalty based on participation in 2016 PQRS –2% penalty based on participation in 2016 Value Based Payment Modifier (VM) Mandatory quality-tiering for PQRS reporters

• Groups 2-9 EPs and solo physicians will see +/-2% adjustment based on quality-tiering
• Groups with 10+ EPs will see +/-4% adjustment
• Non-PQRS reporters will see automatic 2% penalty unless in group of 10+ and they will

see 4% penalty

2018 Payment Adjustments Based on 2016 participation – EH/CAH

2016 – Prepare for MIPS

• Attest to Meaningful Use (MU)
• Submit Physician Quality Reporting System

(PQRS)

• Review and Understand your Quality Resource

and Use Reports (QRURs)

• Understand Implications of non-participation in

CMS’ Quality Programs on your PRACTICE REVENUE

Thank you!

Questions?

Kentucky Medicaid EHR Incentive Program

You can find more information about the Kentucky Medicaid EHR Incentive Program at http://chfs.ky.gov/dms/ehr.htm

For all other EHR questions, please send a note to the CHFS DMS EHR Incentive Program Mailbox

EHR Information Center Help Desk

• (888) 734-6433 / TTY

(888) 734-6563

• Hours:Monday-Friday 8:30 a.m.–4:30 p.m. in all time zones (Except Federal

holidays) NPPES Help Desk

• Visit https://nppes.cms.hhs.gov/NPPES/Welcome.do
• (800) 465-3203 - TTY (800) 692-2326

PECOS Help Desk

• Visit https://pecos.cms.hhs.gov/
• (866)484-8049 / TTY (866)523-4759

Identification & Access Management System (I&A) Help Desk

• PECOS External User Services (EUS) Help Desk Phone: 1-866-484-8049
• TTY 1-866-523-4759
• E-mail: EUSSupport@cgi.com

Additional information available on new 2015 Program Requirements page:

https://www .cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/indextml

CMS Help Desks

Follow us on Twitter: @KentuckyREC Like us on Facebook: facebook.com/EHRResource Follow us on LinkedIn: linkedin.com/company/kentucky-rec Check out our website: www.kentuckyrec.com Contact us by Phone: 859-323-3090

Connect with Kentucky REC!

LUNCH & PANEL DISCUSSION

Optimizing Your Practice for MU, PQRS, and MACRA Success Facilitator: Polly Mullins-Bentley Panelists: Lynn Grigsby-Tiller: Kentucky REC Margie Banse: QSource Carla Cooper: Kentucky DMS Jennifer NeSmith: Kentucky Health Center Control Network

Brent McKune, CHPS, CPHIMS Project Manager, Kentucky REC

HIPAA Scan

Agenda

• Why a Security Risk Analysis should be conducted

and/or reviewed on an annual basis

• Review the National Institute of Standards and

Technology (NIST) and OCR’s recommended steps to conducting a thorough Security Risk Analysis

• Best practices and tactics to reduce breaches in your
• rganization

Definitions

• Business Associates (BA) - A person or entity, other than a member of the workforce of a

covered entity, who performs functions or activities on behalf of, or provides certain services to, a covered entity that involve access by the business associate to protected health information.

• Business Associates Agreement (BAA) - A covered entity’s contract or other written

arrangement with its business associate must contain that describes the permitted and required uses of protected health information by the business associate.

• Code of Federal Regulations (CFR) - The codification of the general and permanent rules and

regulations (sometimes called administrative law) published in the Federal Register by the executive departments and agencies of the federal government of the United States.

• Covered Entity (CE) - Defined in the HIPAA rules as (1) health plans, (2) health care

clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.

• Electronic- Protected Health Information (e-PHI) - Any protected health information (PHI)

that is covered under Health Insurance Portability and Accountability Act of 1996 (HIPAA) security regulations and is produced, saved, transferred or received in an electronic form.

• Health Insurance Portability and Accountability Act (HIPAA) - is the federal Health Insurance

Portability and Accountability Act of 1996. The primary goal of the law is to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs.

• National Institute of Standards and Technology (NIST) - a federal technology agency that

works with industry to develop and apply technology, measurements, and standards

Definitions

• Security Rule - The HIPAA Security Rule establishes national standards to protect

individuals’ electronic personal health information that is created, received, used,

• r maintained by a covered entity. The Security Rule requires appropriate

administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information.

• Security Risk Analysis (SRA) – the process of identifying the risks to system security

and determining the likelihood of occurrence, the resulting impact, and the additional safeguards that mitigate this impact.

• Privacy Rule - The HIPAA Privacy Rule establishes national standards to protect

individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients’ rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections.

