Download:
pdf |
pdf2 01 2
OP E RATIONS
MAN UAL
U . S . D E PA R T M E N T O F H E A L T H & H U M A N S E R V I C E S
CENTERS FOR MEDICARE & MEDICAID SERVICES
�
�20 1 2
OP E RATIONS
MAN UAL
U . S . D E PA R T M E N T O F H E A L T H & H U M A N S E R V I C E S
CENTERS FOR MEDICARE & MEDICAID SERVICES
JANUARY 9, 2012
��
Table of Contents
TABLE OF CONTENTS
SECTION 1. OVERVIEW ............................................................................................................ 1
1.1 ACA Section 10332: Medicare Data for Performance Measurement ............................ 3
1.1.1 Background ......................................................................................................... 3
1.1.2 Principles of the QECP ........................................................................................ 4
1.1.3 QECP Operations ................................................................................................ 5
1.2 Operations Manual ......................................................................................................... 5
1.2.1 Operations Manual Annual Releases ................................................................. 5
1.2.2 Operations Manual Update Releases ................................................................. 6
1.2.3 Where to Find Specific Information in the 2012 Operations Manual ................ 6
1.3 Program Participation Requirements ............................................................................. 8
1.3.1 Requirements ..................................................................................................... 8
1.3.2 Estimated Timeframes ....................................................................................... 8
1.4 Evaluation, Monitoring, and Oversight .......................................................................... 9
1.5 Medicare Data ................................................................................................................ 9
SECTION 2. POLICIES AND PROCEDURES ................................................................................ 11
2.0 Introduction to QECP Standards .................................................................................. 13
2.1 Standard 1 – Applicant Profile ...................................................................................... 13
2.2 Standard 2 – Data Sources ........................................................................................... 13
2.3 Standard 3 – Data Security and Privacy ....................................................................... 14
2.4 Standard 4 – Methodology for Measurement and Attribution ................................... 14
2.5 Standard 5 – Measure Selection .................................................................................. 14
2.5.1 Standard Measures .......................................................................................... 15
2.5.2 Alternative Measures ....................................................................................... 15
2.6 Standard 6 – Verification Process ................................................................................. 16
2.7 Standard 7 – Reporting of Performance Information .................................................. 16
2.8 Standard 8 – Requests for Corrections or Appeals ...................................................... 17
2.9 Evaluation, Monitoring, and Oversight of QEs ............................................................. 17
2.9.1 Evaluation ......................................................................................................... 18
2.9.2 Monitoring ........................................................................................................ 18
2.9.3 Oversight .......................................................................................................... 19
2.10 Application Submission .............................................................................................. 19
2.10.1 QECP Portal .................................................................................................... 19
2.10.2 Applying for the QECP .................................................................................... 20
2.10.3 QECP Portal Technical Support ...................................................................... 22
2.11 Application Review Process ........................................................................................ 22
2.11.1 Prospective Applicant Completes Registration and Application Form .......... 23
2.11.2 Confirm Intent and Planned Submission ........................................................ 23
2.11.3 Application Is Submitted ................................................................................ 23
2.11.4 Application Is Validated .................................................................................. 23
2.11.5 Application Is Reviewed ................................................................................. 23
2.11.6 Review Team Holds Conference Call with Applicant ..................................... 23
2012 Operations Manual
�Table of Contents
2.11.7 CMS Decision Is Rendered .............................................................................. 24
2.11.8 Applicant Is Notified of Outcome ................................................................... 24
2.12 Application Review Outcomes ................................................................................... 25
2.12.1 Qualified ......................................................................................................... 25
2.12.2 Not Qualified .................................................................................................. 25
2.13 Medicare Data: Applying for Access and Data Delivery ............................................. 26
2.13.1 Applying for Access to Medicare Data ........................................................... 26
2.13.2 Medicare Data Delivery to QEs ...................................................................... 26
2.14 How to Report Changes .............................................................................................. 27
2.14.1 Changes Impacting Publicly Reported Performance Information ................. 27
2.14.2 Governance Changes ...................................................................................... 28
2.15 Maintaining and Losing Certification Status .............................................................. 28
2.15.1 Expiration and Renewal .................................................................................. 28
2.15.2 Suspension and Termination .......................................................................... 28
2.15.3 Reconsideration .............................................................................................. 29
2.15.4 Voluntary Forfeiture ....................................................................................... 29
2.15.5 Consequences for QEs with Negative Findings/Non‐Compliance ................. 29
SECTION 3. MINIMUM REQUIREMENTS ................................................................................. 31
3.0 Introduction to QECP Minimum Requirements ........................................................... 33
3.1 Standard 1 – Applicant Profile ...................................................................................... 34
3.2 Standard 2 – Data Sources ........................................................................................... 35
3.3 Standard 3 – Data Security ........................................................................................... 36
3.4 Standard 4 – Methodology for Measurement and Attribution ................................... 41
3.5 Standard 5 – Measure Selection .................................................................................. 46
3.6 Standard 6 – Verification Process ................................................................................. 47
3.7 Standard 7 – Reporting of Performance Information .................................................. 48
3.8 Standard 8 – Requests for Corrections/Appeals .......................................................... 49
APPENDICES
Appendix A: QECP Process Flow
Appendix B: Paper‐based QE Application Form
Appendix C: Qualified‐Conditional Status
Appendix D: QECP Portal User’s Guide
Appendix E: Glossary
2012 Operations Manual
�
Table of Exhibits
TABLE OF EXHIBITS
Exhibit 1: QE Online Application Form Screenshot....................................................................... 21
Exhibit 2: Components of the Minimum Requirements ............................................................... 33
Exhibit 3: How to Request a Qualified‐Conditional Certification Review .................................... C‐4
2012 Operations Manual
��2012
OPERATIONS
MANUAL
SECTION 1.
OVERVIEW
��
Overview 3
1.1 ACA SECTION 10332: MEDICARE DATA FOR PERFORMANCE
MEASUREMENT
1.1.1 Background
In recent years, a growing number of measurement organizations, health plans, and provider
networks, among other entities,1 have conducted a wide range of performance improvement
activities and have endeavored to report on the performance of providers. However, these
initiatives have mostly been conducted without the benefit of Medicare fee‐for‐service claims
data and therefore omit the largest payer of health care services. Effective January 1, 2012,
Section 10332 of the Affordable Care Act (ACA) amends Section 1874 of the of the Social
Security Act by adding a new subsection (e) requiring standardized extracts of Medicare Parts A
and B claims data and Part D drug event data to be made available to ‘‘qualified entities’’ (QEs)
to evaluate the performance of providers of services (providers) and suppliers. QEs are
required to use the information to disseminate CMS‐approved public reports regarding the
performance of providers and suppliers.
Reports incorporating Medicare fee‐for‐service claims data into performance initiatives will
increase the transparency of provider and supplier performance and be an important driver for
improving quality and reducing costs in the Medicare program and the health care system in
general. While providing credible and valid information to the public, a program that certifies
entities as QEs must also ensure the privacy of Medicare beneficiaries, the security of Medicare
data, and fairness to those whose performance is being measured and reported.
To develop a program for entities to become recognized as QEs and to balance the needs of the
various stakeholders, CMS solicited public comments through a public Listening Session held on
September 20, 2010, and through reactions to the Proposed Rule on “Medicare Program;
Availability of Medicare Data for Performance Measurement,” published in the Federal Register
on June 8, 2011. After input from a wide variety of stakeholders, the “Medicare Program;
Availability of Medicare Data for Performance Measurement” (hereinafter called the “Final
Rule”) was published in the Federal Register on December 7, 2011 (42 CFR, Part 401, Subpart
G).
The Final Rule establishes the criteria that entities must satisfy to obtain QE certification and
sets forth CMS’ expectations for maintaining certification. In particular, the rule provides
requirements for entities in the following areas:
Organizational structure and governance criteria, including necessary experience and
expertise in the measures entities intend to use;
Expertise in combining Medicare claims data with claims data from other sources; and
Expertise in establishing rigorous data privacy and security programs
1
Selected terms in bold font are defined in the Glossary (Appendix E).
2012 Operations Manual
�4 Overview
The Qualified Entity Certification Program for Medicare Data (QECP) was developed to
implement the Final Rule. This Operations Manual is intended to guide entities through the
QECP. It includes all CMS requirements that prospective applicants must meet to become
certified as QEs and to maintain their QE status, as well as step‐by‐step instructions on the
application process. It is intended to be used as a resource by prospective applicants,
applicants, QEs, and other stakeholders interested in the functioning of the program.
1.1.2 Principles of the QECP
The QECP is designed to evaluate existing performance reporting entities for their ability to
function as QEs and, contingent on the entities meeting or exceeding certain standards, to
provide them with Medicare data to enhance their current performance measurement efforts.
The following principles guided the development of the QECP:
Public reporting of provider and supplier performance: Performance reports produced
by qualified entities will be an important driver of improving quality and reducing costs
in Medicare as well as in the health care system in general. The QECP will increase the
transparency of provider and supplier performance while ensuring beneficiary privacy.
Transparency: To ensure the credibility of the measures—both to those who are
evaluated and to those who make use of the results—the performance reporting
process must be sufficiently transparent. QEs must provide detailed, clear descriptions
of the methodologies they will use to evaluate the performance of providers and
suppliers. Providers and suppliers must have confidence that the results are accurate.
Reports generated by the QEs may not be released to the public until the providers and
suppliers have had the opportunity to review them and request corrections.
Performance reports, containing clear descriptions of the methodologies used, must be
made available to the public.
Standardization and Sound Methodology of Measures: Standardized and well‐specified
measures that follow tested methodologies allow results to be compared credibly across
providers or organizations. Qualified entities are required to use standard measures or
approved alternative measures for evaluating the performance of providers and
suppliers.
Privacy and Protection: The success of the QECP hinges on the ability of CMS to provide
Medicare data to QEs for performance reporting while protecting the identities of
Medicare beneficiaries throughout every phase of the process. It is of the utmost
importance to CMS that beneficiary identifiable health information remains private and
secure. Later sections of this manual provide a detailed explanation of the rigorous
administrative, technical, and physical data security and privacy program policies and
requirements.
Evaluation, Monitoring, and Oversight: CMS has previously never made Medicare Parts
A and B claims data and Part D drug event data available on this scale. Ongoing
evaluation, monitoring, and oversight by CMS are necessary to ensure that QEs have the
infrastructure and policies necessary to meet the program’s requirements and that they
follow best practices once they receive Medicare data.
2012 Operations Manual
�
Overview 5
1.1.3 QECP Operations
CMS contracted with IMPAQ International, LLC and its partners (the QECP team) to assist in
developing, implementing, and managing the QECP. The team includes:
IMPAQ International, LLC (IMPAQ), a research organization with demonstrated expertise
in performance measurement, program evaluation, handling and processing of
Medicare claims, and management of large multi‐task CMS projects;
National Committee for Quality Assurance (NCQA), a recognized leader in health care
performance measurement development, implementation, and evaluation, with 20
years of experience helping health care entities define methods for ongoing
improvement;
NORC at the University of Chicago (NORC), a research organization with significant
expertise in privacy and data confidentiality and systems security with particular
experience in Medicare and Medicaid data; and
Buccaneer Computer Systems & Services (Buccaneer), a company highly experienced in
data infrastructure, data management, and delivery of CMS data, including the national
Medicare and Medicaid research database (Chronic Condition Data Warehouse).
Drawing on its considerable expertise with Medicare claims data, performance and reporting
standards, and collaboration with a wide variety of stakeholders, the QECP team worked closely
with CMS to develop minimum requirements for the QECP and to establish processes for
receiving and reviewing applications for QE certification. Under the guidance of CMS, the QECP
team will update and refine QECP requirements; provide technical assistance to applicants and
QEs; establish post‐QE certification evaluation, monitoring, and oversight; and ensure the
overall successful implementation of the QECP.
1.2 OPERATIONS MANUAL
The Operations Manual is the key information and procedural reference document for all
entities and individuals interested in the purpose and function of the QECP. The purpose of the
Operations Manual is to translate the policy outlined in the Final Rule into concise
requirements and procedures so that the main objective of ACA Section 10332 is met, namely,
that QEs receive Medicare data to evaluate the performance of providers and suppliers while
ensuring privacy for beneficiaries and fairness for providers and suppliers. To this end, the
Operations Manual includes an overview of the fundamental aspects of the QECP; the
minimum qualifications that an interested entity must meet to become a certified QE; and the
policies and procedures that must be followed for an entity to maintain certification as a QE.
1.2.1 Operations Manual Annual Releases
The Operations Manual will be released annually. This first annual Operations Manual (2012
Operations Manual) includes all necessary information and procedures for first‐time QE
2012 Operations Manual
�6 Overview
applicants for certification. Its publication satisfies the Federal mandate that Section 10332 of
the ACA become effective as of January 1, 2012.
The 2013 Operations Manual, which will be available in February 2013, will include updates to
the program, and specify in more detail the criteria for monitoring and oversight, which will
commence after the evaluation phase, at the earliest, in 2013. Such criteria may include
requirements for QE annual report submissions, information systems assessment, supporting
documentation submissions, and quality assurance plans.
1.2.2 Operations Manual Update Releases
After each annual release of the Operations Manual, an Operations Manual Update will be
released as a stand‐alone document, typically within several months of the annual Operations
Manual release. The update will provide any needed clarifications or additional program
requirements not covered in the Operations Manual. Prospective applicants and QEs will be
required to incorporate and adhere to the requirements in the annual update once it is
released.
The 2012 Operations Manual Update will be released during the second quarter of 2012.
Because this is the first year of the QECP, the update will provide more detail about evaluation
requirements subsequent to QE certification and prior to the QE releasing public performance
reports. Thus, this update will present the requirements beyond the minimum requirements
assessed in the application that QEs must meet prior to releasing their first performance
reports under the QECP.
1.2.3 Where to Find Specific Information in the 2012 Operations Manual
See the Overview
An overview of QECP participation requirements
(Section 1) for…
An overview of the evaluation, monitoring, and oversight
features of the QECP
A description of Medicare Parts A and B claims data and
Part D drug event data
See the Policies and
Procedures (Section 2)
for…
2012 Operations Manual
Information on organizations eligible for QE certification
Policies related to the following eight program standards:
Applicant Profile, Data Sources, Data Security and Privacy,
Methodology for Measurement and Attribution, Measure
Selection , Verification Process, Reporting of Performance
Information, and Requests for Corrections or Appeals
How to apply to become a QE
Technical assistance information for the QECP application
process
�
Overview 7
Step‐by‐step details of the application review process,
including timeline
Application review outcomes and notifications
How to request Medicare data after QE certification
An explanation of how Medicare data will be encrypted
and transferred to QEs upon certification
Technical assistance information for Medicare data and
data transfer
How to report governance and public reporting changes to
QECP and which changes must be reported
QE evaluation, monitoring, and oversight components
Maintaining/losing QE certification status
Consequences for non‐compliance with QECP regulations
See the Minimum
Qualifications/Standards
(Section 3) for…
The standards that entities must meet to become a QE
The elements that constitute each standard
The assessments to be performed by application reviewers
to determine compliance with each element
Recommended evidence for demonstrating an entity’s
compliance with each element
See the Appendices for…
A diagram of the QECP process
The QE application form, including a summary table of the
QECP minimum requirements
Qualified, conditional status application process
Instructions on how to navigate the QECP Portal (User’s
Guide)
Glossary of terms used in the Operations Manual
Other Important
Information
General information about the Medicare Data for
Performance Measurement initiative, the QE application,
and frequently asked questions (FAQs) related to the
application process: http://www.QEMedicareData.org
Final Rule: http://www.gpo.gov/fdsys/pkg/FR‐2011‐12‐
07/pdf/2011‐31232.pdf
Patient Protection and Affordable Care Act (see Section
10332): http://www.gpo.gov/fdsys/pkg/BILLS‐
111hr3590pp/html/BILLS‐111hr3590pp.htm
2012 Operations Manual
�8 Overview
General information about the Medicare Data for
Performance Measurement initiative, Data Use Agreement
instructions, payment processing, Medicare data training
opportunities, and data corrections procedures:
http://www.resdac.org/QEMedicareData.asp
CMS general information page for the Medicare Data for
Performance Measurement initiative, which also directs
individuals to the appropriate resources for applying to
become a QE and requesting Medicare data:
http://www.cms.gov/QEMedicareData
1.3 PROGRAM PARTICIPATION REQUIREMENTS
1.3.1 Requirements
To participate in the QECP, entities must:
Apply for and receive QE certification:
https://www.QEMedicareData.org/SitePages/register.aspx;
Submit a data request packet, including a Data Use Agreement (DUA), and obtain CMS
approval: http://www.resdac.org/docs/CMS‐R‐0235‐QE‐508‐user.pdf;
Submit payment to CMS for the fees to cover the cost of the Medicare data:
http://www.resdac.org/QEMedicareData.asp; and
Comply with the program’s evaluation, monitoring, and oversight requirements.
Entities that apply for and meet the set of minimum requirements, obtain and execute a CMS
Data Use Agreement (DUA), pay the associated fee for data production and delivery, and
comply with evaluation, monitoring, and oversight activities are certified for 3 years. While a
single entity may seek to fulfill all of the program requirements, a qualified entity may also be a
group of two or more entities that use contractual relationships to address any requirements
that a single lead entity may lack. All entities that contract with the lead entity to meet the
requirements of the program and that anticipate use of and access to Medicare data or
beneficiary identifiable data are required to sign the DUA. After the entity has been certified,
the DUA has been approved, payment has been received, and data have been transmitted, the
QE may evaluate and publicly report on the performance of providers and suppliers with
respect to quality, efficiency, effectiveness, and resource use measures. Section 2 of this
manual provides additional details about the policies and procedures regarding certification,
data requests, and data transmission.
1.3.2 Estimated Timeframes
The application review process, including CMS’ final outcome decision, is estimated to take up
to 55 business days if all requirements are met during the initial review. For applicants that
2012 Operations Manual
�
Overview 9
require and are granted more time to meet certain standards, the application review process
may take up to 145 business days. After certification, the processes for DUA approval, payment,
and initial data transmission are estimated to take 25 business days.
1.4 EVALUATION, MONITORING, AND OVERSIGHT
Evaluation, monitoring, and oversight begin after an entity has been successfully certified as a
QE and has received standardized data extracts. The evaluation phase occurs after certification
and prior to public reporting. This includes an additional review of specific requirements set
forth in the application to ensure the QE’s capability to continue to meet these requirements
after it integrates Medicare data into its measurement and reporting processes. Approximately
one year following an entity’s certification (thus starting in 2013 for QEs certified in 2012),
monitoring and oversight of the QE will commence. Through monitoring and oversight, CMS will
observe the QE’s processes to promote ongoing compliance. All QEs will be subject to
evaluation, monitoring, and oversight.
A QECP process flow diagram explaining the major program processes from the point of
prospective applicant registration to QE monitoring and oversight may be found in Appendix A.
