/ en Fri, 25 Apr 2025 16:21:48 -0500 Thu, 19 Dec 24 14:36:02 -0600 <div class="container"><div class="row"><div class="col-md-8"><p>The Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) Dec. 16 published a <a href="https://www.federalregister.gov/documents/2024/08/05/2024-14975/health-data-technology-and-interoperability-patient-engagement-information-sharing-and-public-health">final rule</a> implementing provisions related to the Trusted Exchange Framework and Common Agreement (TEFCA). The rule is intended to advance equity, innovation and interoperability by promoting the use and exchange of electronically captured health information as specified in certain provisions of the Health Information Technology for Economic and Clinical Health Act of 2009.</p><p>The final rule adds a new part — part 172 — to title 45 of the Code of Federal Regulations to implement certain provisions related to TEFCA. These provisions establish the qualifications necessary for an entity to receive and maintain designation as a Qualified Health Information Network (QHIN) capable of trusted exchange according to TEFCA. The final rule covers procedures governing QHINs including onboarding, designation, suspension and termination. The provisions this final rule adopts are not substantively different from those first proposed in August as part of the much larger <a href="https://www.federalregister.gov/documents/2024/08/05/2024-14975/health-data-technology-and-interoperability-patient-engagement-information-sharing-and-public-health">Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2)</a> rule and will be effective Jan. 15, 2025. Additional provisions of the HTI-2 rule, including Prior Authorization Application Programming Interfaces, more information blocking exceptions, United States Core Data for Interoperability Version 4 standards, and public health interoperability requirements are currently under review by the White House Office of Management and Budget and could be published in the future.</p><h2>AHA TAKE</h2><p>In our comments on the proposed rule, AHA supported the TEFCA objective of creating a common national framework that provides a universal technical foundation for interoperability. We also supported ONC’s proposed requirements for organizations choosing to participate in TEFCA as a QHIN. Specifically, we supported the recommendation that any organization aspiring to become a QHIN must adhere to specific privacy and security guidelines, with additional stipulations for those providing Individual Access Services.</p><p>However, we expressed concerns about what happens to the hospitals and health systems that rely on any QHIN that gets suspended or terminated from TEFCA. We appreciate that the ONC acknowledged our concerns in this area but are disappointed it declined to change the rule because the requested changes were deemed out of scope. We will continue to press this issue and encourage ONC to address it in future rulemaking. </p><p>Moreover, we also expressed concerns about the existing governance structure of TEFCA which gives QHINs the primary responsibility for ensuring that its participants abide by TEFCA’s requirements. We conveyed that this governance structure runs the risk of quickly exceeding the capabilities of both QHINs and the Recognized Coordinating Entity — the organization responsible for TEFCA’s oversite — of effectively managing participation in TEFCA. Although ONC did not change the proposed rule, the agency acknowledged these concerns and noted it “will continue to monitor TEFCA” and “will consider additional measures should circumstances arise that show that QHINs require additional oversight.”</p><h2>WHAT YOU CAN DO</h2><ul><li><strong>Share</strong> this advisory with your government relations, information systems and compliance teams to apprise them of this final rule.</li><li><strong>Contact </strong>the AHA with any questions or concerns regarding these provisions.</li><li><strong>Watch</strong> for notices of additional HTI-2 provisions published as final rules soon.</li></ul><h2>SUMMARY OF PROVISIONS</h2><ul type="disc"><li>Codifies (in new 45 CFR part 172) provisions related to TEFCA to provide greater process transparency and to further implement section 3001(c)(9) of the Public Health Service Act (PHSA), as added by the Cures Act.</li><li>Establishes the processes for an entity to qualify and maintain designation as a QHIN capable of trusted exchange under the Common Agreement.</li><li>Establishes the procedures governing the onboarding, suspension, termination and administrative appeals to the ONC for QHINs.</li><li>Codifies requirements related to QHIN attestation for the adoption of TEFCA. This subpart implements section 3001(c)(9)(D) of the PHSA and includes the requirement for ONC to publish a list on their website of the health information networks that have adopted the Common Agreement and are capable of trusted exchange pursuant to the Common Agreement.</li><li>Reenforces that adoption of TEFCA is voluntary. Section 3001(c)(9)(D)(ii) requires HHS to establish, through notice and comment rulemaking, a process for HINs that voluntarily elect to adopt TEFCA to attest to such adoption.</li><li>Finalizes the TEFCA Manner Exception, which allows an actor to limit electronic health information sharing requests to TEFCA only without being considered information blocking with no revisions.</li></ul><h2>FURTHER QUESTIONS</h2><p>If you have further questions, please contact Stephen Hughes, AHA’s director of health information technology policy, at <a href="mailto:Stephen.hughes@aha.org">Stephen.hughes@aha.org</a>.</p></div><div class="col-md-4"><a href="/system/files/media/file/2024/12/hhs-publishes-tefca-provisions-of-health-data-technology-and-interoperability-rule.pdf"><img src="/sites/default/files/inline-images/cover-hhs-publishes-tefca-provisions-of-health-data-technology-and-interoperability-rule.png" data-entity-uuid data-entity-type="file" alt="Regulatory Advisory Cover" width="679" height="878"></a></div></div></div> Thu, 19 Dec 2024 14:36:02 -0600 Interoperability /news/headline/2024-10-04-aha-comments-proposed-rule-designed-improve-patient-engagement-information-sharing-interoperability <p>The AHA Oct. 4 <a href="/2024-10-04-aha-comment-letter-hhs-hti-2-interoperability-proposed-rule">commented</a> on the Department of Health and Human Services' Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) <a href="https://www.federalregister.gov/documents/2024/08/05/2024-14975/health-data-technology-and-interoperability-patient-engagement-information-sharing-and-public-health">proposed rule</a>. AHA expressed support for HHS' efforts to advance interoperability, improve transparency and support electronic access and exchange of electronic health records. Among the provisions AHA supports include the establishment of criteria aligning with the Centers for Medicare & Medicaid Services' application programming interfaces requirements and recommendations; continued development of United States Core Data for Interoperability standards; and the Trusted Exchange Framework and Common Agreement, among others. The association’s concerns about the proposed rule include providers still being held to a higher accountability standard for data sharing; USCDI version deadlines being too aggressive; new encryption requirements that are burdensome; and TEFCA’s governance structure.</p> Fri, 04 Oct 2024 14:13:27 -0500 Interoperability /2024-10-04-aha-comment-letter-hhs-hti-2-interoperability-proposed-rule <p>October 4, 2024</p><p>The Honorable Micky Tripathi, Ph.D.<br>Assistant Secretary for Technology Policy<br>National Coordinator for Health Information Technology<br>Department of Health and Human Services<br>Mary E. Switzer Building<br>Mail Stop: 7033A<br>330 C Street SW<br>Washington, D.C. 20201</p><p><em><strong>RE: Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (RIN 0955-AA06)</strong></em></p><p>Dear Assistant Secretary Tripathi,</p><p>On behalf of our nearly 5,000 member hospitals, health systems and other health care organizations, our clinician partners — including more than 270,000 affiliated physicians, 2 million nurses and other caregivers — and the 43,000 health care leaders who belong to our professional membership groups, the ���������� Association (AHA) appreciates the opportunity to provide comments to the Assistant Secretary for Technology Policy (ASTP) on the Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) <a href="https://www.federalregister.gov/documents/2024/08/05/2024-14975/health-data-technology-and-interoperability-patient-engagement-information-sharing-and-public-health">proposed rule</a>.</p><p>The AHA supports the Assistant Secretary’s efforts to advance interoperability, improve transparency and support electronic access and exchange of electronic health records (EHRs). Thoughtful integration of health information technology (HIT) is crucial to ensure that patients receive the best care possible. HIT can help streamline patient care processes, as well as provide patients and their families with the information they need to take a more informed and proactive role in their health management. These objectives can be realized by promoting clear, consistent and reasonable HIT standards without adding excessive administrative or regulatory demands on health care professionals and health IT innovators.</p><p>In summary, we support several provisions including:</p><ul><li>Establishing criteria that align with the Centers for Medicare & Medicaid Services (CMS) application programming interfaces (API) requirements and recommendations.</li><li>Continued development of United States Core Data for Interoperability (USCDI) standards.</li><li>Continued commitment to protecting patient data.</li><li>More robust public health data interoperability.</li><li>The Trusted Exchange Framework and Common Agreement (TEFCA).</li><li>Revising request-response criteria under information blocking exceptions.</li></ul><p><strong>However, we are concerned that providers would still be held to a higher accountability standard for data sharing, USCDI version deadlines are too aggressive, new encryption requirements are burdensome, and TEFCA’s current governance structure may be inadequate.</strong></p><p>Our detailed comments follow.</p><h2>Prior Authorization Application Programming Interfaces</h2><p>The AHA supports the proposal to establish HIT certification criteria that align with the CMS application programming interfaces (API) requirements and recommendations. This proposal would ensure that the APIs developed to meet the CMS regulations adhere to relevant interoperability standards and support effective information sharing. Importantly, HTI-2 would update certification criteria and standards to facilitate electronic prior authorization using certified HIT. Specifically, ONC proposes adopting two “Prior Authorization APIs” certification criteria, which specify requirements for certified HIT that providers and payers can leverage to conduct electronic prior authorization. This certified technology would enable streamlined implementation of the CMS final rule to ensure that patients receive the care they need in a timely manner, lower administrative costs, and reduce complexity for providers and patients. Furthermore, we support the proposal's alignment with CMS mandates for Patient Access APIs, as outlined in the CMS Interoperability and Patient Access rule. This alignment is critical as this proposal allows patients to choose the application they want to use to access their health information. <strong>However,</strong> <strong>although we support the Prior Authorization API, the AHA is concerned that it holds providers to a higher level of accountability in data sharing than the current voluntary requirements that payers are held to in the CMS final rule. As such, the AHA suggests the agency work with CMS to better align the CMS requirements applicable to payers with HTI-2 and require a mandatory certification for payers, rather than a voluntary one, to ensure that protecting the privacy of patient data is prioritized.  </strong></p><h2>United States Core Data for Interoperability Version 4</h2><p>The AHA is supportive of ASTP’s commitment to updating USCDI and acknowledges the impact that standardizing data can have on patient outcomes by ensuring providers have consistent and comprehensive information related to care. Specifically, the AHA appreciates that, in USCDI Version 4 (v4), ASTP continues adding depth to data elements under the clinical notes category. However, we encourage ASTP to continue building out vocabulary standards for all these USCDI v4 elements where those standards are limited or missing, such as they did by requiring the use of Systematized Nomenclature of Medical Clinical Terms (SNOMED CT) for the “Encounter Information” data class. This will ensure that the standard continues to evolve from a collection of narrow data points into a more holistic and complete picture of the patient's health.</p><p>That said, we urge the agency to give providers adequate time to implement new standards and updates. We encourage ASTP to carefully examine the technical lift and additional administrative burdens associated with meeting the compliance requirements of USCDI v4 especially as many organizations are still working to meet the requirements of USCDI Version 3 (v3). In this rule, ASTP proposes that USCDI v3 will expire on Dec. 31, 2027, and “that by January 1, 2028, a health IT developer of a Health IT Module certified to certification criteria referencing § 170.213 must update its Health IT Module to USCDI v4 and provide the updated version to their customers to maintain certification of that Health IT Module.” This is an aggressive timeline that puts many smaller hospitals at risk of non-compliance because the common technology vendors for smaller hospitals have historically struggled to keep up with USCDI updates. As such, the AHA requests that ASTP extend the expiration date of USCDI v3 an additional year to Dec. 31, 2028, and consider the ongoing impact of these updates on all stakeholders in the health sector.</p><h2>Encryption</h2><p>The AHA appreciates ASTP’s commitment to protecting patient data and understands the possible benefits of end-to-end encryption. In addition, we support the security recommendations in HTI-2 that align with existing <a href="https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164">HIPAA Security Rule Safeguards</a> and the Healthcare and Public Health Sector Cybersecurity <a href="https://hhscyber.hhs.gov/performance-goals.html">Performance Goals</a> (HPH CPGs). However, the requirement to encrypt all electronic health information (EHI) at rest on all servers does not align with either the current HIPAA safeguards or the HPH CPGs.</p><p>EHI stored on end-user devices is treated differently than such data on servers because end-user devices pose a significantly different risk level. Whether virtual or physical, servers operate in physically secure environments behind the protection of multiple layers of network security. While requiring data on servers would add an additional layer of protection, it is unclear that the benefits outweigh the costs and burden on both the developers of certified EHR technology (CEHRT) as well as on all users of CEHRT applications. Currently, the HPG CPGs call for “strong encryption” and enable health care organizations to meet this requirement by “Deploy[ing] encryption to maintain confidentiality of sensitive data and integrity of Information Technology (IT) and Operational Technology (OT) traffic in motion” (NIST reference: 800-53 REV 5.1.1; SC-08, and SC-11). Simply put, the HPH CPGs do not call for data to be encrypted “at rest.” Adding BitLocker encryption to Windows servers or open-source encryption tools like cryptsetup to Linux servers, as suggested by the proposed rule, would require significant configuration, cost, testing and potential system downtimes, especially considering the proposed rule would require this of any server storing EHI, and not just EHRs. In hospitals, this can mean dozens of applications running on hundreds of servers that would require the added encryption. We urge ASTP to consider directly aligning the encryption requirements of HTI-2 with the current encryption best practices of HPH CPGs. In lieu of this direct alignment, we ask that rather than Jan. 1, 2026, ASTP push the effective date of this requirement to Jan. 1, 2028.</p><h2>Public Health Interoperability</h2><p>The AHA agrees with ASTP that for Public Health Agencies (PHAs) to effectively promote and protect the health of all people and their communities, they need public health information exchange with hospitals and health systems as well as other providers, labs, schools and community service organizations. We also agree that PHAs generally lack the necessary access and ability to share the data needed to address public health needs. The AHA appreciates ASTP’s recognition of the complexity, safety issues and added work that arises from the manual processes required by hospitals and health systems to share information with PHAs, and we fully support policies to improve interoperability in support of more effective data exchange with PHAs. However, the AHA questions whether the ONC has the authority to influence how PHAs manage and share EHI.</p><h2>Trusted Exchange Framework and Common Agreement</h2><p>The AHA supports the TEFCA objective to create a common national framework that provides a universal technical foundation for interoperability. We broadly support ASTP’s proposed updates to the requirements under TEFCA participation for Qualified Health Information Networks (QHINs). Specifically, we support the recommendation that any organization aspiring to become a QHIN must adhere to specific privacy and security guidelines, with additional stipulations for those providing Individual Access Services. However, the AHA is concerned about the lack of details about the suspension and termination processes for QHINs. While we appreciate that there is a process to suspend or terminate QHINs from TEFCA for cause, it’s unclear what happens to the hospitals and health systems that relied on that QHIN. <strong>The AHA requests that ASTP clarify the rights and obligations of hospitals or health systems that are using a QHIN that gets suspended or terminated from TEFCA to ensure that they remain compliant with interoperability rules and are not liable for information-blocking claims because their QHIN was suspended or terminated. </strong>More broadly, we also have concerns about the existing governance structure of TEFCA which gives QHINs the primary responsibility for ensuring that their participants abide by TEFCA’s requirements. This governance structure runs the risk of quickly exceeding the capabilities of both QHINs and the Recognized Coordinating Entity – the organization responsible for TEFCA’s oversite - of effectively managing it. This is particularly concerning given the anticipated expansion of TEFCA.<strong> As such, the AHA recommends ASTP build more internal capacity to directly oversee and ensure adherence to TEFCA's stipulations including at a minimum establishing an attestation schedule for all QHINs. Further, ASTP should publish all “Designation” documentation on its website information for public review.</strong></p><p><strong>Infeasibility Exception: Responding to Requests Condition. </strong>ASTP proposes updating the conditions for responding to requests under the Infeasibility exception. These updates include varying the response times for written replies to the requester, tailored to the specific infeasibility condition cited. Specifically, the agency proposes to commence the 10-day response period at the point when the party confirms, promptly and upon a fair evaluation of the situation, that the requested access, exchange or usage of EHI cannot be fulfilled as originally asked, or that fulfilling the request as made is impracticable under the given conditions. The AHA appreciates ASTP’s consideration of the fact “that ten business days may not allow actors sufficient time to engage with requestors and fully evaluate all factors relevant to meeting certain conditions.” The AHA supports revising the request-response criteria and the additional flexibility in calculating the 10-day period. We appreciate ASTP’s recognition that several variables may affect the start of this period, including how requests are received and processed and the circumstances causing the infeasibility<strong>. The AHA proposes extending the time for the request-response conditions to a maximum of 30 days and simplifying the language of the “responding to requests conditions” to just “within 30 days of the actor receiving the request” to provide clear and concise guidance on response timeframes.</strong></p><p>We appreciate your consideration of these issues. Please contact me if you have questions or feel free to have a member of your team contact Stephen Hughes, AHA’s director for health information technology policy, at <a href="mailto:stephen.hughes@aha.org">stephen.hughes@aha.org</a>.</p><p>Sincerely,<br>/s/<br>Ashley Thompson<br>Senior Vice President, Public Policy</p> Fri, 04 Oct 2024 09:03:30 -0500 Interoperability /news/headline/2024-09-17-hhs-awards-2-million-columbia-university-hospital-ohsu-responsible-ai-behavioral-health-it-projects <p>The Department of Health and Human Services Sept. 17 <a href="https://www.hhs.gov/about/news/2024/09/17/hhs-announces-2024-leap-health-awardees-focused-data-quality-responsible-ai-accelerating-adoption-behavioral-health.html" target="_blank">announced</a> it has awarded a total of $2 million to two recipients to create tools to improve care delivery, advance research capabilities and address emerging challenges related to interoperable health information technology. Columbia University Hospital in New York will be tasked with developing innovative ways to evaluate and improve the quality of health care data used by artificial intelligence tools. Oregon Health and Science University will work on advancing the adoption of health IT in behavioral health settings. The funds were awarded through HHS' Leading Edge Acceleration Projects in Health IT program.</p> Tue, 17 Sep 2024 15:25:44 -0500 Interoperability <div class="container"><div class="row"><div class="col-md-8"><p>The Office of the National Coordinator for Health Information Technology (ONC), released the Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) <a href="https://www.federalregister.gov/documents/2024/08/05/2024-14975/health-data-technology-and-interoperability-patient-engagement-information-sharing-and-public-health" target="_blank" title="The proposed rule text">proposed rule</a> for public comment. The HTI-2 proposed rule reflects ONC’s efforts to advance interoperability and improve information sharing among patients, providers, payers and public health authorities. Comments are due to the ONC by 5 p.m. ET, Oct. 4, 2024.