Form CMS-10433 Appendix D 1 RI, RA, Banking, Edge Server Data Elements

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
In accordance with CMS-9975-F, “Patient Protection and Affordable Care Act: Standards
Related to Reinsurance, Risk Corridors and Risk Adjustment,” CMS will collect data required
from issuers, self-insured health groups, third party administrators on behalf of either for the
Transitional Reinsurance and Risk Adjustment programs established by the Affordable Care Act
of 2010.
To ensure accurate information, consistent presentation, and minimize the burden on applicants,
extensive analysis has been conducted to determine the minimum data necessary for
administering the Transitional Reinsurance and Risk Adjustment programs.
Administrative Data Elements (as applicable)
The section requests that issuers, self-insured and third party administrators when providing
services on behalf of either provide basic information required to identify them to facilitate
communications and necessary program operations. Data will be pre-populated from HIOS or
other templates whenever possible.
Issuer, Self-Insured and TPA Data
1. HIOS Issuer ID
2. HIOS Company ID
3. Associated HPID
4. Associated OEID
5. State
6. Proposed Exchange Market Coverage
7. Current Sales Market
8. Company Legal Name
9. TIN
10. Not-for-Profit
11. NAIC Company Code
12. NAIC Group Code
13. Name of Holding Company
14. Legal Name
15. Marketing Name
16. Company Address: Address
17. Company Address: Address 2
18. Company Address: City
19. Company Address: State
20. Company Address: Zip Code
21. Issuer Address
22. Issuer Address 2
23. Issuer City
24. Issuer State
25. Issuer Zip Code
Contacts
26. Main Company Contact: First Name
27. Main Company Contact: Last Name
28. Main Contact: E-mail Address
1

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
29. Main Company Contact: Phone Number
30. Main Company Contact: Phone Ext
31. CEO First Name
32. CEO Last Name
33. CEO E-mail Address
34. CEO Phone Number
35. CEO Phone Ext
36. CFO First Name
37. CFO Last Name
38. CFO E-mail Address
39. CFO Phone Number
40. CFO Phone Ext
41. Compliance Officer - First Name
42. Compliance Officer - Last Name
43. Compliance Officer - Email Address
44. Compliance Officer - Phone Number
45. Compliance Officer - Phone Number Ext
46. Compliance Officer - Email
47. Enrollment Contact - First Name
48. Enrollment Contact - Last Name
49. Enrollment Contact - Phone Number
50. Enrollment Contact - Phone Number Ext
51. Enrollment Contact - Email
52. System Contact - First Name
53. System Contact - Last Name
54. System Contact - Phone Number
55. System Contact - Phone Number Ext
56. System Contact - Email
57. Payment Contact - First Name
58. Payment Contact - Last Name
59. Payment Contact - Phone Number
60. Payment Contact - Phone Number Ext
61. Payment Contact - Email
62. HIPAA Security Officer - First Name
63. HIPAA Security Officer - Last Name
64. HIPAA Security Officer - Phone Number
65. HIPAA Security Officer - Phone Number Ext
66. HIPAA Security Officer - Email
67. Complaints Tracking Contact - First Name
68. Primary Contact - Individual or Small Group
69. Individual Market Contact - First Name
70. Individual Market Contact - Last Name
71. Individual Market Contact - Phone Number
72. Individual Market Contact - Phone Number Ext
73. Individual Market Contact - Email
74. SHOP Contact - First Name
2