1.5 MEDICARE DATA
Medicare Parts A and B claims data and Part D drug event data will be provided to the QE for its
CMS‐approved geographic area. These data files will be extracted and delivered by the national
Medicare and Medicaid research database, referred to as the CMS Chronic Condition Data
Warehouse (CCW). State‐specific data files (based on a beneficiary’s state of residence) will be
linked over time by a unique beneficiary identifier (BENE_ID). Although the CCW data files do
not contain beneficiary names, Medicare Health Insurance Claim (HIC) numbers, or Social
Security Numbers (SSN), they are considered identifiable because they contain beneficiary
demographics, such as date of birth, zip code, county, gender, and other information that could
potentially be used to reidentify an individual. For QEs requiring linkage to other data sources
containing name, HIC number, or SSN, the CCW will provide a crosswalk from the BENE_ID to
such variables.
The Medicare Part A claims data consist of fee‐for‐service claims from institutional health care
providers, including inpatient, skilled nursing facility, outpatient, hospice, and home health (see
Glossary, Appendix E, for a description of each type).
The Medicare Part B claims data consist of fee‐for‐service claims from non‐institutional health
care providers, including carrier and durable medical equipment regional carrier (see Glossary,
Appendix E, for a description of each type).
2012 Operations Manual
�10 Overview
The Medicare Part D prescription drug event (PDE) data consist of summary records submitted
by prescription drug plan sponsors. A PDE is recorded each time a beneficiary fills a
prescription.
In addition to the claims data provided to QEs, demographic and enrollment information is
available from the Beneficiary Summary File. This file contains state and county of residence
codes, zip code, date of birth, date of death, sex, race, age, monthly entitlement indicators
(A/B/C/D), reasons for entitlement, state buy‐in indicators, and monthly managed care
indicators (yes/no). From 2006 forward, it also includes variables specific to enrollment in the
Medicare Part D prescription drug program. These variables include a derived race/ethnicity
code, an indicator for Other Credible Drug Coverage, and monthly indicators for Medicare
Advantage Prescription Drug (MA‐PD) or stand‐alone Prescription Drug Plan (PDP) enrollment,
Low Income Subsidy (LIS) enrollment, Retiree Drug Subsidy, and state‐reported dual eligibility
status.
The standard file record layouts for all CCW files may be found at http://www.ccwdata.org/
(see Data Dictionaries tab). The data files provided to QEs will follow this record layout format
but will be segmented by beneficiary’s state of residence (from the Beneficiary Summary File).
State‐specific data files will be provided to QEs only for those states listed in the CMS‐approved
DUA. In addition, if QEs intend to calculate national benchmarks for their performance
measures, they have the option to request 5% national sample files for such purposes.
Section 2.13 of this manual provides additional details regarding data request and data
transmission procedures.
2012 Operations Manual
�2012
OPERATIONS
MANUAL
SECTION 2.
POLICIES AND
PROCEDURES
��
Policies and Procedures 13
2.0 INTRODUCTION TO QECP STANDARDS
Any entity capable of meeting the requirements set forth in the QE application may be certified
as a qualified entity. Qualified entities are not required to be a single legal entity. Multiple
entities may contract with one another to achieve the ability to meet the eligibility standards;
however, there must be one lead entity responsible for the application process and ongoing
certification. The QECP design allows for broad inclusion of all types of entities that currently
evaluate providers and share performance reports with the public. The application
requirements of the program offer a guide to the first steps in verifying whether an entity and
its contracted entities may function as a QE.
Any entity interested in becoming a QE must supply evidence of meeting the following eight
standards:
Applicant Profile
Data Sources
Data Security and Privacy
Methodology for Measurement and Attribution
Measure Selection
Verification Process
Reporting of Performance Information
Requests for Corrections or Appeals
While any public or private entity may apply to be certified as a QE, CMS requires entities to
have established performance reporting programs. Beyond this general description, any entity
or contractually obligated group of entities capable of meeting the minimum requirements may
become a QE. These requirements are summarized in this section, presented in full in Section 3,
and listed in the paper‐based QE Application Form (Appendix B).
2.1 STANDARD 1 – APPLICANT PROFILE
Applicants must demonstrate an understanding of how they plan to use the Medicare data, as
well as an ability to cover the costs associated with functioning as a QE. Applicants must
present information about the type of entity, whether they are applying as a single entity or if
contractual arrangements exist for the purposes of the QECP, and which areas in the United
States they are planning to assess provider or supplier performance.
2.2 STANDARD 2 – DATA SOURCES
This standard assesses the sources and types of claims data to which the applicant has access
for the purposes of QECP performance measurement. Applicants must have at least one
additional source of claims data from relevant geographic (state) areas at the time of
2012 Operations Manual
�14 Policies and Procedures
application (the exception is those entities applying for qualified‐conditional certification: see
Appendix C). While the QECP does not establish an absolute threshold for a minimum amount
of additional claims data, applicants must demonstrate that the amount of claims data, when
combined with the requested Medicare claims data, is adequate to address concerns about
small sample size and reliability. Elements 4C and 4D assess this requirement.
Clinical data may be used when the approved standard or alternative measures specify the use
of clinical data in combination with Medicare claims and other claims data to calculate
performance.
2.3 STANDARD 3 – DATA SECURITY AND PRIVACY
Entities must demonstrate that they have rigorous security and privacy practices in place to
protect the data released to them and have programs in place to enforce and monitor data
security practices. Stringent security and privacy standards must be enforced throughout all
phases of the program, including data receipt or transmission, performance measure
calculation, the provider review and corrections process, and performance reporting (including
all public reporting as well as any other types of more limited reporting). Although applicants
are required to submit any disclosures of beneficiary identifiable information from the past 10
years (or lifetime of the entity if less than 10 years), this disclosure will not automatically
disqualify an entity from participating in the program.
2.4 STANDARD 4 – METHODOLOGY FOR MEASUREMENT AND
ATTRIBUTION
This standard assesses the applicant’s ability to accurately calculate quality and efficiency,
effectiveness, or resource use measures from claims data for measures it intends to calculate
with Medicare data. This includes, for example, assessing the applicant’s ability to adhere to
measure specifications, attribute performance results, and define and identify appropriate peer
groups and benchmarks. The standard further assesses whether, as specified and based on the
applicant’s available claims data (including the requested Medicare claims data), the proposed
measures meet required scientific properties, for example, sufficient sample size, reliability,
and validity. Applicants are only required to submit evidence for Element 4D if they select
efficiency, effectiveness, or resource use measures to evaluate providers or suppliers.
2.5 STANDARD 5 – MEASURE SELECTION
This standard assesses the measures the applicant selects to evaluate providers or suppliers.
This includes an assessment of the scientific properties of the selected measures, for example,
validity and reliability.
2012 Operations Manual
�
Policies and Procedures 15
2.5.1 Standard Measures
Standard measures are claims‐based measures that may be calculated in full or in part from
standardized extracts of Medicare Parts A and B claims data and Part D PDE data and must fall
into one of the following categories:
Measures currently used in CMS programs that include quality measurement: These
measures have been adopted through notice and comment rulemaking that includes a
public comment period. Examples include measures used in the CMS hospital Inpatient
Quality Reporting (IQR) program.
National Quality Forum (NQF)‐endorsed measures: NQF is contracted by the Federal
government under Section 1890(a) of the Social Security Act to establish a portfolio of
quality and efficiency measures for use in public reporting and health care quality
improvement. NQF endorses measures through consensus by seeking the input of
stakeholders across the health care industry as well through public comment. NQF‐
endorsed measures may be found at http://www.qualityforum.org/measures_list.aspx.
Measures endorsed by a CMS‐approved consensus‐based entity: CMS will approve
organizations as consensus‐based entities based on review of documentation of
stakeholder consultation and the measure approval process. The process for approving
consensus‐based entities is currently under development. Interested entities should
check the website http://www.QEMedicareData.org for additional information as the
process is developed.
A reference list of standard measures will be available on http://www.QEMedicareData.org.
However, entities are responsible for independently checking known standard measure sources
for the most complete and up‐to‐date information.
2.5.2 Alternative Measures
Qualified entities generally must use standard measures for evaluating the performance of
providers and suppliers unless the use of alternative measures would be more valid, reliable,
responsive to consumer preferences, cost‐effective, or relevant to dimensions of quality and
resource use not addressed by standard measures. If a standard measure exists for the clinical
or topic area addressed by the alternative measure, the entity must provide detailed scientific
justification for using the alternative measure instead of the standard measure. The alternative
measure will be accepted either through the notice and comment rulemaking process or
through a stakeholder consultation approval process in which entities proposing alternative
measures submit supporting documentation that outlines the consultation and agreement with
appropriate stakeholders in the community. Applicants are not required to select alternative
measures; therefore, applicants are only required to submit evidence for Element 5B if they
select an alternative measure to evaluate providers or suppliers.
2012 Operations Manual
�16 Policies and Procedures
The process for submitting measures for notice and comment rulemaking is currently under
development. Interested entities should check the website http://www.QEMedicareData.org
for additional information as the process is developed.
To obtain approval of an alternative measure by demonstrating stakeholder consultation
approval, the following information must be provided for each alternative measure:
Description of the process by which the entity notified stakeholders in the geographic
region it serves of its intent to seek approval of an alternative measure. Stakeholders
must include a valid cross representation of providers, suppliers, payers, employers, and
consumers.
A list of stakeholders from whom feedback was solicited, including the stakeholders’
names and roles in the community.
A description of the discussion about the proposed alternative measure, including a
summary of all pertinent arguments supporting and opposing the measure.
An explanation, backed by scientific evidence, which demonstrates that the measure is
more valid, reliable, responsive to consumer preferences, cost‐effective, or relevant to
dimensions of quality and resource use than existing standard measures.
If a newly endorsed standard measure is equivalent to an approved alternative measure, within
6 months of the standard measure’s endorsement QEs must either transition to the standard
measure or submit scientific justification and receive approval to continue use of the
alternative measure. Additional information regarding this transition will be available in the
2012 Operations Manual Update, to be released during the second quarter of 2012.
QEs may request approval to modify approved standard and alternative measures or add new
measures to their QECP reporting activities. However, QEs may not report modified or new
measures until they receive approval from CMS (see Section 2.14). The requirements QEs must
meet for final approval of modified or new measures will be described in the 2012 Operations
Manual Update (to be released during the second quarter of 2012).
2.6 STANDARD 6 – VERIFICATION PROCESS
This standard assesses the applicant’s ability to verify and correct measurement and reporting
errors and processes. The verification or quality assurance process must be performed at least
annually.
2.7 STANDARD 7 – REPORTING OF PERFORMANCE INFORMATION
This standard assesses the applicant's dissemination plan and report prototypes, including the
narrative language the applicant plans to use in the reports to describe the data and results.
The dissemination plan must describe the entity’s proposed information dissemination
2012 Operations Manual
�
Policies and Procedures 17
strategy. If QEs intend to release different reports to the public and to providers and suppliers,
both report prototypes, including the narrative language, must be submitted as part of the
application.
Because QEs may alter their final dissemination approach and report prototypes after the
application is complete, it may be necessary for QECP reviewers to assess and approve the
updated dissemination plan and reports. QEs may not release performance reports to
providers, suppliers or the public until their final dissemination approach and report formats
have been approved. The requirements QEs must meet for final approval of performance
reports will be described in the 2012 Operations Manual Update (to be released during the
second quarter of 2012).
If a QE wishes to change its dissemination plan or report prototypes after approval, CMS
requires at least 30 days to review and approve the updated plans and prototypes (see Section
2.14).
2.8 STANDARD 8 – REQUESTS FOR CORRECTIONS OR APPEALS
QEs are required to confidentially share performance results with the providers and suppliers
that are being evaluated and to allow for corrections prior to public reporting. QEs must
provide the measure name/description, methodology, and results to providers and suppliers at
least 60 calendar days prior to making the measure results public. QEs must inform providers
and suppliers of the date the reports will be made public at least 60 calendar days in advance.
The qualified entity must publicly release reports on the specified date regardless of the status
of any requests for error correction.
As previously stated, because QEs may alter their corrections process and report prototypes
after the application is complete, it may be necessary for QECP reviewers to assess and approve
the updated process and reports. QEs may not release reports for the corrections process to
providers and suppliers until their final dissemination approach and report formats have been
approved. The requirements QEs must meet for final approval of their corrections process will
be described in detail in the 2012 Operations Manual Update (to be released during the second
quarter of 2012).
2.9 EVALUATION, MONITORING, AND OVERSIGHT OF QES
The ability of a QE to comply with program requirements for robust measurement
methodologies and dissemination of results while maintaining a high level of security is critical
to the success of the program. The assessment of QE performance will include criteria to
validate the QE’s performance against all program requirements. The minimum qualifications
set forth in the application are the foundation for obtaining certification as a QE. Although
2012 Operations Manual
�18 Policies and Procedures
establishing minimum qualifications is critical, processes must be defined to establish
compliance with these qualifications once the Medicare data are received. The QECP will first
evaluate a QE’s ability to meet the program requirements prior to the release of the QE’s first
performance reports; thereafter, the QE will be required to comply with all monitoring and
oversight requirements.
Program evaluation and monitoring will be scheduled once the QE is certified and receives data.
Oversight will be ongoing.
2.9.1 Evaluation
Prior to the reporting of any performance results, QEs will be required to demonstrate their
ability to use Medicare data consistent with the documented plans they presented at the time
of application. This includes additional assessment of specific standards to ensure the QE’s
ability to accurately and securely integrate Medicare data. The evaluation includes additional
assessment of the following requirements:
Data security and privacy
Data capture, transfer, and integration with other claims data
Measure calculation, reliability, and validity
Request for corrections process
Public reporting
Details about how to demonstrate compliance with these evaluation requirements will be
released in the 2012 Operations Manual Update. QEs will need to complete evaluation before
they produce and publicly distribute performance reports containing Medicare data. Once a QE
has successfully completed at least one cycle of public reporting, it will move into the QECP
monitoring phase.
2.9.2 Monitoring
CMS will monitor and assess the performance of qualified entities through several mechanisms,
including the submission of documentation by the QEs and onsite visits. Program monitoring is
initiated once a QE has successfully released its first public report that incorporates Medicare
data.
Monitoring assessments will be conducted remotely and during planned onsite visits. Site visits
will provide CMS the opportunity to directly monitor the performance of the QEs. The QE
applicant lead and contracted entities or partners may be subject to an onsite monitoring visit.
Further detail about the monitoring process, including the onsite visits, will be published in the
2013 Operations Manual (to be released in February 2013).
2012 Operations Manual
�
Policies and Procedures 19
2.9.3 Oversight
QEs will be subject to ongoing program oversight. As part of this oversight, QEs will be required
to submit an annual report covering program adherence (e.g., number of claims, market share,
number of measures) and engagement of providers and suppliers (e.g., number of requests for
corrections, time to respond to requests for correction). Furthermore, oversight may result in
identifying problems, introducing solutions, monitoring the effectiveness of the solutions, and
requesting a QE to develop procedures or implement a corrective action plan to bring it into full
compliance with program requirements.
A fundamental component of meeting the QECP monitoring and oversight requirements is the
QE’s development and implementation of a quality assurance plan that adheres to the QECP’s
quality assurance requirements. The ability of a QE to comply with program requirements for
robust measurement methodologies and dissemination of data while maintaining a high level
of security is critical to the success of the program.
Further details about the oversight process and quality assurance requirements will be
published in the 2013 Operations Manual (to be released in February 2013).
2.10 APPLICATION SUBMISSION
2.10.1 QECP Portal
The QECP Portal is designed to facilitate the application and certification processes. This online
tool supports the submission, review, and approval of applications from entities. Entities
interested in applying for certification may access the portal to review application requirements
and complete and submit the application electronically. The portal also facilitates ongoing
technical support throughout the application process (see Section 2.10.3). After an entity
submits an application through the portal, the entity may access the portal to monitor the
progress of the review process and certification status. If an entity is certified, a letter from
CMS will be sent signifying its certification as a QE.
Entities perform the following key steps to submit an application:
Complete registration to obtain an administrative profile for the QECP Portal;
Access critical documents about the QECP Portal and the application process;
Read the Operations Manual and QECP Portal User’s Guide;
Access the application page and complete the application;
Review and finalize the application, including all required evidence as attachments; and
Submit the application.
2012 Operations Manual
�20 Policies and Procedures
The QECP Portal User’s Guide (Appendix D) provides detailed instructions on how to navigate
the website, access materials, complete the registration and application materials, submit the
application materials, and request technical assistance.
Entities interested in obtaining general information or registering for access to the QE
application may visit the publicly accessible portion of the QECP Portal at
http://www.QEMedicareData.org.
2.10.2 Applying for the QECP
2.10.2.1 Requesting Accounts for the QECP Portal
A representative from each entity that intends to apply for QE certification must access the
QECP Portal and complete the registration form. Registration allows access to restricted QECP
portal modules, which are not publicly accessible. Once a registration form is submitted by an
entity, the entity’s representative receives a link to the Operations Manual and is assigned a
unique user ID and password and a secure application site for that entity only. For the duration
of the application process this user will be identified as the entity’s administrative user. To
obtain additional accounts for the same entity, additional users must also register by
completing the registration form. To receive a unique user ID and password, each additional
user must receive the administrative user’s approval. Technical support is available for entities
to submit questions about registration or the general certification process at
[email protected].
2.10.2.2 Accessing Critical Documents via the QECP Portal
Once entities have completed the registration process and an administrative user ID and
password have been issued, the administrative user and any approved additional users may
access the application through a secure channel of the portal website. To begin the application,
users are encouraged to access the Documentation Library and review all available documents,
and specifically this Operations Manual and the paper‐based QE application form (see Appendix
B) before beginning the application. Section 3 of this manual provides details on the minimum
requirements for becoming a QE and the necessary supporting documentation or evidence that
must be submitted.
2.10.2.3 Completing the Application Form
After reviewing the minimum requirements, entities may access the QE application form on the
Application page. Though paper‐based QE application forms exist, entities are requested to
complete the QE application form online via the QECP Portal. Registered users may save the
application at any time and return to it later. Once a user saves the information entered in the
online application, it becomes available to other users associated with that entity. Therefore,
multiple users from the same entity may work on the application at the same time; however,
only the saved information is visible.
2012 Operations Manual
�
Policies and Procedures 21
Exhibit 1 provides a screenshot of the QE application form for Standard 1 (Applicant Profile),
Element 1A (Define Applicant Organization). All supporting or evidentiary documents may be
uploaded to the QECP Portal and submitted as attachments to the online application. A
complete paper‐based version of the QE application form may be found in Appendix B. In
completing the application form, prospective applicants are required to self‐assess their ability
to meet the minimum requirements of the QECP by answering “yes,” “no,” or “n/a” to each
assessment and elaborating in the comment box if they are unable to meet a particular
assessment.
Exhibit 1: QE Online Application Form Screenshot
2012 Operations Manual
�22 Policies and Procedures
2.10.3 QECP Portal Technical Support
The following technical support resources are available to all entities before, during, and after
the submission of QE applications:
Frequently Asked Questions (FAQs):
https://www.QEMedicareData.org/SitePages/faq.aspx
Entities are encouraged to review the FAQs prior to seeking other technical support
avenues. FAQs will be updated on a regular basis.
Email: [email protected]
Email responses will be sent within 2 business days.
Toll‐free Helpline: (866) 277‐9966
Telephone calls will be returned within 2 business days.
2.11 APPLICATION REVIEW PROCESS
The application review to certify entities as qualified entities includes a web‐based step‐wise
process. The allotted review period of 55 business days for a single application starts after an
application is submitted and validated. Clarification or updates to existing evidence may be
requested by reviewers once the application review process starts.
