SPECIAL NOTICE

EHR Incentive Programs – Act Now

Did you know incentive payments are available to certain physicians that adopt certified Electronic Health Record (EHR) technology and show they’ve used it to help improve quality, safety, and effectiveness of care?

Starting this year, Medicare and Medicaid will provide significant incentive payments to health care professionals. Doctors and other health care providers that sign up for the Medicare incentive program in 2011 or 2012 can receive up to $44,000 per provider over the life of the program. So, an office with three doctors could receive up to $152,000. Some Medicaid providers can receive much more.

Who is Eligible?
The Medicare and Medicaid incentive programs have slightly different eligibility requirements. Eligible professionals under the Medicare program include:

· Doctor of medicine or osteopathy
· Doctor of dental surgery or dental medicine
· Doctor of podiatry
· Doctor of optometry
· Chiropractor

Eligible professionals under the Medicaid program include:

· Physicians (primarily doctors of medicine and doctors of osteopathy)
· Nurse practitioner
· Certified nurse-midwife
· Dentist
· Physician assistant who furnishes services in a Federally Qualified Health Center or Rural Health Clinic that is led by a physician assistant.

In addition, eligible professionals who wish to participate in the Medicaid program have to meet certain volume thresholds:

· Have a minimum 30% Medicaid patient volume*
· Have a minimum 20% Medicaid patient volume, and is a pediatrician*
· Practice predominantly in a Federally Qualified Health Center or Rural Health Center and have a minimum 30% patient volume attributable to needy individuals
* Children's Health Insurance Program (CHIP) patients do not count toward the Medicaid patient volume criteria

If you are eligible for both the Medicare and Medicaid EHR Incentive Programs, you must choose which one to participate in when you register. Before 2015, you may switch programs only once after the first incentive payment is initiated. Most eligible professionals will maximize their incentive payments by participating in the Medicaid EHR Incentive Program.

The Medicare and Medicaid EHR Incentive Programs are new and separate programs from other active CMS incentive programs, such as the Physicians Quality Reporting Initiative (PQRI) and the MIPPA E-Prescribing Incentive Program. A physician who chooses to participate in the Medicare EHR incentive program cannot receive incentive payments from the MIPAA E-prescribing incentive program.

What is Certified EHR Technology?
Both the Medicare and Medicaid EHR Incentive Programs require the use of certified EHR technology. Standards, implementation specifications, and certification criteria have been adopted by the Department of Health and Human Services. EHR technology must be tested and certified by an Office of the National Coordinator (ONC) Authorized Testing and Certification Body (ATCB) in order for a provider to qualify for EHR incentive payments; even if you are already using EHR technology, it must be tested and certified by an ONC-ATCB specifically for the Medicare and Medicaid EHR Incentive Programs.

EHR technologies that meet the certification requirements for the Medicare and Medicaid EHR Incentive Programs are listed on the ONC Web site at http://onc-chpl.force.com/ehrcert. Keep in mind that you do not need to have your certified EHR technology in place in order to register for the EHR incentive programs! However, you must adopt, implement, upgrade, or successfully demonstrate meaningful use of certified EHR technology under the Medicaid EHR Incentive Program and successfully demonstrate meaningful use of certified EHR technology under the Medicare EHR Incentive Program before you can receive an EHR incentive payment.

Registration
Registration for the Medicare EHR Incentive Program is now open. The Medicaid EHR Incentive Programs can also begin this year, but Pennsylvania has not yet implemented its program.

Registering for the Electronic Health Record Incentives only takes a few simple steps.

Before an eligible professional can register, you must be sure to have a national provider identifier (NPI) number, and, for the Medicare incentive program only, have an enrollment record in the Provider Enrollment, Chain and Ownership System (PECOS). If you aren’t sure if you have a record in PECOS, you can check online at https://pecos.cms.hhs.gov/pecos/login.do or contact Highmark Medicare Services at 1-866-488-0549, option 1.

Once you are sure that you have an enrollment record in Medicare’s system, online registration is easy. Be sure to have the following documents handy:

· National Provider Identifier (NPI).
· National Plan and Provider Enumeration System (NPPES) User ID and Password.
· Payee Tax Identification Number (if you are reassigning your benefits to a group).
· Payee National Provider Identifier (NPI)(if you are reassigning your benefits).

Please be aware that eligible professionals currently are not permitted to allow a practice manager or any other person to register in their place. Sharing your NPPES user ID and password can place your information at risk. However, beginning in May 2011, CMS plans to allow an eligible professional to designate a third party who can register and attest on behalf of an eligible professional. States may not necessarily offer the same functionality for the Medicaid incentive program.

