Supporting Statement Part A
Data Collection for Medicare Beneficiaries Receiving Carotid Artery Stenting with Embolic Protection
Background
To encourage responsible and appropriate use of Carotid Artery Stenting (CAS) with embolic protection, CMS issued a Decision Memo for Carotid Artery Stenting on March 17, 2005. As a result, Medicare covers Percutaneous Transluminal Angioplasty (PTA) of the carotid artery concurrent with the placement of an FDA-approved carotid stent with embolic protection for the following:
•Patients who are at high risk for CEA and who also have symptomatic carotid artery stenosis >70 %. Coverage is limited to procedures performed using FDA-approved carotid artery stenting systems and FDA- approved or -cleared (effective December 9, 2009) embolic protection devices. If deployment of the embolic protection device is not technically possible, and not performed, then the procedure is not covered by Medicare (effective December 9, 2009);
•Patients who are at high risk for CEA [Carotid Endarterectomy] and have symptomatic carotid artery stenosis between 50 % and 70 %, in accordance with the Category B IDE clinical trials regulation (42 CFR 405.201), as a routine cost under the clinical trials policy (Medicare National Coverage Determination (NCD) Manual 310.1), or in accordance with the NCD on carotid artery stenting (CAS) post-approval studies (Medicare NCD Manual 20.7);
•Patients who are at high risk for CEA and have asymptomatic carotid artery stenosis >80 %, in accordance with the Category B IDE clinical trials regulation (42 CFR 405.201), as a routine cost under the clinical trials policy (Medicare NCD Manual 310.1), or in accordance with the NCD on CAS post- approval studies (Medicare NCD Manual 20.7).
CMS has determined that CAS with embolic protection is reasonable and necessary {§1862 (A)(1)(a) of the Social Security Act} only if performed in facilities that have been determined to be competent in performing the evaluation, procedure and follow-up necessary to ensure optimal patient outcomes. Standards to determine competency include specific physician training standards, facility support requirements and data collection and submission requirements. CMS has created a list of minimum standards (https://www.cms.gov/medicare-coverage-database/details/ncd-details.aspx?NCDId=201&ncdver=10&bc=AAAAgAAAAAAAAA%3d%3d&) modeled in part on professional society statements on competency. All facilities must at least meet CMS’s standards in order to receive coverage for carotid artery stenting for high risk patients.
Justification
Need and Legal Basis
CMS considers coverage for CAS with embolic protection reasonable and necessary {§1862 (A)(1)(a) of the Social Security Act} for patients at high risk for carotid endarterectomy and for those who also have symptomatic carotid artery stenosis > 70%. However, these procedures must be performed in facilities that have been determined to be competent in performing the evaluation, procedure and follow-up necessary to ensure optimal patient outcomes. Standards to determine competency will include specific physician training standards, facility support requirements and data collection to evaluate outcomes during a required reevaluation and data submission to CMS.
Information Users
To qualify for payment of covered CAS procedures, facilities must submit a written affidavit to CMS attesting that the facility has met the minimum facility standards as described in the National Coverage Determination (NCD CAG # 00085R). There are other coverage criteria that must be met beyond facility approval, so approval does not guarantee Medicare coverage CMS posts and regularly updates an electronic list of all certified facilities viewable at: http://www.cms.hhs.gov/MedicareApprovedFacilitie/CASF/list.asp#TopOfPage. A new affidavit is required every two years to ensure that facilities maintain high standards. Data submissions are required every six months on April 1 and October 1. Beginning October 1, 2015, approved facilities must also sign a Business Associate Privacy Agreement to satisfy HIPAA requirements and compliance. Current agreements are in effect through September 13, 2018. Data submissions and agreements are submitted to and managed by a contractor, Fu Associates. Ltd.
There are no forms provided by CMS. Since submitting this revision we have placed a moratorium on the data submission component, however we believe the PRA is still needed as we can restart the requirement should the agency decide to do so. In that case, the data submission spreadsheet and BAA that were submitted as part of this PRA revision would be used.
Use of Information Technology
The written affidavits to CMS attesting that the facility has met the minimum facility standards were submitted to the agency via mail for all currently CMS approved facilities. These affidavits are not included in the burden calculation. The information is being used to support payment to the facility and provider. The agency has used information technology by making a list of all approved facilities available at the website listed above. Business Associate Privacy Agreements are signed and submitted electronically.
Duplication of Efforts
This information collection does not duplicate any other effort and the information cannot be obtained from any other source.
Small Businesses
This collection of information does not impact small businesses or other small entities.
Less Frequent Collection
The collection of this data occurs once every two years (letters) and twice a year (data) for each facility that wants to obtain and maintain certification to perform the procedure on the high risk patient for CEA and be eligible for Medicare coverage. If the information is not collected, CMS cannot meet its responsibility to encourage responsible and appropriate use of CAS with embolic protection, which could result in CAS procedures being performed in facilities without sufficient equipment, device inventory, staffing, infrastructure and capabilities necessary to properly and safely provide these services to Medicare beneficiaries and to document and analyze patient outcomes.