In the web‐based review process, applications are subject to multiple reviewer assessments
of compliance with standards and elements. The application review begins immediately upon
submission of a complete and validated application. Using the QECP Portal designed for this
program, reviewers will assess the entity’s compliance with the standards (met/not met), based
on the supporting documentation and evidence provided. In addition, the reviewers will
identify potential opportunities for improvement in areas that are deficient or require
additional clarification. The review results are included in a report of findings and
recommendations; the final decision report from CMS will include a final outcome for the entity
as either “Qualified” or “Not Qualified.”
QECP technical support is available to assist prospective applicants in their preparation, as
indicated in Section 2.10.3. All prospective applicants are encouraged to utilize these resources
and consult the Operations Manual as they prepare to submit evidence of their capabilities to
function as a QE. The following subsections describe the steps involved in the application
review process.
2012 Operations Manual
�
Policies and Procedures 23
2.11.1 Prospective Applicant Completes Registration and Gains Access to Application
Form
The prospective applicant submits information about the entity (name/location of entity and
contact information) via the publicly accessible portion of the QECP Portal to obtain an
administrative user ID and password and gain access to the application form. This step is the
first indication of an entity’s interest in the QECP.
2.11.2 Confirm Intent and Planned Submission
Using the provided contact information, the designated program coordinator contacts the
entity to determine when the entity anticipates submitting an application.
2.11.3 Application Is Submitted
The entity completes and submits its application as final according to the instructions in the
QECP Portal User’s Guide (Appendix D).
2.11.4 Application Is Validated
The program coordinator assesses the application, ensuring that all elements have evidence
attached and that complete contact information is provided. If the application is considered
complete, the program coordinator flags it as a “valid application” and at this point the entity
becomes an “applicant.” The applicant is notified that the application has been accepted and
that the validation is complete. The program coordinator notifies the applicant’s review
coordinator and the application review is initiated.
If an application is considered incomplete, the applicant will be notified and the application will
not be reviewed further. For the application to proceed in the process, the applicant must
revise and resubmit the application until it is deemed valid by the program coordinator.
Technical assistance is available throughout the application process.
2.11.5 Application Is Reviewed
Once the application review is initiated, the review team (review coordinator, administrative
reviewer and executive reviewer) assess the applicant’s submitted evidence and self‐
assessment for each element against the program’s minimum requirements.
2.11.6 Review Team Holds Conference Call with Applicant
Via a conference call, the review team and the applicant have an opportunity to discuss
feedback and to identify and correct any outstanding issues. Following the conference call,
applicants have 5 business days to clarify any submissions or respond to the review
2012 Operations Manual
�24 Policies and Procedures
coordinator’s requests. This is the applicant’s opportunity to provide a rebuttal to reviewer
findings; applicant rebuttals are included in the QECP team’s final recommendation report to
CMS.
The applicant may be granted additional time during the application review to meet the
requirements for Standard 3 in order to be fully compliant with the data security and privacy
requirements. This will be identified and discussed during (or before) the conference call.
Specifically,
Applicants compliant with all other elements but not meeting an element under the
Data Security standard may be required, as determined by the executive reviewer, to
submit a plan of action and milestones (POA&M) addressing identified deficiencies. The
review coordinator notifies the applicant of this request. The applicant has 5 business
days to complete and submit a POA&M (within 30 business days of application
validation). After submission of the final POA&M, an applicant has no more than 90
business days to complete agreed upon and identified milestones. The executive
reviewer then has 10 business days to evaluate the completion of the applicant’s
POA&M. If the executive reviewer determines that the deficiencies have not been
remediated within this timeframe, the applicant may withdraw the application or may
proceed, with the understanding that a final decision by CMS determining non‐
compliance with any one element will result in an outcome of Not Qualified.
The applicant may be allowed to revise evidence submitted under the measure selection
standard (standard 5) in order to be fully compliant. This will be identified and discussed during
(or before) the conference call. Specifically,
If the evidence submitted for a standard or alternative measure (Elements 5A and 5B,
respectively) is determined to be inadequate during the application review, the
applicant has the option of withdrawing the measure and proceeding with the
application process. If the applicant opts not to withdraw the measure in question, the
application may proceed, with the understanding that a final decision by CMS
determining non‐compliance with any one standard will result in an outcome of Not
Qualified.
2.11.7 CMS Decision Is Rendered
Based on the information provided in the final recommendation report, CMS renders a decision
to recognize the applicant as Qualified (a qualified entity) or Not Qualified.
2.11.8 Applicant Is Notified of Outcome
Each applicant will receive a CMS QECP decision report and, if certified as a QE, a list of steps it
must take to receive Medicare data.
2012 Operations Manual
�
Policies and Procedures 25
Post‐QE Certification Steps:
QE contacts Research Data Assistance Center (ResDAC)
Within 10 business days of notification of the outcome, the QE contacts ResDAC to
obtain a data request packet and submit all completed forms to CMS. See Section 2.13
of this manual for additional details, including ResDAC contact information.
QE pays Medicare data dissemination fees to CMS
CMS estimates and collects the program fees from the QE.
QE receives Medicare data
CMS releases the approved Medicare data to the QE and notifies the reviewers of the
date of data delivery. The QE will receive access to Medicare data within approximately
80 business days of application initiation.
2.12 APPLICATION REVIEW OUTCOMES
There are only two final outcomes for the QECP application review: (1) Qualified and (2) Not
Qualified. An applicant that meets all program requirements except that it does not, at the time
of application, have any or sufficient other claims data (Element 2A) may opt to undergo a
QECP Conditional Status application review. However, this is not a final outcome; entities with
conditional status will not be eligible to receive Medicare data. See Appendix C for additional
details regarding QECP Conditional Status.
2.12.1 Qualified
An applicant will receive a status as Qualified (qualified entity) if it demonstrates complete
compliance with the requirements in the application. This status is valid for 3 years from the
date of notification of CMS approval unless a QE’s status is otherwise terminated. CMS will
publicly announce on the CMS website (http://www.cms.gov/QEMedicareData) the names of
those applicants that have been certified as QEs.
QE status is valid for 3 years from the date of notification of CMS approval. The QE must submit
data requests and fees to receive quarterly updates of Medicare data until the last 6 months of
its qualification period. At that time, the entity must re‐apply to QECP and undergo another
review to continue receiving data.
2.12.2 Not Qualified
An applicant will receive a status as Not Qualified if it has not met the requirements for
certification. Failure on any single element will result in an outcome of Not Qualified. The
names of applicants who receive an outcome of Not Qualified will not be announced publicly.
2012 Operations Manual
�26 Policies and Procedures
2.12.2.1 Disclaimer
To arrive at each applicant’s final certification outcome, the QECP review team (as CMS’ agent)
evaluates the final application against the minimum requirements for a qualified entity. The
review team’s assessment of the organization is based on its professional, evaluative judgment.
Meeting the minimum requirements does not guarantee certification. Determination of
certification status is made by CMS.
2.12.2.2 Repeat Applications
An applicant that received an outcome of Not Qualified may apply twice within a 12‐month
cycle. An entity may submit a second application no sooner than 90 business days after the
date of its first failure (within the 12‐month cycle). If the entity fails the second application, it
will be barred from reapplying for 12 months from the date of its second failure.
2.13 MEDICARE DATA: APPLYING FOR ACCESS AND DATA DELIVERY
2.13.1 Applying for Access to Medicare Data
Upon notification of QE certification, the QE must submit a data request package for approval.
The Research Data Assistance Center (ResDAC) will be available to assist the QE with the
submission of this package (http://www.resdac.org/QEMedicareData.asp, 1‐888‐9RESDAC, or
[email protected]), including a cost estimate for the data file(s) requested. The ResDAC website
provides descriptions of the available CMS data, data request procedures, workshops on how to
use Medicare data, and other helpful resources. Within approximately 10 business days of
submission of the data request packet, a CMS privacy analyst will notify the QE by email of
CMS’ approval of the data request.
Upon approval of the data request and assignment of the Data Use Agreement (DUA) number,
the QE will be instructed by CMS on how to submit payment to cover the cost of the data files.
The cost will be based on the number of files, size of the files, and the number of calendar years
of data requested. Receipt of payment will automatically notify CCW staff of approval to
proceed with the transfer of Medicare data files to the QE.
2.13.2 Medicare Data Delivery to QEs
Upon CMS approval of the DUA and receipt of payment by CMS, the state‐specific and (if
requested) the 5% national sample data files described in Section 1.5 will be encrypted and
prepared for delivery to the QE’s point of contact listed on the DUA. The DUA number and data
request specifications will be recorded and tracked using standard CCW operating procedures.
The QE will have the option of either downloading its encrypted data files via a secure file
transfer mechanism or receiving the data via a USB hard drive (preference will be indicated on
2012 Operations Manual
�
Policies and Procedures 27
the data request specifications worksheet). The data files will be encrypted prior to delivery
using the PGP Command Line 9.0 with the Self‐Decrypting Archive (SDA) method. This method
builds a compressed, encrypted, password‐protected file using a FIPS 140‐1/140‐2 approved
AES256 cipher algorithm. For either delivery approach (download or hard drive shipment), the
SDA decryption password will be sent electronically to the QE’s point of contact listed on the
DUA. Detailed decryption instructions will be provided with the data package. Confirmation of
receipt of the data package and password will be requested from the recipient.
In addition to the flat files (claims and enrollment/demographic data), the data package will
include file transfer summaries, SAS read‐in programs, data dictionaries, tips on getting started,
and other documentation. Each data package includes Buccaneer contact information for
further technical assistance with using the CCW data files. While the Research Data Assistance
Center (ResDAC) serves as the primary point of contact for CMS data requestors/users
(http://www.resdac.org/QEMedicareData.asp), specific questions about the data files received
from Buccaneer should be directed to Buccaneer’s CCW staff. CCW staff will provide technical
assistance to QEs through a variety of mechanisms, including:
CCW website: http://www.ccwdata.org/
CCW technical assistance email address: [email protected]
Toll‐free Helpline: 1‐866‐766‐1915
The CCW website offers several resources for QEs. These include summary statistics for
comparative analysis, data dictionaries for each file type, user guides, technical papers on
producing prevalence rates, and other analytical guidance documentation.
ResDAC also offers CMS data user workshops for both beginner and more advanced Medicare
data users. ResDAC will also assist the QEs in submitting their data request to CMS, including
helping QEs confirm their estimated data costs. In addition, QEs with specific Medicare data
questions or issues regarding potential data errors should contact ResDAC for guidance.
ResDAC workshops: http://www.resdac.org/Training/workshops.asp
ResDAC contact email: [email protected]
Toll‐Free Helpline: 1‐888‐9RESDAC (1‐888‐973‐7322)
2.14 HOW TO REPORT CHANGES
2.14.1 Changes Impacting Publicly Reported Performance Information
Once approved as a qualified entity, a QE may wish to modify its program operations, which
may affect its public reporting of performance information using Medicare data. As stated in
the Final Rule, it is not the intention of the QECP to limit an entity’s ability to change or adapt
its business plan once it has been approved as a qualified entity. However, QEs are required to
notify CMS about certain changes to their program. The 2012 Operations Manual Update (to be
released during the second quarter of 2012) will provide additional clarification about QE
2012 Operations Manual
�28 Policies and Procedures
responsibilities for reporting program changes (e.g., changes to selected measures, changes to
report prototypes). QEs will be required to incorporate and adhere to these requirements once
the annual update is released.
2.14.2 Governance Changes
A QE that experiences changes in governance, such as a merger, acquisition, or consolidation
(MAC), must submit written notice of such action within 30 calendar days following the merger,
acquisition, or consolidation date. The written notice should be sent to the following address:
IMPAQ International, LLC
10420 Little Patuxent Parkway
Suite 300
Columbia, MD 21044
Attention: Qualified Entity Certification Program for Medicare Data (QECP)
Upon receipt of a notice of a change in governance, the QECP team will evaluate the
transaction’s impact on certification status and compliance with program requirements. The
evaluation will consider any changes in infrastructure, data sources, security, and general
expertise related to the certification of the original entity. The entity will be notified of the
outcome of this evaluation.
2.15 MAINTAINING AND LOSING CERTIFICATION STATUS
2.15.1 Expiration and Renewal
QE status is valid for 3 years from the date of notification of CMS approval. The QE must submit
data requests and fees to receive quarterly updates of Medicare data until the last 6 months of
its qualification period. At that time, the entity must re‐apply to QECP and undergo another
review to continue receiving data.
2.15.2 Suspension and Termination
Upon notification that the applicant has received the requested data, the evaluation,
monitoring, and oversight activities are scheduled. Activities include further review of program
adherence, the data corrections process, measure implementation, public reporting formats
and data protection, and systems security protocols. In this phase of the evaluation process a
QE may have its certification temporarily suspended or terminated if it is no longer compliant
with program requirements.
2012 Operations Manual
�
Policies and Procedures 29
2.15.3 Reconsideration
As stated in the Final Rule (§ 401.711), QEs are required to notify CMS prior to updating plans
previously reviewed as part of the application process if these plans would change proposed
measures, prototype reports, public reports, data sources, or data volume. CMS may reconsider
the previously issued certification if the applicant is no longer compliant based on the updated
plans.
2.15.4 Voluntary Forfeiture
The Final Rule (§ 401.721) notes that QEs may voluntarily terminate their agreement with CMS
once they have entered the evaluation, monitoring, and oversight phase of the program. If a QE
determines that this is the most appropriate course, it must agree to immediately destroy or
return to CMS the Medicare data that it received under the program. Fees paid to CMS by the
QE will not be reimbursed.
2.15.5 Consequences for QEs with Negative Findings/Non-Compliance
At any time during the evaluation, monitoring, and oversight phase of the QECP, the QECP team
may determine that the QE is no longer in compliance and is at risk for suspension, termination,
reconsideration, or voluntary forfeiture. The QECP team will identify non‐compliance and notify
the QE to establish a corrective action plan. If remediation is not possible, the QE is subject to
the consequences outlined in the Final Rule regarding termination (§ 401.721), in which CMS
terminates the agreement with the QE and the QE must immediately destroy or return to CMS
the Medicare data that it received under the program. Fees paid to CMS by the QE will not be
reimbursed.
2012 Operations Manual
��2012
OPERATIONS
MANUAL
SECTION 3.
MINIMUM
REQUIREMENTS
��
Minimum Requirements 33
3.0 INTRODUCTION TO QECP MINIMUM REQUIREMENTS
The 8 standards and 24 elements derived from the Final Rule, against which entities will be
evaluated, are presented in this section. Each element describes the assessment to be
performed by reviewers in evaluating an application, and the documentation that entities must
submit for evaluation. Each element may be evaluated by more than one assessment. To meet
the requirements for a single element, entities must comply with all assessments. Lack of
compliance with any assessment may result in an entity’s inability to receive Medicare data for
performance measurement.
During the application submission process, entities are required to self‐assess their ability to
meet QECP minimum requirements. Since the application process is extensive and there are
limits to the number of times an entity may apply for QE certification during a 12‐month period,
entities are encouraged to carefully evaluate their ability to meet the minimum requirements
set forth by CMS in the Final Rule (42 CFR, Part 401, Subpart G) prior to submitting an
application.
Exhibit 2 below defines the components of the minimum requirements against which entities
will be evaluated.
Exhibit 2: Components of the Minimum Requirements
Component
Description
Standard
An area for review that defines the program requirements at the
highest level. The standard includes intent, elements, assessments,
and evidence.
Intent
A brief description of the importance of the standard.
Element
Assessment
Evidence
The component of a standard that is scored/reviewed and provides
details about performance expectations. Each element within a
standard is evaluated to determine the degree to which the entity
has met the requirements of the standard.
The component(s) of an element that the entity must demonstrate to
meet the minimum requirements for each element in order to
receive approval for the element. Several assessments may be
required for a single element; assessments reflect an entity’s degree
of compliance with an element.
An item that is submitted to demonstrate compliance with an
element. For example, an element may require the entity to
demonstrate that a specific document includes evidence of plans or
experience. The evidence allows reviewers to determine whether the
entity has met the assessment.
2012 Operations Manual
�34 Minimum Requirements
All information presented in Sections 3.1 through 3.8 below is also included in Section 4 of the
paper‐based QE application form (Appendix B).
3.1 STANDARD 1 – APPLICANT PROFILE
Intent: A prospective QE must provide information about its organization and structure, the
types of providers and suppliers it intends to evaluate, the geographic areas for which it intends
to report data, and its ability to meet financial requirements of the program.
Element 1A: Define applicant organization
Assessment: Applicant is a legally recognized “lead” entity, accountable to CMS for the receipt
of Medicare data, with clear contractual relationships identified and documented between
entities (when applicable) that make it possible for the applicant to meet the QECP standards.
Evidence: The applicant’s incorporation, type of organization, and licensure, if applicable.
Contractors or member organizations working with the lead entity in support of their QECP
activities must also include incorporation, type of organization, and licensure information as
well as evidence of a contractual relationship between the lead and other entities that includes
breach of contract liability with potential for collecting damages for failure to perform.
Element 1B: Identify the geographic areas that applicant’s reports will cover
Assessment: Applicant defines the geographic area in which performance reporting will
incorporate the Medicare data.
Evidence:
1. Description of geographic area(s) by state for which the applicant requests Medicare data. If
a 5% national sample is requested, a justification for the request must be included.
2. Description of geographic area(s) by state for which the applicant has claims data from
another payer source(s).
Element 1C: Identify the types of providers or suppliers whose performance the applicant
intends to assess using Medicare data
Assessment: Applicant lists the types of providers and suppliers for which it intends to evaluate
performance using Medicare and other claims data.
2012 Operations Manual
�
Minimum Requirements 35
Evidence: List of types of providers and suppliers to be covered in each geographic area report
that uses Medicare data. The types of providers and suppliers must be those that submit
claims, and are paid, for Medicare‐covered services and those for which the applicant has at
least one additional source of claims data. The following is a list of possible provider types as
defined by the Social Security Act:
(a) Physicians
(b) Other health care practitioners
(c) Hospitals
(d) Critical access hospitals
(e) Skilled nursing facilities
(f) Comprehensive outpatient rehabilitation facilities
(g) Home health agencies
(h) Hospice programs
(i) Other facilities or entities that furnish items or services
Element 1D: Show ability to cover the costs of performing the required functions of a
qualified entity
Assessment: Applicant’s business model is projected to cover the cost of public reporting, both
the cost of the data and the cost of developing the reports.
Evidence: Documentation of a program budget reviewed and, approved, and signed by the
applicant’s senior executives. Evidence must come from the applicant, not from a member
organization or contractor.
3.2 STANDARD 2 – DATA SOURCES
Intent: A prospective QE must provide evidence of the ability to combine claims data from
other sources to calculate performance reports.
Element 2A: Obtain claims data from at least one other payer source to combine with
Medicare Parts A and B claims data, and Part D drug event data
Assessment: For the geographic areas identified in Element 1B and for providers and suppliers
identified in Element 1C, applicant possesses claims data from at least one other source;
however, obtaining claims data from two or more sources is preferable.
If the applicant does not possess other claims data at the time of application, see Section 2.2
and Appendix C for instructions on how to apply for a qualified‐conditional certification.
2012 Operations Manual
�36 Minimum Requirements
Evidence: An attestation from the entities from which the applicant obtains claims data that
will be combined with the Medicare data. The attestation should include geographic area and
types of providers and suppliers included in the data shared with the prospective QE.