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
75. SHOP Contact - Last Name
76. SHOP Contact - Phone Number
77. SHOP Contact - Phone Number Ext
78. SHOP Contact - Email
79. APTC/CSR Contact - First Name
80. APTC/CSR Contact - Last Name
81. APTC/CSR Contact - Phone Number
82. APTC/CSR Contact - Phone Number Ext
83. APTC/CSR Contact - Email
84. Risk Corridors Contact - First Name
85. Risk Corridors Contact - Last Name
86. Risk Corridors Contact - Phone Number
87. Risk Corridors Contact - Phone Number Ext
88. Risk Corridors Contact - Email
89. Risk Adjustment Contact - First Name
90. Risk Adjustment Contact - Last Name
91. Risk Adjustment Contact - Phone Number
92. Risk Adjustment Contact - Phone Number Ext
93. Risk Adjustment Contact - Email
94. Reinsurance Contact - First Name
95. Reinsurance Contact - Last Name
96. Reinsurance Contact - Phone Number
97. Reinsurance Contact- Phone Number Ext
98. Reinsurance Contact - Email
99. Financial Transfers Contact: First Name
100. Financial Transfers Contact: Last Name
101. Financial Transfers Contact: Phone Number
102. Financial Transfers Contact: Phone Number Ext
103. Financial Transfers Contact: E-mail
104. Third Party Administrator (TPA) ID
105. Third Party Administrator (TPA) Name
106. Third Party Administrator (TPA) Process
107. Third Party Administrator (TPA) Process URL/EDI Gateway Info
108. Third Party Administrator (TPA) Confirmation of Services
Miscellaneous
109. Do you have a TPA that currently provides services for the following processes:
Enrollment (Y/N), Claims Processing (Y/N), Edge Server (Y/N)
110. Will you allow employees to “buy up” to a higher medal-level coverage than their
employer is offering?
State Licensure Documentation
Attestations and documentation necessary to demonstrate that an issuer is licensed and has
authority to sell all applicable products in the services areas in which it intends to offer those
products. If license and certificate of authority are not in possession for all service areas,
attestation that license and certificate of authority will be obtained and a projected date of
obtaining license.
3

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements

Documentation of Good Standing
Attestations and documentation necessary to demonstrate that an issuer is in compliance with all
applicable State solvency requirements and other relevant State regulatory requirements.
Attestations (as applicable)
1. Applicant attests that it will be bound by 2 CFR 376 and that no individual or entity that
is a part of the Applicant's organization is excluded by the Department of Health and
Human Services Office of the Inspector General or by the General Services
Administration. This attestation includes any member of the board of directors, key
management or executive staff or major stockholder of the applicant and its affiliated
companies, subsidiaries or subcontractors.
2. Applicant attests that there are no federal or state government current or pending legal
actions, criminal or civil, convictions, administrative actions, investigations or matters
subject to arbitration against the applicant (under a current or former name), its
principals, or any of its subcontractors. The applicant also attests that none of its
principals, nor any of its affiliates is presently debarred, suspended, proposed for
debarment, or declared ineligible to participate in Federal programs by HHS or another
Federal agency under 2 CFR 180.970 or any other applicable statute or regulation.
3. Applicant attests that it will acknowledge and agree to be bound by Federal statutes and
requirements that govern Federal funds. Federal funds include, but are not limited to,
Federal payments related to the risk adjustment, reinsurance and risk corridor programs.
4. Applicant attests that it will adhere to the risk corridor standards and requirements set by
HHS as applicable for:
a) risk corridor data standards and annual HHS notice of benefit and payment.
parameters for the calendar years 2014, 2015, and 2016 (45 CFR 153.510); and
b) remit charges to HHS under the circumstances described in 45 CFR 153.510(c).
5. The following applies to applicants participating in the risk adjustment and reinsurance
programs inside and/or outside of the Exchange. Applicant attests that it will:
a) adhere to the risk adjustment standards and requirements set by HHS in the annual
HHS notice of benefit and payment parameters (45 CFR Subparts G and H);
b) remit charges to HHS under the circumstances described in 45 CFR 153.610;
c) adhere to the reinsurance standards and requirements set by HHS in the annual HHS
notice of benefit and payment parameters (45 CFR 153.400, 153.405, 153.410,
153.420);
d) remit contributions to HHS under the circumstances described in 45 CFR 153.405;
e) establish dedicated and secure server environments to host enrollee claims, encounter,
and enrollment information for the purpose of performing risk adjustment and
reinsurance operations for all plans offered;
f) allow proper interface between the dedicated server environment and special,
dedicated CMS resources that execute the risk adjustment and reinsurance operations;
4

