Skip to Content

We invite you to try out our new beta eCFR site at We’ve made big changes to make the eCFR easier to use. Be sure to leave feedback using the 'Feedback' button on the bottom right of each page!


Request for Information: Certification Frequency and Requirements for the Reporting of Quality Measures Under CMS Programs

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Enhanced Content

Relevant information about this document from provides additional context. This information is not part of the official Federal Register document.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


Centers for Medicare & Medicaid Services (CMS), HHS.


Request for information.


This request for information seeks public comment regarding several items related to the certification of health information technology (IT), including electronic health records (EHR) products used for reporting to certain CMS quality reporting programs such as, but not limited to, the Hospital Inpatient Quality Reporting (IQR) Program and the Physician Quality Reporting System (PQRS). In addition, we are requesting feedback on how often to require recertification, the number of clinical quality measures (CQMs) a certified Health IT Module should be required to certify to, and testing of certified Health IT Module(s).


To be assured consideration, comments must be received at one of the addresses provided below, no later than 5 p.m. on February 1, 2016.


In commenting, refer to file code CMS-3323-NC. Because of staff and resource limitations, we cannot accept comments by facsimile (FAX) transmission.

You may submit comments in one of four ways (please choose only one of the ways listed):

1. Electronically. You may submit electronic comments on this regulation to Follow the “Submit a comment” instructions.

2. By regular mail. You may mail written comments to the following address ONLY: Centers for Medicare & Medicaid Services, Department of Health and Human Services, Attention: CMS-3323-NC, P.O. Box 8013, Baltimore, MD 21244-8013.

Please allow sufficient time for mailed comments to be received before the close of the comment period.Start Printed Page 81825

3. By express or overnight mail. You may send written comments to the following address ONLY: Centers for Medicare & Medicaid Services, Department of Health and Human Services, Attention: CMS-3323-NC, Mail Stop C4-26-05, 7500 Security Boulevard, Baltimore, MD 21244-1850.

4. By hand or courier. Alternatively, you may deliver (by hand or courier) your written comments ONLY to the following addresses:

a. For delivery in Washington, DC—Centers for Medicare & Medicaid Services, Department of Health and Human Services, Room 445-G, Hubert H. Humphrey Building, 200 Independence Avenue SW., Washington, DC 20201.

(Because access to the interior of the Hubert H. Humphrey Building is not readily available to persons without Federal government identification, commenters are encouraged to leave their comments in the CMS drop slots located in the main lobby of the building. A stamp-in clock is available for persons wishing to retain a proof of filing by stamping in and retaining an extra copy of the comments being filed.)

b. For delivery in Baltimore, MD—Centers for Medicare & Medicaid Services, Department of Health and Human Services, 7500 Security Boulevard, Baltimore, MD 21244-1850.

If you intend to deliver your comments to the Baltimore address, call telephone number (410) 786-9994 in advance to schedule your arrival with one of our staff members.

Comments erroneously mailed to the addresses indicated as appropriate for hand or courier delivery may be delayed and received after the comment period.

Start Further Info


Lisa Marie Gomez, 410-786-1175.

End Further Info End Preamble Start Supplemental Information


Inspection of Public Comments: All comments received before the close of the comment period are available for viewing by the public, including any personally identifiable or confidential business information that is included in a comment. We post all comments received before the close of the comment period on the following Web site as soon as possible after they have been received: Follow the search instructions on that Web site to view public comments.

Comments received timely will also be available for public inspection as they are received, generally beginning approximately 3 weeks after publication of a document, at the headquarters of the Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, Maryland 21244, Monday through Friday of each week from 8:30 a.m. to 4 p.m. To schedule an appointment to view public comments, phone 1-800-743-3951.