</p><div class="panel module-typeC"><div class="panel-heading"><h2>Key Highlights</h2><p>The proposed rule would: </p><ul><li>Add technology and standards updates that build on the HTI-1 final rule, ranging from the capability to exchange clinical images (e.g., X-rays) to the addition of multi-factor authentication support.</li><li>Establish requirements for health IT that can be used by providers and payers to conduct streamlined electronic prior authorization.</li><li>Formally establish the Trusted Exchange Framework and Common Agreement (TEFCA) provisions in the Code of Federal Regulations.</li><li>Expand the list of Information Blocking Rule exceptions including one for the Protecting Care Access exception, to protect actors who withhold Electronic Health Information (EHI) in certain cases to reduce legal risks that may be associated with sharing EHI.</li><li>Require adoption by Jan. 1, 2028, of Version 4 of the United States Core Data for Interoperability (USCDI v4) certification criteria as the new baseline standard for EHI.</li></ul></div></div><h2>AHA TAKE</h2><p>The ONC intends for HTI-2 to advance public health interoperability, improve information sharing and support patient engagement. Much like its predecessor, HTI-1, the proposed rule predominately applies to health IT developers. However, hospitals and health systems will be affected by the updates in technology standards and other recommended changes. These updates should improve the accessibility and free exchange of clinical imaging data, such as X-rays and MRI results, and introduce reasonable security requirements, like multi-factor authentication and server encryption requirements for systems that handle electronic medical records. The AHA supports the security recommendations in the proposed rule that aligns with existing HIPAA Security Rule Safeguards and the Healthcare and Public Health Sector Cybersecurity Performance Goals. The AHA is also pleased the ONC is proposing to remove barriers to patient care and streamline the prior authorization process. It does so by supporting the technical requirements in CMS’s Interoperability and Prior Authorization final rule and requires payers to shift to electronic prior authorization. </p><p>The AHA is unclear, however, on what the ONC would accomplish with the other provisions in this proposed rule. The AHA is concerned about the TEFCA provisions because we have not seen widespread adoption of the framework by hospitals and health systems and it is not clear how adherence to the provisions will measurably improve patient access to care. Furthermore, the interaction of TEFCA with the rules on information blocking and the minimum-necessary requirement of HIPAA is unknown. These all require careful consideration of various legal, technical and privacy-related factors before TEFCA can be the accepted standard for clinical data sharing or a regulatory mandate for clinical data exchange. </p><p>Additionally, the AHA appreciates the ONC’s recognition of the complexity, safety issues and added work that arises from the manual processes required by hospitals and health systems to share information with public health authorities. However, the AHA questions whether the ONC has the authority to influence the way public health authorities manage and share electronic health records. Lastly, the AHA is disappointed that the ONC missed another opportunity to clearly define information blocking by offering specific examples and continues trying to define the rule by what it is not while just adding more exceptions. Although some of these new exceptions, such as broader definitions of “infeasibility,” could help protect providers from frivolous complaints, the other proposed exceptions are confusing, and their intended benefits are difficult to quantify. </p><h2>WHAT YOU CAN DO</h2><ul><li><strong>Share</strong> this advisory with your government relations, information systems and  compliance teams to apprise them of this proposed rule.</li><li><strong>Share</strong> any concerns and feedback on these provisions with the AHA.</li><li><strong>Submit</strong> by Oct. 4 to the ONC a comment letter explaining the rule’s impact on your hospital or health system.</li><li><strong>Watch</strong> for notice of a possible comment letter from the AHA on this topic.</li></ul><p>View the detailed Regulatory Advisory below.</p></div><div class="col-md-4"><p><a href="/system/files/media/file/2024/08/hhs-proposes-expansion-of-health-data-technology-and-interoperability-rule-advisory-8-15-2024.pdf" target="_blank" title="Download the Regulatory Advisory: HHS Proposes Expansion of Health Data, Technology and Interoperability Rule PDF."><img src="/sites/default/files/2024-08/cover-hhs-proposes-expansion-of-health-data-technology-and-interoperability-rule-advisory-8-15-2024-667px.png" data-entity-uuid data-entity-type="file" alt="Regulatory Advisory:HHS Proposes Expansion of Health Data, Technology and Interoperability Rule cover." width="NaN" height="NaN"></a></p></div></div></div> Thu, 15 Aug 2024 08:25:08 -0500 Interoperability /news/headline/2024-07-10-hhs-releases-proposed-rule-designed-improve-patient-engagement-information-sharing-interoperability <p>The Department of Health and Human Services July 10 released a <a href="https://www.healthit.gov/sites/default/files/page/2024-07/ONC_HTI-2_Proposed_Rule.pdf">proposed rule</a> designed to improve health information sharing and interoperability. The Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) proposed rule includes two sets of certification criteria designed to enable health information technology for public health and payers to be certified under the Office of the National Coordinator for Health Information Technology's Health IT Certification Program. The criteria would improve public health response, advance value-based care delivery and focus on standards-based application programming interfaces to improve end-to-end interoperability between health care providers and public health organizations or payers. <br><br>The rule proposes a new set of certification criteria to support the technical requirements included in the Centers for Medicare & Medicaid Services’ Jan. 2024 Interoperability and Prior Authorization <a href="https://www.govinfo.gov/content/pkg/FR-2024-02-08/pdf/2024-00895.pdf">final rule</a> to facilitate electronic prior authorization. The proposed rule also responds to patient, provider and other communities’ concerns about patient privacy and care access by expanding exceptions and clarifying the definitions of information blocking. HHS plans to publish the notice in the Federal Register with a 60-day comment period.</p> Wed, 10 Jul 2024 15:43:17 -0500 Interoperability /news/headline/2024-06-24-hhs-releases-final-rule-disincentivizing-health-care-providers-commit-information-blocking <p>The Department of Health and Human Services June 24 released a <a href="https://www.hhs.gov/about/news/2024/06/24/hhs-finalizes-rule-establishing-disincentives-health-care-providers-that-have-committed-information-blocking.html">final rule</a> that would disincentivize health care providers for interfering with the access, exchange or use of electronic health information. AHA previously expressed <a href="/lettercomment/2024-01-02-aha-comments-21st-century-cures-act-establishment-disincentives-health-care-providers-have-committed">concern</a> when the rule was proposed, saying it could threaten the financial viability of economically fragile hospitals.<br><br>In the final rule, hospitals under the Medicare Promoting Interoperability Program found to have committed information blocking would experience a reduction of the market basket update by 75%. Critical access hospitals would see a reduction from 101% to 100% of reasonable costs, while clinicians in Medicare's Merit-based Incentive Payment System would receive a score of zero in the MIPS Promoting Interoperability performance category. Providers in accountable care organizations that commit information blocking would be ineligible to participate in the Medicare Shared Savings program for at least one year and may not receive revenue they may have earned through the program. <br><br>AHA is disappointed that HHS chose to disregard most of the comments they received and is highly concerned that the disincentive structure retained in the final rule is excessive, confusing and imbalanced.</p> Mon, 24 Jun 2024 14:42:51 -0500 Interoperability <p></p><hr><h3><a href="/system/files/media/file/2024/03/slides-overview-of-the-advancing-interoperability-and-improving-prior-authorization-processes-final-rule-webinar-2-20-24.pptx" target="_blank" title="PowerPoint Slides">View the PowerPoint Presentation</a></h3><p> </p> Fri, 22 Mar 2024 15:18:00 -0500 Interoperability <p>The Centers for Medicare & Medicaid Services (CMS) Jan. 17 finalized <a href="https://www.cms.gov/files/document/cms-0057-f.pdf" target="_blank" title="New Regulations to streamline and reduce the burden associated with health plan prior authorization">new regulations</a> intended to streamline and reduce the burden associated with health plan prior authorization processes, promote greater transparency into medical necessity criteria and improve the electronic exchange of health care information. The requirements apply to Medicare Advantage plans, state Medicaid fee-for-service (FFS) programs, Medicaid managed care plans, state Children’s Health Insurance Program (CHIP) FFS programs, CHIP managed care entities and qualified health plan issuers on the federally facilitated exchange.</p><p>Among other requirements, the rule requires impacted payers to implement and maintain several Fast Healthcare Interoperability Resources (FHIR)-based application programming interfaces (APIs) to improve the electronic exchange of data. Specifically, impacted payers need to implement technology that enables providers to determine whether a service is subject to prior authorization and, if so, the specific documentation that must be submitted for adjudication of the request, as well as complete a prior authorization request directly from within the provider’s electronic health record (EHR) or practice management system.</p><p>Due to the rule’s requirements to enact efficiencies and streamlined automated prior authorization processes, CMS estimates that the final rule will result in at least $16 billion in provider savings over 10 years. These savings are projected to be realized primarily through the reduction of provider burden of at least 220 million hours over 10 years.</p><h2>AHA TAKE</h2><p>In a <a href="/press-releases/2024-01-17-aha-statement-cms-final-rule-prior-authorization" target="_blank" title="AHA Statement">statement</a>, AHA President and CEO Rick Pollack said, “The AHA commends CMS for removing barriers to patient care by streamlining the prior authorization process. Hospitals and health systems especially appreciate the agency’s plan to require Medicare Advantage plans to adhere to the rule, create interoperable prior authorization standards to help alleviate significant burdens for patients and providers, and require more transparency and timeliness from payers on their prior authorization decisions.