Member Forum

1.  MACRA

Posted 10-12-2017 12:53
Is anyone here doing MACRA this year?

How are you handling the Security Risk Analysis.  Have you found a cheap or free way to accomplish this?  How are you doing the electronic transmission of the CCDA Clinical Summary?

------------------------------
Kathleen Saradarian, MD
Branchville, NJ
------------------------------


2.  RE: MACRA

Posted 10-13-2017 19:33
My impression is that we just have to attest to doing the SRA by checking a box and similarly merely attest to the practice improvement project (and no further guidelines are provided).

As long as we report something - no penalty.

I am doing the same thing I have done in past years for MU for the SRA.
Create a document with headings for Technical Safeguards (wireless security, passwords), Administrative Safeguards (when an employee leaves you delete their account, create access levels based on role) and Physical Safeguards (locked off, acknowledge what is stored on site that could be stolen, damaged in a disaster).
Create an inventory of all devices that access or store PHI/charts and list them on the same document.
Review it with staff and sign off on it.

------------------------------
Mamatha Agrawal, MD
Family Doctor CaryNC
Cary, NC
Live in Raleigh, NC
Solo since 2012
Practice Fusion and NueMD
------------------------------



3.  RE: MACRA

Posted 10-17-2017 20:03
That certainly sounds easy enough (SRA) , but I am afraid that there are 4 mandatory components of ACI that need to be completed including SRA.  The clinical, for me, is reported by the ACO I am a member of.  That covers the Quality Improvement.  Its the ACI (formerly known as MU) that is throwing me a hook, primarily the electronic exchange of a CCDA Clinical Summary

------------------------------
Kathleen Saradarian, MD
Branchville, NJ
------------------------------



4.  RE: MACRA

Posted 10-18-2017 04:42
this is what Practice fusion says
I  did not know my ACo did anything for this But CCD-yup Noone here  doing  it However I can create one and sent it to one of you using mickey mouse as a patietn Would that work?
 I am tired and  discouraged

2017 ACI Transition Measure: Security Risk Analysis

Under the Merit-based Incentive Payment System (MIPS) pathway of the MACRA Quality Payment Program, the Advancing Care Information (ACI) category replaces the Medicare EHR Incentive Program (Meaningful Use). ACI is one of the three performance categories that will be considered and weighted for scoring a clinician's performance under MIPS (four categories will be included starting in 2018). A clinician's score for the Security Risk Analysis measure is dependent on the clinician meeting the measure's base score requirements. For more information on ACI scoring methodology, please click http://knowledgebase.practicefusion.com/knowledgebase/articles/1103756-what-is-the-advancing-care-information-aci-categ" style="box-sizing:border-box;margin:0px;padding:0px;border-width:0px;border-style:none;border-color:currentcolor;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;line-height:1em;font-family:inherit;vertical-align:baseline;text-decoration:underline;color:rgb(20,164,236);background:rgba(0,0,0,0) none repeat scroll 0px 0px">here.

Objective:

Protect Patient Health Information

Measure:

Security Risk Analysis                  
Conduct or review a security risk analysis in accordance with the requirements in 45 CFR 164.308(a)(1), including addressing the security (to include encryption) of ePHI data created or maintained by CEHRT in accordance with requirements in 45 CFR164.312(a)(2)(iv) and 45 CFR 164.306(d)(3), and implement security updates as necessary and correct identified security deficiencies as part of the MIPS eligible clinician's risk management process.

Scoring Information:

  • Required for Base Score (50%): Yes
  • Percentage of Performance Score (up to 90%): None
  • No bonus points available

Reporting Requirements

  • YES/NO: To meet this measure, eligible clinicians must attest YES to conducting or reviewing a security risk analysis and implementing security updates as necessary and correcting identified security deficiencies.

ONC Security Risk Analysis (SRA) Tool
In collaboration with the HHS Office for Civil Rights, the ONC released a tool to help practices conduct and document a comprehensive assessment to identify risks in their organizations. The SRA tool also produces a report that can be useful for audits.

http://www.healthit.gov/providers-professionals/security-risk-assessment-tool" style="box-sizing:border-box;margin:0px;padding:0px;border-width:0px;border-style:none;border-color:currentcolor;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;line-height:1em;font-family:inherit;vertical-align:baseline;text-decoration:underline;color:rgb(20,164,236);background:rgba(0,0,0,0) none repeat scroll 0px 0px">Download the Security Risk Analysis tool >>

Since your practice is unique and you know your practice best, you are ultimately responsible for adopting and implementing security and privacy measures that are appropriate and reasonable for your practice's needs and capabilities.

For additional support, you should consult with a qualified professional who can use his or her expertise to help mitigate potential risks, identify potential areas for improving security, and train your staff. CMS has also created a Security Risk Analysis Tip Sheet to help you understand this requirement.

Make sure to keep any documentation you use for your records to prove you have completed this measure during your reporting year: It is acceptable for the security risk analysis to be conducted outside the selected MIPS performance period, however, the analysis must be unique for each MIPS performance period, the scope must include the full MIPS performance period, and the analysis must be conducted within the calendar year of the MIPS performance period (January 1st – December 31st).