I. Background

The Health Information Technology for Economic and Clinical Health Act (Title IV of Division B of the American Recovery and Reinvestment Act of 2009 (ARRA) and Title XIII of Division A of the ARRA) authorizes incentive payments under Medicare and Medicaid for the adoption of and meaningful use of certified EHR technology (CEHRT) and downward payment adjustments under Medicare for failure to demonstrate meaningful use. Eligible professionals (EPs), eligible hospitals, and critical access hospitals (CAHs) that seek to qualify for incentive payments or avoid negative payment adjustments under the Medicare and Medicaid EHR Incentive Programs are required to use CEHRT. Some CMS quality reporting programs, such as the Hospital Inpatient Quality Reporting (IQR) Program and Physician Quality Reporting System (PQRS), either require or provide the option to use certified EHR technology, as defined under the EHR Incentive Program, for reporting quality data.

The Office of the National Coordinator for Health Information Technology's (ONC's) “2015 Edition Health Information Technology (Health IT) Certification Criteria, 2015 Edition Base Electronic Health Record (EHR) Definition, and ONC Health IT Certification Program Modifications Final Rule” (80 FR 62601) (2015 Edition final rule), establishes the capabilities and specifies the related standards and implementation specifications that CEHRT needs to include to support the achievement of meaningful use by EPs, eligible hospitals, and CAHs. ONC's Health IT Certification Program provides a process by which Health IT Module(s) can be certified so that they meet the standards, implementation specifications, and certification criteria that have been adopted by the Secretary. CEHRT is defined for the Medicare and Medicaid EHR Incentive Programs in 42 CFR 495.4. The definition establishes the requirements for EHR technology that must be used by providers to meet the MU objectives and measures or to qualify for an incentive payment under Medicaid for adopting, implementing, or upgrading CEHRT. For example, a Health IT Module is presented for certification to a criterion with a percentage-based measure and the Health IT Module can meet the “automated numerator recording” criterion or “automated measure calculation” criterion. The CQM data reported to us must originate from EHR technology that is certified in accordance with the ONC Health IT Certification Program's requirements (77 FR 54053).

As stated in the Medicare and Medicaid Programs; Electronic Health Record Incentive Program—Stage 3 and Modifications to Meaningful Use in 2015 through 2017 final rule (80 FR 62894), in 2017, all EPs, eligible hospitals, and CAHs have two options to report CQM data, either through attestation or use of established methods for electronic reporting where feasible. However, starting in 2018, EPs, eligible hospitals, and CAHs participating in the Medicare EHR Incentive Program must electronically report CQMs using CEHRT where feasible; and attestation to CQMs will no longer be an option except in certain circumstances where electronic reporting is not feasible.

II. Solicitation of Comments

We are soliciting public input on the following areas of certification and testing of health IT, particularly relating to how often to require recertification, the number of CQMs a certified Health IT Module should be required to certify to, and the testing of certified Health IT Module(s) in order to reduce the burden and further streamline the process for providers and health IT developers while ensuring such products are certified and tested appropriately for effectiveness. The feedback will inform CMS and ONC of elements that may need to be considered for future rules relating to the reporting of quality measures under CMS programs. This request for information is part of the effort of CMS to streamline/reduce EP, eligible hospital, CAH, and health IT developer burden.

A. Frequency of Certification

We conduct an annual analysis of CQM specifications in order to ensure measure efficacy, accuracy, and clinical relevance. Any updates to the calculation of a CQM through this process are released with the annual updates to the electronic specifications for EHR submission published by CMS (​Regulations-and-Guidance/​Legislation/​EHRIncentivePrograms/​eCQM_​Library.html). Because we require the most recent version of the CQM specifications to be used for electronic reporting methods (79 FR 67906 and 80 FR 49760), we understand that health IT developers must make CQM updates annually and providers must regularly implement those updates to stay current with the most recent CQM version. To Start Printed Page 81826ensure accuracy of the implementation of these updates, we have considered requiring recertification of already certified EHR products with these annual updates. We understand that standards for electronically representing CQMs continue to evolve, and believe there may be value in retesting certified Health IT Modules (including CEHRT) periodically to ensure that CQMs are being accurately calculated and represented, and that they can be reported as required. However, we have not required this recertification to date. With the continuing evolution of technology and clinical standards, as well as the need for a predictable cycle from measure development to provider data submission, we indicated, in the Fiscal Year (FY) 2016 Hospital Inpatient Prospective Payment Systems (IPPS) and Long-term Care Hospital (LTCH) Prospective Payment System (PPS) final rule (80 FR 49760) (hereinafter referred to as the FY 2016 IPPS/LTCH PPS final rule), that we would be issuing a request for information on the establishment of an ongoing cycle for the introduction and certification of new measures, the testing of updated measures, and the testing and certification of submission capabilities.