</p><p>“With this final rule, CMS addresses a practice that too often has been used in a manner that leads to dangerous delays in patient treatment and clinician burnout in the health care system. AHA is grateful to CMS for its efforts to improve patient access to care and help clinicians focus on patient care rather than paperwork.”</p><h2>WHAT YOU CAN DO</h2><ul><li><strong>Participate in an upcoming AHA members-only webinar</strong> to understand the changes made to the final rule.</li><li><strong>Share this advisory with your senior management team in addition to your revenue cycle and technology leaders</strong> to apprise them of the changes to requirements for certain plans, including MA plans, and changes to prior authorization processes.</li><li><strong>Assess the potential impact of the final rule</strong> on your clinical workflows and revenue operations.</li></ul><h2>BACKGROUND</h2><p>Although initially designed to help ensure patients receive optimal care based on well-established evidence of efficacy and safety, many health plans apply prior authorization requirements in ways that create dangerous delays in care, contribute to clinician burnout and drive-up costs for the health care system. Prior authorization practices continue to inappropriately impose bureaucratic obstacles to providing patients with the care they need, often jeopardizing patient health in the process.</p><p>One of the most frustrating aspects of prior authorization for providers is the variation in submission processes. Plans vary widely on accepted methods of prior authorization requests and supporting documentation submission. While some plans accept electronic means, the most common method remains using fax machines and contacting call centers, with regular hold times of 20 to 30 minutes. In addition, plans offering electronic methods of submission most commonly use proprietary plan portals, which require a significant amount of time spent logging into a system, extracting data from the provider’s clinical system and completing idiosyncratic plan requirements, thereby reducing the administrative efficiencies of the process. For each plan, providers and their staff must ensure they are following the correct rules and processes, which may change from one request to the next. Significant provider and staff time is dedicated to the hassle of combing over myriad payer websites and plan bulletins to decipher the constant prior authorization and associated documentation requirements. Inevitably, providers commit inadvertent errors that result in denials that must be reprocessed or appealed.</p><p>As required in the final rule, the use of standardized electronic prior authorization transactions has the potential to save patients, providers and utilization review entities significant time and resources and can speed up the care delivery process. Requirements codified in the rule will improve communication and transparency, provide patients continuity of care protections and advance process efficiencies for hospitals and health systems and the patients for whom they care.</p><h3>Prior Authorization API</h3><p>CMS finalizes policies to make the prior authorization process more efficient and transparent to reduce provider burden and improve the patient experience. The rule requires the impacted payers to build and maintain a prior authorization API, which will enable providers to determine whether prior authorization is required for a particular item or service, identify the specific clinical documentation that the payer requires for an applicable prior authorization, and to compile and submit a prior authorization request from within their system.</p><p>By enabling provider systems to automatically ascertain whether prior authorization is required for a particular item or service (excluding drugs), CMS addresses one of the major challenges providers currently face when trying to determine prior authorization requirements. As mentioned above, providers today do not have a consistent way of checking whether a service requires prior authorization, a problem that is especially pronounced due to plans routinely adding prior authorizations to services throughout the year; instead, providers often must navigate voluminous health plan bulletins to determine whether they must submit a prior authorization, which is both resource intense and somewhat unreliable. By requiring a plan to indicate the prior authorization status of a particular service in real time from within the provider’s EHR, this rule will significantly reduce the cost and time spent on these tasks today.</p><p>The obligation that plans make documentation requirements available and support automated compilation of clinical information directly from the provider’s EHR will help alleviate the lack of transparency regarding prior authorization criteria, which currently leaves providers in the dark about what they need to submit to a plan to obtain a prior authorization approval. Without a standard, providers frequently must engage in extensive back and forth communications with plans about requisite information, which only serves to delay care and unnecessarily burden clinical staff with resource-intensive paperwork.</p><p>Additionally, the API requires systems to support the automated compilation of necessary data needed to submit prior authorization requests and requires payers to communicate whether the prior authorization is approved, denied (with specific reason) or requires additional information. This functionality should reduce the time spent transposing information from an EHR into alternative prior authorization forms and help providers to determine the status of prior authorization requests in a timelier manner.</p><p>Taken together, these requirements alleviate the significant variation in prior authorization submission processes, improve patient record transparency and documentation to complete a request, and potentially reduce delays to needed patient care.</p><p>To implement the prior authorization API, CMS strongly encourages impacted payers implement the following Health Level 7 (HL7) Implementation Guides: HL7 FHIR Da Vinci Coverage Requirements Discovery (CRD) IG Version STU 2.0.1, HL7 FHIR Da Vinci Documentation Templates and Rules (DTR) IG Version 2.0.0, and HL7 FHIR Da Vinci Prior Authorization Support (PAS) IG Version STU 2.0.1.</p><p>Importantly, in a change from the proposed rule, CMS announces in the final rule that impacted payers that implement the prior authorization API using the recommended HL7 FHIR IGs will be granted enforcement discretion for the Health Insurance Portability and Accountability Act of 1996 (HIPAA) X12 278 prior authorization transaction standard. This enforcement discretion will enable provider and health plan systems to communicate directly using EHR-based FHIR transactions, rather than requiring burdensome translation to intermediate codes.</p><p>In its comments on the rule, the AHA advocated for CMS’ recommended FHIR IGs to be named in the Office of the National Coordinator for Health Information Technology’s (ONC) certification program. This would help ensure close alignment between payers and EHR vendors. Streamlining API usage would allow providers to access and share prior authorization data with plans more efficiently to reduce burden and enhance patient care.</p><p>The compliance date for the prior authorization API is Jan. 1, 2027.</p><h3>Prior Authorization Timeliness Standards</h3><p>CMS acknowledges that prior authorization processes directly impact patient care by potentially delaying access to services, including transfers between the inpatient setting and other sites of care, such as post-acute care facilities. The agency notes that these delays “occur partly because payers have different policies and review processes, do not use available technology consistently, and continue to rely on manual systems such as phone, fax, and mail, which are more labor-intensive.” Through the incorporation of the required electronic standards, CMS believes that these processes should be more efficient and, as a result, should take less time to process.</p><p>The agency establishes new timeframes for standard and expedited prior authorization requests. Specifically, impacted plans, including Medicare Advantage plans, will be required to respond to prior authorization expedited requests no later than 72 hours after receiving a request and no later than seven calendar days after receiving a standard request. Currently, existing regulations allow Medicare Advantage organizations up to 14 days to respond to standard prior authorization requests.</p><p>CMS recognizes that the need for timely adjudication of prior authorizations is particularly evident in lengthy delays in payer responses to requests for transfers to post-acute care settings. The AHA strongly agrees and recommended that plans be required to deliver prior authorization responses within 72 hours for standard, non-urgent services and 24 hours for urgent services for transactions utilizing the FHIR technology established under this rule. The agency states that it will continue to review such recommendations and the supporting information to determine how it might incorporate such policies in future rulemaking as part of its ongoing mission to improve the patient and provider experience.</p><p>The compliance date for improved prior authorization timeliness standards is Jan. 1, 2026.</p><h3>Denial Notices</h3><p>The final rule requires that impacted payers provide a specific reason for prior authorization denials, regardless of how the prior authorization request was sent. Supplementing existing requirements for adverse decision making, the final rule requires specific detail for why a plan has denied a prior authorization request. Specifically, CMS clarifies in the final rule that a denial needs to be “sufficiently specific to enable a provider to understand why a prior authorization has been denied and what actions must be taken to resubmit or appeal.”<sup>1</sup> Additionally, this information is required to be included in the prior authorization API for providers utilizing this technology.</p><p>Additional regulation and reinforcement of existing obligations that require plans to clearly indicate why a prior authorization has been denied could significantly improve current processes. Payers routinely deny prior authorizations for various reasons, including because the payer does not consider the items or services to be medically necessary, the patient exceeded limits on allowable covered care for a given type of item or service, or documentation to support the request was missing or incomplete. Unfortunately, providers routinely report that payers fail to clearly explain why a request has been denied. This can lead to patient and provider confusion, particularly as they determine whether they should resubmit the request with updated information, identify care alternatives, appeal the decision or reassess the patient’s condition.</p><p>The compliance date for improved denial notices is Jan. 1, 2026.