AAOMS continues to monitor health policy trends and regulatory compliance issues that may affect AAOMS members and frequently posts announcements of such key regulations on the AAOMS website, AAOMS Today, and Advocacy E-Newsletter. There have been several federal regulations recently introduced in which most providers, including OMS, must comply over the next few years. The compliance dates for each of these regulations are relatively close to one another. To assist members in developing their compliance plans, this page provides a quick glance at each regulation as well as a projected timeline for implementation and compliance. Simply click the links below for additional information on each of the regulations as well as links to AAOMS resources and outside governmental agencies.
Click on a year to expand or collapse
The 2006 Tax Relief and Health Care Act (TRHCA) (P.L. 109-432) requires the establishment of a physician quality reporting system, including an incentive payment for eligible professionals (EPs) who satisfactorily report data on quality measures for covered services furnished to Medicare beneficiaries during the second half of 2007 (the 2007 reporting period). CMS named this program the Physician Quality Reporting Initiative (PQRI).
Tax Relief and Health Care Act of 2006 makes Recovery Audit Contractor (RAC) Program permanent.
SECURITY - Compliance deadline (small health plans)
CMS will accept claims that use an existing legacy Medicare billing number and/or an NPI. Medicare strongly recommends that providers continue to submit the legacy number as a secondary identifier.
HIPAA-covered providers must have an NPI number when billing electronically.
The incentive payment begins for eligible professionals (EPs) who satisfactorily report data on quality measures for covered services furnished to Medicare beneficiaries during the second half of 2007 (the 2007 reporting period).
The Medicare, Medicaid, and SCHIP Extension Act of 2007 (MMSEA) is signed by the President authorizing the continuation of the PQRI for 2008 and 2009. MMSEA permitted program flexibility for 2008 by authorizing CMS to establish alternative mechanisms to previously established claims-based reporting of PQRI quality data. MMSEA provisions require alternative reporting periods and alternative criteria for satisfactorily reporting quality measures data through medical registries and reporting measures groups.
MIPPA authorizes e-prescribing incentive program.
MIPPA makes the PQRI program permanent, but only authorizes incentive payments through 2010. In 2008, eligible professionals may earn an incentive payment of 1.5 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during the respective reporting periods. While TRHCA established a cap on incentive payments for 2007, based on an average per measure payment amount, MMSEA removed the cap on incentive payments.
Small health plans must begin using and accepting NPIs.
HHS published a proposed rule to adopt ICD-10-CM (and ICD-10-PCS) to replace ICD-9-CM in HIPAA transactions.
The bonus payment available to successful e-prescribers for 2009-2010 reporting is 2%.
Eligible Professionals who meet the criteria for satisfactory submission of quality measures data for services furnished during the 2009 or 2010 reporting period will qualify to earn an incentive payment of 2.0 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during that same period.
"Train the trainers" education begins in preparation for the implementation of ICD-10-CM on October 1, 2013. Other code users should begin reviewing and improving their foundation knowledge of the biomedical sciences (eg. anatomy, physiology and medical terminology).
Final Rule published requiring HIPAA 5010 Electronic Standard adoption by January 1, 2012.
Final Rule published requiring ICD-10-CM implementation by January 1, 2013.
President Obama signed ARRA's HITECH provisions.
Effective Date of the HIPAA 5010 Electroncic Standard regulation.
HHS permits dual use of existing standards (4010A1 and 5.1) and the new standards (5010 and D.0) from the March 17, 2009, effective date until the January 1, 2012 compliance date to facilitate testing subject to trading partner agreement.
The HHS Office of the National Coordinator for Health Information Technology publishes the Health Information Technology Extension Program.
FTC Breach Notification Guidance Comments Due.
Draft Meaningful Use Definition - ONC staff identified a subset of providers eligible for incentive payments who were likely to have different needs of their EHRs than primary care providers (e.g., specialists and non-physician providers). ONC convened brief calls with representatives from these provider groups to promote a better understanding of how EHRs and meaningful use would impact their work.
HHS Delegates Authority for the HIPAA Security Rule to Office for Civil Rights (OCR). CMS retains its enforcement authority for these other HIPAA rules.