Data Validation
CMS has published guidance to help providers better understand the documentation they should retain around meeting MIPS requirements. CMS calls this guidance "MIPS Data Validation Criteria" because it describes the types of documentation that would validate the data the provider submits to CMS at the end of the performance period. You can learn more about this by reviewing http://www.practicefusion.com/wp-content/uploads/2017/09/MIPS-Data-Validation-Fact-Sheet-2017-08-02-Remediated.pdf" style="box-sizing:border-box;margin:0px;padding:0px;border-width:0px;border-style:none;border-color:currentcolor;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;line-height:1em;font-family:inherit;vertical-align:baseline;text-decoration:underline;color:rgb(20,164,236);background:rgba(0,0,0,0) none repeat scroll 0px 0px">CMS' MIPS Data Validation Fact Sheet and you can see the specific documentation guidelines applicable to the ACI Transition Measures in http://www.practicefusion.com/wp-content/uploads/2017/09/MIPS-Data-Validation-Criteria-2017-08-02-ACI-2017-Transitional-Measures-Remediated.pdf" style="box-sizing:border-box;margin:0px;padding:0px;border-width:0px;border-style:none;border-color:currentcolor;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;line-height:1em;font-family:inherit;vertical-align:baseline;text-decoration:underline;color:rgb(20,164,236);background:rgba(0,0,0,0) none repeat scroll 0px 0px">CMS' MIPS Data Validation Criteria for ACI Transition Measures.

More information

  • Review the CMS specifications for more information about the Advancing Care Information Transitional measures.
  • For more information on the Merit-based Incentive Payment System (MIPS) program, you can visit Practice Fusion's Quality Payment Program Center.
  • CMS also provides further resources about the Quality Payment Programhttps://qpp.cms.gov/" style="box-sizing:border-box;margin:0px;padding:0px;border-width:0px;border-style:none;border-color:currentcolor;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;line-height:1em;font-family:inherit;vertical-align:baseline;text-decoration:underline;color:rgb(20,164,236);background:rgba(0,0,0,0) none repeat scroll 0px 0px"> here.

--



     Jean Antonucci MD
     115 Mt Blue Circle
     Farmington ME 04938
ph 207 778 3313   fax 207 778 3544
www.jeanantonucci.com





5.  RE: MACRA

Posted 10-20-2017 11:04
Re SRA:

Too much for me to do.  I got assistance from my Medicare regional extension program for Medicaid MU.  SRA came with the package.  The sell the SRA separately to practices.  Your extension/technical assistance organization may have SRA assistance for a price for this year.  I found it very helpful and cut down the time I put into it by 90%.  You may have to pay for it this year.  Next year you might qualify for MIPS assistance which may (or may not) come with SRA assistance.

https://qpp.cms.gov/docs/QPP_Technical_Assistance_Resource_Guide.pdf

Craig

------------------------------
Craig Ross, M.D.
Family Medicine
South Arbor Family Care
Ann Arbor, MI
M: 734-756-8446
W: 734-707-7075
------------------------------



6.  RE: MACRA

Posted 10-18-2017 06:54

Most of my Medicare patients are in Medicare Advantage plans where the quality measures are more straightforward and there is no MU/ACI requirement.  I have less than 100 straight Medicare patients so I'm exempt from the penalties. 

Nationwide, patients are apparently shifting to the Medicare Advantage plans, particularly where there is no additional monthly premium.  Even for patients with Medicaid plus a spend-down MA is a good idea.

If there are opportunities to participate in an MA plan, the IMP model works quite well, particularly if risk-based or shared savings contracts are available.  I was not able to access these as an individual but through an IPA.  In these situations anyone with more than 100 patients is in a reasonable position to make money.  Some IPAs will cover the downside for the initial 1-2 years until the panel gets big enough.

Mike





7.  RE: MACRA

Posted 10-19-2017 03:02
Seems many IMPs in IPAs. Still doesn't seem the norm out here in WA. I think there is only one by us that I could participate in if I chose but when I queried them I got no response. Is anyone beside Gwen Hanson in one out here?

And last I heard from Gwen a few years ago, hers didn't do anything to help her now but she joined thinking it will help her in the future. If you see this Gwen I'm interested in an update.

I'm curious for all those in IPAs, did you seek them out or did they approach you?

Melissa Weakland, MD
Ballard Neighborhood Doctors
5416 Barnes Ave NW
Seattle, WA 98107
Phone: (206)-297-7678
Fax: (206)-297-5930




8.  RE: MACRA

Posted 10-20-2017 05:24

Sought them out.  Changed when first didn't meet expectations.


Jeff Huotari, M.D.
BlueSky Health
138 W. Highland Rd., Suite 950
Howell, MI  48843
517-545-2400
blueskyhealth.org

Confidentiality Notice:  This email message, including any attachments, is for the sole use of the intended recipient or recipients and may contain confidential, privileged, personal health information and/or proprietary information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not an intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message and any attachments.






9.  RE: MACRA

Posted 10-20-2017 07:16

Melissa:

I kind of approached them.  I was trying to participate in one of the local Medicare Advantage plans and they forwarded my name to several IPAs.  One of them contacted me and ultimately offered to let me join.  Before that I had no idea risk-based or shared savings contracts were available.  There was definately some good luck involved that helped me.

If someone was investigating these options in their area, you could inquire with the physician reps for the insurance company and ask if there are any group or individual contracts that include alternatives to standard fee for service.  Also, the local medical society might have some information.

Mike