</p><h3>Public Reporting of Prior Authorization Metrics</h3><p>The final rule requires impacted payers to publicly report several metrics annually related to prior authorization. The agency notes that such information may be helpful to patients as they select a coverage option. The AHA also believes that enhanced reporting of these metrics should improve oversight, including the ability to identify plans that have, or have not, implemented prior authorization reforms in the manner envisioned by the administration. Specifically, the agency would require health plan reporting of:</p><ul><li>A list of all items and services that require prior authorization.</li><li>The percentage of standard prior authorization requests that were approved, aggregated for all items and services.</li><li>The percentage of standard prior authorization requests that were denied, aggregated for all items and services.</li><li>The percentage of standard prior authorization requests that were approved after appeal, aggregated for all items and services.</li><li>The percentage of prior authorization requests for which the timeframe for review was extended and the request was approved, aggregated for all items and services.</li><li>The percentage of expedited prior authorization requests that were approved, aggregated for all items and services.</li><li>The percentage of expedited prior authorization requests that were denied, aggregated for all items and services.</li><li>The average and median time that elapsed between the submission of a request and a decision by the payer, plan or issuer for standard prior authorizations, aggregated for all items and services.</li><li>The average and median time that elapsed between the submission of a request and a decision by the payer, plan or issuer for expedited prior authorizations, aggregated for all items and services.</li></ul><p>In the rule, CMS finalized that MA organizations must report data on the contract level. State Medicaid and CHIP FFS programs must report at the state level; Medicaid managed care plans and CHIP managed care plans must report at the plan level; and QHP issuers on the FFEs must report at the insurer level. CMS signaled its willingness to explore further reporting requirements in future rulemaking, including service-specific data and the publication of data on a central website for comparison purposes.</p><p>By requiring plans to report the percentage of prior authorization requests approved, denied and denials overturned on appeal, and the average time between submission and determination, the rule promotes much needed transparencies and the opportunity to build accountability.</p><p>Prior authorizations have a significant detrimental impact on patient care, with certain plan policies creating substantial barriers to patient care. Unfortunately, specific data on processing of prior authorizations is limited and generally not publicly available, thereby limiting oversight of these plans. Additionally, CMS notes that this increased transparency would allow patients to make more informed decisions as to which MA plans to select during enrollment.</p><p>The requirement that plans publicly report their prior authorization metrics will take few resources to implement and will show improvements before, during and after implementation of the prior authorization API. This data could be used to gauge the effectiveness of the new prior authorization transactions while allowing CMS to identify outliers whose implementations are not resulting in the intended efficiencies.</p><p>The compliance date for improved prior authorization timeliness standards is Jan. 1, 2026.</p><h3>Patient Access API</h3><p>In CMS’ Interoperability and Patient Access final rule released March 2020, the agency required impacted payers to make available to third-party apps of a patient’s choice adjudicated claims, encounters with capitated providers and clinical data maintained by the payer. In this final rule, CMS requires impacted payers also to include information about prior authorizations to the data available via the patient access API. The impacted payers are required to make prior authorization information available via the patient access API within one business day of receiving a request and must update prior authorization information within one business day of any status change, and prior authorization information must remain available for as long as the authorization is active and at least one year after the last status change.</p><p>CMS notes that the primary goal of the patient access API is to provide health information access to patients. However, the lack of a coordinated exchange of health information makes it challenging for patients to effectively access their health information, and prior authorization request and decision information is an important component of this dataset. This should enable patients to better understand any issues with their plan’s processing of provider prior authorizations, which frequently can delay or require alteration to scheduled providers services.</p><p>CMS finalizes its proposal to require impacted payers to include prior authorization information in the data that must be made available to patients through the patient access API. This information includes:</p><ul><li>Prior authorization status.</li><li>Date of the prior authorization approval or denial.</li><li>Date or circumstance under which the authorization ends.</li><li>Items and services approved.</li></ul><p>To assess the usage of the patient access API, CMS requires payers to report aggregated, deidentified annual information to CMS about patient access API use by patients. This information must include the total number of unique patients whose data are transferred via the patient access API to a health application designated by the patient, and the total number of unique patients whose data is transferred more than once via the patient access API to a health application designated by the patient. CMS believes these requirements will help the agency evaluate whether the patient access API is achieving its desired policy goals to empower patients with access to their own health information.</p><p>The compliance date for the patient access API is Jan. 1, 2027.</p><h3>Provider Access API</h3><p>Similarly, to facilitate care coordination and ensure that providers have access to comprehensive patient data at the point of care, the final rule requires that impacted payers implement and maintain a provider access API to share patient data with in-network providers with whom a patient has a treatment relationship. Payers are required to make prior authorization information available to providers as well as individual claims and encounter data, absent remittance and cost-sharing information. Consistent with the patient access API, CMS requires impacted payers to provide requested data to the provider within one business day after the request is made. The most significant difference between the patient access API and provider access API is in how providers access patient data. Providers will not access the data through a health application but rather through the provider’s EHR or practice management system.</p><p>To help the impacted payers determine which provider has access to a patient’s data, the provider must maintain a contractual relationship with the payer and a treatment relationship with the patient. To verify this information, payers must maintain a patient attribution process to verify patient-provider treatment relationships for the purposes of data sharing.</p><p>In the final rule, CMS requires impacted payers to include a mechanism for patients to opt out of data sharing for any providers in the payer’s network through the provider access API.</p><p>The compliance date for the provider access API is Jan. 1, 2027.</p><h2>Payer-to-payer API</h2><p>The final rule requires impacted payers to implement and maintain a payer-to-payer API to exchange patient data when a patient moves between payers. CMS notes that this requirement is intended to support continuity of care between payers. The rule requires that the payer-to-payer API includes adjudicated claims and encounter data (excluding provider remittances and patient cost sharing information), and prior authorization requests and decisions. Impacted payers will be required to request data from a patient’s previous payer no later than one week from the start of coverage or upon the patient’s request, with the patient’s permission. Payers will be required to exchange five years of patient data (not the entire patient record).</p><p>CMS requires this data exchange only if the patient opts into data sharing. For patients with concurrent coverage with two or more payers, CMS requires that these payers must make the patient’s data available to the concurrent payers at least quarterly.</p><p>The compliance date for the payer-to-payer API is Jan. 1, 2027.</p><h3>Electronic Prior Authorization Incentive Measure</h3><p>The final rule adds a new measure — Electronic Prior Authorization — to the hospital Medicare Promoting Interoperability Program and MIPS. The measure is intended to incentivize clinician and hospital use of the prior authorization API. Eligible providers and critical access hospitals (CAHs) will report the measure beginning with the calendar year 2027 EHR reporting period, with the measure impacting calculations for the 2029 payment year. To report the measure, a hospital or applicable clinician must submit an attestation that they submitted at least one prior authorization request electronically via a prior authorization API during the performance period/EHR reporting period. A hospital or CAH failure to submit a “yes” attestation under the Medicare Promoting Interoperability Program would result in a downward payment adjustment for eligible hospitals or CAHs, unless they have qualified for a hardship exemption or do not provide services subject to prior authorizations.</p><p>In the final rule, CMS modifies its previous proposal to align with AHA comments that eligible clinicians, hospitals or CAHs should not be required to report how many times they requested prior authorization electronically via the prior authorization API in a numerator and all prior authorizations in a denominator. Substituting the attestation process substantially reduces the potential for burden for hospitals, while still incentivizing utilization of the standard.</p><h2>FURTHER QUESTIONS</h2><p>If you have further questions, please contact Terry Cunningham, AHA’s director of policy, at <a href="mailto:tcunningham@aha.org" target="_blank" title="Email address">tcunningham@aha.org</a> or Andrea Preisler, AHA’s senior associate director of policy, at <a href="mailto:apreisler@aha.org" target="_blank" title="Email address">apreisler@aha.org</a>.</p><p>__________<br><br><small class="sm"><sup>1</sup> </small><a href="https://public-inspection.federalregister.gov/2024-00895.pdf"><small class="sm">https://public-inspection.federalregister.gov/2024-00895.pdf</small></a></p> Thu, 01 Feb 2024 09:46:34 -0600 Interoperability /lettercomment/2023-08-17-aha-responds-cms-episode-based-payment-model-request-information <p>August 17, 2023</p> <p>The Honorable Chiquita Brooks-LaSure<br /> Administrator<br /> Centers for Medicare & Medicaid Services</p> <p><em>Submitted Electronically</em></p> <p><strong>Re: Request for Information; Episode Based Payment Model</strong></p> <p>Dear Administrator Brooks-LaSure,</p> <p>On behalf of our nearly 5,000 member hospitals, health systems and other health care organizations, our clinician partners — including more than 270,000 affiliated physicians, 2 million nurses and other caregivers — and the 43,000 health care leaders who belong to our professional membership groups, the ���������� Association (AHA) appreciates the opportunity to provide feedback on the Episode Based Payment request for information.