Element 2B: Accurately combine Medicare claims data with claims data from other payer
sources
Assessments:
1. Applicant accurately combines Medicare claims data with claims data from at least one
other payer source.
2. Applicant demonstrates experience, generally 3 or more years, accurately combining claims
data from different payer sources.
Evidence:
1. Documented process for combining claims data from multiple payers for the purposes of
performance measurement. At a minimum, this must include the applicant’s method for
matching provider and supplier identifiers across different claims data sources.
2. Document(s) showing 3 years of experience aggregating claims data to produce at least two
performance measures.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
3.3 STANDARD 3 – DATA SECURITY
Intent: A prospective QE must provide evidence of rigorous data privacy and security policies
including enforcement mechanisms.
Element 3A (Administrative): Show ability to comply with Federal data security and privacy
requirements, and document a process to follow those protocols
Assessment: Applicant has established systems and protocols to address the following security
elements (as detailed in FIPS 200):
Audit and Accountability
Certification, Accreditation, and Security Assessments
Incident Response, including notifying CMS and beneficiaries of inappropriate data
access, violations of applicable Federal and state privacy and security laws and
regulations for the preceding 10‐year period (or, if the applicant has not been in
2012 Operations Manual
�
Minimum Requirements 37
existence for 10 years, the length of time the applicant has been an organization), and
any corrective actions taken to address the issues
Planning
Risk Assessment
Compliance with applicable state laws regarding privacy and security
Evidence:
1. Current NIST Certification and Accreditation for compliance with FIPS 200 and SP 800‐53 at
the moderate impact level. If the applicant has not undergone this Certification and
Accreditation process, it must produce documentation of the systems and protocols that
meet this same threshold with respect to the security factors listed in Element 3A, which
are further described below. If these systems and protocols do not meet the standards of
FIPS 200 and SP 800‐53 or have not yet been fully implemented, the applicant may be
granted an opportunity to submit an agreed‐upon plan of action and milestones (POA&M)
and subsequently must demonstrate appropriate improvements to meet compliance.
Audit and Accountability: Applicant must: (i) create, protect, and retain information system
audit records to the extent needed to enable the monitoring, analysis, investigation, and
reporting of unlawful, unauthorized, or inappropriate information system activity; and (ii)
ensure that the actions of individual information system users may be uniquely traced to
those users so they can be held accountable for their actions.
Certification, Accreditation, and Security Assessments: Applicant must (i) periodically assess
the security controls in organizational information systems to determine if the controls are
effective in their application; (ii) develop and implement plans of action designed to correct
deficiencies and reduce or eliminate vulnerabilities in organizational information systems;
(iii) authorize the operation of organizational information systems and any associated
information system connections; and (iv) monitor information system security controls on
an ongoing basis to ensure the continued effectiveness of the controls.
Incident Response: Applicant must (i) establish an operational incident handling capability
for organizational information systems that includes adequate preparation, detection,
analysis, containment, recovery, and user response activities; and (ii) track, document, and
report incidents to organizational officials and/or authorities.
Planning: Applicant must develop, document, periodically update, and implement security
plans for organizational information systems that describe the security controls in place or
planned for the information systems and the rules of behavior for individuals accessing the
information systems.
Risk Assessment: Applicant must periodically assess the risk to organizational operations
(including mission, functions, image, or reputation), organizational assets, and individuals,
resulting from the operation of organizational information systems and the associated
processing, storage, or transmission of organizational information.
2012 Operations Manual
�38 Minimum Requirements
Compliance with applicable state laws regarding privacy and security: Applicants, regardless
of Certification and Accreditation status, must document compliance with applicable state
laws regarding privacy and security.
2. All applicants, regardless of Certification and Accreditation status, must document all
breaches of data security or privacy within the past 10 years (or the lifetime of the
organization if that is less than 10 years).
3. All applicants, regardless of Certification and Accreditation status, must document the
protocols and systems that will be implemented for transferring information to providers
and suppliers as part of the requests for corrections/appeals process.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 3B (Technical): Identify system users and prequalification process for access to data
Assessment: Applicant has established systems and protocols to address the following security
elements (as detailed in FIPS 200):
Access Control
Awareness and Training
Configuration Management
Identification and Authentication
Personnel Security
Evidence: Current NIST Certification and Accreditation for compliance with FIPS 200 and SP
800‐53 at the moderate impact level. If the applicant has not undergone this Certification and
Accreditation process, it must produce documentation of the systems and protocols in place
with respect to the security factors listed in Element 3B, and further described below. If these
systems and protocols do not meet the standards of FIPS 200 and SP 800‐53 or have not yet
been fully implemented, the applicant may be granted an opportunity to submit an agreed‐
upon plan of action and milestones (POA&M) and subsequently demonstrate appropriate
improvements to meet compliance.
Access Control: Applicant must limit information system access to authorized users, processes
acting on behalf of authorized users, or devices (including other information systems) and to
the types of transactions and functions that authorized users are permitted to exercise.
Awareness and Training: Applicant must: (i) ensure that managers and users of organizational
information systems are made aware of the security risks associated with their activities and of
the applicable laws, Executive Orders, directives, policies, standards, instructions, regulations,
or procedures related to the security of organizational information systems; and (ii) ensure that
2012 Operations Manual
�
Minimum Requirements 39
organizational personnel are adequately trained to carry out their assigned information
security‐related duties and responsibilities.
Configuration Management: Applicant must: (i) establish and maintain baseline configurations
and inventories of organizational information systems (including hardware, software, firmware,
and documentation) throughout the respective system development life cycles; and (ii)
establish and enforce security configuration settings for information technology products
employed in organizational information systems.
Identification and Authentication: Applicant must identify information system users, processes
acting on behalf of users, or devices and authenticate (or verify) the identities of those users,
processes, or devices, as a prerequisite to allowing access to organizational information
systems.
Personnel Security: Applicant must: (i) ensure that individuals occupying positions of
responsibility within organizations (including third‐party service providers of services) are
trustworthy and meet established security criteria for those positions; (ii) ensure that
organizational information and information systems are protected during and after personnel
actions such as terminations and transfers; and (iii) employ formal sanctions for personnel
failing to comply with organizational security policies and procedures.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 3C (Physical): Identify processes and systems in place to protect the IT physical
infrastructure
Assessment: Applicant has established systems and protocols to address the following security
elements (as detailed in FIPS 200):
Contingency Planning
Maintenance
Media Protection
Physical and Environmental Protection
System and Services Acquisition
System and Communications Protection
System and Information Integrity
Evidence: Current NIST Certification and Accreditation for compliance with FIPS 200 and SP
800‐53 at the moderate impact level. If the applicant has not undergone this Certification and
Accreditation process, it must produce documentation of the systems and protocols in place
with respect to the security factors listed in Element 3C, and described further below. If these
systems and protocols do not meet the standards of FIPS 200 and SP 800‐53 or have not yet
2012 Operations Manual
�40 Minimum Requirements
been fully implemented, the applicant may be granted an opportunity to submit an agreed‐
upon plan of action and milestones (POA&M) and subsequently demonstrate appropriate
improvements to meet compliance.
Contingency Planning: Applicant must establish, maintain, and effectively implement plans for
emergency response, backup operations, and post‐disaster recovery for organizational
information systems to ensure the availability of critical information resources and continuity of
operations in emergency situations.
Maintenance: Applicant must: (i) perform periodic and timely maintenance on organizational
information systems; and (ii) provide effective controls on the tools, techniques, mechanisms,
and personnel used to conduct information system maintenance.
Media Protection: Applicant must: (i) protect information system media, both paper and digital;
(ii) limit access to information on information system media to authorized users; and (iii)
sanitize or destroy information system media before disposal or release for reuse.
Physical and Environmental Protection: Applicant must: (i) limit physical access to information
systems, equipment, and the respective operating environments to authorized individuals; (ii)
protect the physical plant and support infrastructure for information systems; (iii) provide
supporting utilities for information systems; (iv) protect information systems against
environmental hazards; and (v) provide environmental controls in facilities containing
information systems.
System and Services Acquisition: Applicant must: (i) allocate sufficient resources to adequately
protect organizational information systems; (ii) employ system development life cycle
processes that incorporate information security considerations; (iii) employ software usage and
installation restrictions; and (iv) ensure that third‐party providers employ adequate security
measures to protect information, applications, and/or services outsourced from the
organization.
System and Communications Protection: Applicant must: (i) monitor, control, and protect
organizational communications (i.e., information transmitted or received by organizational
information systems) at the external boundaries and key internal boundaries of the information
systems; and (ii) employ architectural designs, software development techniques, and systems
engineering principles that promote effective information security within organizational
information systems.
System and Information Integrity: Applicant must: (i) identify, report, and correct information
and information system flaws in a timely manner; (ii) provide protection from malicious code at
locations within organizational information systems; and (iii) monitor information system
security alerts and advisories and take actions in response.
2012 Operations Manual
�
Minimum Requirements 41
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
3.4 STANDARD 4 – METHODOLOGY FOR MEASUREMENT AND
ATTRIBUTION
Intent: A prospective QE must provide evidence of its ability to accurately calculate quality and
efficiency, effectiveness, or resource use measures from claims data for measures it intends to
calculate with Medicare data.
Element 4A: Follow measure specifications
Assessment: Applicant uses measure specifications accurately for selected measures, including
numerator and denominator inclusions and exclusions, measured time periods, and specified
data sources.
Evidence: For the measures listed in Elements 5A and 5B, the applicant must supply the
measure specifications through a hyperlink to the original specification, a URL, or a copy of the
specifications.
Element 4B: Use a defined and transparent method for attribution of patients and episodes
Assessments:
1. Applicant identifies an appropriate method to attribute a particular patient's services or
episode to specific providers and suppliers.
2. Applicant demonstrates experience, generally 3 or more years, accurately attributing
patient's services or episode to specific providers and suppliers.
Evidence:
1. Methodology paper or document defining how the applicant attributes patient services or
episodes to specific providers or suppliers. If the attribution methods are different for
different types of providers and suppliers (or measures), the applicant describes each
methodology.
2. Methodology paper or document describing attribution approaches the applicant has
defined and executed over the past 3 years. Note that if the attribution methodology has
changed over the past 3 years, the applicant must provide a rationale for the change.
2012 Operations Manual
�42 Minimum Requirements
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 4C: Set and follow requirements to establish statistical validity of measure results for
quality measures
Assessments:
1. For reporting quality measures using Medicare data, applicant uses only measures with at
least 30 observations, or the calculated confidence interval is at least 90%, or the measure
reliability is at least 0.70.
2. Applicant demonstrates experience, generally 3 or more years, producing measures with
statistical validity.
Evidence:
1. Methodology paper or document stating the applicant's minimum requirements for
reporting a measure that incorporates any of the received Medicare data. This includes one
of the following: minimum sample size (or denominator size) requirements, minimum
calculated confidence interval, or minimum reliability score requirements.
2. For each measure for which the applicant intends to incorporate Medicare data, the
applicant must submit one of the following: the anticipated sample size, the reliability
score, or the confidence interval that will be used in reporting. Evidence supporting these
statements must be submitted.
3. Document(s) showing the applicant’s requirements for establishing statistical validity,
together with examples of how the applicant has applied them over the past 3 years for at
least two quality measures for which it intends to incorporate Medicare data. If any of the
selected quality measures require the application of distinct or different statistical
thresholds, then these must also be submitted.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 4D: Set and follow requirements to establish statistical validity of measure results
for efficiency, effectiveness, and resource use measures
Assessments:
1. For selected efficiency, effectiveness, and resource use measures using Medicare data,
applicant uses only measures for which reliability and validity is demonstrated.
2. For selected efficiency, effectiveness, and resource use measures using Medicare data that
specify the use of a standardized payment or pricing approach, the specified standardized
payment methodology is used.
2012 Operations Manual
�
Minimum Requirements 43
3. Applicant demonstrates experience, generally 3 or more years, producing measures with
statistical validity.
Applicants are only required to submit evidence for Element 4D if they select efficiency,
effectiveness, or resource use measures to evaluate providers or suppliers.
Evidence:
1. Methodology paper that states the applicant's minimum requirements for reporting a
measure with combined data. This includes the minimum calculated confidence interval or
the reliability score.
2. For each measure for which the QE intends to incorporate Medicare data, the applicant
must submit one of the following: the anticipated sample size, the reliability score, or the
confidence interval that will be used in reporting. Evidence supporting these statements
must be submitted.
3. Document(s) showing the applicant’s requirements for establishing statistical validity,
together with examples of how the applicant has applied them over the past 3 years for
each selected type of measure (efficiency, effectiveness, and resource use) for which it
intends to incorporate Medicare data. If any of the selected measures require the
application of distinct or different statistical thresholds, then these must also be submitted.
4. Description of standard payment methodology for applicable measures.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 4E: Use appropriate methods to employ risk adjustment
Assessments:
1. Applicant provides a rationale for using, or not using, a risk adjustment method for each
selected measure. Furthermore, the applicant provides a description of the risk adjustment
method for each applicable measure.
2. Applicant demonstrates experience, generally 3 or more years, applying risk adjustment if
any of the selected measures require a risk adjustment approach.
Applicants are only required to submit evidence for Element 4E if they select a measure that
specifies a risk adjustment method.
Evidence:
1. Methodology paper indicating for each measure for which the applicant intends to use
Medicare data:
(a) How the applicant has determined whether risk adjustment is necessary
(b) The explicit methodology to be used for risk adjustment, including any case‐mix or
severity adjustment
2012 Operations Manual
�44 Minimum Requirements
(c) A justification if the applicant determines that risk adjustment is not necessary
2. Document(s) showing consideration of risk adjustment, use of risk adjustment
methodologies, and/or justification for not using risk adjustment over the past 3 years.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 4F: Use appropriate methods to handle outliers
Assessments:
1. Applicant describes its outlier method (i.e., how to identify and account for outliers) for
each selected measure as applicable.
2. Applicant demonstrates experience, generally 3 or more years, applying relevant outlier
methods, as applicable.
Evidence:
1. Methodology paper indicating for each measure for which the applicant intends to
incorporate Medicare data:
(a) Rationale for using, or not using, an outlier method
(b) Detailed description of outlier method; specifically, how to identify outliers (e.g.,
more than 3 standard deviations from the mean) and how to account for them (e.g.,
truncation or removal of outlier)
2. Document(s) showing identification of outliers, use of outlier methods, or justification for
not using outlier methods over the past 3 years, for each type of measure.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 4G: Use comparison groups when evaluating providers or suppliers compared to
each other
Assessments:
1. Applicant defines comparison groups it intends to use to report results for each selected
measure.
2. Applicant demonstrates experience, generally 3 or more years, selecting relevant
comparison groups (i.e., peer groups) for selected measures.
2012 Operations Manual
�
Minimum Requirements 45
Evidence:
1. Description of the comparison or peer groups used to evaluate performance for each
measure selected. Peer group identification includes each type of provider and supplier to
be reported on, including:
(a) How the peer group was identified (external data source, provider‐reported
specialty, Tax ID number)
(b) Defined algorithms to identify relevant peer groups for measurement
(c) Geographic parameters to correctly compare providers to their peers
2. Document(s) showing the peer groups to which providers and suppliers have been assigned,
and how peer groups have been defined, during the past 3 years.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 4H: Use benchmarks when evaluating providers
Assessments:
1. Applicant defines benchmarks it intends to use to report results for each selected measure.
2. Applicant demonstrates experience, generally 3 or more years, comparing measure results
with benchmarks.
Evidence:
1. Description of the benchmark selection process and any performance standard that is used.
The benchmark selection process includes:
(a) How the benchmark is identified or estimated (external data source, current data
set)
(b) Type of benchmark (90th percentile, national average, regional average)
(c) Geographic parameters to correctly identify the benchmark if relevant (provided
region assignment uses regional benchmarks)
2. Document(s) showing the comparison of performance results of providers and suppliers with
benchmarks during the past 3 years.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
2012 Operations Manual
�46 Minimum Requirements
3.5 STANDARD 5 – MEASURE SELECTION
Intent: A prospective QE must provide documentation for each selected standard or alternative
measure used in public reporting to demonstrate its validity, reliability, responsiveness to
consumer preferences, and applicability.
Element 5A: Use standard measures
Assessment: Applicant selects standard measures for which it intends to incorporate Medicare
data.
Evidence: List of selected measures for performance reporting. A description of each measure
including:
(a) Name of measure
(b) Name of measure steward/owner
(c) Measure description
(d) Type of provider or supplier to which the applicant will apply the measure
(e) Hyperlink, URL, or copy of the measure specification
(f) Rationale for selecting the measure, including the relationship of the measure to
existing measurement efforts and the relevance to the proposed population in the
proposed geographic area
Element 5B: Use approved alternative measures
Assessments:
1. Applicant proposes alternative measure for which it intends to incorporate Medicare data.
Composite measures are considered alternative measures, even if they composite or
combine standard measures, unless the standard measure itself is a composite.
2. Applicant demonstrates the measure is more valid, reliable, responsive to consumer
preferences, cost‐effective, or relevant to dimensions of quality and resource use not
addressed by a standard measure, through consultation and agreement with stakeholders
in applicant’s community or through the notice and comment rulemaking process.
Applicants are only required to submit evidence for Element 5B if they select an alternative
measure to evaluate providers or suppliers.
Evidence:
1. List of proposed selected alternative measures. A description of each measure including:
(a) Name of measure
(b) Name of measure steward/owner
(c) Measure description
2012 Operations Manual
�
Minimum Requirements 47
(d) Type of provider or supplier to which the applicant will apply the measure
(e) Hyperlink, URL, or copy of the measure specification
(f) Evidence that the measure is more valid, reliable, responsive to consumer
preferences, cost‐effective, or relevant to dimensions of quality and resource use
not addressed by a standard measure
(g) Rationale for selecting the measure, including the relationship of the measure to
existing measurement efforts and the relevance to the proposed population in the
proposed geographic area
(h) Process to monitor and evaluate if new scientific evidence is released or a related
standard measure is endorsed. If new evidence or a standard measure is available,
the QE must notify CMS (QECP team) and submit all the new evidence. The QE must
start using the new standard measure within 6 months or the QE can request, with
supporting scientific documentation, approval to continue using the alternative
measure.
2. Documentation of consultation and agreement with stakeholders in the applicant’s
community, together with a description of the discussion about the proposed alternative
measure, including a summary of all pertinent arguments supporting and opposing the
measure or documentation of notice and comment rulemaking process approval.
3.6 STANDARD 6 – VERIFICATION PROCESS
Intent: A prospective QE must provide evidence of a continuous process to correct
measurement errors and assess measure reliability.
Element 6A: Systematically evaluate accuracy of the measurement process and correct errors
Assessment: Applicant demonstrates experience, generally 3 or more years, defining and
verifying its measurement and reporting processes, including the correction of errors and
updating of performance reports
Evidence:
1. Internal verification, audit process, or software used to evaluate the accuracy of calculating
performance measures from claims data
2. Name, credentials, and title of staff responsible for verifying the measurement process
3. Process for correcting errors
4. Process for updating reports to providers, suppliers, and consumers
5. Sample report generated by the validation process
6. If using an external vendor, documentation of agreement and/or purchase order of the
software and/or systems vendor utilized in the applicant’s validation process
7. Document(s) showing applicant has 3 years of experience in evaluating the accuracy of the
measurement process and correcting errors covering all relevant areas.