The Health IT Policy Committee on Aug. 14 approved recommendations to the federal government on establishing a new process for certifying electronic health records. Federal certification means that a system is able to achieve the minimum government requirements for security, privacy and interoperability, and that the system is able to qualify the user for bonuses under meaningful use standards. Currently, the Certification Commission for Health Information Technology is the only certifying body recognized by the federal government. But a policy committee work group noted that "considerable confusion" exists about the certification process used by CCHIT, so the panel recommends expanding the number of approved certifying bodies.
Major regulations surrounding breach notifications on PHRs by the Department of Health and Human Services are due.
Major regulations surrounding breach notifications on PHRs by the Federal Trade Commission and unsecure PHI by the Department of Health and Human Services are due.
The Data Interchange Standards Association has launched an online testing and certification service for providers, payers and vendors migrating to the HIPAA 5010 standards for electronic claims and related transactions. The latest version of the HIPAA standard transactions, 5010 accommodates the new ICD-10 diagnosis and procedure codes, among other changes.
The HIPAA Breach Notification Rule largely follows the HITECH Act, Section 13402, with several important clarifications and modifications. It also provides additional guidance on the technologies and methodologies that render protected health information (PHI) unusable, unreadable, or indecipherable to unauthorized individuals, and therefore not considered "unsecured PHI" subject to the breach notification provisions.
Contained in the document are the following:
The new law becomes effective September 23, 2009. Implementing new policies and procedures and conducting workforce training now will prepare an entity subject to these regulations to comply with the law in the event of a breach, and will eliminate the possibility of failing to timely meet the notification requirements and assist the entity in mitigating the damaging effect of a breach. HHS can impose civil penalties up to $1.5 million per violation per year for non-compliance with these new laws. Do not delay in implementing a program to comply with these new requirements.
OSHA's Proposed Rule on Hazard Communication Released
The Hazard Communication Standard's (HCS) main purpose is to reduce chemical source illness and injuries. Since the HCS was developed in 1983, chemical injury and illness have decreased 42%, however, there is still a need for information and protection from chronic effects of chemicals. On September 30, 2009, OSHA released a proposed rule to revise the HCS to align with the Globally Harmonized System of Classification and Labelling of Chemicals (GHS). The GHS is a common logical approach to define and classify hazards and communicate information on labels and safety sheets and provides the infrastructure for the establishment of comprehensive national chemical safety programs. There are several benefits to adopting the GHS standards, such as, they: (1) enhance the protection of humans and environment; (2)better facilitate international trade of chemicals (3) reduce the need for duplicate testing and evaluation; and (4) assist countries and international organizations in the management of chemicals.
The Certification Commission for Health Information Technology (CCHIT) will launch its new certification programs on October 7. In addition to an updated comprehensive electronic health record (EHR) certification program, called CCHIT Certified® 2011, the organization will offer a modular certification program called Preliminary ARRA 2011 that is limited to the standards for qualifying EHR technology under the American Recovery and Reinvestment Act (ARRA).
CCHIT will offer three paths to certification to bring wider availability of EHR technologies, stimulate innovation, and address the needs of providers and hospitals at varying stages of technology adoption readiness. They are:
CCHIT Certified: A rigorous certification for comprehensive EHR systems that enable providers to meet all meaningful use objectives. Products must significantly exceed minimum Federal standards requirements, are rated for usability, and are verified to be in successful use at multiple sites. This program addresses the needs of providers and hospitals who want maximal assurance of EHR capabilities and compliance.
Federal Minimum: A modular certification program for applications that address one or more of the meaningful use objectives. Products must meet minimum Federal standards requirements. This program allows providers and hospitals to combine technologies from multiple certified sources.
Site: A simplified, low cost certification for sites or organizations. Technology must meet minimum Federal standards requirements. This program allows providers and hospitals who develop or assemble EHR technologies themselves to qualify for ARRA incentives, offering an open door to encourage continued innovation.
National Coordinator for Health IT David Blumenthal said a preliminary definition for "meaningful use" of electronic health records will be released by the end of 2009, followed by a 60-day comment period.
Interim final rule expected for Standards and Certification Criteria.