• Protected Health Information (PHI) - Any information about health status,

provision of health care, or payment for health care that can be linked to a

Evolution of HIPAA

1996 HIPAA was enacted 2005 Security Rule 2013 Omnibus 2009 HITECH 2003 Privacy Rule

Security Risk Analysis Overview

Reasons to Complete a Security Risk Analysis

HIPAA Security Rule

Performing a Security Risk Analysis

How often should I conduct a security risk analysis?

Security Risk Analysis Beneficiaries

Patients Business Associates Covered Entities

Security Risk Analysis Steps

The National Institute of Standards and Technology (NIST) recommends a 9 step methodology approach to conducting a security risk assessment

Risk Analysis Steps

Step 9: Results Documentation Step 8: Control Recommendations Step 7: Risk Determination Step 6: Impact Analysis Step 5: Likelihood Determination Step 4: Control Analysis Step 3: Vulnerability Identification Step 2: Threat Identification Step 1: System Characterization

What does compliance look like?

Is compliance one size fits all?

Approaches for Conducting a Security Risk Analysis

Mitigating Risks

Should I mitigate all risks?

OCR Settlement Highlights

• Cancer Care Group ($750,000 settlement, August 31, 2015)

– OCR found widespread non-compliance, and lack of policies, after laptop bag with unencrypted media exposed records of 55,000 patients

• Feinstein Institute for Medical Research (research institute
• rganized as NY non-profit corporation ($3.9M settlement and

substantial corrective action plan, March 17, 2016)

– Laptop computer with ePHI of approx.13K patients stolen from employee’s car

• Raleigh Orthopedic – ($750,000 settlement, April 14, 2016)

– For providing PHI for 17,300 patients to potential business partner without first executing a BAA

• St. Joseph Health – ($2,140,500 settlement, October 17, 2016)

– Unrestricted access to PDF files containing ePHI of 31,800 individuals

Audits and Preparation

Kentucky REC Can Help!

• Kentucky REC offers the following services performed by AHIMA

Certified HIPAA Privacy & Security professionals:

– Security Risk Analysis addressing HITECH requirements for Meaningful Use – Review of Administrative, Technical & Physical safeguards – Remediation plan and timeline to eliminate or mitigate identified gaps – HIPAA compliant sample policies – Breach Notification

Thank you!

Questions?

Robin Huffman Kentucky Regional Extension Center

Getting Ready for Practice Transformation

Providers will receive a MIPS final score based on 4 weighted performance categories:

MIPS Final Score 0-100

Quality Cost Advancing Care Information





Improvement activities

How will MIPS measure performance?

CY19

60% 0% 15% 25%

CY20 50% 10% 15% 25% CY21 30% 30% 15% 25%

Improvement Activities

Expanded Practice Access Population Management Care Coordination Beneficiary Engagement Patient Safety and Practice Assessment Participation in an APM, including a medical home model Achieving Health Equity Emergency Preparedness and Response Integrated Behavioral and Mental Health PCMH/PCSP Certification = Full Points for Category

“The Gold Standard” for Primary Care Transformation

A journey of a thousand miles begins with a single step…

Meaningful Use Care Delivery Innovation (PCMH) Payment Innovation

Health IT & HIE + Quality Improvement

PCMH is a model that provides specific standards for transforming the organization and delivery of primary care to be more:

 Comprehensive  Patient-Centered  Coordinated  Accessible  Safe

PCMH: A Roadmap

Patient-Centered Medical Neighborhood

Patient-Centered Specialty Practice

• An innovative program for improving specialty

care.

• Organizes care around patients
• Promotes team based care
• Coordinating and tracking care over time with

primary care and other specialists

• Improve quality
• Reduce redundancies and negative patient

experiences

• Proactive coordination
• Patient centered
• Encourages the use of health information

technology

• Meaningful Use Alignment

Benefits of a PCMH

• Long-term partnerships, not hurried visits
• Care that is coordinated among providers
• Better access
• Shared decision-making with patients
• Reduced cost of care
• Decreased ER visits, hospitalizations
• More satisfied providers and patients

Benefits of PCSP

• Effective care coordination
• Greater efficiency
• Improved patient safety
• Readiness for a delivery/reimbursement model that

focuses on outcomes and reduced duplication of services.

• Promoting a practice’s suitability for newly proposed

physician delivery and payment models.

PCMH Recognition

For outpatient primary care Practice-site level Recognizes PCPs at the site, including NPs and PAs who can be designated as a personal clinician 3-year Recognition period Practice may add/remove clinicians

Who is eligible for PCMH Recognition?