2012 Operations Manual
�48 Minimum Requirements
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
3.7 STANDARD 7 – REPORTING OF PERFORMANCE INFORMATION
Intent: A prospective QE must demonstrate substantial experience and expertise in the design
and dissemination of performance reports, as well as the capacity and commitment to
continuously improve the reporting process.
Element 7A: Design reporting for providers, suppliers, and the public
Assessments:
1. Applicant designs public reporting to be produced using Medicare data, including
understandable descriptions of measures used.
2. Applicant plans dissemination of information to users at least annually.
Evidence:
1. List of types of providers and suppliers in each geographic area to be covered by
performance reporting
2. Performance rating approach(es), including the measure results and statistical methods
used to estimate a rating
3. Prototype or mock‐up of reports, including all items of information for the providers and
suppliers as they will be displayed, including level of reporting, as well as any rating
approaches (such as number of stars) to display performance. The prototypes must clearly
explain the performance results or ratings. All prototypes must be submitted if they are
different (e.g., the provider or supplier prototype and the public report prototype).
Prototypes must further demonstrate:
(a) An indication, for each item reported, whether or not it is to be calculated in any
part with Medicare data
(b) An understandable description of the measures used to evaluate the performance of
providers and suppliers so that consumers, providers and suppliers, health plans,
researchers, and other stakeholders can assess performance reports
(c) Intended reporting at the provider or supplier level, or at a higher, more aggregated
level (consistent with measure specifications)
(d) Intended display of measures in dispute (per provider)
4. Dissemination plans to inform all intended audiences of the existence of the performance
reports, including how to locate them.
2012 Operations Manual
�
Minimum Requirements 49
Element 7B: Improve reporting
Assessment: Applicant demonstrates experience, generally 3 or more years, designing and
continuously improving public reporting on health care quality, efficiency, effectiveness, or
resource use.
Evidence: Document(s) showing results of previous evaluation of reporting for the past 3 years,
such as testing with users and use of evaluations to improve reporting.
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
3.8 STANDARD 8 – REQUESTS FOR CORRECTIONS/APPEALS
Intent: A prospective QE must provide evidence of implementing and maintaining an
acceptable process for providers and suppliers identified in a report to review the report prior
to publication, and providing a timely response to provider and supplier inquiries regarding
requests for data, error correction, and appeals.
Element 8A: Use corrections process
Assessment: Applicant has established a process to allow providers and suppliers to view
reports confidentially, request data, and ask for correction of errors before the reports are
made public.
Evidence: Process by which the applicant will share relevant information about anticipated
public reporting on a provider or a supplier with that provider or supplier at least 60 business
days prior to publicly reporting results. Applicant demonstrates experience, generally 3 or more
years, including sharing:
(a) Selected measures on which the provider or supplier is being measured
(b) Rationale for use
(c) Measurement methodology
(d) Data specifications and limitations
(e) Measure results for the provider or supplier
(f) Anticipated date for publishing reports for the public
(g) Description of the ongoing process by which providers or suppliers may
i.
Request additional information or data
ii.
Request corrections or changes prior to public reporting
2012 Operations Manual
�50 Minimum Requirements
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Element 8B: Use secure transmission of beneficiary data
Assessment: Applicant has established a process that applies privacy and security protections
to the release of beneficiary identifiers and claims data to providers or suppliers for the
purposes of the requests for corrections/appeals process.
Evidence: Description of process ensuring that only the minimum necessary beneficiary
identifiers and claims data will be disclosed in the event of a request by a provider or a supplier,
including the method for secure transmission.
2012 Operations Manual
�2012
OPERATIONS
MANUAL
APPENDIX A.
QECP PROCESS
FLOW
��
QECP Process Flow A‐3
APPENDIX A: QECP PROCESS FLOW
1. Prospective
applicant
completes
registration
and reviews
the QECP
Operations
Manual
2. QECP team
contacts
prospective
applicant
9. QE receives
Medicare data
Purpose: Applicant is
evaluated against QECP
minimum requirements
3. Application
completed
and submitted
4. Application
validated and
initiated
5. Application reviewed
8a. QE initiates
steps to obtain
Medicare data
6. CMS decision is
rendered
7. Applicant notified
of outcome
Qualified
Not Qualified
8b. Return
to Step 3
Purpose: QE is evaluated for its ability to
comply with program requirements
consistent with the documented plans it
presented at the time of application
10. QECP evaluation
phase initiated
Purpose: QE performance is
monitored and assessed; quality
assurance plan is finalized
11. QE releases first public reports (or 12
months has passed since QE certification)
12. QECP monitoring and
oversight initiated
2012 Operations Manual
��2012
OPERATIONS
MANUAL
APPENDIX B.
PAPER-BASED QE
APPLICATION
FORM
��APPENDIX B: PAPER-BASED QE APPLICATION FORM
According to the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of
information unless it displays a valid OMB control number. The valid OMB control number for this
information collection is 0938‐1144. The time required to complete this information collection is
estimated to average 500 hours per response, including the time to review instructions, search existing
data resources, gather the data needed, and complete and review the information collection. If you
have comments concerning the accuracy of the time estimate(s) or suggestions for improving this form,
please write to: CMS, 7500 Security Boulevard, Attn: PRA Reports Clearance Officer, Mail Stop C4‐26‐05,
Baltimore, Maryland 21244‐1850.
Date Application
Submitted
Date Application
Received by CMS
Section 1: General Information
Instructions: Please input the prospective applicant’s information. The listed trade name and
type of applicant should be for the lead applicant. Subcontractors or partners for this effort
should be listed in the Member Organizations field.
Applicant’s Trade Name/DBA
Other (describe)
Applicant’s Employer ID Number
Type of Applicant
Profit Organization
Non‐Profit Organization
Name(s) of Contractor(s) or Member
Organization(s)
(Contact [email protected] to
obtain further instructions to submit
required contractor or member
organization information)
Data Recipient’s Name
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐3
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�
Data Requested
Regional (specify States)
National
Section 2: Mailing Address
Instructions: The mailing address should be an address where mail correspondence about the
application or program can be delivered.
Street Mailing Address __________________________________________________________
Suite/Mail Stop ________________________________________________________________
City _____________________________________ State ____________ ZIP Code ___________
Phone _______________________________________ Fax _____________________________
Website ______________________________________________________________________
Section 3: Contact Information
Chief Executive Officer (or other equivalent executive)
Instructions: Please provide the contact information for the CEO, or equivalent executive, who
has the authority to oversee the entity’s application and QECP responsibilities.
Prefix _______
First Name____________________________________________________________________
Middle Initial ______
Last Name____________________________________________________________________
Degree ____________________
E‐mail Address _________________________________________________________________
Street Mailing Address ___________________________________________________________
Suite/Mail Stop ________________________________________________________________
City _____________________________________ State ____________ ZIP Code ___________
Phone _______________________________________ Fax _____________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐4
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Point of Contact for Application
Instructions: Please provide the contact information for the individual who will be the primary
contact for day‐to‐day application and program correspondence.
Prefix _______
First Name____________________________________________________________________
Middle Initial ______
Last Name____________________________________________________________________
Degree ____________________
E‐mail Address _________________________________________________________________
Street Mailing Address ___________________________________________________________
Suite/Mail Stop _________________________________________________________________
City _____________________________________ State ____________ ZIP Code ___________
Phone _______________________________________ Fax _____________________________
Section 4: Standards
Instructions: Please indicate whether the entity is capable of supplying information with regard
to each element by checking the appropriate box (Yes, No, N/A). Using plain language, please
provide explanations in the “explanation of self‐assessment” comment box.
Entities are also required to submit supporting documentation to support their self‐assessment
and for the purposes of the minimum requirements review and assessment. Please list the
name of the supporting document, its relevance to the element, and the pages within the
document that prove such relevance. Additional supporting documentation may be listed in
Section 6 of this application form. Refer to the accompanying QECP Operations Manual for
complete program information.
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐5
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 1: APPLICANT PROFILE
Intent: A prospective QE must provide information about its organization and structure, the
types of providers and suppliers it intends to evaluate, the geographic areas for which it intends
to report data, and its ability to meet financial requirements of the program.
Element 1A: Define applicant organization
Self ‐
assessment:
Applicant is a legally recognized “lead” entity, accountable to CMS for the receipt of
Medicare data, with clear contractual relationships identified and documented between Yes
entities (when applicable) that make it possible for the applicant to meet the QECP
No
standards.
Assessment:
Explanation of Self‐assessment:
Evidence:
The applicant’s incorporation, type of organization, and licensure, if applicable. Contractors or member
organizations working with the lead entity in support of their QECP activities must also include
incorporation, type of organization, and licensure information as well as evidence of a contractual
relationship between the lead and other entities that includes breach of contract liability with potential
for collecting damages for failure to perform.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐6
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 1B: Identify the geographic areas that applicant’s reports will cover
Assessment:
Applicant defines the geographic area in which performance reporting will incorporate
the Medicare data.
Self ‐
assessment:
Yes
No
Explanation of Self‐assessment:
Evidence:
1. Description of geographic area(s) by state for which the applicant requests Medicare data. If a 5%
national sample is requested, a justification for the request must be included.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
2. Description of geographic area(s) by state for which the applicant has claims data from another
payer source(s).
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐7
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐8
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 1C: Identify the types of providers or suppliers whose performance the applicant intends to
assess using Medicare data
Self ‐
Assessment:
assessment:
Applicant lists the types of providers and suppliers for which it intends to evaluate
performance using Medicare and other claims data.
Yes
No
Explanation of Self‐assessment:
Evidence:
List of types of providers and suppliers to be covered in each geographic area report that uses Medicare
data. The types of providers and suppliers must be those that submit claims, and are paid, for Medicare‐
covered services and those for which the applicant has at least one additional source of claims data. The
following is a list of possible provider types as defined by the Social Security Act:
(a) Physicians
(b) Other health care practitioners
(c) Hospitals
(d) Critical access hospitals
(e) Skilled nursing facilities
(f) Comprehensive outpatient rehabilitation facilities
(g) Home health agencies
(h) Hospice programs
(i) Other facilities or entities that furnish items or services
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐9
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐10
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 1D: Show ability to cover the costs of performing the required functions of a qualified entity
Self ‐
assessment:
Assessment:
Applicant’s business model is projected to cover the cost of public reporting, both the
cost of the data and the cost of developing the reports.
Yes
No
Explanation of Self‐assessment:
Evidence:
Documentation of a program budget reviewed and, approved, and signed by the applicant’s senior
executives. Evidence must come from the applicant, not from a member organization or contractor.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐11
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 2: DATA SOURCES
Intent: A prospective QE must provide evidence of the ability to combine claims data from
other sources to calculate performance reports.
Element 2A: Obtain claims data from at least one other payer source to combine with Medicare Parts
A and B claims data, and Part D drug event data
Self ‐
Assessment:
assessment:
Yes
For the geographic areas identified in Element 1B and for providers and suppliers
identified in Element 1C, applicant possesses claims data from at least one other source; No
however, obtaining claims data from two or more sources is preferable.
N/A
If the applicant does not possess other claims data at the time of application, see the QECP 2012
Operations Manual Section 2.2 and Appendix C for instructions on how to apply for a qualified‐
conditional certification.
Explanation of Self‐assessment:
Evidence:
An attestation from the entities from which the applicant obtains claims data that will be combined with
the Medicare data. The attestation should include geographic area and types of providers and suppliers
included in the data shared with the prospective QE.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐12
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐13
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 2B: Accurately combine Medicare claims data with claims data from other payer sources
Self ‐
assessments:
Assessments:
1. Applicant accurately combines Medicare claims data with claims data from at least
one other payer source.
Yes
No
2. Applicant demonstrates experience, generally 3 or more years, accurately
combining claims data from different payer sources.
Yes
No
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Documented process for combining claims data from multiple payers for the purposes of
performance measurement. At a minimum, this must include the applicant’s method for matching
provider and supplier identifiers across different claims data sources.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐14
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2. Document(s) showing 3 years of experience aggregating claims data to produce at least two
performance measures.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐15
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 3: DATA SECURITY
Intent: A prospective QE must provide evidence of rigorous data privacy and security policies
including enforcement mechanisms.
Element 3A (Administrative): Show ability to comply with Federal data security and privacy
requirements, and document a process to follow those protocols
Self ‐
Assessment:
assessment:
Applicant has established systems and protocols to address the following security
elements (as detailed in FIPS 200):
Audit and Accountability
Certification, Accreditation, and Security Assessments
Incident Response, including notifying CMS and beneficiaries of inappropriate Yes
data access, violations of applicable Federal and state privacy and security laws
and regulations for the preceding 10‐year period (or, if the applicant has not No
been in existence for 10 years, the length of time the applicant has been an
organization), and any corrective actions taken to address the issues
Planning
Risk Assessment
Compliance with applicable state laws regarding privacy and security
Explanation of Self‐assessment:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Current NIST Certification and Accreditation for compliance with FIPS 200 and SP 800‐53 at the
moderate impact level. If the applicant has not undergone this Certification and Accreditation
process, it must produce documentation of the systems and protocols that meet this same
threshold with respect to the security factors listed in Element 3A, which are further described
below. If these systems and protocols do not meet the standards of FIPS 200 and SP 800‐53 or have
not yet been fully implemented, the applicant may be granted an opportunity to submit an agreed‐
upon plan of action and milestones (POA&M) and subsequently must demonstrate appropriate
improvements to meet compliance.
Audit and Accountability: Applicant must: (i) create, protect, and retain information system
audit records to the extent needed to enable the monitoring, analysis, investigation, and
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐16
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�reporting of unlawful, unauthorized, or inappropriate information system activity; and (ii)
ensure that the actions of individual information system users may be uniquely traced to those
users so they can be held accountable for their actions.
Certification, Accreditation, and Security Assessments: Applicant must (i) periodically assess the
security controls in organizational information systems to determine if the controls are effective
in their application; (ii) develop and implement plans of action designed to correct deficiencies
and reduce or eliminate vulnerabilities in organizational information systems; (iii) authorize the
operation of organizational information systems and any associated information system
connections; and (iv) monitor information system security controls on an ongoing basis to
ensure the continued effectiveness of the controls.
Incident Response: Applicant must (i) establish an operational incident handling capability for
organizational information systems that includes adequate preparation, detection, analysis,
containment, recovery, and user response activities; and (ii) track, document, and report
incidents to organizational officials and/or authorities.
Planning: Applicant must develop, document, periodically update, and implement security plans
for organizational information systems that describe the security controls in place or planned for
the information systems and the rules of behavior for individuals accessing the information
systems.
Risk Assessment: Applicant must periodically assess the risk to organizational operations
(including mission, functions, image, or reputation), organizational assets, and individuals,
resulting from the operation of organizational information systems and the associated
processing, storage, or transmission of organizational information.
Compliance with applicable state laws regarding privacy and security: Applicants, regardless of
Certification and Accreditation status, must document compliance with applicable state laws
regarding privacy and security.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐17
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�
2. All applicants, regardless of Certification and Accreditation status, must document all breaches of
data security or privacy within the past 10 years (or the lifetime of the organization if that is less
than 10 years).
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
3. All applicants, regardless of Certification and Accreditation status, must document the protocols and
systems that will be implemented for transferring information to providers and suppliers as part of
the requests for corrections/appeals process.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐18
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 3B (Technical): Identify system users and prequalification process for access to data
Self ‐
assessment:
Assessment:
Applicant has established systems and protocols to address the following security
elements (as detailed in FIPS 200):
Access Control
Yes
Awareness and Training
Configuration Management
No
Identification and Authentication
Personnel Security
Explanation of Self‐assessment:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Current NIST Certification and Accreditation for compliance with FIPS 200 and SP 800‐53 at the
moderate impact level. If the applicant has not undergone this Certification and Accreditation process, it
must produce documentation of the systems and protocols in place with respect to the security factors
listed in Element 3B, and further described below. If these systems and protocols do not meet the
standards of FIPS 200 and SP 800‐53 or have not yet been fully implemented, the applicant may be
granted an opportunity to submit an agreed‐upon plan of action and milestones (POA&M) and
subsequently demonstrate appropriate improvements to meet compliance.
Access Control: Applicant must limit information system access to authorized users, processes
acting on behalf of authorized users, or devices (including other information systems) and to the
types of transactions and functions that authorized users are permitted to exercise.
Awareness and Training: Applicant must: (i) ensure that managers and users of organizational
information systems are made aware of the security risks associated with their activities and of
the applicable laws, Executive Orders, directives, policies, standards, instructions, regulations, or
procedures related to the security of organizational information systems; and (ii) ensure that
organizational personnel are adequately trained to carry out their assigned information security‐
related duties and responsibilities.
Configuration Management: Applicant must: (i) establish and maintain baseline configurations
and inventories of organizational information systems (including hardware, software, firmware,
and documentation) throughout the respective system development life cycles; and (ii) establish
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐19
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�and enforce security configuration settings for information technology products employed in
organizational information systems.
Identification and Authentication: Applicant must identify information system users, processes
acting on behalf of users, or devices and authenticate (or verify) the identities of those users,
processes, or devices, as a prerequisite to allowing access to organizational information systems.
Personnel Security: Applicant must: (i) ensure that individuals occupying positions of
responsibility within organizations (including third‐party service providers of services) are
trustworthy and meet established security criteria for those positions; (ii) ensure that
organizational information and information systems are protected during and after personnel
actions such as terminations and transfers; and (iii) employ formal sanctions for personnel
failing to comply with organizational security policies and procedures.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐20
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 3C (Physical): Identify processes and systems in place to protect the IT physical infrastructure
Self ‐
assessment:
Assessment:
Applicant has established systems and protocols to address the following security
elements (as detailed in FIPS 200):
Contingency Planning
Maintenance
Yes
Media Protection
No
Physical and Environmental Protection
System and Services Acquisition
System and Communications Protection
System and Information Integrity
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Current NIST Certification and Accreditation for compliance with FIPS 200 and SP 800‐53 at the
moderate impact level. If the applicant has not undergone this Certification and Accreditation process, it
must produce documentation of the systems and protocols in place with respect to the security factors
listed in Element 3C, and described further below. If these systems and protocols do not meet the
standards of FIPS 200 and SP 800‐53 or have not yet been fully implemented, the applicant may be
granted an opportunity to submit an agreed‐upon plan of action and milestones (POA&M) and
subsequently demonstrate appropriate improvements to meet compliance.
Contingency Planning: Applicant must establish, maintain, and effectively implement plans for
emergency response, backup operations, and post‐disaster recovery for organizational
information systems to ensure the availability of critical information resources and continuity of
operations in emergency situations.
Maintenance: Applicant must: (i) perform periodic and timely maintenance on organizational
information systems; and (ii) provide effective controls on the tools, techniques, mechanisms,
and personnel used to conduct information system maintenance.
Media Protection: Applicant must: (i) protect information system media, both paper and digital;
(ii) limit access to information on information system media to authorized users; and (iii) sanitize
or destroy information system media before disposal or release for reuse.
Physical and Environmental Protection: Applicant must: (i) limit physical access to information
systems, equipment, and the respective operating environments to authorized individuals; (ii)
protect the physical plant and support infrastructure for information systems; (iii) provide
supporting utilities for information systems; (iv) protect information systems against
environmental hazards; and (v) provide environmental controls in facilities containing
information systems.