The bonus payment for PQRI is capped at 2% of an individual's total allowed Medicare charges for the reporting period, up from 1.5% for 2007 and 2008.
The bonus payment available to successful e-prescribers for 2009-2010 reporting is 2%.
Final definition expected to be issued in mid- to late spring 2010
Eligible Professionals who meet the criteria for satisfactory submission of quality measures data for services furnished during the 2009 or 2010 reporting period will qualify to earn an incentive payment of 2.0 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during that same period.
"Train the trainers" education continues in preparation for the implementation of ICD-10-CM on October 1, 2013. Other code users should begin or continue reviewing and improving their foundation knowledge of the biomedical sciences (eg. anatomy, physiology and medical terminology).
Deadline for RAC program to be expanded to all 50 states
Payers and providers should begin internal testing of Version 5010 standards for electronic claims.
PPACA requires physicians who rely on the in-office ancillary services exception to the prohibition on physician self-referral to inform patients in writing at the time they order magnetic resonance imaging, computed tomography, and positron emission tomography that the patient may obtain these services elsewhere. They must also provide the patient with a written list of those who furnish such services in the area where the patient resides. The new law specifies that this requirement may also apply to any other designated health services that the Health and Human Services (HHS) secretary determines appropriate.
PPACA reduces the maximum period for submitting Medicare claims to no more than one calendar year from the date of service, subject to exceptions yet to be specified by the HHS secretary. All bills and requests for payments for services furnished before January 1, 2010, must be filed by December 31, 2010.
PPACA requires physicians conduct a face-to-face encounter with a patient within six months prior to certifying their eligibility for Medicare Part B home health services. A similar requirement applies to durable medical equipment certifications and Medicaid, but an effective date has not yet been specified. In addition, clarification is being sought on how to comply with this provision for certifications made prior to enactment of the new law.
PPACA requires physicians maintain and provide access to documentation for seven years relating to written orders or requests for payment for durable medical equipment and certifications for home health services. The HHS secretary has the authority to expand this requirement to other items or services. Failure to maintain and provide access to such documentation could result in a permissive exclusion from the Medicare program for up to one year.
EHR Certification criteria interim final rule to take effect.
HHS Breach Notification Requirements enforced
FTC Breach Notification Requirements enforced
Deadline for dentists who are covered under HIPAA to notify the department of any breaches of unsecured protected health information between Sept. 23, 2009 -- when the Breach Notification Rule went into effect -- and Dec. 31, 2009.
Comments due for proposed rulemaking on Meaningful Use and Interim final rule on EHR certification criteria.
President Obama signs the Patient Protection and Affordable Care Act (PPACA), P.L. 111-148.
PPACA requires a "person" that has received an overpayment to report and return it in writing with the reason for the overpayment no later than 60 days after the date which the overpayment was identified. A "person" may refer to a provider, supplier, Medicaid managed care organization, Medicare Advantage plan and PDP (Prescription Drug Plan) sponsor. A person violating this requirement will be considered in violation of the False Claims Act.
The anti-kickback statute has been amended to remove the "intent" standard, so it is no longer necessary to prove that an individual knew of the prohibitions contained in the statute and intended to violate it. Also, the new law provides that a violation of the anti-kickback statute constitutes a false or fraudulent claim under the False Claims Act. The AMA will continue to work with Congress to address its concerns with this change and others made to the "intent" standard of other health care-related fraud statutes.
The health care provisions of the mail fraud statute (a criminal statute) have been amended so that it is no longer necessary for prosecutors to prove an individual had actual knowledge of the health care fraud statute or had the specific intent to violate the statute for liability to be established. The definition of health care offense has been amended to include violations of the anti-kickback statute, the Food Drug and Cosmetic Act, and certain Employee Retirement Income Security Act provisions.