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
g) ensure the transfer of timely, routine, and uniform data from local systems to the
dedicated server environment using CMS-defined standards, including file formats
and processing schedules;
h) comply with all information collection and reporting requirements approved through
the Paperwork Reduction Act of 1995 and having a valid OMB control number for
approved collections. The Issuer will submit all required information in a CMSestablished manner and common data format;
i) cooperate with CMS, or its designee, through a process for establishing the server
environment to implement these functions, including systems testing and operational
readiness;
j) use sufficient security procedures to ensure that all data available electronically are
authorized and protect all data from improper access, and ensure that the operations
environment is restricted to only authorized users;
k) provide access to all original source documents and medical records related to the
eligible organization’s submissions, including the beneficiary's authorization and
signature to CMS or CMS’ designee, if requested, for audit;
l) retain all original source documentation and medical records pertaining to any such
particular claims data for a period of at least 10 years;
m) be responsible for all data submitted to CMS by itself, its employees, or its agents and
based on best knowledge, information, and belief, submit data that are accurate,
complete, and truthful;
n) all information, in any form whatsoever, exchanged for risk adjustment shall be
employed solely for the purposes of operating the premium stabilization programs
and financial programs associated with state markets, including but not limited to, the
calculation of user fees to fund such programs, oversight, and any validation and
analysis that CMS determines necessary;
6. Under the False Claims Act, 31 U.S.C. §§ 3729-3733, those who knowingly submit, or
cause another person or entity to submit, false claims for payment of government funds
are liable for three times the government’s damages plus civil penalties of $5,500 to
$11,000 per false claim. 18 U.S.C. 1001 authorizes criminal penalties against an
individual who in any matter within the jurisdiction of any department or agency of the
United States knowingly and willfully falsifies, conceals, or covers up by any trick,
scheme, or device, a material fact, or makes any false, fictitious or fraudulent statements
or representations, or makes any false writing or document knowing the same to contain
any false, fictitious or fraudulent statement or entry. Individual offenders are subject to
fines of up to $250,000 and imprisonment for up to 5 years. Offenders that are
organizations are subject to fines up to $500,000. 18 U.S.C. 3571(d) also authorizes fines
of up to twice the gross gain derived by the offender if it is greater than the amount
specifically authorized by the sentencing statute. Applicant acknowledges the False
Claims Act, 31 U.S.C. §§ 3729-3733.
5

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
7. Applicant attests to provide and promptly update when applicable changes occur in its
Tax Identification Number (TIN) and associated legal entity name as registered with the
Internal Revenue Service, financial institution account information, and any other
information needed by CMS in order for the applicant to receive invoices, demand letters,
and payments under the reinsurance, risk adjustment, and risk corridor programs, as well
as, any reconciliations of the aforementioned programs.
8. Applicant attests that it will develop, operate and maintain viable systems, processes,
procedures and communication protocols to accept payment-related information
submitted by CMS.
Plan Data Elements (as applicable)
The following is a list of the specific plan-level identification information to be provided for
non-QHP plans in the individual and small group market.
1. Plan ID
2. Plan Marketing Name
3. HIOS Product ID
4. Exchange Market
5. Do you intend to offer this plan on the exchange, off the exchange, or both?
6. Level of Coverage
7. Issuer calculated actuarial value?
8. Child–Only Offering
9. Child–Only Plan ID
10. Plan Type
11. New or Existing Plan Indicator
12. Plan Effective Date
13. Plan Expiration Date
14. Maximum Out–of–Pocket Individual In–Network for EHBs (combined amount for
medical and drug)
15. Maximum Out–of–Pocket Family In–Network for EHBs (combined amount for medical
and drug)
16. Federal Tax ID
17. Associated HPID
18. Non-grandfathered (Y/N)
19. Type of Plan Offering: Student Health Plan (Y/N), Medicaid (Y/N), Basic Health Plan
(Y/N), Excepted Benefit Plan-Not Standalone Dental (Y/N), Short Term Limited
Duration Plan (Y/N), Other (Y/N)
Rating Tables and Issuer Business Rules (as applicable)
The following is a list of the specific rating table and issuer business rules data elements to be
collected for non-QHP plans in the individual and small group market.
1. Issuer ID
2. Federal TIN
3. Plan ID
4. Rating Area ID
5. Product Level Rules
6