While we believe that health IT developers should test and certify their products to the most recent version of the electronic specifications for the CQMs when feasible, we understand the burdens associated with this requirement and therefore, have not historically required re-certification of previously certified products when updates are made to CQM electronic specifications or to the standards required for reporting. During the FY 2016 IPPS/LTCH PPS rulemaking process, we received comments and requests from stakeholders to change this policy. We acknowledge that the certification process can be burdensome to health IT developers and believe that annual certification could compress the timeline for CQM and standard updates. We also acknowledge that stakeholders and providers reporting electronic CQMs have an interest in ensuring that their Health IT Module is tested and certified to the most recent version of electronic CQM specifications. We are soliciting feedback regarding testing and recertification, particularly relating to: The requirement for CEHRT products to be recertified when a new version of the CEHRT is available in order to ensure the accuracy of implementation; and the requirement for Health IT Modules to undergo annual CQM testing through CMS approved testing tools and the ONC Health IT Certification Program. We are also seeking comment on the following.

  • What is the burden (both time and money) of additional testing and recertification?
  • What are the benefits of requiring additional testing and recertification?
  • How will it affect the timeline for CQM and standard updates?
  • What are the benefits and challenges of establishing a predictable cycle from measure development to provider data submission?

B. Changes to Minimum CQM Certification Requirements

The Medicare and Medicaid Programs; Electronic Health Record Incentive Program—Stage 3 and Modifications to Meaningful Use in 2015 through 2017 final rule (80 FR 62761) specifies the meaningful use criteria that EPs, eligible hospitals, and CAHs must meet in order to qualify for Medicare and Medicaid EHR incentive payments and avoid downward payment adjustments under Medicare. We believe EHRs should be certified to more than the minimum number of CQMs as required by the ONC 2014 Edition Base EHR definition of a minimum of 9 CQMs for EPs or 16 for eligible hospitals and CAHs (80 FR 16771, see also 45 CFR 170.102). With health IT developers having EHRs certified to the minimum number of CQMs, EPs, eligible hospitals, and CAHs may have limited CQMs available to them and may not be able to report on CQMs that are applicable to their patient population or scope of practice. As stated in the preamble of the final rule (80 FR 62895), we believe EPs, eligible hospitals, and CAHs should have a choice of which CQMs to report so that they can report on those CQMs most applicable to their patient population or scope of practice. Accordingly, we are soliciting comment on the following policy options that could provide greater choice for EPs, eligible hospitals, and CAHs. Specifically, we are soliciting comment on: The feasibility of health IT developers complying with the requirements of each option in the first year in which the requirements would become effective; the impact of each option on EPs, eligible hospitals/CAHs, and health IT developers; and what we would need to consider when assessing each of these options.

  • Option 1: Require EP health IT developers to certify Health IT Modules to all CQMs in the EP selection list; and require eligible hospital/CAH health IT developers to certify to all CQMs in the selection list for eligible hospitals and CAHs.
  • Option 2: Incrementally increase the number of CQMs required to be certified each year until Health IT Modules are certified for all CQMs available for reporting by EPs, eligible hospitals, and CAHs to meet their CQM reporting requirements. For Option 2, we invite input on the advantages and disadvantages of an incremental increase in the number of CQMs required to be certified each year.
  • Option 3: Require EP health IT developers to certify health IT products to more than the current minimum number of CQMs required for reporting, but not to all available CQMs.