System and Services Acquisition: Applicant must: (i) allocate sufficient resources to adequately
protect organizational information systems; (ii) employ system development life cycle processes
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐21
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�that incorporate information security considerations; (iii) employ software usage and
installation restrictions; and (iv) ensure that third‐party providers employ adequate security
measures to protect information, applications, and/or services outsourced from the
organization.
System and Communications Protection: Applicant must: (i) monitor, control, and protect
organizational communications (i.e., information transmitted or received by organizational
information systems) at the external boundaries and key internal boundaries of the information
systems; and (ii) employ architectural designs, software development techniques, and systems
engineering principles that promote effective information security within organizational
information systems.
System and Information Integrity: Applicant must: (i) identify, report, and correct information
and information system flaws in a timely manner; (ii) provide protection from malicious code at
locations within organizational information systems; and (iii) monitor information system
security alerts and advisories and take actions in response.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐22
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 4: METHODOLOGY FOR MEASUREMENT AND ATTRIBUTION
Intent: A prospective QE must provide evidence of its ability to accurately calculate quality and
efficiency, effectiveness, or resource use measures from claims data for measures it intends to
calculate with Medicare data.
Element 4A: Follow measure specifications
Self ‐
assessment:
Applicant uses measure specifications accurately for selected measures, including
Yes
numerator and denominator inclusions and exclusions, measured time periods, and
No
specified data sources.
Assessment:
Explanation of Self‐assessment:
Evidence:
For the measures listed in Elements 5A and 5B, the applicant must supply the measure specifications
through a hyperlink to the original specification, a URL, or a copy of the specifications.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐23
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 4B: Use a defined and transparent method for attribution of patients and episodes
Assessments:
1. Applicant identifies an appropriate method to attribute a particular patient's
services or episode to specific providers and suppliers.
2. Applicant demonstrates experience, generally 3 or more years, accurately
attributing patient's services or episode to specific providers and suppliers.
Self ‐
assessments:
Yes
No
Yes
No
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Methodology paper or document defining how the applicant attributes patient services or episodes
to specific providers or suppliers. If the attribution methods are different for different types of
providers and suppliers (or measures), the applicant describes each methodology.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐24
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2. Methodology paper or document describing attribution approaches the applicant has defined and
executed over the past 3 years. Note that if the attribution methodology has changed over the past
3 years, the applicant must provide a rationale for the change.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐25
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 4C: Set and follow requirements to establish statistical validity of measure results for quality
measures
Self ‐
Assessments:
assessments:
1. For reporting quality measures using Medicare data, applicant uses only measures
with at least 30 observations, or the calculated confidence interval is at least 90%,
or the measure reliability is at least 0.70.
2. Applicant demonstrates experience, generally 3 or more years, producing measures
with statistical validity.
Yes
No
Yes
No
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Methodology paper or document stating the applicant's minimum requirements for reporting a
measure that incorporates any of the received Medicare data. This includes one of the following:
minimum sample size (or denominator size) requirements, minimum calculated confidence interval,
or minimum reliability score requirements.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐26
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2. For each measure for which the applicant intends to incorporate Medicare data, the applicant must
submit one of the following: the anticipated sample size, the reliability score, or the confidence
interval that will be used in reporting. Evidence supporting these statements must be submitted.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
3. Document(s) showing the applicant’s requirements for establishing statistical validity, together with
examples of how the applicant has applied them over the past 3 years for at least two quality
measures for which it intends to incorporate Medicare data. If any of the selected quality measures
require the application of distinct or different statistical thresholds, then these must also be
submitted.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐27
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 4D: Set and follow requirements to establish statistical validity of measure results for
efficiency, effectiveness, and resource use measures
Self ‐
Assessments:
assessments:
Yes
1. For selected efficiency, effectiveness, and resource use measures using Medicare
data, applicant uses only measures for which reliability and validity is demonstrated. No
N/A
Yes
2. For selected efficiency, effectiveness, and resource use measures using Medicare
data that specify the use of a standardized payment or pricing approach, the No
specified standardized payment methodology is used.
N/A
Yes
3. Applicant demonstrates experience, generally 3 or more years, producing measures
No
with statistical validity.
N/A
Applicants are only required to submit evidence for Element 4D if they select efficiency, effectiveness, or
resource use measures to evaluate providers or suppliers.
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Methodology paper that states the applicant's minimum requirements for reporting a measure with
combined data. This includes the minimum calculated confidence interval or the reliability score.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐28
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
2. For each measure for which the QE intends to incorporate Medicare data, the applicant must submit
one of the following: the anticipated sample size, the reliability score, or the confidence interval that
will be used in reporting. Evidence supporting these statements must be submitted.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
3. Document(s) showing the applicant’s requirements for establishing statistical validity, together with
examples of how the applicant has applied them over the past 3 years for each selected type of
measure (efficiency, effectiveness, and resource use) for which it intends to incorporate Medicare
data. If any of the selected measures require the application of distinct or different statistical
thresholds, then these must also be submitted.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐29
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�4. Description of standard payment methodology for applicable measures.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐30
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 4E: Use appropriate methods to employ risk adjustment
Self ‐
assessments:
Assessments:
1. Applicant provides a rationale for using, or not using, a risk adjustment method for
each selected measure. Furthermore, the applicant provides a description of the
risk adjustment method for each applicable measure.
Yes
No
N/A
Yes
2. Applicant demonstrates experience, generally 3 or more years, applying risk
adjustment if any of the selected measures require a risk adjustment approach.
No
N/A
Applicants are only required to submit evidence for Element 4E if they select a measure(s) that specifies a
risk adjustment method.
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Methodology paper indicating for each measure for which the applicant intends to use Medicare
data:
(a) How the applicant has determined whether risk adjustment is necessary
(b) The explicit methodology to be used for risk adjustment, including any case‐mix or severity
adjustment
(c) A justification if the applicant determines that risk adjustment is not necessary
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐31
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
2. Document(s) showing consideration of risk adjustment, use of risk adjustment methodologies,
and/or justification for not using risk adjustment over the past 3 years.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐32
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 4F: Use appropriate methods to handle outliers
Self ‐
assessments:
Assessments:
1. Applicant describes its outlier method (i.e., how to identify and account for
outliers) for each selected measure as applicable.
Yes
2. Applicant demonstrates experience, generally 3 or more years, applying relevant
outlier methods, as applicable.
Yes
No
No
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Methodology paper indicating for each measure with which the applicant intends to incorporate
Medicare data:
(a) Rationale to use, or not use, an outlier method
(b) Detailed description of outlier method; specifically, how to identify outliers (e.g., more than 3
standard deviations from the mean) and how to account for them (e.g., truncation or removal
of outlier).
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐33
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2. Document(s) showing identification of outliers, use of outlier methods, or justification for not using
outlier methods over the past 3 years, for each type of measure.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐34
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 4G: Use comparison groups when evaluating providers or suppliers compared to each other
Self ‐
assessments:
Assessments:
1. Applicant defines comparison groups it intends to use to report results for each
selected measure.
Yes
2. Applicant demonstrates experience, generally 3 or more years, selecting relevant
comparison groups (i.e., peer groups) for selected measures.
Yes
No
No
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Description of the comparison or peer groups used to evaluate performance for each measure
selected. Peer group identification includes each type of provider and supplier to be reported on,
including:
(a) How the peer group was identified (external data source, provider‐reported specialty, Tax ID
number)
(b) Defined algorithms to identify relevant peer groups for measurement
(c) Geographic parameters to correctly compare providers to their peers
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐35
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2. Document(s) showing the peer groups to which providers and suppliers have been assigned, and
how peer groups have been defined, during the past 3 years.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐36
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 4H: Use benchmarks when evaluating providers
Self ‐
assessments:
Assessments:
1. Applicant defines benchmarks it intends to use to report results for each selected
measure.
Yes
2. Applicant demonstrates experience, generally 3 or more years, comparing measure
results with benchmarks.
Yes
No
No
Explanation of Self‐assessments:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Description of the benchmark selection process and any performance standard that is used. The
benchmark selection process includes:
(a) How the benchmark is identified or estimated (external data source, current data set)
(b) Type of benchmark (90th percentile, national average, regional average,
(c) Geographic parameters to correctly identify the benchmark if relevant (provided region
assignment uses regional benchmarks)
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐37
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2. Document(s) showing the comparison of performance results of providers and suppliers with
benchmarks during the past 3 years.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐38
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 5: MEASURE SELECTION
Intent: A prospective QE must provide documentation for each selected standard or alternative
measure used in public reporting to demonstrate its validity, reliability, responsiveness to
consumer preferences, and applicability.
Element 5A: Use standard measures
Assessment:
Applicant selects standard measures for which it intends to incorporate Medicare data.
Self ‐
assessment:
Yes
No
Explanation of Self‐assessment:
Evidence:
List of selected measures for performance reporting. A description of each measure including:
(a) Name of measure
(b) Name of measure steward/owner
(c) Measure description
(d) Type of provider or supplier to which the applicant will apply the measure
(e) Hyperlink, URL, or copy of the measure specification
(f) Rationale for selecting the measure, including the relationship of the measure to existing
measurement efforts and the relevance to the proposed population in the proposed
geographic area
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐39
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐40
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 5B: Use approved alternative measures
Assessments:
1. Applicant proposes alternative measure for which it intends to incorporate
Medicare data. Composite measures are considered alternative measures, even if
they composite or combine standard measures, unless the standard measure itself
is a composite.
Self ‐
assessments:
Yes
No
N/A
2. Applicant demonstrates the measure is more valid, reliable, responsive to consumer
Yes
preferences, cost‐effective, or relevant to dimensions of quality and resource use
not addressed by a standard measure, through consultation and agreement with
No
stakeholders in applicant’s community or through the notice and comment
N/A
rulemaking process.
Applicants are only required to submit evidence for Element 5B if they select an alternative measure to
evaluate providers or suppliers.
Explanation of Self‐assessments:
Evidence:
1. List of proposed selected alternative measures. A description of each measure including:
(a) Name of measure
(b) Name of measure steward/owner
(c) Measure description
(d) Type of provider or supplier to which the applicant will apply the measure
(e) Hyperlink, URL, or copy of the measure specification
(f) Evidence that the measure is more valid, reliable, responsive to consumer preferences, cost‐
effective, or relevant to dimensions of quality and resource use not addressed by a standard
measure
(g) Rationale for selecting the measure, including the relationship of the measure to existing
measurement efforts and the relevance to the proposed population in the proposed
geographic area
(h) Process to monitor and evaluate if new scientific evidence is released or a related standard
measure is endorsed. If new evidence or a standard measure is available, the QE must notify
CMS (QECP team) and submit all the new evidence. The QE must start using the new
standard measure within 6 months or the QE can request, with supporting scientific
documentation, approval to continue using the alternative measure.
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐41
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
2. Documentation of consultation and agreement with stakeholders in the applicant’s community,
together with a description of the discussion about the proposed alternative measure, including a
summary of all pertinent arguments supporting and opposing the measure or documentation of
notice and comment rulemaking process approval.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐42
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 6: VERIFICATION PROCESS
Intent: A prospective QE must provide evidence of a continuous process to correct
measurement errors and assess measure reliability.
Element 6A: Systematically evaluate accuracy of the measurement process, and correct errors
Self ‐
assessment:
Applicant demonstrates experience, generally 3 or more years, defining and verifying its
Yes
measurement and reporting processes, including the correction of errors and updating
No
of performance reports.
Assessment:
Explanation of Self‐assessment:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
1. Internal verification, audit process, or software used to evaluate the accuracy of calculating
performance measures from claims data.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐43
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2. Name, credentials, and title of staff responsible for verifying the measurement process.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
3. Process for correcting errors.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
4. Process for updating reports to providers, suppliers, and consumers.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐44
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
5. Sample report generated by the validation process.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
6. If using an external vendor, documentation of agreement and/or purchase order of the software
and/or systems vendor utilized in the applicant’s validation process.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐45
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�7. Document(s) showing applicant has 3 years of experience in evaluating the accuracy of the
measurement process and correcting errors covering all relevant areas.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐46
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 7: REPORTING OF PERFORMANCE INFORMATION
Intent: A prospective QE must demonstrate substantial experience and expertise in the design
and dissemination of performance reports, as well as the capacity and commitment to
continuously improve the reporting process.
Element 7A: Design reporting for providers, suppliers, and the public
Self ‐
assessments:
1. Applicant designs public reporting to be produced using Medicare data, including Yes
understandable descriptions of measures used.
No
Assessments:
2. Applicant plans dissemination of information to users at least annually.
Yes
No
Explanation of Self‐assessments:
Evidence:
1. List of types of providers and suppliers in each geographic area to be covered by performance
reporting.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐47
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
2. Performance rating approach(es), including the measure results and statistical methods used to
estimate a rating.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
3. Prototype or mock‐up of reports, including all items of information for the providers and suppliers
as they will be displayed, including level of reporting, as well as any rating approaches (such as
number of stars) to display performance. The prototypes must clearly explain the performance
results or ratings. All prototypes must be submitted if they are different (e.g., the provider or
supplier prototype and the public report prototype). Prototypes must further demonstrate:
(a) An indication, for each item reported, whether or not it is to be calculated in any part with
Medicare data
(b) An understandable description of the measures used to evaluate the performance of
providers and suppliers so that consumers, providers and suppliers, health plans,
researchers, and other stakeholders can assess performance reports
(c) Intended reporting at the provider or supplier level, or at a higher, more aggregated level
(consistent with measure specifications)
(d) Intended display of measures in dispute (per provider)
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐48
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
4. Dissemination plans to inform all intended audiences of the existence of the performance reports,
including how to locate them.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐49
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 7B: Improve reporting
Self ‐
assessment:
Assessment:
Applicant demonstrates experience, generally 3 or more years, designing and
Yes
continuously improving public reporting on health care quality, efficiency,
No
effectiveness, or resource use.
Explanation of Self‐assessment:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Document(s) showing results of previous evaluation of reporting for the past 3 years, such as testing
with users and use of evaluations to improve reporting.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐50
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�STANDARD 8: REQUESTS FOR CORRECTIONS/APPEALS
Intent: A prospective QE must provide evidence of implementing and maintaining an
acceptable process for providers and suppliers identified in a report to review the report prior
to publication and providing a timely response to provider and supplier inquiries regarding
requests for data, error correction, and appeals.
Element 8A: Use corrections process
Assessment:
Applicant has established a process to allow providers and suppliers to view reports
confidentially, request data, and ask for correction of errors before the reports are
made public.
Self ‐
assessment:
Yes
No
Explanation of Self‐assessment:
Evidence:
Evidence of experience submitted by the applicant may be the demonstrated experience of the
applicant, of the applicant’s contractor, or, if the applicant is a collaborative, of any member
organization of the collaborative.
Process by which the applicant will share relevant information about anticipated public reporting on a
provider or a supplier with that provider or supplier at least 60 business days prior to publicly reporting
results. Applicant demonstrates experience, generally 3 or more years, including sharing:
(a) Selected measures on which the provider or supplier is being measured
(b) Rationale for use
(c) Measurement methodology
(d) Data specifications and limitations
(e) Measure results for the provider or supplier
(f) Anticipated date for publishing reports for the public
(g) Description of the ongoing process by which providers or suppliers may
i.
Request additional information or data
ii.
Request corrections or changes prior to public reporting
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐51
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐52
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�Element 8B: Use secure transmission of beneficiary data
Self ‐
assessment:
Applicant has established a process that applies privacy and security protections to the
release of beneficiary identifiers and claims data to providers or suppliers for the Yes
purposes of the requests for corrections/appeals process.
No
Assessment:
Explanation of Self‐assessment:
Evidence:
Description of process ensuring that only the minimum necessary beneficiary identifiers and claims data
will be disclosed in the event of a request by a provider or a supplier, including the method for secure
transmission.
Supporting Documentation:
Document 1
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 2
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Document 3
Document Name: ___________________________________________________________
Document Relevance: ________________________________________________________
Relevant Pages: _____________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐53
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�
Section 5: Attestation
Instructions: Prior to an application being submitted as final, the contents of the application
must be accompanied with a completed attestation from an individual at the entity authorized
to attest to its accuracy and completion.
To the best of my knowledge and belief, all data in this application are true and correct, the
document has been duly authorized by the governing body of the applicant, and the applicant
will comply with the terms and conditions of the award and applicable Federal requirements
awarded.
Authorized Representative’s Name (printed) _________________________________________
Authorized Representative’s Title (printed) __________________________________________
Signature_____________________________________________ Date ____________________
Phone _______________________________________ Fax _____________________________
Section 6: Additional Supporting Documentation
Instructions: Please describe all additional supporting documentation submitted in conjunction
with this application that is not listed in Section 4.
1.
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
2.
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
3.
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐54
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�4.
5.
6.
7.
8.
9.
10.
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐55
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�11.
12.
13.
14.
15.
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Standard:
_____________
Element:
_____________
Document Name: _______________________________________________________
Document Relevance: ____________________________________________________
Relevant Pages: _________________________________________________________
Department of Health & Human Services
Centers for Medicare & Medicaid Services
B‐56
OMB No. 0938‐1144
Exp. xx/xx/xxxx
�2012
OPERATIONS
MANUAL
APPENDIX C.
QUALIFIED–
CONDITIONAL
STATUS
��
Qualified‐Conditional Status C‐3
APPENDIX C: QUALIFIED-CONDITIONAL STATUS
What is Qualified‐Conditional Status?
The Qualified‐Conditional certification indicates that an entity is compliant with all the
application standards except the requirement of access to other claims data sources (Standard
2, Element 2B). An applicant certified as Qualified‐Conditional will have 180 days to obtain
access to relevant and adequate additional claims data. Once the QE‐Conditional entity obtains
access to such data, it must submit documentation that the claims data from other sources
which it intends to combine with the Medicare data received under this program address the
methodological concerns regarding sample size and reliability. Thus, the QE‐Conditional entity
will also be required to submit additional documentation for Standard 4. The QECP review team
will then reassess the application against both Standard 2 (Element 2A) and Standard 4
(Elements 4C and 4D).
Upon successful completion of this final review, the entity will be recognized as a fully
compliant QE.
Initial Review
Any entity may apply for Qualified‐Conditional certification under the following conditions:
1. Requests Qualified‐Conditional certification in the application (see Exhibit 3).
a. In the application select N/A for Element 2A’s self assessment.
b. In Element 2A’s self‐assessment comment box, state “Seeking Qualified‐Conditional
certification.”
2. Submits relevant evidence and demonstrates full compliance with all other elements
(including Element 2B) and standards in the QECP Application.
2012 Operations Manual
�C‐4 Qualified‐Conditional Status
Exhibit 3: How to Request a Qualified‐Conditional Certification Review
After a review for conditional certification, CMS will render a decision. Key considerations of
Qualified‐Conditional certification are:
1. Entity will be deemed Qualified‐Conditional after demonstrating full compliance with all
other standards excluding Element 2A (the applicant must be fully compliant with Standard
2, Element 2B).
2. Qualified‐Conditional status is valid for 180 days.
3. CMS will publicly report this status; entities will be sent a letter confirming their conditional
certification status and may use it to secure another source of data.
4. Entities that are deemed Qualified‐Conditional will not be able to receive any of the
standardized Medicare data extracts.