</p> <p>The AHA applauds the Centers for Medicare & Medicaid Services’ (CMS’) continued efforts to reform reimbursement and develop innovative payment models to incentivize efficiency and improved outcomes. Our members support the U.S. health care system moving toward the provision of more accountable, coordinated care and are continuing to redesign delivery systems to increase value and better serve patients. We believe that episode-based payment models could help further these efforts to transform care delivery through financial accountability and improved care coordination.</p> <p>Over the last 13 years, many of our hospital and health system members have participated in a variety of bundled payment models developed by the Center for Medicare and Medicaid Innovation (CMMI) including Bundled Payments for Care Improvement (BPCI), BPCI Advanced (BPCI-A), and Comprehensive Care for Joint Replacement (CJR). Model design elements like participation criteria, clinical episodes, payment methodologies, metrics and incentives have changed over the course of time. As CMS looks to evolve episode-based payment and develop potential new models, our feedback centers on several core principles:</p> <ul> <li><strong>Transparency</strong>. Models’ methodology, data and design elements should be transparently shared with all potential participants. Proposed changes should be vetted with stakeholders.</li> <li><strong>Flexible Model Design.</strong> Bundled payment model design should be flexible, incorporating features such as voluntary participation, the ability to choose individual clinical episodes, the ability to add components/waivers and options for participants to leave the model(s).</li> <li><strong>Risk Adjustment</strong>. Models should include adequate risk adjustment methodologies and account for social needs. This will ensure they do not inappropriately penalize participants treating the sickest, most complicated and underserved patients. The risk adjustment methodologies should be updated as necessary through the model in coordination with participants and the broader stakeholder community.</li> <li><strong>Resources to Support Initial Investment</strong>. Upfront investment incentives should be provided to support organizations in their transition to episode-based payment. For example, to be successful in such models, hospitals, health systems and provider groups must invest in additional staffing and infrastructure to support care delivery redesign and outcomes tracking. This includes hiring additional staff (like community health workers, care coordinators and analysts) as well as investing in information technology (IT) (software to track outcomes, electronic health record (EHR) interfaces, etc.).</li> <li><strong>Waivers to Address Barriers to Clinical Integration and Care Coordination</strong>. Models should waive the applicable fraud and abuse laws that inhibit care coordination to enable participating hospitals to form the financial relationships necessary to succeed. They should also provide maximum flexibility to identify and place beneficiaries in the clinical setting that best serves their short- and long-term recovery goals. This entails waiving Medicare program regulations that frequently inhibit care coordination and work against participants’ efforts to ensure that care is provided in the right place at the right time</li> <li><strong> Appropriate On Ramp</strong>. Model participants should have an adequate on ramp or glidepath to transition to episode-based payment models. They must have adequate time to implement care delivery changes (integrating new staff, changing clinical workflows, implementing new analytics tools, etc.) and review data prior to initiating the program.</li> <li><strong>Balancing Risk Versus Rewar</strong>d. Models should also balance the risk versus reward in a way that encourages providers to take on additional risk but does not penalize those that need additional time and experience before they are able to do so. A glidepath approach should be implemented, gradually migrating from upside only to downside risk.</li> <li><strong>Establishing Guardrails to Ensure Hospitals Aren’t Competing Against Their Own Best Performanc</strong>e. Models should provide guardrails to ensure that participants do not have to compete against their own best performance and have incentives to remain in models for the long-term.</li> <li><strong>Adequate Model Duration</strong>. Models should be long enough in duration to truly support care delivery transformation and assess impact on outcomes. Episode-based models will take time to demonstrate impact on outcomes. Historically, many have been too short and/or have had multiple, significant design changes even within the designated duration, making it difficult for participants to self-evaluate and change course when necessary.</li> <li><strong>Timely Availability of Data</strong>. Model participants should have readily available, timely access to data about their patient populations. We would encourage dedication of resources from CMS (staff and technology) to provide program participants with more complete data as close to real-time as possible.</li> </ul> <p>Specific feedback on RFI components follows.</p> <h2>CARE DELIVERY AND INCENTIVE STRUCTURE ALIGNMENT</h2> <p>The AHA agrees that incentives must be aligned to support the integration of primary and specialty care, and to support communication, collaboration and coordination across the care continuum. We recognize that bundled payment models must be developed in a manner that encourages care delivery transformation and incentivizes participation from the breadth of providers who touch the patient. As such we recommend the following.</p> <p><strong>Voluntary Participation</strong>. We encourage CMS to ensure that episode-based payment models are voluntary. This means that many organizations may not be of an adequate size or in a financial position to support the investments necessary to transition to mandatory bundled payment models. Requiring them to take on risk for large, diverse bundles of episodes, may require more financial risk than they can bear. This is especially true given the historic financial pressures that hospitals and health systems continue to face. Indeed, according to Kauffman Hall’s June National Hospital Report, while operating margins appear to have stabilized from historic losses, they are still well below historical norms and were under projections.<sup>1</sup></p> <p>Additionally, a Government Accountability Office report found that mandatory participation could negatively impact patient care and financial sustainability if participants are not able to leave the model. It also found that mandatory participation could impact organizations’ ability to support other voluntary models for which they may be better equipped.<sup>2</sup></p> <p>Further, much of the discussion about mandatory participation has been predicated on the high rates of drop out from historical models. However, instead of pursuing mandatory participation, we encourage CMS to address those model design features that led participants to withdraw from historical episode-based payment models in the first place. For example, many decisions to leave were due to index pricing concerns – specifically the ratchet effect where index prices were based on previous years’ performance, thus requiring organizations to compete against their own best performance (see additional information in the payment section).</p> <p><strong>Aligning Incentives to Increase Integration</strong>. Bundled payments can align incentives for providers — hospitals, post-acute care providers, physicians and others — and encourage them to work together to improve the quality and coordination of care. As such, we encourage CMS to provide flexibilities for gainsharing arrangements in future models whereby hospitals could work with physician group practices (PGPs) and post-acute providers to develop mutual accountability and shared risk.</p> <p><strong>Supporting IT Interoperability</strong>. Interoperability between participants and downstream providers is one crucial area that supports care coordination and timely communication. Models should support the entire continuum, from health systems that include downstream episode initiators and practices, to stand-alone hospitals wanting to partner with PGPs to support patients pre- and post-discharge, to other arrangements. Where possible, all organizations caring for the same patient in these models should use the same EHR or have application interfaces that ensure patient information is flowing freely and transparently. This may be challenging in certain scenarios where the participant may need to partner with a provider who lacks the resources to purchase and maintain a sophisticated EHR. As such, CMS should consider expanding Safe Harbor protections (i.e., Stark and Anti-Kickback) for hospitals and health systems to extend access to their EHRs out to others who also fill patient care needs in an episode-based payment model.</p> <p><strong>Regulatory Relief</strong>. AHA continues to call for maximum regulatory relief for all providers participating in alternative payment models. The waiver of certain Medicare program regulations is essential to participants’ ability to coordinate care and ensure that it is provided in the right place at the right time. Participants should have maximum flexibility to identify and place beneficiaries in the clinical setting that best serves their short- and long-term recovery goals. Providing such waivers is also commensurate with the level of risk and accountability that CMS is asking participants to assume as it shifts the burden of risk further away from the Medicare program onto providers. Specifically, we urge CMS to routinely waive:</p> <ul> <li>hospital discharge planning requirements that prohibit hospitals from specifying or otherwise limiting the information provided on post-hospital services;</li> <li>the skilled nursing facility three-day rule;</li> <li>the home health homebound rule;</li> <li>the inpatient rehabilitation facility (IRF) ‘60% Rule;’</li> <li>the IRF ‘Three-hour Rule;’ and</li> <li>the long-term care hospital ‘25% Rule.’</li> </ul> <p>In addition, the application of these and similar fee-for-service regulations in an episode-payment scenario clouds the findings on the efficacy of that model, thereby limiting the potential for lessons learned through the model and its usefulness if, in the future, applied to a broader population of patients and providers.</p> <h2>CLINICAL EPISODES</h2> <p>We generally agree with the considerations CMS outlined for developing clinical episodes for future models, including reviewing clinical homogeneity, spending variability, episode volume, quality impact and episode overlap alignment. We encourage close coordination with the provider community in developing future clinical episodes, to garner feedback on clinical appropriateness, duration and services to be included. Below are specific areas of feedback for clinical episodes.