Department of Health and Human Services (HHS), Centers for Medicare & Medicaid Services (CMS).
Notice of a new routine use for selected CMS system of records.
In accordance with the requirements of the Privacy Act of 1974, CMS is adding a new routine use to disclose information to Qualified Entities (QEs) for selected Centers for Medicare & Medicaid Services (CMS) systems of records. Section 10332 of the Patient Protection and Affordable Care Act (ACA) adds a new subsection to Section 1874 of the Social Security Act, requiring that the Secretary establish a process to allow for the use of standardized extracts of Medicare Parts A, B, and D claims data by QEs to evaluate and report on the performance of providers of services and suppliers on measures of quality, efficiency, effectiveness, and resource use.
New Routine Use for Qualified Entities
1. To assist a public or private entity that is qualified (as determined by the Secretary of the Department of Health and Human Services (the Secretary)) to use Medicare claims data to evaluate the performance of providers of services and suppliers on measures of quality, efficiency, effectiveness, and resource use; and who agrees to meet the requirements regarding the transparency of their methods and their use and protection of Medicare data as the Secretary may specify, if CMS:
a. Determines that the use or disclosure does not violate legal limitations under which the record was provided, collected, or obtained; and
b. Secures a written statement attesting to the information recipient's understanding of and willingness to abide by these provisions. Every Qualified Entity receiving data must have an agreement with CMS in the form of an Information Exchange Agreement or contract with all security and privacy requirements included. A Data Use Agreement (DUA) (CMS Form 0235) must be completed by the person receiving CMS data in accordance with current CMS policies.
This routine use fulfills the requirement in section 1174(e) of the Social Security Act (42 U.S.C. 1395kk (e)) to make standardized extracts of claims data under Medicare Parts A, B, and D available to a Qualified Entity (QE), recognized by the Secretary to make evaluations of provider/supplier performance in accordance with that section, and that agrees to meet specific requirements regarding the transparency of their methods and their use and protection of Medicare data. The IDR, National Claims History (NCH), CCDR, and Part D data will provide QEs, a broader, longitudinal, national perspective of the performance of Medicare providers/suppliers for use in authorized QE projects that could ultimately improve the care provided to Medicare beneficiaries and the policy that governs the care.
CMS Systems of Records To Be Modified by This Routine Use
This new routine use, when published, will be added to the compatible systems of records used to disclose Medicare claims information and numbered as the next consecutive number in the order of published routine uses for the following systems of records notices:
1. “National Claims History (NCH),” System No. 09-70-0558, last published at 71 FR 67137 (November 20, 2006). The primary purpose of this system is to collect and maintain billing and utilization data on Medicare beneficiaries enrolled in hospital insurance (Part A) or medical insurance (Part B) of the Medicare program for Start Printed Page 65197statistical and research purposes related to evaluating and studying the operation and effectiveness of the Medicare program.
2. “Medicare Drug Data Processing System (DDPS),” System No. 09-70-0553, last published at 73 FR 30943 (May 29, 2008). The primary purpose of this system is to collect, maintain, and process information on all Medicare covered, and as many non-covered drug events as possible, for people with Medicare who have enrolled into a Medicare Part D plan.
3. “Medicare Integrated Data Repository (IDR),” System No. 09-70-0571, published at 71 FR 74915 (December 13, 2006). The primary purpose of this system is to establish an enterprise resource that provides one integrated view of all CMS data to administer the Medicare and Medicaid programs.
4. “Chronic Condition Data Repository (CCDR),” System No. 09-70-0573, published at 71 FR 54495 (September 15, 2006). The purpose of this system is to collect and maintain a person-level view of identifiable data to establish a data repository to study chronically ill Medicare beneficiaries. This system utilizes data extraction tools to support accessing data by chronic conditions and processes complex customized research data requests related to chronic illnesses.
The Centers for Medicare & Medicaid Services (CMS) invites interested parties to submit written comments on the proposed system until November 16, 2011. As required by the Privacy Act (5 U.S.C. 552a(r)), CMS on October 17, 2011 sent a report of a new system of records to the Committee on Homeland Security and Governmental Affairs of the Senate, the Committee on Oversight and Government Reform of the House of Representatives, and the Office of Information and Regulatory Affairs of the Office of Management and Budget (OMB). The proposed action described in this notice is effective on November 26, 2011, unless CMS receives comments which result in a republication of the notice.
The public should address comments to: CMS Privacy Officer, Division of Information Security & Privacy Management, Enterprise Architecture and Strategy Group, Office of Information Services, CMS, Room N1-24-08, 7500 Security Boulevard, Baltimore, Maryland 21244-1850. Comments received will be available for review at this location, by appointment, during regular business hours, Monday through Friday from 9 a.m.-3 p.m., Eastern Time zone.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Chris Haffer, Ph.D., Program Manager, Data Development and Services Group, Center for Strategic Planning, Centers for Medicare and Medicaid Services, 7500 Security Boulevard, Mail-stop: C3-24-07, Baltimore, MD 21244-1850. Office: 410-786-8764, Facsimile: (410) 786-5515, E-mail address: firstname.lastname@example.org.End Further Info End Preamble Start Supplemental Information
The statute defines QEs as public or private entities that are determined by the Secretary to be qualified to use Medicare claims data to make such evaluations of provider/supplier performance, and that agree to meet specific requirements regarding the transparency of their methods and their use and protection of Medicare data. The statute requires that Medicare claims extracts be combined with other claims data, although the statute is not specific on what, or how much, other claims data should be combined with Medicare claims data. The statute requires that the only use of such data and the derived performance information about providers and suppliers be in reports in an aggregate form, released and made available to the public, after first making such reports available to any identified provider or supplier and affording an opportunity to appeal and correct errors. The statute also instructs the Secretary to take such actions as she deems necessary to protect the identity of individual beneficiaries, and authorizes her to establish additional requirements that she may specify for QEs to meet, such as ensuring the security of data. The Medicare claims extracts are to be made available to QEs at a fee equal to the cost of making such data available (the fees will be deposited into the Part B Trust Fund).Start Signature
Dated: October 12, 2011.
Deputy Chief Operating Officer, Centers for Medicare & Medicaid Services.
[FR Doc. 2011-27149 Filed 10-19-11; 8:45 am]
BILLING CODE 4120-03-P