An entity must obtain access to adequate and relevant claims data other than Medicare Parts A
and B claims data and Part D PDE data to be considered for Qualified status (i.e., a qualified
entity). If the entity does not obtain the additional claims data within 180 days of the Qualified‐
Conditional certification, the conditional certification expires and the entity will receive a final
outcome of Not Qualified.
2012 Operations Manual
�
Qualified‐Conditional Status C‐5
Final Review
An entity with Qualified‐Conditional certification must submit requested evidence for Standard
2, Element 2A, and Standard 4, Elements 4C and 4D. The QECP review team will assess the
entity’s ability to meet these minimum requirements. The entity must demonstrate full
compliance with all the standards at this time; previously assessed elements will not be re‐
assessed.
After the final review, CMS will issue a decision report with a status of Qualified or Not
Qualified. Key considerations when certification status is changed from Qualified‐Conditional to
Qualified Entity are:
1. To be fully Qualified, the entity must be compliant with all standards of the QE application
review.
2. The effective date of the outcome is the same as the effective date of Qualified‐Conditional
certification.
3. The QE expiration date is 3 years from the effective date of Qualified‐Conditional
certification.
Upon successful completion of this final review, the entity will be recognized as a fully
compliant QE.
2012 Operations Manual
��2012
OPERATIONS
MANUAL
APPENDIX D.
QECP PORTAL
USER’S GUIDE
��
QECP Portal User’s Guide D‐3
TABLE OF CONTENTS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
Accessing the QECP Portal Site .................................................................................. D‐5
Step 1a: Access the QECP Portal Home Page ........................................................... D‐5
Step 1b: Visit the About QECP Page ......................................................................... D‐6
Step 1c: Visit the QECP Team Page .......................................................................... D‐7
Step 1d: Access and Review the Get Started Page ................................................... D‐8
Completing the Registration Form ............................................................................. D‐9
Step 2a: Access the Registration Form ..................................................................... D‐9
Step 2b: Complete Required Fields ........................................................................ D‐10
Step 2c: Review and Submit ................................................................................... D‐11
Step 2d: View Submission Completion Page .......................................................... D‐12
Receiving your User Profile ..................................................................................... D‐13
Step 3a: Receive User Profile ................................................................................. D‐13
Step 3b: Request Additional User Profiles (optional) ............................................ D‐13
Accessing the Secure QECP Portal ........................................................................... D‐14
Step 4a: Login to Secure Application Site ............................................................... D‐14
Step 4b: Review Available Documentation ............................................................ D‐15
Step 4c: Access Online Application ........................................................................ D‐15
Step 4d: View Application Section Home Page ...................................................... D‐17
Understanding the Application Section Layout ........................................................ D‐19
Completing Application Section 1 – General Information ........................................ D‐20
Completing Application Section 2 – Mailing Address ............................................... D‐21
Completing Application Section 3 – Contact Information ........................................ D‐22
Understanding Section 4 – Standards ...................................................................... D‐24
Completing Section 4 – Standard 1 .......................................................................... D‐29
Completing Section 4 – Standard 2 .......................................................................... D‐31
Completing Section 4 – Standard 3 .......................................................................... D‐32
Completing Section 4 – Standard 4 .......................................................................... D‐33
Completing Section 4 – Standard 5 .......................................................................... D‐34
Completing Section 4 – Standard 6 .......................................................................... D‐35
Completing Section 4 – Standard 7 .......................................................................... D‐36
Completing Section 4 – Standard 8 .......................................................................... D‐37
Completing Application Section 5 – Attestation ...................................................... D‐38
Submitting the Application...................................................................................... D‐39
2012 Operations Manual
��
QECP Portal User’s Guide D‐5
1.
ACCESSING THE QECP PORTAL SITE
Step 1a: Access the QECP Portal Home Page
To access the QECP Portal home page, visit www.QEMedicareData.org1 (Figure 1).
Figure 1. QECP Portal Home Page
The home page provides an overview of the Qualified Entity Certification Program (QECP), a link
to the Final Rule for the Availability of Medicare Data for Performance Measurement, news and
events related to the QECP, and information about the QECP Helpdesk. You can contact the
QECP Helpdesk via email at [email protected] or toll‐free at 866‐277‐9966.
When contacting technical support via email, be sure to include the following information:
1) Your name
2) Entity with which you are affiliated
3) Email address
4) Phone number
5) Question or concern (please be as detailed as possible)
1
The official www.qemedicaredata.org website contains the most up to date information. Screen shots within this
guide are updated on a yearly basis only.
2012 Operations Manual
�D‐6 QECP Portal User’s Guide
Once you submit an email to [email protected], a technical support representative
will contact you within 2 business days. This is the quickest method of contacting technical
support because it allows us to direct your question to the most appropriate QECP team
member.
You can navigate to other pages on the QECP Portal from the ribbon located below the logo.
(Figure 2).
Figure 2. Navigating the Home Page
Navigation Ribbon
Step 1b: Visit the About QECP Page
The About QECP page provides information on what the QECP is, why QECP has been
developed, who can apply to the program, and how you can apply (Figure 3).
Figure 3. About QECP
2012 Operations Manual
�
QECP Portal User’s Guide D‐7
Step 1c: Visit the QECP Team Page
The QECP Team page provides information on the organizations that have contracted with the
Centers for Medicare & Medicaid Services (CMS) to assist in developing, implementing, and
managing the QECP (Figure 4).
Figure 4. About the QECP Team
2012 Operations Manual
�D‐8 QECP Portal User’s Guide
Step 1d: Access and Review the Get Started Page
The Get Started page provides information on the steps first time applicants should take to
apply to the program (Figure 5). This information is a high‐level overview to assist you in
determining if you are interested in obtaining more information or would like to apply for
certification as a qualified entity via the online application.
Figure 5. Steps for First‐Time QE Applicants
2012 Operations Manual
�
QECP Portal User’s Guide D‐9
2.
COMPLETING THE REGISTRATION FORM
Step 2a: Access the Registration Form
To obtain online access to more information on the QECP, including the most up‐to‐date
Operations Manual and the online application, you must complete a registration form. You may
register even if you do not intend to apply for QE certification. For those not intending to apply,
registration provides you access to the most up‐to‐date program information and
communication. For those interested in applying, completing the registration form provides you
access to the Operations Manual and the secure QECP Application Web Portal. Your
information will not be shared and will be used solely to create a user profile and give you
access to the secure area of the QECP Portal.
To complete the registration:
Click the Registration tab from the navigation ribbon (Figure 6), or
Email [email protected] for assistance.
Figure 6. Registration Form
2012 Operations Manual
�D‐10 QECP Portal User’s Guide
Step 2b: Complete Required Fields
All of the required fields are indicated with an asterisk. If you do not complete one of the
required fields, you will not be able to submit your registration. The required fields include:
1) Organization Type (Figure 7)
If “other,” please provide an explanation
2) Organization Address (Figure 7)
Street
City
State
Zip Code
Organization Phone
Organization Fax
Figure 7. Organization Type and Address
1) Organization Type
2) Organization Address
3) Contact Name and Information
Contact Name – This person will be the main point of contact throughout the
application process (Figure 8).
Contact Title/Position
Contact Address (if different from organization address)
Contact Email
Contact Phone
2012 Operations Manual
�
QECP Portal User’s Guide D‐11
Figure 8. Contact Name and Information
4) Reason for Applying for Access (Figure 9)
What is the primary reason you are applying for access?
o If “other,” please give specific reason.
When do you anticipate submitting an application to become a qualified entity?
o If “other,” please estimate duration.
Figure 9. Reason for Applying for Access
Step 2c: Review and Submit
After completing the registration form, review it for accuracy. To submit the form, enter the
listed number and letter code (CAPTCHA) in the box located underneath the CAPTCHA and then
click Submit Registration (Figure 10).
Figure 10. Submit Registration
Number/letter code (CAPTCHA)
Submit
2012 Operations Manual
�D‐12 QECP Portal User’s Guide
Step 2d: View Submission Completion Page
Once the registration form is submitted, a thank you page will appear, indicating that your
registration form was successfully submitted (Figure 11). This page contains a link that enables
you to download the Operations Manual. The Operations Manual provides detailed information
about the QECP, policies and procedures, minimum requirements to become a qualified entity,
and a sample application. Please begin reviewing the Operations Manual while your registration
form is verified.
Figure 11. Registration Successful
2012 Operations Manual
�
QECP Portal User’s Guide D‐13
3.
RECEIVING YOUR USER PROFILE
Step 3a: Receive User Profile
Once your registration form has been verified, the contact you specified in the registration form
will be contacted by a QECP program coordinator. For those entities that intend to apply to the
QECP, you will also receive the login information (user profile). The user profile includes a
unique user ID, password, and secure web address. This user profile gives you access to the
online application and documentation library.
Step 3b: Request Additional User Profiles (optional)
During the verification of your registration form, a contact from your entity will be identified as
the “Administrative User.” Any additional users from your entity who complete the registration
form must be verified by this Administrative User to gain access to your entity’s online
application.
2012 Operations Manual
�D‐14 QECP Portal User’s Guide
4.
ACCESSING THE SECURE QECP PORTAL
Prior to beginning the online application, prospective applicants should:
1) Review the operations manual
2) Review the sample application and required supporting documentation
3) Collect supporting documentation
4) Contact technical support for any questions or concerns
If you are unable to complete the application online, a hard‐copy application is available and
may be requested via email at [email protected]. However, it is recommended that
you complete the application online to ensure completeness before submitting it and to speed
the application processing procedure.
Step 4a: Login to Secure Application Site
After receiving your user profile, you will receive access to your entity’s personal, secure site
(Figure 12). Enter the user ID and password to enter the site, and click Log In.
Figure 12. Secure Application Site
The secure site allows you to access the online application and documentation pages as well as
the pages on the previously viewed public site.
2012 Operations Manual
�
QECP Portal User’s Guide D‐15
Step 4b: Review Available Documentation
Before beginning the online application, you should visit the Documentation page and review
the 2012 QECP Operations Manual (Figure 13).
Figure 13. Documentation Library
Step 4c: Access Online Application
On the ribbon under the logo, you can access the Application page (Figure 14). Click Create
New Application to begin.
Figure 14. Creating an Application
Create New Application
2012 Operations Manual
�D‐16 QECP Portal User’s Guide
Your application will be assigned a unique application ID. To access the five sections of the
application, click View under the Action column.
Figure 15. Application Created
2012 Operations Manual
�
QECP Portal User’s Guide D‐17
Step 4d: View Application Section Home Page
Once you click View, a screen will appear that shows the five application sections (Figure 16):
1) General Information
2) Mailing Address
3) Contact Information
4) Standards
5) Attestation
Technical support is available at any time during the application process. You can easily
generate an email to [email protected] by clicking on Need help? at the top right
corner (Figure 16).
Figure 16. Application Sections
2012 Operations Manual
�D‐18 QECP Portal User’s Guide
To begin a section, click Edit under the Action column on the right‐hand side of the screen
(Figure 17). Each of the sections may be saved and returned to at a later time up until the
application is submitted. Multiple users may access the same application simultaneously, but
only information that has been saved is visible to the other users.
Figure 17. Application Sections
The progress of each section is tracked in the Status column (Figure 18).
Figure 18. Application Status
2012 Operations Manual
�
QECP Portal User’s Guide D‐19
5.
UNDERSTANDING THE APPLICATION SECTION LAYOUT
Each of the five application sections contains the same layout. The title of each section is
displayed in the top left corner, and a brief description is provided underneath. You can obtain
technical support at any time by clicking Need help? at the top right corner of the screen.
Figure 19. Section Layout
Title
You can navigate from one section to the next by using the navigation buttons in the top right
corner (Figure 20). The Back to Sections button returns you to the main application screen in
Figure 16.
Figure 20. Navigation Controls
Before moving to the next section, make sure you click Save and Next at the bottom of the
screen (Figure 21). If you navigate away from the page without saving, a warning will appear,
asking for confirmation that you would like to leave the page without saving.
Figure 21. Save and Next
2012 Operations Manual
�D‐20 QECP Portal User’s Guide
6.
COMPLETING APPLICATION SECTION 1 – GENERAL
INFORMATION
Section 1 of the application asks for general information (Figure 22). Please input the
applicant’s information. The listed entity name and type should be for the lead applicant.
Subcontractors or partners for this effort must be listed in the Member Organizations field.
The information required includes:
1) Trade Name/DBA
2) Type of Applicant
a. Select one from the list.
b. If “other” is selected, please describe type in the field below.
3) Applicant’s Employer ID Number – This is your Federal Employer Identification Number
4) Name(s) of Contractor(s) or Member Organization(s)
5) Data Recipient’s Name
6) Data Requested
a. Select National or Regional.
b. Specify state(s) if Regional is selected. To select more than one state, hold CTRL
and select all states for which you plan to request data.
Figure 22. Section 1 – General Information
Save and Next
Click Save and Next to save your work before continuing to the next section. To move to
another section without saving your work, click Previous, Next, or Back to Sections from the
navigation tools in the top right corner.
2012 Operations Manual
�
QECP Portal User’s Guide D‐21
7.
COMPLETING APPLICATION SECTION 2 – MAILING ADDRESS
Section 2 of the application requests the mailing address where mail correspondence about the
application or QECP program can be delivered (Figure 23).
Figure 23. Section 2 – Mailing Address
Save and Next
Click Save and Next to save your work before continuing to the next section. To move to
another section without saving your work, click Previous, Next, or Back to Sections from the
navigation tools in the top right corner.
2012 Operations Manual
�D‐22 QECP Portal User’s Guide
8.
COMPLETING APPLICATION SECTION 3 – CONTACT
INFORMATION
Section 3 requires information for two contacts:
1) Your entity’s chief executive officer (or other equivalent executive) (Figure 24)
2) Your entity’s point of contact for the application (Figure 25)
Figure 24. Section 3 – Contact Information: Chief Executive Officer
The first contact (Figure 24) should have the authority to oversee the entity’s application and
QECP responsibilities if the entity is certified. The second contact (Figure 25) will be the person
contacted during the application review if questions arise and will serve as the primary contact
for day‐to‐day application and QECP program correspondence.
2012 Operations Manual
�
QECP Portal User’s Guide D‐23
Figure 25. Section 3 – Contact Information: Point of Contact for Application
2012 Operations Manual
�D‐24 QECP Portal User’s Guide
9.
UNDERSTANDING SECTION 4 – STANDARDS
Section 4 lists all the standards (left‐hand column) that must be completed for the QECP
application, together with a brief description of each standard and its completion status. You
can select the standards in any order, but all the standards must be completed. You may
update or revise your entries under the standards until the time that the entire application is
submitted as final.
Eight standards must be completed (Figure 26):
1) Applicant Profile
2) Data Sources
3) Data Security
4) Methodology for Measurement and Attribution
5) Measure Selection
6) Verification Process
7) Reporting of Performance Information
8) Requests for Corrections/Appeals
Each of the standards contains one or more components called elements. The number of
elements associated with a standard may be seen under the Status column, which also tracks
your progress within each standard. To begin entering information for a standard, click Edit
under the Action column on the right‐hand side.
Figure 26. Section 4 – Standards
2012 Operations Manual
�
QECP Portal User’s Guide D‐25
Once you select a standard, a new page will appear (Figure 27). The standard is listed in the top
left corner with a description below the title of the standard. The element is then identified
below the description of the standard.
Figure 27. Standard/Element Layout
Standard
Element
Each standard is comprised of one or more elements. Every element has two parts:
1) Assessment (Figures 28 and 29)
2) Evidence (Figures 30 and 31)
2012 Operations Manual
�D‐26 QECP Portal User’s Guide
Figure 28. Part I: Assessment
For the Assessment (Figure 29):
1) Read the assessment statement.
2) Select Yes or No.
3) Provide an explanation of your self‐assessment.
Figure 29. Assessment
Assessment Statement
Select Yes or No
Provide Explanation
2012 Operations Manual
�
QECP Portal User’s Guide D‐27
Figure 30. Evidence
For the Evidence (Figures 30 and 31)
1) Attach supporting documentation by selecting Browse next to the file field.
2) Type in the document name.
3) Explain why the document is relevant to the element.
4) Type in relevant pages of the document.
5) Click Add File.
Figure 31. Attaching Documentation
Description of evidence required
1) Attach document
2) Document Name
3) Document Relevance
4) Relevant Pages
5) Add File
2012 Operations Manual
�D‐28 QECP Portal User’s Guide
Once a document has been uploaded according to steps 1 through 5 above, the document is
stored in a database. You may reference the same document for multiple standards and/or
elements.
To reference a previously uploaded document, select the correct document name from the
drop‐down list next to the Select Document field (Figure 32). All documents that have been
uploaded will appear in this list. Then enter the document name, document relevance, and
relevant pages.
Figure 32. Referencing Previously Uploaded Documentation
Click arrow to select
document from list
Click Save and Next to save your work and move to the next section, or click Save to save your
work without continuing to the next section.
The following sections provide specific instructions related to each of the eight standards. The
process is the same for each standard; however, the information and documentation required
varies.
2012 Operations Manual
�
QECP Portal User’s Guide D‐29
10.
COMPLETING SECTION 4 – STANDARD 1
Standard 1 – Applicant Profile requires you to provide information about its organization and
structure, the types of providers and suppliers it intends to evaluate, the geographic areas for
which it intends to report data, and its ability to meet financial requirements of the program.
Standard 1 has four elements:
Element 1A: Define applicant organization
Element 1B: Identify the geographic areas that applicant’s reports will cover
Element 1C: Identify the types of providers or suppliers whose performance applicant
intends to assess using Medicare data
Element 1D: Show ability to cover the costs of performing the required functions of a
qualified entity
To satisfy the requirements for Standard 1, the assessment and evidence sections must be
completed for all four elements. There are four separate pages that can be accessed by clicking
the navigation buttons (Previous, Back to Standards, Next) in the top right corner. The
following process must be completed for Element 1A, Element 1B, Element 1C and Element 1D:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�D‐30 QECP Portal User’s Guide
If you need to remove an uploaded file, you can do so by clicking Delete in the Action column
on the right (Figure 33). To view the contents of the document before deleting, click the
document name.
Figure 33. Deleting Documentation
Click to view document
2012 Operations Manual
�
QECP Portal User’s Guide D‐31
11.
COMPLETING SECTION 4 – STANDARD 2
Standard 2 – Data Sources requires you to provide evidence of your ability to combine claims
data from other sources to calculate performance reports.
Standard 2 has two elements:
Element 2A: Obtain claims data from at least one other payer sources to combine with
Medicare Parts A and B claims data and Part D drug event data
Element 2B: Accurately combine Medicare claims data from other payer sources
To satisfy the requirements for Standard 2, the assessment and evidence sections must be
completed for both elements. There are two separate pages that can be accessed by clicking
the navigation buttons (Previous, Back to Standards, Next) in the top right corner. The
following process must be completed for Element 2A and Element 2B:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where the relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�D‐32 QECP Portal User’s Guide
12.
COMPLETING SECTION 4 – STANDARD 3
Standard 3 – Data Security requires you to provide evidence of rigorous data privacy and
security policies, including enforcement mechanisms.