</p> <p><strong>Allow Voluntary Selection of Individual Episodes Instead of Clinical Episode Categories</strong>. It is vitally important for participants to have the ability to select individual clinical episodes, as opposed to requiring participants to take on risk for large, diverse bundles of episodes. This becomes even more important if CMS chooses to pursue any mandatory models.</p> <p>For example, some of the service line groups in BPCI-A included unrelated conditions. The transition to these disparate clinical groups in model year 4 may have contributed to a significant drop of 32% in the number of hospital participants.<sup>3</sup> For example, an organization wanting to participate in the sepsis bundle under BPCI-A was required to support all conditions under “Medical and Clinical Care.” This included conditions such as cellulitis, chronic obstructive pulmonary disease, bronchitis, asthma, renal failure, simple pneumonia, and respiratory infections and urinary tract infections, many of which have no clinical connection to sepsis. This requirement created barriers to participation for organizations that were well positioned to support some but not all episodes within a service line.</p> <p><strong>Focus on MS-DRG Surgical/Medical Episodes</strong>. In general, we encourage CMS to focus bundles on acute surgical and medical episodes and exclude chronic conditions. Acute episodes provide greater opportunities in terms of larger volume, less clinical variability and less model overlap. Chronic conditions may introduce more overlap with other programs like accountable care organizations (ACOs) and likely would require longer durations for episode length and greater complexity in terms of confounding variables.</p> <p><strong>Update Exclusion Criteria</strong>. We encourage CMS to exclude unrelated conditions from bundles. These include but are not limited to pre-scheduled inpatient/outpatient services that occur during the episode’s timeline (e.g., glaucoma surgery), unrelated trauma services and critical care transport. For example, for rural and geographically remote areas, critical care transport often requires high-cost air ambulance services, which may inappropriately and adversely impact these organizations’ cost savings achievements if included. Additionally, we urge CMS to explore revised outlier methodologies to account for patients with unforeseen conditions, such as high-cost trauma or emergent services, or complications from unrelated comorbidities (more feedback on this is in the payment methodology section).</p> <h2>PARTICIPANTS</h2> <p>We encourage CMS to develop the models in a manner that supports transition to risk, including the specific recommendations outlined below.</p> <p><strong>Incentivizing Hospital Participation</strong>. A study of performance of hospitals and physician group practices (PGPs) participating in bundled payment models found that only hospitals achieved cost savings for both surgical and medical episodes.<sup>4</sup> Furthermore, for medical episodes, hospitals demonstrated significant reductions in length of stay at skilled nursing facilities. The study counteracts arguments that PGPs are better suited to provide cost savings in value-based programs. Indeed, hospitals are well positioned to work with post-acute care facilities that may have overlap in patients served and may also be better positioned to assume financial risk. Therefore, it is vitally important that hospitals be fully incentivized to participate in these models.</p> <p><strong>Providing Transparent, Real-time Data</strong>. Historically, the lack of transparent, real-time data has created confusion on trigger events, eligibility for episodes and program participation. We encourage CMS to provide real-time data to conveners and episode initiators.</p> <h2>HEALTH EQUITY</h2> <p>Hospitals and health systems share CMS’ deep commitment to advancing health equity within their organizations and in the communities they serve. We appreciate CMS seeking ways to promote innovative health equity approaches through its CMMI programs. Hospitals approach the critically important work of health equity and addressing health-related social needs (HRSNs) recognizing that while they may be starting from different points, advancing health equity is not just a one-time activity. Rather, it is a continual process that involves engaging with internal and external stakeholders to build understanding and trust, using data to identify where disparities exist, identifying root causes, deploying interventions to address those causes and measuring progress.</p> <p>Below we offer our perspective on several health equity and HRSN-related issues raised in the RFI.</p> <p><strong>Accounting for HRSNs in Payment and Quality</strong>. The AHA supports the concept of CMMI models accounting for the impact of HRSNs in both payment and quality measurement methodologies. Indeed, we believe doing so would complement CMS’ commitment to advancing health equity. Recently, CMS has taken important steps forward in recognizing the complex interplay between provider performance and HRSNs by developing new methodologies to incentivize high quality, efficient care for underserved and historically marginalized communities. For example, the Medicare Shared Savings Program, the Hospital Value-Based Purchasing (VBP) program and Skilled-Nursing Facility VBP program now include a health equity adjustment (HEA) that awards providers bonus points based on a combination of their quality performance and the extent to which they treat underserved patients.</p> <p>We encourage CMS to consider applying approaches like the HEA in its various models. At the same time, CMS should consider the use of a full range of approaches to account for HRSNs in quality measurement and payment — including direct incorporation of HRSN-related variables into risk adjustment models where appropriate. CMMI could, for example, consider using the health equity adjustment’s underserved variables in setting episode-initiator benchmarks, including dual-eligible status (DES), Area Deprivation Index (ADI), and Medicare Part D Low-Income Subsidy. We also encourage CMS to explore the use of the CDC Social Vulnerability Index.</p> <p>The AHA acknowledges that any potential proxy for social risk or health-related social needs has tradeoffs. For example, DES has the significant benefit of being consistently recorded in Medicare administrative data, and relatively easy to tie back to individual hospitals. There also is a body of research showing the link between DES and other measures of social drivers, such as income. At the same time, DES tends to reflect those patients who face the most significant social needs. Furthermore, Medicaid eligibility criteria can vary across states, which means it may be a more comprehensive reflection of underserved populations for some hospitals than for others. Similarly, the main strength of the ADI is that it is attempts to create a multi-dimensional picture of the social drivers of health in a community. It draws on multiple data sources — including Medicare administrative data and census data — and uses 17 indicators of social risk to develop a single score for a geographic region. At the same time, because ADI is calculated at a census-block level, it has the potential to obscure differences within a particular census block. For example, the ADI for a community could look average, but parts of the community may face enormous structural barriers to accessing health care and other supportive resources that lead to better outcomes.</p> <p>Ultimately, CMMI policies around how to account for HRSNs should be informed by careful analysis and, where possible, analyses that estimate their impact on model participants. We encourage the agency to conduct such analyses with as much transparency around methods, data sources and results as possible.</p> <p><strong>Aligning and Sharing Data</strong>. To identify and address health inequities, CMMI model participants need accurate and actionable demographic and HRSN-related data to stratify performance measures and track progress. CMS and CMMI can play a vital role in supporting this work by taking steps to align and share health equity and HRSN-related data with model participants. Specifically, we recommend that CMMI do the following.</p> <ul> <li><strong>Promote aligned and standardized approaches to collecting, analyzing and exchanging demographic and HRSN data</strong>. This includes promoting a consistent approach across CMS itself and other federal agencies and programs. Given the breadth of health equity issues, and the wide range of stakeholders affected by it, CMS can help ensure that all stakeholders use consistent definitions and standards.<br />  </li> <li><strong>Share with model participants existing data to which CMS or other governmental agencies may already have access before adding new data collection and reporting requirements</strong>. For example, to the extent CMS is collecting demographic and social risk data during the time of enrollment in Medicare, the agency should explore ways of improving its accuracy and determine whether the data could be linked to quality measure data for hospitals and other health care providers. These steps could help provide additional data for CMS’ efforts to identify disparities in performance and outcomes, while reducing the need for additional data collection by hospitals and other providers.</li> </ul> <h2>QUALITY MEASURES, INTEROPERABILITY AND MULTI-PAYER ALIGNMENT</h2> <p>The AHA appreciates CMS’ interest in feedback on quality measurement approaches for CMMI models. Given CMMI’s mandate to lower costs while preserving and improving quality, CMMI’s models need well designed quality measures that are accurate, meaningful, feasible to collect and report, and do not require excessive administrative burden. In response to the issues raised in the RFI, AHA offers several recommendations below.</p> <p><strong>Measure Alignment Across Models</strong>. In general, the AHA supports alignment of measures across CMMI models, especially in instances where models are measuring the same topics. Given that many CMMI model participants engage in more than one model, an aligned approach to measurement helps ensure a consistent approach to incentivizing improved performance across programs while also lowering administrative burden for participants. Measure alignment can sometimes be achieved through adopting the same measure across multiple programs, and we encourage CMS to do so when practical. However, even when it is not possible to use identical measures, CMS should work to ensure directional alignment of definitions and methodologies.</p> <p>The AHA also cautions CMS against “force fitting” measures into models simply for the sake of achieving alignment. Sometimes, the differences in the programmatic goals and designs of CMMI models means that using precisely the same measures in each program is not always possible or even desirable. The AHA has previously expressed misgivings about the Merit-based Incentive Program’s APM Payment Pathway (APP) measure set and CMS’ policy of requiring the measure set to be used in every model to qualify for the APP. For example, while the APP measure set includes a depression screening measure, it is not always clear how such screening and follow up are relevant to bundled payment models that focus on procedural inpatient care. As a result, the measure may result in administrative burden that outweighs its value in improving care.