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
6. Plan Level Rules (14-digit number that identifies the plan)
7. What is the maximum number of underage (under 21) dependents used to quote rates for
a two-parent family? In which order are children rated, oldest to youngest or youngest to
oldest?
8. What is the maximum number of underage (under 21) dependents used to quote rates for
a single parent family? In which order are children rated, oldest to youngest or youngest
to oldest?
Banking Data (as applicable)
The following is a list of the specific banking data to be collected from all entities eligible to
receive payments.
1. Reason for Submission: New EFT Authorization (Y/N), Revision to Current
Authorization (e.g. account or financial institution changes) (Y/N)
2. Check here if EFT payment is being made to the Affiliate of the Entity (Attach letter
authorizing EFT payments to the Affiliated Entity)
3. Since your last EFT authorization agreement submission, have you had a Change of
Ownership and/or Change of Address? (Y/N) If yes, submit a change of information
prior to accompanying this EFT authorization.
4. Entity ID
5. Vendor ID
6. HIOS ID
7. HPID ID
8. Entity name (Legal)
9. Entity name (DBA)
10. Entity name (Division)
11. Entity: Address
12. Entity: Address 2
13. Entity: City
14. Entity: State
15. Entity: Zip Code
16. Entity: Country
17. Entity: TIN
18. List of all Entity Affiliated HIOS IDs
19. List of all Entity Affiliated HIOS ID Names
20. List of all Entity Affiliated HPID IDs
21. IRS 1099: Address
22. IRS 1099: Address 2
23. IRS 1099: City
24. IRS 1099: State
25. IRS 1099: Zip Code
26. IRS 1099: Country
27. Copy of Voided Check
28. Letter from Financial Institution for Account Validation
29. Financial Institution Routing Transit Number
30. Entity Depositor Account Number
31. Type of Account: Checking or Savings
7

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
32. Plastic Card Holder Name
33. Plastic Card Holder Billing Address
34. Plastic Card Holder Billing City
35. Plastic Card Holder Billing State
36. Plastic Card Holder Billing Zip Code
37. Plastic Card Holder Country
38. Plastic Card Type: Credit Card or Debit Card
39. Plastic Card Company: Visa, Master Card, American Express, or Discover
40. Plastic Card Holder Number
41. Plastic Card Holder Expiration Date
42. Plastic Card Holder Security Code
43. Payment Amount
44. Invoice Number
45. Invoice Date
46. Check Payment Remittance Contact: Title (up to four instances)
47. Check Payment Remittance Contact: First Name (up to four instances)
48. Check Payment Remittance Contact: Last Name (up to four instances)
49. Check Payment Remittance Contact: Phone Number (up to four instances)
50. Check Payment Remittance Contact: Phone Number Ext (up to four instances)
51. Check Payment Remittance Contact: E-mail (up to four instances)
52. Check Payment Remittance Contact: Address (up to four instances)
53. Check Payment Remittance Contact: Address 2 (up to four instances)
54. Check Payment Remittance Contact: City (up to four instances)
55. Check Payment Remittance Contact: State (up to four instances)
56. Check Payment Remittance Contact: Zip Code (up to four instances)
57. Check Payment Remittance Contact: Country (up to four instances)
58. EFT Banking Information: Title (up to four instances)
59. EFT Banking Information: First Name (up to four instances)
60. EFT Banking Information: Last Name (up to four instances)
61. EFT Banking Information: Phone Number (up to four instances)
62. EFT Banking Information: Phone Number Ext (up to four instances)
63. EFT Banking Information: E-mail (up to four instances)
64. EFT Banking Information: Bank Name (up to four instances)
65. EFT Banking Information: Address (up to four instances)
66. EFT Banking Information: Address 2 (up to four instances)
67. EFT Banking Information: City (up to four instances)
68. EFT Banking Information: State (up to four instances)
69. EFT Banking Information: Zip Code (up to four instances)
70. EFT Banking Information: Country (up to four instances)
71. Profit/Non-Profit Indicator
72. Change of Ownership Date
73. Business Line to which this banking information is applicable
74. Financial Reporting IP Address
75. Profit/Non Profit Indicator
76. Change of Ownership Date
77. Business Line to which this banking information is applicable
8