• Recognized Practices:
• Internal Medicine
• Family Medicine
• Pediatrics
• Recognized Providers:
• Physicians (MD or DO)
• APRNs
• PAs

PCSP Recognition

Practice-based evaluation for clinicians who provide care in non- primary care specialties Recognizes eligible specialty clinicians at the practice NCQA defines a practice as one or more clinicians who practice together and provide patient care at a single geographic location. 3-year Recognition period Practice may add/remove clinicians

Who is eligible for PCSP Recognition?

• Recognized Practices:
• Non-primary care specialties
• Recognized Providers:
• Physicians (MD or DO)
• APRNs
• PAs
• Certified Midwives
• Behavioral Health Practitioners
• Doctoral or Master’s-level (state certified or licensed):
• Psychologists
• Social workers
• Marriage and family counselors

Who is not eligible for PCSP?

• Chiropractors, Optometrists, Podiatrists are not

eligible for the PCSP program.

• Primary care clinicians who are eligible for NCQA

PCMH Recognition are not eligible for NCQA PCSP Recognition.

• All clinicians who do not share or have their own

panel of patients.

NCQA PCMH 2014 Standards

Standard 1. Enhance Access and Continuity Standard 2. Team-Based Care Standard 3. Population Management Standard 4. Plan and Manage Care Standard 5. Track and Coordinate Care Standard 6. Measure and Improve Performance

NCQA PCSP 2016 Standards

Standard 1: Working with Primary Care and Other Referring Clinicians Standard 2: Provide Access and Communication Standard 3: Identify and Coordinate Patient Populations Standard 4: Plan and Manage Care Standard 5: Track and Coordinate Care Standard 6: Measure and Improve Performance

Scoring Components

PCMH 2014 Recognition

• 6 Standards
• 27 Elements
• 178 Factors*

*Factors are the scored items within an element.

• 6 Must-Pass Elements

– Most important aspects of PCMH

• Critical Factors

– Required to receive at least some (if any) points

PCSP 2016 Recognition

• 6 Standards
• 26 Elements
• 164 Factors*

*Factors are the scored items within an element.

• 6 Must-Pass Elements

– Most important aspects of PCSP

• Critical Factors

– Required to receive at least some (if any) points

Levels of Recognition

• 3 levels of NCQA PCMH Recognition
• Each level reflects the degree to which a practice meets the requirements
• Allows practices with a range of capabilities to meet the requirements

successfully

PCMH Recognition PCSP Recognition

Recognition Levels Required Points Level 3 85 – 100 points Level 2 60 – 84 points Level 1 35 – 59 points Recognition Levels Required Points Level 3 75 – 100 points Level 2 50 – 74 points Level 1 25 – 49 points

A look at the numbers…

PCMH Recognition

In Kentucky:

• 880 Clinicians/Sites

In the US:

• 67,652 Clinicians/Sites

PCSP Recognition

In Kentucky:

• 10 Clinicians/Sites

– 2 Sites – 8 Clinicians

In the US:

• 1,467 Clinicians/Sites

Why Become a PCMH or PCSP? What’s in it for the practice?

Big Picture Payment Reform Incentives Competition

Why Become a PCMH or PCSP? What’s in it for the provider?

Maximizing the Use of My Skills Experiencing Satisfaction from Positive Patient Interaction Enjoying Greater Efficiency in My Job

Why Now?

In order to earn full credit for IA you will need to have recognition for 3 months in 2017. You should submit for recognition by July 31st, 2017 to meet this requirement.

IA Credit

The PCMH 2014 Standards are expiring! PCMH 2017 comes

• ut March 2017.

NCQA is expected to

• nce again raise the

bar for recognition.

PCMH 2014

Strategies for Success

Set Direction

Mission Vision Strategy Develop a Realistic Plan

Form a Team

Physician Lead Practice Manager Administrative Lead Clinical Lead (i.e. LPN, MA, care coordinator, etc.)

Develop a Communication Plan

Staff Providers Patients

Devote Resources

Protected Time Financial Resources Data Technology Staffing

Engage Physicians

Create Segmented Plans Be wise in their involvement Respect their time

Important Dates

3/31/17

• Last day to purchase PCMH 2014 survey licenses
• Redesigned process and 2017 standards become available

5/31/17 • Last day to submit PCMH 2014 Corporate Survey 6/30/17 • Last day to request PCMH 2014 Add-On Surveys 7/31/17 • Last day to submit PCMH 2014 Corporate Add-On Tools 9/30/17 • Last day to submit all PCMH 2014 Site Surveys

Thank you!

Questions?