Document

Microsoft Word - QQE-LOC-PRA-Redline

ICR 202607-0938-003 · OMB 0938-1144 · Object 170839400.

Document Viewer [pdf]

Status: Original and derived artifacts are available for this document.

Download: pdf

Primary: pdfSource: application/pdf
Loading document viewer…

Document Metadata

Record metadata
application/pdf
Microsoft Word - QQE-LOC-PRA-Redline
Stephan McKenzie
2026-07-07
2026-07-07
complete

Extracted Text

Quasi-QE Letter of Commitment

Month DD, YYYY
Point of Contact and Executive
Entity Name
Address
City, State Zip
Director, Office of Enterprise Data & Analytics
Centers for Medicare & Medicaid Services
7500 Security Boulevard
Mail stop: B2-29-04
Baltimore, Maryland 21244-1850
Dear Director:
This letter outlines the understanding between the Centers for Medicare & Medicaid Services (CMS) and
Entity Name regarding Entity Name’s intent to complete the remaining Qualified Entity Certification
Program (QECP) minimum requirements:


Data Security Review (Element 2.1)



Intentions Regarding Reporting Levels (Element 2.2)



Provider Corrections and Appeals, if applicable (Element 2.3)



Secure transmission of beneficiary data, if applicable (Element 2.4)



Standard Measure Use, if applicable (Element 3.1)



QCDR Self-Nominated Measure Use, if applicable (Element 3.1)



Alternative Measure Use, if applicable (Element 3.2)



Provider and Public Report Design (Element 3.3)

This letter includes the following:


Attachment A: QECP Public Reporting Attestation



Attachment B: Contractual Relationship Attestation (if applicable)



Attachment C: Cloud Service Provider (CSP) Identification (if applicable)



Attachment D: Quality Improvement Organization (QIO) Attestation (if applicable)



Attachment E: QCDR Identification

If CMS deems us to have sufficiently met the remaining minimum requirements listed above, Entity
Name will publicly release a Qualified Entity (QE) provider performance report within 12 months of
receipt of the QE Medicare data (as proposed in Attachment A).
We acknowledge that, prior to our Phase 1 Application submission, we will have sufficiently completed
the following:


Attached evidence in the QECP online Application for Elements 1.1, 1.2, and 1.4, including:


This Letter of Commitment, signed and uploaded to Element 1.1

Version 2024-I

1

Quasi-QE Letter of Commitment



An attestation of Entity Name’s ability to meet all applicable requirements for Phases 2 and 3
and the ability to provide evidence during the relevant phase of the Application

Entity Name understands that QE Medicare data will only be distributed to Entity Name upon successful
completion of Phase 2: Data Security & Corrections and Appeals, CMS approval of submitted QE Data
Use Agreement (DUA) materials, and payment of appropriate fees for the QE Medicare data. Further,
Entity Name also understands that a Compliant Phase 2 review outcome does not provide a CMS
endorsement, nor does it validate the sufficiency of the quasi-QE’s data security and privacy program for
purposes outside of the QECP. QECP Phase 2 review outcomes are based solely on the information
quasi-QEs provide to CMS at the time of the Phase 2 review. There is no guarantee regarding the future
performance of a quasi-QE, especially as new system, personnel, and environmental vulnerabilities and
threats continually evolve.
Entity Name may not distribute provider or public reports containing QE Medicare claims data provided
under this program until the QECP Team has reviewed Entity Name’s compliance with all program
requirements. Upon review, if Entity Name does not demonstrate compliance with QECP requirements,
CMS reserves the right to retract QE certification and require Entity Name to destroy or return QE
Medicare data.
The terms of this understanding are acceptable to Entity Name, and Entity Name acknowledges our
agreement below.
Approved by:
Table 1: Entity Approval
Entity Name

Address

Date

Phone Number

Entity Name

Entity Address Line 1
Entity Address Line 2
Entity Address Line 3
Entity Address Line 4
Entity Address Line 5