Beginning October 1, 2015, the Business Associate Privacy Agreement must be signed once every three years.
Special Circumstances
There are no special circumstances.
Federal Register/Outside Consultation
The 60-day Federal Register notice for this collection published on February 17, 2017 (82 FR 11040). There were no public comments.
The 30-day Federal Register notice published on April 28, 2017 (82 FR 19734). There were no public comments.
The NCD was opened on June 18, 2004. During the period between opening and closing the NCD, CMS met with representatives from the device manufacturers and professional provider societies to discuss facility experience requirements, physician training programs, and appropriate patient selection criteria in relation to CAS. CMS convened a town hall meeting on August 17, 2004 in Baltimore where these issues were discussed and the attendees were representative of the medical device industry, FDA and physician professional societies. The list of minimum standards for facilities was modeled in part on professional society statements on competency.
Payments/Gifts to Respondents
No payment or gift will be provided to respondents.
Confidentiality
Data are submitted twice a year via encrypted CD in spreadsheet format to a contractor, Fu Associates, Ltd. In addition to managing data submissions, Fu Associates, Ltd. manages Business Associate Privacy Agreements with approved CAS facilities which must be signed every three years.
CMS shall be assured that all applicable patient confidentiality, privacy, and other Federal laws are complied with, including the Standards for Privacy of Individually Identifiable Health Information (Privacy Rule). The Business Associate Privacy Agreement ensures HIPAA requirements are met.
Sensitive Questions
There are no questions of a sensitive nature included in this data collection.
Burden Estimates (Hours & Wages)
The burden associated with this requirement is the time and effort necessary for the facility to, collect, retrieve, organize and submit the data elements twice a year, and does not include the written affidavit discussed above. We estimate it will take 30 minutes at $38.88/hour for a medical records and health information technician to complete each data submission based on data from the Bureau of Labor and Statistic’s wage rate (https://www.bls.gov/oes/current/oes292071.htm). We also estimate it will take 10 hours at 38.88/hour for a medical records and health information technician to collect the data for each submission. Because currently 1,370 facilities are approved to perform CAS procedures, we estimate, at most, 2,740 submissions (two per year for facility) on an annual basis. Annually, we estimate 2,740 submissions with associated data collection at a cost of $816.48 per facility (or $408.24 per submission per facility). In aggregate, we estimate 28,770 hours (10.5 hours x 2740 submissions) at $1,118,578 ($816.48 x 1370 facilities). This estimate accounts for facilities that have not performed any procedures and thus would require no time as well as facilities that have performed a large number of procedures (100+) and would require more time.
The burden associated with the requirement to sign the Business Associate Privacy Agreements includes the time and effort necessary to review, complete, sign and return the agreement. The agreement must be signed once every three years. We estimate it will take 30 minutes at $38.88/hour for a medical records and health information technician to review, complete, sign and return the agreement based on data from the Bureau of Labor and Statistic’s wage rate (https://www.bls.gov/oes/current/oes292071.htm). To calculate the burden, we have calculated the burden for the 1,370 approved facilities to review, complete, sign and return the agreement and divided it by three. We estimate 1,370 agreement submissions at a cost of $19.44 per facility. In aggregate per agreement submission, we estimate 685 hours (0.5 hours x 1,370 submissions) at $26,633 ($19.44 x 1,370 submissions). Since agreements must be signed every three years, we estimate the aggregate annual burden to be 228 hours (685 hours / 3 years) and $8,878 ($26,633/3 years).
We estimate the total annual burden of this collection including the data submission and associated data collection requirements plus the requirement to sign the Business Associate Privacy Agreement every three years to be 28,998 hours (28,770 hours + 228 hours) and $1,127,456 ($1,118,578 + $8,878).
Activity |
Respondents |
Responses |
Burden per Response (hours) |
Total Annual Burden (hours) |
Labor Cost of Reporting ($/hr) |
Total Cost ($)* |
Data Submission |
1,370 |
2,740 |
10.5 |
28,770 |
38.88 |
1,118,578 |
Business Associate Agreement (1 time every 3 years) |
1,370 |
456 |
0.5 |
228 |
38.88 |
8,878 |
|
|
|
|
28,998 |
|
1,127,456 |
Capital Costs
There are no capital costs.
Cost to the Federal Government
Activities related to data submissions and Business Associate Privacy Agreements are handled through a contract with Fu Associates, Ltd. The cost of this contract is $114,507 annually.
Changes to Burden
Due to adjustments in these estimates, which were inaccurate due to an error, and the addition of the Business Associate Privacy Agreement requirement to satisfy HIPAA requirements and compliance, the burden has increased from 500 hours at $0 to 28,998 hours at $1,127,456.
Publication/Tabulation Dates
There are no publication or tabulation dates.
Expiration Date
CMS will display the expiration date on the collection instruments and the website: https://www.cms.gov/Medicare/Medicare-General-Information/MedicareApprovedFacilitie/CASrecert.html.
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | Sarah Fulton |
| File Modified | 0000-00-00 |
| File Created | 2021-01-22 |