The Affordable Care Act (ACA) makes a number of changes to the PQRI, including authorizing incentive payments through 2014 and requiring a penalty, beginning in 2015, for eligible professionals who do not satisfactorily report. Eligible professionals who meet the criteria for satisfactory submission of quality measures data for services furnished during the 2011 reporting period will qualify to earn an incentive payment of 1.0 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during that same period. For 2012 through 2014, eligible professionals may earn an incentive payment of 0.5 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during the respective reporting periods. Beginning in 2015, eligible professionals who do not satisfactorily report PQRI measures may be subject to a payment adjustment, or penalty. Specifically, if an eligible professional does not satisfactorily report for the reporting period for the year, the PFS amount for covered professional services furnished by such professional during the year shall be less than the PFS amount that would otherwise apply by 1.5 percent for 2015 and 2.0 percent for 2016 and each subsequent year. The ACA also authorizes an additional 0.5 percent incentive for 2011 through 2014 for eligible professionals who satisfactorily report and more frequently than is required to qualify for or maintain board certification status participates in a Maintenance of Certification Program (MOCP) for a year and successfully completes a qualified MOCP practice assessment for such year.
President Obama signs the Health Care and Education Reconciliation Act (P.L. 111-152) amending the Patient Protection and Affordable Care Act (P.L. 111-148) signed the week prior.
The CMS Medicare Fee-for-Service schedule is:
Level I - April 1, 2010 through December 31, 2010
HHS publishes request for information relating to the medical loss ratio and rate reviews.
HHS announces a new Office of Consumer Information and Oversight.
HHS publishes Interim Final Rule requiring coverage of adult children to age 26.
CMS expected to have meaningful use rule in place.
The Federal Trade Commission (FTC) is delaying enforcement of the "Red Flags" Rule, again, until June 1, 2010, for financial institutions and creditors subject to enforcement.
HHS releases an Interim Final and Proposed Rule regarding grandfathered health plans under PPACA.
CMS requests comments on the Acute Care Episode (ACE) Demonstration.
The HHS Office of Consumer Information and Insurance Oversight establishes the Consumer Operated and Oriented Plan (CO-OP) Advisory Board as required under PPACA to foster the creation of qualified nonprofit health insurance issuers to offer qualified health plans in the individual and small group markets.
HHS ONC publishes a final rule establishing a certification program for health information technology. The rule describes the temporary certification program for EHRs, and what organizations need to do to be authorized to test and certify EHR technology.
HHS publishes proposed and final rules on PPACA provisions including the prohibition of pre-existing condition exclusions, lifetime and annual dollar limits on benefits, restrictions on rescissions and patient protections.
HHS Office of Consumer Information and Oversight publishes notice setting up a new system of records by which to record who has applied for enrollment in a temporary high risk health insurance pool program making health insurance coverage available at standard rates to uninsured individuals with pre-existing conditions, as required under PPACA.
The HHS National Center for Vital Health Statistics (NCVHS) announces a meeting to receive industry input on a unique health plan identifier to be used in HIPAA standard transactions, and on new operating rules for standards, and their authoring organizations, as per the requirement under PPACA for the center to review and make recommendations on several HIPAA standards and electronic transactions.
The Centers for Medicare and Medicaid Services (CMS) releases the Proposed 2011 Medicare Physician Fee Schedule not only updating payment policies and Medicare payment rates for services furnished by physicians and non-physician practitioners (NPPs) that are paid under the Medicare Physician Fee Schedule (MPFS), but also addressing many provisions stemming from the PPACA and Reconciliation Act. Changes to the Physician Quality Reporting Initiative and the Electronic Prescribing Incentive Program, provisions related to primary care and prevention, expanding access, improving payment accuracy, and more are among the PPACA related provisions.
HHS, through the Office of Civil Rights, publishes a Proposed Rule on Modifications to the HIPAA Privacy, Security, and Enforcement Rules under the Health Information Technology for Economic and Clinical Health Act to modify the Standards for Privacy of Individually Identifiable Health Information (Privacy Rule), the Security Standards for the Protection of Electronic Protected Health Information (Security Rule), and the rules pertaining to Compliance and Investigations, Imposition of Civil Money Penalties, and Procedures for Hearings (Enforcement Rule) issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The purpose of these modifications is to implement recent statutory amendments under the Health Information Technology for Economic and Clinical Health Act ("the HITECH Act" or "the Act"), to strengthen the privacy and security protection of health information, and to improve the workability and effectiveness of these HIPAA Rules.