For Option 3, we invite stakeholders' input regarding the following approaches that are specific examples of implementation of the policy goal:

  • Option A: An approach that would set a minimum number of measures health IT developers must certify to for EP settings or eligible hospital/CAH settings that is greater than the minimum number required for provider reporting. For example, EP health IT developers could be required to certify to a minimum of 15 measures, and eligible hospital/CAH health IT developers could be required to certify to a minimum number of 25 measures. We note that these numbers are provided as examples only, and we solicit comment on the appropriate number health IT developers could be required to certify to. Under this approach, health IT developers could choose from any measures in the list of available CQMs.
  • Option B: An EP-specific approach that would require an EP health IT developer to certify to all the measures in a core/required set and all the measures in at least one specialty measure set relevant to the scope of practice for which the product is intended. We are looking for feedback on the general concept of requiring health IT developers to ensure that they are certified to the types of measures that are most relevant to their client base. For example, if a product serves multiple specialties, then it needs to be certified to the measures that are most likely needed by all of the specialties it serves. On the other hand, if the product is a niche product, such as a dental product, then it only needs to be certified to the measures that are relevant for that particular section of the market. As another example, we have provided a pediatric recommended core set [1] and an adult recommended core Start Printed Page 81827set [2] of measures. Note that none of the measures in the core sets are currently required for health IT developer certification, but only recommended. We solicit comment on whether we should require health IT developers to certify to all the measures in a core set depending on whether the product is intended to serve pediatric or adult settings. We are considering a structure for providing specialty measure sets similar to those recommended under the PQRS [3] which have been developed by CMS together with specialty societies. These specialty measure sets have been developed to ensure that measures represented within Specialty Measure Sets accurately illustrate measures that are relevant within a particular clinical area. While soliciting general comment on this proposed alternate approach, we recognize that there may not be a specialty measure set for every specialty type eligible to participate in the EHR Incentive Programs. We are working on increasing the number of specialties for which there is a Specialty Measure Set in PQRS, but solicit comment on what additional specialties would benefit from a Specialty Measure Set and whether there are efforts underway to establish a list we could consider for our programs. We also acknowledge that there may not be e-specified CQMs available for every Specialty Measure Set and solicit comments on whether this approach would achieve the desired goal for all specialty types to have certified measures relevant to their scope of practice available in their certified Health IT Module.
  • Option C: Another approach with 3 options from which a health IT developer must choose one:

++ Multispecialty health IT developer—certifies all CQMs.

++ Primary care health IT developer—certifies a set of primary care CQMs.

++ Specialty provider health IT developer—certifies a minimum number of CQMs on an “a la carte” basis.

For this approach, we solicit comment on the number of measures that would be reasonable to require for certification under the “primary care health IT developer” option as well as the “specialty provider health IT developer” option. We invite general comment on this overall approach.

We are soliciting public input on other ways of grouping or classifying measures to ensure applicability and selection for providers. For example, one method of grouping measures could be by those that are invasive (for example, surgical), non-invasive, and cognitive. Another method could be by setting of care/venue.

As stated in the Medicare and Medicaid Programs; Electronic Health Record Incentive Program—Stage 3 and Modifications to Meaningful Use in 2015 through 2017 final rule (80 FR 62895), any specific proposals for the number of measures vendors would be required to certified to would be outlined in separate notice and comment rulemaking such as the Physician Fee Schedule or Inpatient Prospective Payment Systems rules.

C. CQM Testing and Certification

ONC offers health IT certification for CQMs to record and export, import and calculate, and electronically report CQMs through its ONC Health IT Certification Program. This year, ONC has adopted a new edition of certification criteria in the 2015 Edition final rule (80 FR 62601). One objective of testing for the 2015 Edition CQM criteria (80 FR 62651) is to increase testing robustness (for example, increasing number of test records, robustly testing pathways by which a patient can enter the numerator or denominator of a measure), thereby ensuring that all certified products have capabilities commensurate to the increased requirements enumerated in the 2015 Edition final rule.