Standard 3 has three elements:
Element 3A: Administrative (show ability to comply with Federal data security and
privacy requirements, and document a process to follow those protocols)
Element 3B: Technical (identify system users and prequalification for access to data)
Element 3C: Physical (identify processes and systems in place to physically protect the IT
infrastructure)
To satisfy the requirements for Standard 3, the assessment and evidence sections must be
completed for all three elements. There are three separate pages that can be accessed by
clicking the navigation buttons (Previous, Back to Standards, Next) in the top right corner. The
following process must be completed for Element 3A, Element 3B, and Element 3C:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where the relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�
QECP Portal User’s Guide D‐33
13.
COMPLETING SECTION 4 – STANDARD 4
Standard 4 – Methodology for Measurement and Attribution requires you to provide evidence
of its ability to accurately calculate quality and efficiency, effectiveness, or resource use
measures from claims data for measures it intends to calculate with Medicare data.
Standard 8 has five elements:
Element 4A: Follow measure specifications
Element 4B: Use a defined and transparent method for attribution of patients and
episodes
Element 4C: Set and follow requirements to establish statistical validity of measure
results for quality measures
Element 4D: Set and follow requirements to establish statistical validity of measure
results for efficiency, effectiveness, and resource use measures
Element 4E: Use appropriate methods to employ risk adjustment
Element 4F: Use appropriate methods to handle outliers
Element 4G: Use comparison groups when evaluating providers or suppliers compared
to each other
Element 4H: Use benchmarks when evaluating providers
To satisfy the requirements for Standard 4, the assessment and evidence sections must be
completed for all eight elements. There are eight separate pages that can be accessed by
clicking the navigation buttons (Previous, Back to Standards, Next) in the top right corner. The
following process must be completed for Element 4A, Element 4B, Element 4C, Element 4D,
Element 4E, Element 4F, and Element 4G:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where the relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�D‐34 QECP Portal User’s Guide
14.
COMPLETING SECTION 4 – STANDARD 5
Standard 5 – Measure Selection requires you to provide documentation for each selected
standard or alternative measure used in public reporting to demonstrate its validity, reliability,
responsiveness to consumer preferences, and applicability.
Standard 5 has two elements:
Element 5A: Use standard measures
Element 5B: Use approved alternative measures
To satisfy the requirements for Standard 5, the assessment and evidence sections must be
completed for both elements. There are two separate pages that can be accessed by clicking
the navigation buttons (Previous, Back to Standards, Next) in the top right corner. The
following process must be completed for Element 5A and Element 5B:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where the relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�
QECP Portal User’s Guide D‐35
15.
COMPLETING SECTION 4 – STANDARD 6
Standard 6 – Verification Process requires you to provide evidence of a continuous process to
correct measurement errors and assess measure reliability.
Standard 6 has one element:
Element 6A: Systematically evaluate accuracy of the measurement process and correct
errors
To satisfy the requirements for Standard 6, the assessment and evidence sections must be
completed for Element 6A:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where the relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�D‐36 QECP Portal User’s Guide
16.
COMPLETING SECTION 4 – STANDARD 7
Standard 7 – Reporting of Performance Information requires you to demonstrate substantial
experience and expertise in the design and dissemination of performance reports, as well as the
capacity and commitment to continuously improve reporting process.
Standard 7 has two elements:
Element 7A: Design reporting for providers, suppliers and the public
Element 7B: Improve reporting
To satisfy the requirements for Standard 7, the assessment and evidence sections must be
completed for both elements. There are two separate pages that can be accessed by clicking
the navigation buttons (Previous, Back to Standards, Next) in the top right corner. The
following process must be completed for Element 7A and Element 7B:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where the relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�
QECP Portal User’s Guide D‐37
17.
COMPLETING SECTION 4 – STANDARD 8
Standard 8 – Requests for Corrections/Appeals requires you to provide evidence of
implementing and maintaining an acceptable process for providers and suppliers identified in a
report to review the report prior to publication and providing a timely response to provider and
supplier inquiries regarding requests for data, error correction, and appeals.
Standard 8 has two elements:
Element 8A: Use corrections process
Element 8B: Use secure transmission of beneficiary data
To satisfy the requirements for Standard 8, the assessment and evidence sections must be
completed for both elements. There are two separate pages that can be accessed by clicking
the navigation buttons (Previous, Back to Standards, Next) in the top right corner. The
following process must be completed for Element 8A, and Element 8B:
1) Assessment:
a. Read the self‐assessment statement.
b. Select Yes or No.
c. Provide an explanation for your selection.
2) Evidence:
a. Read the evidence required.
b. Attach supporting documentation:
i. Select New Document.
ii. Click Browse to choose a file from your computer.
iii. Select the correct document.
iv. Click Open.
c. Type in the document name.
d. Explain why the document is relevant to this element.
e. Provide specific page numbers where the relevant sections can be found.
f. Click Add File.
g. Click Save and Next to move to the next section.
2012 Operations Manual
�D‐38 QECP Portal User’s Guide
18.
COMPLETING APPLICATION SECTION 5 – ATTESTATION
Prior to an application being submitted as final, the contents of the application must be
accompanied by a completed attestation (below) from an individual at the entity who is
authorized to attest to its accuracy and completion.
You must provide:
1) Authorized representative’s name
2) Authorized representative’s title
3) Phone
4) Fax (optional)
Figure 34. Attestation
Once the required fields are completed, click Save and Next to submit the attestation.
2012 Operations Manual
�
QECP Portal User’s Guide D‐39
19.
SUBMITTING THE APPLICATION
Once you have completed all five sections, including the attestation and the uploading of the
required documentation, click Submit for Certification Review (Figure 35). Once you do this,
the application will be locked and no further changes can be made.
Figure 35. Application Submission
After the application is submitted, a completion screen will appear (Figure 36). At that time,
your application will be validated for completeness, and if found complete, its QECP review will
commence.
Figure 36. Application Submitted
If, after submitting your application you discover errors or that the documentation is
incomplete, please contact technical support at [email protected] to resolve the
issue.
2012 Operations Manual
�
�2012
OPERATIONS
MANUAL
APPENDIX E.
GLOSSARY
��
Glossary E‐3
APPENDIX E: GLOSSARY
A
Additional User – An individual who has completed a registration form via the QECP Portal and
has been verified by the entity’s administrative user to access the restricted pages of the QECP
Portal (including the entity’s QE application).
Administrative Reviewer – The individual who conducts the first review of an entity’s
application and reviews its submitted evidence against the program’s minimum requirements
(the standards and elements).
Administrative User – The first individual from an entity to complete a registration form via the
QECP Portal. This individual will be prompted by QECP Portal administrators to verify the access
of additional users from the entity to the restricted pages of the QECP Portal (including the
entity’s QE application).
Alternative Measure – A non‐standard measure, calculated in full or in part from claims data
from other sources and standardized extracts of Medicare Parts A and B claims and Part D
prescription drug event (PDE) data, that has been deemed to be more valid, reliable, responsive
to consumer preferences, cost‐effective, or relevant to dimensions of quality and resource use
than existing claims‐based standard measures.
Applicant – An entity whose application for QE certification has been validated by the QECP
team and is either in the process of submitting additional evidence/supporting documentation
(at the request of the review coordinator) or waiting for a certification decision.
Application – All information submitted by entities during the application process including
general information, contact information, mailing address, self‐assessment check marks, text
submitted in comment boxes, evidence/supporting documentation, data security POA&M (if
required), and signature.
Assessment – The component(s) of an element that the entity must demonstrate to meet the
minimum requirements for that element in order to receive approval for the element. Several
assessments may be required for a single element; assessments reflect an entity’s degree of
compliance with an element.
B
Beneficiary Identifiable Data – Any data that contains the beneficiary’s name, Medicare Health
Insurance Claim Number (HICN), or any other direct identifying factors, including, but not
limited to, postal address or telephone number.
2012 Operations Manual
�E‐4 Glossary
Beneficiary Summary File – Demographic and enrollment information for Medicare
beneficiaries consisting of state and county of residence codes, zip code, date of birth, date of
death, sex, race, age, monthly entitlement indicators (A/B/C/D), reasons for entitlement, state
buy‐in indicators, and monthly managed care indicators (yes/no). From 2006 forward, it also
includes variables specific to enrollment in the Medicare Part D prescription drug program.
These variables include a derived race/ethnicity code, an indicator for Other Credible Drug
Coverage, and monthly indicators for Medicare Advantage Prescription Drug (MA‐PD) and
stand‐alone Prescription Drug Plan (PDP) enrollment, Low Income Subsidy (LIS) enrollment,
Retiree Drug Subsidy, and state‐reported dual eligibility status.
C
Chronic Condition Data Warehouse (CCW) – A research database designed to make Medicare,
Medicaid, and Part D prescription drug event (PDE) data more readily available to support
research designed to improve the quality of care and reduce costs and utilization.
Claim – An itemized billing statement from a provider or supplier that, except in the context of
Part D prescription drug event data, requests payment for a list of services and supplies that
were furnished to a Medicare beneficiary in the Medicare fee‐for‐service context, or to a
participant in other insurance or entitlement program contexts. In the Medicare program,
claims files are available for each institutional (inpatient, outpatient, skilled nursing facility,
hospice, or home health agency) and non‐institutional (physician and durable medical
equipment providers and suppliers) claim type as well as Medicare Part D prescription drug
event (PDE) data.
Claims Data from Other Sources – Provider‐ or supplier‐identifiable claims data that an
applicant or qualified entity has full data usage right to due to its own operations or disclosures
from providers, suppliers, private payers, multi‐payer databases, or other sources.
Clinical Data – Registry data, chart‐abstracted data, laboratory results, electronic health record
information, or other information relating to the care or services furnished to patients that is
not included in administrative claims data, but is available in electronic form.
D
Data Use Agreement (DUA) – Contractual agreement between the Centers for Medicare &
Medicaid Services (CMS) and an external entity, which must be established prior to disclosing
data and which requires the entity to comply with the requirements of the Federal Privacy Act,
the HIPAA Privacy Rule, and CMS data release policies.
E
Element – The component of a standard that is scored/reviewed and provides details about
performance expectations. Each element within a standard is evaluated to determine the
degree to which the entity has met the requirements of the standard.
2012 Operations Manual
�
Glossary E‐5
Encrypted Data – Any data that does not contain the beneficiary’s name or any other direct
identifying factors, but does include a unique CMS‐assigned beneficiary identifier that allows
for the linking of claims without divulging any direct identifier of the beneficiary.
Entity – Any legally recognized organization (public or private) interested in applying for
certification to become a qualified entity (QE).
Evidence – An item that is submitted to demonstrate compliance with an element. The
evidence allows reviewers to evaluate whether the entity meets the assessment.
Executive Reviewer – The individual who conducts the final application review, which is an
independent review of the application, and incorporates and considers the administrative
review findings.
F
Final Rule – 42 CFR, Part 401, Subpart G, titled “Medicare Program; Availability of Medicare
Data for Performance Measurement – Final Rule,” published in the Federal Register, Vol. 76,
No. 235, December 7, 2011, and available at: http://www.gpo.gov/fdsys/pkg/FR‐2011‐12‐
07/pdf/2011‐31232.pdf.
G
H
I
Intent – A brief description of the purpose of an application standard.
J
K
L
Lead Entity – An entity that chooses to contract with one or more outside entities to meet the
minimum requirements of the QECP and function as a QE. The lead entity is responsible for
completing the application, including the submission of contractual agreements with all outside
entities. In addition, the lead entity is responsible for ensuring that outside entities comply with
all program requirements related to the Data Use Agreements (DUA), evaluation, monitoring,
and oversight.
2012 Operations Manual
�E‐6 Glossary
M
Medicare Part A Claims Data ‐ Fee‐for‐service claims from institutional health care providers
that include the following claim types:
Inpatient – from inpatient hospital providers for reimbursement of facility costs
(includes variables such as diagnosis and procedure codes, Diagnosis Related Group,
dates of service, reimbursement amount, and provider number);
Skilled Nursing Facility – from skilled nursing facilities (includes variables such as
diagnosis and procedure codes, dates of service, reimbursement amount, and provider
number);
Outpatient – from outpatient providers such as hospital outpatient departments, rural
health clinics, renal dialysis facilities, outpatient rehabilitation facilities, and community
mental health centers (includes variables such as diagnosis and procedure codes, CMS
Common Procedure Coding System codes, dates of service, reimbursement amount,
provider number, and revenue center codes);
Hospice – from hospice providers (includes level of hospice care received [e.g., routine
home care, inpatient respite care], terminal diagnosis code, dates of service,
reimbursement amount, and provider number); and
Home Health – from home health care providers (includes variables such as number of
visits, type of visit, diagnosis code, dates of visits, reimbursement amount, and provider
number).
Medicare Part B Claims Data – Fee‐for‐service claims from non‐institutional health care
providers that include the following claim types:
Carrier – from non‐institutional providers such as physicians, physician assistants,
clinical social workers, nurse practitioners, independent clinical laboratories, ambulance
providers, and free‐standing ambulatory surgical centers (includes variables such as
diagnosis and procedure codes, CMS Common Procedure Coding System codes, dates of
service, reimbursement amount, and provider number); and
Durable Medical Equipment Regional Carrier – from durable medical equipment
suppliers (includes diagnosis codes, CMS Common Procedure Coding System codes,
dates of service, reimbursement amount, and provider number).
Medicare Part D Prescription Drug Event (PDE) Data – Summary extracts of CMS‐defined
standard prescription fills (not individual drug claim transactions) submitted by Medicare
prescription drug plan sponsors to CMS. The PDE data include such variables as prescriber
identifier, quantity dispensed, days supply, fill number, gross drug cost below/above out‐of‐
pocket threshold, patient pay amount, and other transactional information.
Minimum Requirements – The collection of standards and elements that an entity must meet
in order to become certified as a qualified entity. These requirements are derived directly from
the Final Rule (42 CFR, Part 401, Subpart G).
2012 Operations Manual
�
Glossary E‐7
N
O
Operations Manual – A comprehensive document that describes QECP operations and policies,
including all CMS requirements that prospective applicants and certified QEs must meet, as well
as step‐by‐step instructions on the application process. The Operations Manual is revised and
re‐released in its entirety annually.
Operations Manual Update – A supplemental stand‐alone document that serves as an
addendum to the annually released Operations Manual. The update serves to inform all
interested parties about QECP policy and procedural changes since the previous annual release
of the Operations Manual.
P
Plan of Action and Milestones (POA&M) – A tool that identifies tasks that need to be
accomplished. It details the resources required to accomplish the elements of the plan, any
milestones to meet the task, and scheduled completion dates for the milestones. The purpose
of the POA&M is to assist agencies in identifying, assessing, prioritizing, and monitoring the
progress of corrective efforts for security weaknesses found in programs and systems.
Program Coordinator – The individual who is the entity’s primary point of contact throughout
the QECP process and who is responsible for validating the completeness of an application,
assigning the applicant to their review team, assisting the applicant throughout their QECP
participation, and facilitating contact between the applicant and the QECP team.
Prospective Applicant – An entity interested in applying for QE certification, but which has not
yet finalized and submitted a complete application.
Providers of Services (referred to as Providers) – Those individuals whose performance will be
calculated and publicly reported by QEs. As defined in 42 CFR § 400.202, “providers” include
the following: hospitals, critical access hospitals, skilled nursing facilities, comprehensive
outpatient rehabilitation facilities, home health agencies, or hospices that have in effect an
agreement to participate in Medicare, or clinics, rehabilitation agencies, or public health
agencies that have in effect a similar agreement but only to furnish outpatient physical therapy
or speech pathology services, or community mental health centers that have in effect a similar
agreement but only to furnish partial hospitalization services.
Q
Qualified Entity (QE) – A single public or private entity, or a lead entity and its contractors, or, if
the applicant is a collaborative, any member organization of the collaborative, that (1) is
2012 Operations Manual
�E‐8 Glossary
qualified, as determined by the Secretary, to use claims data to evaluate the performance of
providers and suppliers on measures of quality, efficiency, effectiveness, and resource use, and
(2) agrees to meet regulatory requirements in 42 CFR §§ 401.705–401.721.
Qualified Entity Certification Program for Medicare Data (QECP) –The product of 42 CFR, Part
401, Subpart G, which was developed so that interested entities that successfully meet the
criteria outlined in the Final Rule may become certified as qualified entities (QEs), and maintain
their QE status.
QECP Portal – An online tool that supports the submission, review, and approval of applications
from entities. It also facilitates ongoing technical support throughout the application process.
R
Re‐apply – What a qualified entity in good standing must do at least six months before the end
of their three‐year certification approval period in order to continue performing the tasks of a
QE. As part of a renewal application (or re‐application), QEs must submit documentation of any
changes to what was included in its previously‐approved application.
Registration Form – The form that must be completed by an individual within an entity to
obtain a user ID and password and gain access to the restricted pages of the QECP Portal,
including the QE application.
Review – The application review process as a whole, from the time the application is first
submitted, through the approval or denial of the applicant to be certified as a qualified entity.
Review Coordinator – The individual who is the applicant’s primary point of contact during the
application review process and who is responsible for facilitating contact between the applicant
and the review team.
Review Team – Inclusive of the review coordinator, administrative reviewer, and executive
reviewer. All members of the review team must meet specific education and experience
qualifications.
S
Self‐assess – The independent decision of entities regarding their ability to meet or not meet
the elements described in the QE application form. During the application process, while
submitting supporting documentation for each element, entities must answer “yes” or “no” in
the self‐assessment field. If they answer “no,” they must submit an explanation in the comment
box.
Standard – An area for review that defines the program requirements at the highest level. It
includes intent, program elements, assessment, and evidence.
2012 Operations Manual
�
Glossary E‐9
Standard Measure – A measure that can be calculated in full or in part from claims data from
other sources and the standardized extracts of Medicare Parts A and B claims and Part D
prescription drug event (PDE) data. The measure must fall into one of the following categories:
measure is endorsed (or time‐limited endorsed) by the entity with a contract under Section
1890(a) of the Social Security Act (currently the National Quality Forum); measure is currently
being used in a CMS program that includes quality measurement; or measure was developed
pursuant to Section 931 of the Public Health Service Act.
Standardized Data Extract – Medicare Parts A and B claims data and Part D drug event state‐
specific data representing 100 percent of the claims in the Chronic Condition Warehouse (CCW)
for Medicare beneficiaries in a specific geographic area (nation, state, county, MSA, etc.) during
a specific time period. These data will be provided to qualified entities after approval of the
DUA and receipt of payment.
Suppliers – Those whose performance will be calculated and publicly reported by QEs. As
defined in 42 CFR § 400.202, “suppliers” are physicians or other practitioners, or entities other
than providers, that furnish health care services under Medicare.
T
U
V
Validation – The first step taken by the QECP team when reviewing an application for QE
certification that ensures all self‐assessments are complete, all elements have evidence
attached, and contact information is complete as submitted. If an application is considered
“validated,” the entity is considered an “applicant,” and an administrative and executive
reviewer are assigned to review the content of the application. If an application does not pass
validation, a program coordinator will contact the entity for additional information or evidence.
W
X
Y
Z
2012 Operations Manual
�U . S . D E PA R T M E N T O F H E A L T H & H U M A N S E R V I C E S
CENTERS FOR MEDICARE & MEDICAID SERVICES
�
| File Type | application/pdf |
| File Title | Microsoft Word - ACA10332_2012OperationsManual_2012_01_08.docx |
| Author | jjimenez |
| File Modified | 2012-01-25 |
| File Created | 2012-01-08 |