</p> <p><strong>Transparency of Measure Specifications</strong>. The AHA urges CMS to increase the transparency of the measure specifications used in various CMMI models. Our members have expressed concern that while they know what measures CMS may be using in particular models, they often do not have enough information about what populations are included in the measure, specific details about risk adjustment methodologies and variables, measurement periods and other details that are vital to understanding how CMMI implements particular measures.</p> <p>Recently, CMS took the step of adding CMMI model measures to its CMS Measure Inventory Tool (CMIT). The AHA appreciates this step and believes there is value in a holistic view of the measures used in CMMI models. However, the information available in the CMIT provides high-level specifications and lacks some of the details described above. We would encourage CMS to build on the information in the CMIT to ensure model participants have the information they need to accurately interpret, implement and track performance on the measures in its models.</p> <p><strong>Use of Patient-reported Outcome Measures (PROMs)</strong>. CMS has expressed interest in the broader use of PROMs in CMMI models and in other CMS programs. In concept, the AHA believes PROMs hold promise in providing meaningful insights into patients’ experience of care and outcomes that matter in their daily lives. For example, many PROMs reflect whether patients are regaining day-to-day physical function within a period after a procedure, such as the ability to walk certain distances without discomfort.</p> <p>However, we urge CMS to adopt a gradual, stepwise approach to implementing PROMs in CMMI models and other programs. This includes making the reporting of PROMs voluntary or rewarding only bonus for successfully undertaking PROM reporting. Experience from the implementation of the total hip arthroplasty/total knee arthroplasty (THA/TKA) PROM in both the CJR model and the Inpatient Quality Reporting (IQR) program has raised significant concerns about the high level of administrative effort and resources needed to collect PROM data. PROM measures usually require at least two patient surveys — one to establish a baseline and a follow up within a set time to measure changes from the baseline. Hospitals have reported that patient follow up is often very challenging, making it difficult to meet CMS’ standards for data completeness. Furthermore, it is not yet clear what a reasonable threshold for data completeness looks like across providers because PROM implementation is still relatively novel on a national scale.</p> <p>In other words, while PROMs have long-term value in CMS programs, both CMS and health care providers need time to develop the infrastructure to support a sustainable implementation of PROM reporting. Voluntary reporting through CMMI models would provide an important opportunity to gain experience, test measurement approaches and share best practices about successful PROM implementation.</p> <p><strong>Multi-Payer Alignment</strong>. The AHA supports multi-payer alignment to ensure consistency across payers in episode composition, payment policies, outcomes metric methodology, and target thresholds. We encourage CMS to work with Medicaid and commercial payers to establish consistent bundled payment models. Aligning payers will also support further transition to value-based care, by bringing all stakeholders to the table and leveraging episodes as a steppingstone or bridge to population-based models.</p> <h2>PAYMENT METHODOLOGY AND STRUCTURE</h2> <p>Some of the biggest challenges in the BPCI, BPCI-A and CJR programs have been related to payment methodology and structure. Below are recommendations to improve payment methodologies for future models.</p> <p><strong>Providing Appropriate Risk Adjustment for Clinical Complexity and Health Related Social Needs.</strong> An article from JAMA analyzing hospitals leaving the CJR program in 2018 found that the majority of those opting out had higher proportions of non-white and Medicaid patients.<sup>5</sup> The article states that these hospitals likely dropped out “since they were more likely to sustain financial losses by remaining in the program” due to higher prevalence of complications and post-acute care needs. This is of deep concern to us. Therefore, we urge CMS to develop models in a manner that incentivizes participation from organizations serving underserved communities. Ensuring adequate risk adjustment methodologies that account for social needs and clinical complexity, as mentioned above, is one policy that would help in this goal.</p> <p><strong>Leveraging Appropriate Breadth of Historical Claims Data for Setting Target Prices</strong>. As part of the extension for the CJR program, CMS updated its methodology for calculating index prices. Specifically, the timeframe for historical claims was adjusted from three years to one year. This continues to be of concern to us. As we previously commented, broader data sets help stabilize target prices and moderate for unforeseen variation, such as in volume or clinical complexity.<sup>6</sup> Therefore, we encourage CMS to use longer time periods in calculating target prices, such as three years.</p> <p><strong>Updating High-cost Spending Caps.</strong> High-cost spending caps are necessary to protect hospitals from incurring undue penalties from unexpected and severe complications. For example, the CJR model originally capped individual episode costs at two standard deviations above the mean. However, CMS later changed the cap to the 99th percentile, which was too high and did not capture the prevalence of severe complications. Therefore, we urge CMS to set high-cost spending caps at two standard deviations above the mean.</p> <p><strong>Create Policies to Help Ensure Organizations Do Not Have To Compete Against Their Own Best Performance</strong>. An article from JAMA identified the issue with the spending benchmark methodology in current episode payment models, whereby participants are essentially penalized for efficiency.<sup>7 </sup>Specifically, benchmarks generally adjust based on historical performance, so if an organization lowers spending, their benchmark will be lowered in future years. As the organization continues to lower spending in an attempt to hit their continually decreasing benchmark, eventually they will not be able to achieve the benchmark. Organizations have cited this as a primary reason for leaving bundled payment programs. CMS has made efforts to enact guardrails to help ensure participants do not have to compete against their own best performance, such as benchmarks that include an adjustment for prior savings and introducing regional trends into benchmarks. “Efficiency floors” are another possibility, which help ensure that organizations are not penalized for reducing spending. In the JAMA article referenced above, an efficiency floor would provide a threshold of spending reductions after which point organizations would not face penalties or could opt out of participation. We strongly encourage CMS to include policies like these in future models, as well as continue researching this issue in general.</p> <p><strong>Stop-loss Limits for Repayments</strong>. We urge CMS to include in models stop-losses that limit participants’ overall repayment responsibility. These should be implemented in a gradual glide-path fashion with additional protections provided for certain participants, such as rural hospitals and lower volume facilities.</p> <p><strong>Incentivizing Post-acute Participation</strong>. Post-acute care (PAC) providers, including long-term care hospitals, inpatient rehabilitation hospitals, skilled nursing facilities and home health agencies, play a key role in ensuring long-term medical and functional outcomes following discharge from an acute-care hospital. Therefore, incentivizing coordination with these providers should be a critical component of models. The intensity of services offered among post-acute care providers can vary greatly, along with the associated cost. However, meaningful differences in outcomes, such as return to daily activities, fall reduction, readmission avoidance and even mortality, and hence savings to Medicare, are not apparent until months or even years later.</p> <p>Utilizing the most efficient downstream provider is the goal, but “efficiency” includes a measure of outcomes achieved, not only cost. As such, models should incorporate measures of functional outcomes to ensure that they are not incentivizing the use of less costly providers without regard to long-term outcomes. We also urge CMS to ensure it provides waivers to enable hospitals’ flexibility to place beneficiaries in the setting that best serves short- and long-term recovery goals. Specifically, we encourage CMS to waive the post-acute care transfer policy when beneficiaries are discharged from an acute care hospital to post-acute facilities and organizations that commit to coordinating with hospital partners for episode- based payment models.</p> <h2>MODEL OVERLAP</h2> <p>As CMS explores ways to better integrate specialty care and ACOs in episode-based payment models, we have several recommendations regarding model overlap, detailed below.</p> <p><strong>Reduce Barriers for Hospitals to Transition to APMs and ACOs</strong>. As CMS evaluates ways to integrate ACOs in episode-based payment models and increase specialty integration, CMS should implement policies to remove barriers to transitioning to risk-based models. For example, CMS should eliminate its designation of ACOs as either low- or high-revenue. The agency has used this label as a proxy measure, for example, to determine if an organization is supporting underserved populations and/or if the organization is physician led in order to qualify for Advance Investment Payments (AIPs). Yet, there is no valid reason to conclude that this delineation, which measures an ACO’s amount of “captured” revenue, is an accurate or appropriate predictor of whether it treats an underserved region. In fact, analysis suggests that critical access hospitals, federally qualified health centers and rural health centers are predominantly classified as “high-revenue,” disqualifying them from obtaining AIPs that would be of a huge benefit in their ability to take on higher risk. Further, both low- and high-revenue ACOs are working to address health equity as part of their care transformation work; assistance investing in these efforts would help across the board. Advanced APM Incentive payments should also be extended to support non-fee-for-service programs, including meal delivery programs, transportation services, and digital tools and care coordinators, each of which promote population health.</p> <p>We appreciate your consideration of these issues. Please contact me if you have questions or feel free to have a member of your team contact Jennifer Holloman, AHA’s senior associate director of policy, at (202) 6262-320 or <a href="mailto:mailto:jholloman@aha.org">jholloman@aha.org</a>.</p> <p>Sincerely,</p> <p>/s/</p> <p>Ashley Thompson<br /> Senior Vice President Policy</p> <p>Cc: Elizabeth Fowler<br />       Director, CMMI</p> Thu, 17 Aug 2023 15:53:55 -0500 Interoperability