In the 2011 and 2014 Editions of certification criteria, the certification program sought to test basic capabilities and minimum requirements. Our expectation is that as time progresses and technology improves, EHR systems will have to demonstrate they are able to perform to increasing levels of complexity, including requirements to identify errors, consume larger numbers of test cases, and demonstrate stricter adherence to standards. This is to ensure that investments into certified products yield the functionality expected to improve health care. Certification criteria also includes optional and required elements that allow end users and quality improvement leaders to view, filter, and export quality measure data. These data enable point-of-care, iterative quality improvement efforts to identify patients whose care and conditions are not compliant with evidence-based guidelines, take action to improve their engagement with care processes, and achieve better outcomes.

CMS and ONC's Health IT Certification Program test CQM functionality (for example, by testing a health IT system's ability to import, export, capture, calculate, and report CQM data according to certain standards) through the Cypress Testing and Certification Tool by enabling repeatable and rigorous testing of a product's capability to accurately calculate CQMs.[4] There are potential areas of improvement to increase the robustness of that testing. Therefore, we are requesting information on the following:

  • What changes to testing are recommended (or are not recommended) to increase testing robustness?
  • How could CMS and ONC determine how many test cases are needed for adequate test coverage?
  • Are there recommendations for the format of test cases that could be entered both manually and electronically?
  • What kind of errors should constitute warnings rather than test failures?
  • Are there recommendations for or against single measure testing?
  • How could the test procedures and certification companion guides published by ONC be improved to help you be more successful in preparing for and passing certification testing?

CMS and ONC believe that increased testing robustness adds value to the process of certification, but acknowledge that it would increase health IT developer burden in certifying their products. Therefore, we welcome comments on the following:

  • How can the CQM certification process be made more efficient and how can the certification tools and resources be augmented or made more useable?
  • What, if any, adverse implications could the increased certification standards have on providers?
  • What levels of testing will ensure that providers and other product purchasers will have enough information on the usability and effectiveness of the tool without unduly burdening health IT developers?
  • Would flexibility on the vocabulary codes allowed for test files reduce burden on health IT developers?
  • What are other ways in which the Cypress testing tool could be improved?
  • When 45 CFR 170.315(c)(1) requires users to export quality measure data on demand, how would you want that to be accessed by users and what characteristics are minimally required to make this feature useful to end users?
  • ONC finalized a 2015 Edition certification criterion for filtering of CQMs (45 CFR 170.315(c)(4)) to the following filters:Start Printed Page 81828

++ Taxpayer Identification Number (TIN).

++ National Provider Identifier (NPI).

++ Provider type.

++ Practice site address.

++ Patient insurance.

++ Patient age.

++ Patient sex.

++ Patient race and ethnicity.

++ Patient problem list data.

How useful are the “filtering” criteria to end users of systems for the purpose of safety and quality improvement? To quality improvement staff and organizations?

  • Are there additional filters/data would be helpful to stratify CQM-Filters (45 CFR 170.315(c)(4)) data by?
  • What, if anything additional, regarding this testing/certification should be published via the Certified Health IT Product List?

III. Collection of Information Requirements

This document does not impose information collection requirements, that is, reporting, recordkeeping or third-party disclosure requirements. Consequently, there is no need for review by the Office of Management and Budget under the authority of the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.).

IV. Response to Comments

Because of the large number of public comments we normally receive on Federal Register documents, we are not able to acknowledge or respond to them individually. We will consider all comments we receive by the date and time specified in the DATES section of this preamble, and, when we proceed with a subsequent document, we will respond to the comments in the preamble to that document.

Start Signature

Dated: December 3, 2015.

Andrew M. Slavitt,

Acting Administrator, Centers for Medicare & Medicaid Services.

End Signature End Supplemental Information


[FR Doc. 2015-32931 Filed 12-30-15; 8:45 am]