HHS, through the Office of Consumer Information and Insurance Oversight publishes Interim Final Rules for Group Health Plans and Health Insurance Issuers Relating to Coverage of Preventive Services under the Patient Protection and Affordable Care Act.
HHS, through the Office of the Assistant Secretary for Planning and Evaluation, publishes a Request for Information on Development of an Inventory of Comparative Effectiveness Research, driven by the American Recovery and Reinvestment Act of 2009 (ARRA) which provided $1.1 billion for research and development in the area of CER.
HHS, through the Office of Consumer Information and Insurance Oversight, publishes Interim Final Rules for Group Health Plans and Health Insurance Issuers Relating to Internal Claims and Appeals and External Review Processes under the Patient Protection and Affordable Care Act.
The same day HHS, through CMS, publishes a Solicitation for Proposals for the Medicare Imaging Demonstration as authorized by MIPAA to collect data regarding physician compliance with appropriateness criteria selected by the Secretary under the terms of the statute in order to determine the appropriateness of advanced diagnostic imaging services furnished to Medicare beneficiaries.
HHS, through CMS, issues a proposed rule that would establish its first quality incentive program (QIP) pay-for-performance program in a Medicare fee-for-service payment system. While this program is designed to promote high quality services in dialysis facilities by linking a facility's payments to performance standards it may be an example of what is to come in other areas of health care.
HHS, through CMS, publishes the EHR Incentive Program Final Rule defining "meaningful use" for the first two years (2011 and 2012) of a long-term financial incentive plan through Medicare and Medicaid under the Health Information for Economic and Clinical Health (HITECH) Act, signed into law by President Barack Obama February 17, 2009.
HHS, the same day, also publishes a final rule through the Office of the National Coordinator for Health Information Technology (ONC) establishing an initial set of standards, implementation specifications, and certification for EHR technology for vendor products.
HHS, through the Office of Consumer Information and Insurance Oversight, publishes an Interim Final Rule on Pre-Existing Condition Insurance Plan Program.
HHS will publish 14 modifications to HIPAA guidance and regulations which will expand protections of electronically transmitted patient health information. Each of the rules will take effect 30 days after issuance. They include regulations and/or guidance about:
CMS publishes its HOPPS / ASC Proposed Rule for 2011 including proposed changes to physician self-referral rules and related changes to provider agreement regulations as well as implementing certain provisions of the Affordable Care Act.
HHS, through the Office of Consumer Information and Insurance Oversight, publishes a proposed rule on the planning and establishment of state-level exchanges, requesting comments on the related provisions in PPACA.
HHS, through the ONC, announces the availability of test tools and test procedures approved by the National Coordinator for Health Information Technology (the National Coordinator) for the testing of Complete EHRs and/or EHR Modules by ONC-Authorized Testing and Certification Bodies ONC-ATCBs) under the ONC temporary certification program. The approved test tools and test procedures are identified on the ONC Web site.
Required Level I compliance with HIPAA 5010 Standard
Level I compliance means "that a covered entity can demonstrably create and receive compliant transactions, resulting from the compliance of all design/build activities and internal testing."
The bonus payment available to successful e-prescribers for 2011-2012 reporting is 1% with a simultaneous 1% payment reduction for those unsuccessful.
Beginning in 2011, physicians who demonstrate "meaningful use" of electronic health records could qualify for up to $44,000 in Medicare incentive payments by implementing Stage 1 Meaningful Use requirements.
Meaningful Use Objectives Goal is to electronically capture in coded format and to report health information and to use that information to track key clinical conditions
Eligible professionals who meet the criteria for satisfactory submission of quality measures data for services furnished during the 2011 reporting period will qualify to earn an incentive payment of 1.0 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during that same period. The ACA also authorizes an additional 0.5 percent incentive for 2011 through 2014 for eligible professionals who satisfactorily report and more frequently than is required to qualify for or maintain board certification status participates in a Maintenance of Certification Program (MOCP) for a year and successfully completes a qualified MOCP practice assessment for such year.
Meaningful use draft call for providers to comply with federal and state medical data privacy laws and for data sharing to comply with the Office of the National Coordinator's National Privacy and Security Framework.
