Document
Microsoft Word - QQE-LOC-PRA-Redline
ICR 202607-0938-003 · OMB 0938-1144 · Object 170839400.
Document Viewer [pdf]
Status: Original and derived artifacts are available for this document.
Download: pdf
Loading document viewer…
Document Metadata
| File Type | application/pdf |
|---|---|
| File Title | Microsoft Word - QQE-LOC-PRA-Redline |
| Author | Stephan McKenzie |
| File Modified | 2026-07-07 |
| File Created | 2026-07-07 |
| Conversion State | complete |
Extracted Text
Quasi-QE Letter of Commitment Month DD, YYYY Point of Contact and Executive Entity Name Address City, State Zip Director, Office of Enterprise Data & Analytics Centers for Medicare & Medicaid Services 7500 Security Boulevard Mail stop: B2-29-04 Baltimore, Maryland 21244-1850 Dear Director: This letter outlines the understanding between the Centers for Medicare & Medicaid Services (CMS) and Entity Name regarding Entity Name’s intent to complete the remaining Qualified Entity Certification Program (QECP) minimum requirements: Data Security Review (Element 2.1) Intentions Regarding Reporting Levels (Element 2.2) Provider Corrections and Appeals, if applicable (Element 2.3) Secure transmission of beneficiary data, if applicable (Element 2.4) Standard Measure Use, if applicable (Element 3.1) QCDR Self-Nominated Measure Use, if applicable (Element 3.1) Alternative Measure Use, if applicable (Element 3.2) Provider and Public Report Design (Element 3.3) This letter includes the following: Attachment A: QECP Public Reporting Attestation Attachment B: Contractual Relationship Attestation (if applicable) Attachment C: Cloud Service Provider (CSP) Identification (if applicable) Attachment D: Quality Improvement Organization (QIO) Attestation (if applicable) Attachment E: QCDR Identification If CMS deems us to have sufficiently met the remaining minimum requirements listed above, Entity Name will publicly release a Qualified Entity (QE) provider performance report within 12 months of receipt of the QE Medicare data (as proposed in Attachment A). We acknowledge that, prior to our Phase 1 Application submission, we will have sufficiently completed the following: Attached evidence in the QECP online Application for Elements 1.1, 1.2, and 1.4, including: This Letter of Commitment, signed and uploaded to Element 1.1 Version 2024-I 1 Quasi-QE Letter of Commitment An attestation of Entity Name’s ability to meet all applicable requirements for Phases 2 and 3 and the ability to provide evidence during the relevant phase of the Application Entity Name understands that QE Medicare data will only be distributed to Entity Name upon successful completion of Phase 2: Data Security & Corrections and Appeals, CMS approval of submitted QE Data Use Agreement (DUA) materials, and payment of appropriate fees for the QE Medicare data. Further, Entity Name also understands that a Compliant Phase 2 review outcome does not provide a CMS endorsement, nor does it validate the sufficiency of the quasi-QE’s data security and privacy program for purposes outside of the QECP. QECP Phase 2 review outcomes are based solely on the information quasi-QEs provide to CMS at the time of the Phase 2 review. There is no guarantee regarding the future performance of a quasi-QE, especially as new system, personnel, and environmental vulnerabilities and threats continually evolve. Entity Name may not distribute provider or public reports containing QE Medicare claims data provided under this program until the QECP Team has reviewed Entity Name’s compliance with all program requirements. Upon review, if Entity Name does not demonstrate compliance with QECP requirements, CMS reserves the right to retract QE certification and require Entity Name to destroy or return QE Medicare data. The terms of this understanding are acceptable to Entity Name, and Entity Name acknowledges our agreement below. Approved by: Table 1: Entity Approval Entity Name Address Date Phone Number Entity Name Entity Address Line 1 Entity Address Line 2 Entity Address Line 3 Entity Address Line 4 Entity Address Line 5 MM/DD/YYYY Phone Number Entity Signature Entity Signature Table 2: Authorized Officer Approval Authorized Officer Date Authorized Officer Name, Title MM/DD/YYYY Authorized Officer Signature Authorized Officer Signature 2 Attachment A: QECP Public Reporting Attestation Entity Name will publicly report within 1 year of receiving QE Medicare data. Approved by: Table 3: Authorized Officer Approval Authorized Officer Date Authorized Officer Name, Title MM/DD/YYYY Authorized Officer Signature Authorized Officer Signature A-1 Attachment B: Contractual Relationship Attestation Table 4: Lead and Contractor or Member Organizations Category Details Legal Name of Lead Entity Organization Name Trade Name/Database Administrator (DBA) Organization Name Name(s) of Contractor or Member Organizations, if applicable Organization Name Does any organization on your team (lead or other) also hold a QIO contract with CMS? Yes, list organizations below: Organization Name or NA Organization Name or NA Organization Name or NA Organization Name or NA No Repeat the following two tables for each contractor or member organization relevant to the quasiQualified Entity’s Application and program. Table 5: Attestation of Agreement with Contractor or Member Organization Category Details Legal Name of Contractor, Vendor, Partner, Subsidiary or Member Organization Organization Name Trade Name/DBA Organization Name Mailing Address Address City, State Zip Type of Organization For-Profit Organization Non-Profit Organization Other (please describe) Insert Description Employer Number Insert Text Description of contractual relationship (A general description of agreements in place between the lead Entity and other contractor or member organizations, as applicable) Insert Text Effective dates on agreement Month DD, YYYY to Month DD, YYYY The partner noted above will be responsible for, or involved in meeting, compliance for the following QECP elements: Insert Text or NA Insert Text or NA Insert Text or NA B-1 Attachment B: Contractual Relationship Attestation The lead Entity must attest to the following statements regarding each contractor or member organization (as applicable) by responding yes or no to each statement. Table 6: Affirmation Statements Statement Response The contractor or member organization is willing to sign a QECP DUA. Yes The contractor or member organization understands that it will also be subject to CMS review as part of the QECP and its actions may