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
78. Authorized/Delegated Official Name
79. Authorized/Delegated Official Title
80. Authorized/Delegated Official Telephone Number
81. Authorized/Delegated Official E-mail Address
82. Authorized/Delegated Official Signature
83. Date of Authorization
84. Payment Contact - First Name
85. Payment Contact - Last Name
86. Payment Contact - Phone Number
87. Payment Contact - Phone Number Ext
88. Payment Contact - Email
89. Financial Transfers Contact: First Name
90. Financial Transfers Contact: Last Name
91. Financial Transfers Contact: Phone Number
92. Financial Transfers Contact: Phone Number Ext
93. Financial Transfers Contact: E-mail
94. Electronic Funds Transfer Authorization Agreement: I hereby authorize the Centers for
Medicare & Medicaid Services (CMS) to initiate credit entries, and in accordance with
31 CFR part 210.6(f) initiate adjustments for any duplicate or erroneous entries made in
error to the account indicated above. I hereby authorize the financial institution/bank
named above to credit and/or debit the same to such account. CMS may assign its rights
and obligations under this agreement to CMS’ designated contractor. CMS may change
its designated contractor at CMS’ discretion. If payment is being made to an account
controlled by an Affiliated Entity, the Entity hereby acknowledges that payment to the
Affiliated Entity under these circumstances is still considered payment to the Entity, and
the Entity authorizes the forwarding of payments to the Affiliated Entity. If the account
is drawn in the Entity’s name, or the Legal Business Name of the Entity, the said Entity
certifies that he/she has sole control of the account referenced above, and certifies that
all arrangements between the Financial Institution and the said Entity are in accordance
with all applicable CMS regulations and instructions. This authorization agreement is
effective as of the signature date below and is to remain in full force and effect until
CMS has received written notification from me of its termination in such time and such
manner as to afford CMS and the Financial Institution a reasonable opportunity to act on
it. CMS will continue to send the direct deposit to the Financial Institution indicated
above until notified by me that I wish to change the Financial Institution receiving the
direct deposit. If my Financial Institution information changes, I agree to submit to CMS
an updated signed EFT Authorization Agreement.
Edge Server Provisioning Data
The following is a list of the specific data required for the Edge Server provisioning process.
1. Edge Server Group Name
2. Primary Group Administrator - Prefix (optional)
3. Primary Group Administrator - Suffix (optional)
4. Primary Group Administrator - First Name
5. Primary Group Administrator - Last Name
9

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
6. Primary Group Administrator - Username (used to log onto Edge Server)
7. Primary Group Administrator - Position (or Title)
8. Primary Group Administrator – Email
9. Primary Group Administrator - Phone Number
10. Secondary Group Administrator - Prefix (optional)
11. Secondary Group Administrator - Suffix (optional)
12. Secondary Group Administrator - First Name
13. Secondary Group Administrator - Last Name
14. Secondary Group Administrator - Username (used to log onto Edge Server)
15. Secondary Group Administrator - Position (or Title)
16. Secondary Group Administrator – Email
17. Secondary Group Administrator - Phone Number
18. Edge Server Name
19. Edge Server Group
20. Insurance Company
21. List of Issuers
22. Primary System Administrator - Prefix (optional)
23. Primary System Administrator - Suffix (optional)
24. Primary System Administrator - First Name
25. Primary System Administrator - Last Name
26. Primary System Administrator - Username (used to log onto Edge Server)
27. Primary System Administrator - Position (or Title)
28. Primary System Administrator - Email
29. Primary System Administrator - Phone Number
30. Secondary System Administrator - Prefix (optional)
31. Secondary System Administrator - Suffix (optional)
32. Secondary System Administrator - First Name
33. Secondary System Administrator - Last Name
34. Secondary System Administrator - Username (used to log onto Edge Server)
35. Secondary System Administrator - Position (or Title)
36. Secondary System Administrator - Email
37. Secondary System Administrator - Phone Number
38. Host Name
39. Edge Server Size: Small, Medium or Large (based on server configuration)
40. IP Address (assigned to the Edge Server)
41. Netmask
42. DNS
43. Gateway
44. SMTP
45. Storage Management For OS Disk:
• Do you have a RAID? (Y/N)
• If Yes, RAID 0 or 1?
• If RAID 1, number of disks?
• Hardware of software RAID?
• If hardware RAID, name of device?
10

Appendix D – Transitional Reinsurance Program, Risk Adjustment Program, and
Payment Operations Data Requirements
• If software RAID, name of device?
• If software RAID, number of spares?
For Data Disk:
• Do you have a RAID? (Y/N)
• Confirm Redundant Array of Independent Disks (RAID) 5.
• If Yes, confirm RAID Level 5: (Y/N)
• Number of disks?
• Hardware of software RAID?
• If hardware RAID, name of device?
• If software RAID, name of device?
• If software RAID, number of spares?

11