Beginning in 2011, physicians who demonstrate "meaningful use" of electronic health records could qualify for up to $44,000 in Medicare incentive payments.
"Train the users" education begins in preparation for the implementation of ICD-10-CM on October 1, 2013. Code users should also begin or continue reviewing and improving their foundation knowledge of the biomedical sciences (eg. anatomy, physiology and medical terminology).
Testing begins for meeting required Level II compliance with HIPAA 5010 Standard
Level II compliance means "that a covered entity has completed end-to-end testing with each of its trading partners, and is able to operate in production mode with the new versions of the standards."
Due to the 90-day reporting requirements of the Stage 1 criteria for the first year reporting, this is the last day you can begin reporting to qualify for incentives in 2011.
Required Level II compliance with HIPAA 5010 Standard
Level II compliance means "that a covered entity has completed end-to-end testing with each of its trading partners, and is able to operate in production mode with the new versions of the standards."
Penalties go into effect for those providers that are eligible, but not utilizing e-prescribing.
For 2012 through 2014, eligible professionals may earn an incentive payment of 0.5 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during the respective reporting periods. The ACA also authorizes an additional 0.5 percent incentive for 2011 through 2014 for eligible professionals who satisfactorily report and more frequently than is required to qualify for or maintain board certification status participates in a Maintenance of Certification Program (MOCP) for a year and successfully completes a qualified MOCP practice assessment for such year.
"Train the users" education begins or continues in preparation for the implementation of ICD-10-CM on October 1, 2013. Code users should also begin or continue reviewing and improving their foundation knowledge of the biomedical sciences (eg. anatomy, physiology and medical terminology).
Health IT departments must be ready to submit claims electronically using the upgraded HIPAA 5010 standards / Full compliance with HIPAA 5010 standard required.
Testing of new HIPAA Electronic Standard 5010 begins to ensure Level II compliance by December 31, 2011. Level II compliance means "that a covered entity has completed end-to-end testing with each of its trading partners, and is able to operate in production mode with the new versions of the standards."
The bonus payment available to successful e-prescribers for 2013 reporting is 0.5% with a simultaneous 1.5% payment reduction for those unsuccessful.
Stage 2 Meaningful Use requirements will be set.
For 2012 through 2014, eligible professionals may earn an incentive payment of 0.5 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during the respective reporting periods. The ACA also authorizes an additional 0.5 percent incentive for 2011 through 2014 for eligible professionals who satisfactorily report and more frequently than is required to qualify for or maintain board certification status participates in a Maintenance of Certification Program (MOCP) for a year and successfully completes a qualified MOCP practice assessment for such year.
"Train the users" education continues in preparation for the implementation of ICD-10-CM on October 1, 2013. Code users should also continue reviewing and improving their foundation knowledge of the biomedical sciences (eg. anatomy, physiology and medical terminology).
ICD-10-CM Implementation Date
No bonus payment will be made to successful e-prescribers beginning in 2014. Instead those unsuccessful will see a 2% payment reduction in 2014 and each year thereafter.
For 2012 through 2014, eligible professionals may earn an incentive payment of 0.5 percent of their total estimated allowed charges for Medicare Part B PFS covered professional services furnished during the respective reporting periods. The ACA also authorizes an additional 0.5 percent incentive for 2011 through 2014 for eligible professionals who satisfactorily report and more frequently than is required to qualify for or maintain board certification status participates in a Maintenance of Certification Program (MOCP) for a year and successfully completes a qualified MOCP practice assessment for such year.
The government will enact penalties for health care providers who have failed to demonstrate meaningful use.
Doctors would need to achieve medical device interoperability and achieve minimal levels of performance on quality, safety, and efficiency.
Stage 3 requirements for Meaningful Use to be set.
Beginning in 2015, eligible professionals who do not satisfactorily report PQRI measures may be subject to a payment adjustment, or penalty. Specifically, if an eligible professional does not satisfactorily report for the reporting period for the year, the PFS amount for covered professional services furnished by such professional during the year shall be less than the PFS amount that would otherwise apply by 1.5 percent for 2015 and 2.0 percent for 2016 and each subsequent year.