MM/DD/YYYY

Phone Number

Entity Signature
Entity Signature

Table 2: Authorized Officer Approval
Authorized Officer

Date

Authorized Officer Name, Title

MM/DD/YYYY

Authorized Officer Signature
Authorized Officer Signature

2

Attachment A: QECP Public Reporting Attestation
Entity Name will publicly report within 1 year of receiving QE Medicare data.
Approved by:
Table 3: Authorized Officer Approval
Authorized Officer

Date

Authorized Officer Name, Title

MM/DD/YYYY

Authorized Officer Signature
Authorized Officer Signature

A-1

Attachment B: Contractual Relationship Attestation
Table 4: Lead and Contractor or Member Organizations
Category

Details

Legal Name of Lead Entity

Organization Name

Trade Name/Database Administrator (DBA)

Organization Name

Name(s) of Contractor or Member Organizations,
if applicable

Organization Name

Does any organization on your team (lead or
other) also hold a QIO contract with CMS?

Yes, list organizations below:
 Organization Name or NA
 Organization Name or NA
 Organization Name or NA
 Organization Name or NA

No

Repeat the following two tables for each contractor or member organization relevant to the quasiQualified Entity’s Application and program.
Table 5: Attestation of Agreement with Contractor or Member Organization
Category
Details
Legal Name of Contractor, Vendor, Partner,
Subsidiary or Member Organization

Organization Name

Trade Name/DBA

Organization Name

Mailing Address

Address
City, State Zip

Type of Organization

For-Profit Organization
Non-Profit Organization
Other (please describe)
Insert Description

Employer Number

Insert Text

Description of contractual relationship (A general
description of agreements in place between the
lead Entity and other contractor or member
organizations, as applicable)

Insert Text

Effective dates on agreement

Month DD, YYYY to Month DD, YYYY

The partner noted above will be responsible for,
or involved in meeting, compliance for the
following QECP elements:

 Insert Text or NA
 Insert Text or NA
 Insert Text or NA
B-1

Attachment B: Contractual Relationship Attestation

The lead Entity must attest to the following statements regarding each contractor or member
organization (as applicable) by responding yes or no to each statement.
Table 6: Affirmation Statements
Statement

Response

The contractor or member organization is willing
to sign a QECP DUA.

Yes

The contractor or member organization
understands that it will also be subject to CMS
review as part of the QECP and its actions may
result in sanctions and/or termination of the
quasi-Qualified Entity.

Yes

The lead and contractor or member organization
have a legally enforceable agreement in place
that includes breach of contract liability if one of
the members of the group fails to deliver and
there would be the potential of collecting
damages for that failure to perform.

Yes

No
No

No

To the best of my knowledge and belief, all data in this attestation are true and correct, the document
has been authorized by the governing body of the lead Entity, and the lead Entity will comply with the
terms and conditions of the award and applicable Federal requirements.
Approved by:
Table 7: Authorized Representative Approval
Authorized Representative
Authorized Representative
Name, Title

Date
MM/DD/YYYY

Phone
Number
Phone
Number

Authorized Representative Signature
Authorized Representative
Signature

B-2

Attachment C: CSP Identification
The lead Entity must attest to the following statements regarding the planned use of a CSP, within the
lead organization either directly or with a contractually identified data vendor.
Name of Intended CSP
Table 8: CSP Identification
Statement

Response

The lead Entity plans to use a CSP within their system or has a contract
that uses a CSP.

Yes

The lead Entity understands that any CSP that will be used for CMS
data storage must have FedRAMP approval.

Yes

No
No

To the best of my knowledge and belief, all data in this attestation are true and correct, the document
has been authorized by the governing body of the lead Entity, and the lead Entity will comply with the
terms and conditions of the award and applicable federal requirements.
Approved by:
Table 9: Authorized Representative Approval
Authorized
Representative
Authorized
Representative
Name, Title

Address

Date

Phone Number

Authorized Representative
Address Line 1

MM/DD/YYYY

Phone
Number/Email
Address

Authorized Representative
Address Line 2

Authorized
Representative Signature
Authorized
Representative
Signature

Authorized Representative
Address Line 3
Authorized Representative
Address Line 4
Authorized Representative
Address Line 5

C-1

Attachment D: CMS QIO Attestation
An Entity that holds a QIO contract with CMS is permitted to function as a quasi-QE, or as part of a
quasi-QE Team, under the following conditions:


The Entity may not represent the fact that they are a QIO while conducting the quasi-QE
activities.