result in sanctions and/or termination of the quasi-Qualified Entity. Yes The lead and contractor or member organization have a legally enforceable agreement in place that includes breach of contract liability if one of the members of the group fails to deliver and there would be the potential of collecting damages for that failure to perform. Yes No No No To the best of my knowledge and belief, all data in this attestation are true and correct, the document has been authorized by the governing body of the lead Entity, and the lead Entity will comply with the terms and conditions of the award and applicable Federal requirements. Approved by: Table 7: Authorized Representative Approval Authorized Representative Authorized Representative Name, Title Date MM/DD/YYYY Phone Number Phone Number Authorized Representative Signature Authorized Representative Signature B-2 Attachment C: CSP Identification The lead Entity must attest to the following statements regarding the planned use of a CSP, within the lead organization either directly or with a contractually identified data vendor. Name of Intended CSP Table 8: CSP Identification Statement Response The lead Entity plans to use a CSP within their system or has a contract that uses a CSP. Yes The lead Entity understands that any CSP that will be used for CMS data storage must have FedRAMP approval. Yes No No To the best of my knowledge and belief, all data in this attestation are true and correct, the document has been authorized by the governing body of the lead Entity, and the lead Entity will comply with the terms and conditions of the award and applicable federal requirements. Approved by: Table 9: Authorized Representative Approval Authorized Representative Authorized Representative Name, Title Address Date Phone Number Authorized Representative Address Line 1 MM/DD/YYYY Phone Number/Email Address Authorized Representative Address Line 2 Authorized Representative Signature Authorized Representative Signature Authorized Representative Address Line 3 Authorized Representative Address Line 4 Authorized Representative Address Line 5 C-1 Attachment D: CMS QIO Attestation An Entity that holds a QIO contract with CMS is permitted to function as a quasi-QE, or as part of a quasi-QE Team, under the following conditions: The Entity may not represent the fact that they are a QIO while conducting the quasi-QE activities. Any resources, both financial and operational, funded by CMS as part of the QIO contract may not be used to sustain the Entity’s quasi-QE program in any way. The Entity must continue to uphold all terms of their QIO contract, including their confidentiality and conflict of interest contractual obligations. The Entity may wish to request a conflict of interest determination by the CMS Office of Acquisitions and Grants Management. The Entity must complete an attestation during Phase 1 of the QECP Minimum Requirements Review attesting that they will adhere to the three conditions listed above. The table and signature section below must be completed by an authorized representative for each Entity in your quasi-QE Team that holds a QIO contract with CMS. If none, you are not required to submit Attachment D. Table 10: QIO Demographics Category Details Name of Entity recognized as a QIO (lead Entity or partner/collaborator as part of the quasi-QE Team) Organization Name States for which Entity functions as a QIO State(s) QIO Contact within the Entity (Name, Title, Email Address, and Phone Number) First Name Last Name, Title Email Address Phone Number First Name Last Name, Title Email Address Phone Number QIO Contact within CMS (Name, Title, Email Address, and Phone Number) D-1 Attachment D: CMS QIO Attestation Table 11: QIO Affirmation Statements Category Details We agree to maintain distinct and separate representation between quasi-QE and QIO activities. We will not represent quasi-QE work or resulting products to be a function of our QIO contract with CMS. Yes We agree to maintain funding for QE activities separate from QIO funded CMS sources. Funds or resources provided by CMS to support the QIO program will not be used or spent for the quasi-QE program, including funds or resources for operating the QIO Standard Data Processing Systems (SDPS). Medicare obtained by QEs will not be stored on the SDPS. Yes If approved as a Certified QE (or a member of a certified quasi-QE Team), we agree to uphold all terms of our QIO contract, including confidentiality and conflict of interest contractual obligations. We understand that, per our request, a QE/QIO conflict of interest analysis can be performed by CMS Office of Acquisition and Grants Management (OAGM). Yes No No No To the best of my knowledge and belief, all information in this attestation is true and correct. The document has been authorized by the governing body of the Entity mentioned on page D-1, and the Entity will comply with all terms and conditions of the affirmation statements mentioned on pages D-1 through D-2. Approved by: Table 12: Authorized Representative Approval Authorized Representative Address Date Phone Number Authorized Representative Name, Title Authorized Representative Address Line 1 MM/DD/YYYY Phone Number/Email Address Authorized Representative Address Line 2 Authorized Representative Signature Authorized Representative Signature Authorized Representative Address Line 3 Authorized Representative Address Line 4 Authorized Representative Address Line 5 D-2 Attachment E: QCDR Identification The lead Entity must provide the following information about its Qualified Clinical Data Registry. Table 13: QCDR Affirmation Statements Category Details Name of Lead Entity Organization Name Name of CMS-approved Qualified Clinical Data Registry QCDR Name Does your organization receive beneficiaryidentified clinical data through this registry? Yes, all or some of the clinical data from this registry is beneficiary identified No, none of the clinical data received from this registry is beneficiary identified To the best of my knowledge and belief, all data in this attestation are true and correct, the document has been authorized by the governing body of the lead Entity, and the lead Entity will comply with all applicable federal requirements. Table 14: Authorized Representative Approval Authorized Address Representative Date Phone Number Authorized Representative Signature Authorized Representative Name, Title MM/DD/YYYY Phone Number/Email Address Authorized Representative Signature Authorized Representative Address Line 1 D-1