Any resources, both financial and operational, funded by CMS as part of the QIO contract may
not be used to sustain the Entity’s quasi-QE program in any way.



The Entity must continue to uphold all terms of their QIO contract, including their confidentiality
and conflict of interest contractual obligations. The Entity may wish to request a conflict of
interest determination by the CMS Office of Acquisitions and Grants Management.



The Entity must complete an attestation during Phase 1 of the QECP Minimum Requirements
Review attesting that they will adhere to the three conditions listed above.

The table and signature section below must be completed by an authorized representative for each
Entity in your quasi-QE Team that holds a QIO contract with CMS. If none, you are not required to
submit Attachment D.
Table 10: QIO Demographics
Category

Details

Name of Entity recognized as a QIO (lead Entity
or partner/collaborator as part of the quasi-QE
Team)

Organization Name

States for which Entity functions as a QIO

State(s)

QIO Contact within the Entity (Name, Title, Email
Address, and Phone Number)

First Name Last Name, Title
Email Address
Phone Number
First Name Last Name, Title
Email Address
Phone Number

QIO Contact within CMS (Name, Title, Email
Address, and Phone Number)

D-1

Attachment D: CMS QIO Attestation
Table 11: QIO Affirmation Statements
Category

Details

We agree to maintain distinct and separate representation between
quasi-QE and QIO activities. We will not represent quasi-QE work or
resulting products to be a function of our QIO contract with CMS.

Yes

We agree to maintain funding for QE activities separate from QIO
funded CMS sources. Funds or resources provided by CMS to support
the QIO program will not be used or spent for the quasi-QE program,
including funds or resources for operating the QIO Standard Data
Processing Systems (SDPS). Medicare obtained by QEs will not be
stored on the SDPS.

Yes

If approved as a Certified QE (or a member of a certified quasi-QE
Team), we agree to uphold all terms of our QIO contract, including
confidentiality and conflict of interest contractual obligations. We
understand that, per our request, a QE/QIO conflict of interest analysis
can be performed by CMS Office of Acquisition and Grants
Management (OAGM).

Yes

No

No

No

To the best of my knowledge and belief, all information in this attestation is true and correct. The
document has been authorized by the governing body of the Entity mentioned on page D-1, and the
Entity will comply with all terms and conditions of the affirmation statements mentioned on pages D-1
through D-2.
Approved by:
Table 12: Authorized Representative Approval
Authorized
Representative

Address

Date

Phone Number

Authorized
Representative Name,
Title

Authorized
Representative Address
Line 1

MM/DD/YYYY

Phone
Number/Email
Address

Authorized
Representative Address
Line 2

Authorized
Representative
Signature
Authorized
Representative
Signature

Authorized
Representative Address
Line 3
Authorized
Representative Address
Line 4
Authorized
Representative Address
Line 5

D-2

Attachment E: QCDR Identification
The lead Entity must provide the following information about its Qualified Clinical Data Registry.
Table 13: QCDR Affirmation Statements
Category

Details

Name of Lead Entity

Organization Name

Name of CMS-approved Qualified Clinical Data
Registry

QCDR Name

Does your organization receive beneficiaryidentified clinical data through this registry?

Yes, all or some of the clinical data from this
registry is beneficiary identified
No, none of the clinical data received from
this registry is beneficiary identified

To the best of my knowledge and belief, all data in this attestation are true and correct, the document
has been authorized by the governing body of the lead Entity, and the lead Entity will comply with all
applicable federal requirements.
Table 14: Authorized Representative Approval
Authorized
Address
Representative

Date

Phone Number

Authorized
Representative
Signature

Authorized
Representative
Name, Title

MM/DD/YYYY Phone
Number/Email
Address

Authorized
Representative
Signature

Authorized
Representative Address
Line 1

D-1