To start the online registration process, simply point your web browser to https://ehrincentives.cms.gov/hitech/login.action and select the link titled “Eligible Professionals”

Attestation:
In order to earn the incentive payments in 2011, you will be asked to attest that you have been utilizing certified electronic health record technology in a meaningful way. Attestation will begin in April, with initial incentive payments made in May.

Payment Adjustments:
If you do not sign up for either the Medicare or Medicaid incentive program, and therefore do not successfully demonstrate meaningful use of certified EHR technology, your Medicare physician fee schedule amount for covered professional services will be adjusted beginning in 2015. The payment adjustments will be as follows:

· 2015—99 percent of Medicare physician fee schedule covered amount
· 2016—98 percent of Medicare physician fee schedule covered amount
· 2017 and each subsequent year—97 percent of Medicare physician fee schedule covered amount

The Recovery Act allows for a hardship exception, which, if applicable, could exempt certain eligible professionals from the payment adjustment. The exemption is subject to annual renewal, but in no case will it be given for more than five years.

Resources:
To learn more about the programs, visit the official EHR Incentive Program Web site at www.cms.gov/EHRIncentivePrograms.

The sooner you act, the more you can receive.

7/29/10

Changes to the Colorado Medical Practice Act

During the 2010 legislative session, HB-1260 was passed, continuing the Colorado Medical Board and making changes to the Medical Practice Act. Below is the link to the Medical Board’s website where detailed information concerning those changes is available.

Link to specific information regarding the legislative changes and link to sign up for future E-updates: http://www.dora.state.co.us/medical/ChangestotheMedicalPracticeAct.pdf

All future communication regarding the implementation of changes to the Medical Practice Act will be by email. You are strongly encouraged to sign up to receive updates from the Medical Board so you can be assured you are in compliance with all requirements pertaining to your license.

Link to Medical Board main website: http://www.dora.state.co.us/medical/index.htm

Update on Medical Home Online Educational Course

The American College of Osteopathic Family Physicians recently announced that ACOFP members now have access to an online course that can help osteopathic family physicians transform their practices into Patient-Centered Medical Homes.

Offered by the Johns Hopkins Bloomberg School of Public Health, "Practice Leaders in Medical Homes" is an online, CME-eligible, 9-module course that provides osteopathic physicians, practice administrators, and other practice leaders with exposure to the competencies that facilitate effective practice within medical homes.

This course is available through an agreement between ACOFP and Johns Hopkins and it reflects ACOFP's strategic goal of providing members with access to quality educational resources related to the emerging Patient-Centered Medical Home concept of primary care.

Each 1-hour module includes self-assessment questions, a short reading, a narrated presentation, a case study, a video vignette, final assessment questions and additional resources. Tuition is $15 per module. Topics include:

Assessing Readiness to Change into a Medical Home
Leading Change in Medical Homes
Health Information Technology in Medical Homes
Interdisciplinary Teams in Medical Homes
Communicating with Patients of Medical Homes
Supporting Patient Self-Management within Medical Homes
Care Management in Medical Homes
Continuity of Care for Patients of Medical Homes
Managing the Medical Home

Each module has been reviewed and is acceptable for 1 Category 2-B credit by the American Osteopathic Association. To obtain a Certificate of Participation for each module, successful learners must complete a quiz and achieve a grade of 70 percent or better.

Click here for details or to begin the course. If you are not familiar with the distance learning management system, start by clicking on the "Before You Begin" blue button on the launch page. Once you set up an account in the system, you will be prompted to enter your credit card information and the system will direct you to the starting page for the module you select. You can register for as many modules as you want. If you have questions, please send an e-mail message.

FTC Red Flag Rule

Frequently Asked Questions and Guide

On November 9, 2007, the Federal Trade Commission (FTC) published its Red Flag rule concerning identity theft. Under the rule, financial institutions and creditors are required to develop and implement a written identity theft program to identify, detect, and respond to possible risks of identity theft relevant to them. The original compliance deadline was November 1, 2008. The FTC extended the deadline to June 1, 2010 after receiving complaints, particularly from the medical community, regarding the definition of creditor.

According to the FTC, a creditor is "any person who regularly extends, renews, or continues credit; any person who regularly arranges for the extension, renewal or continuation of credit; or any assignee of an original creditor who participates in the decision to extend, renew or continue credit." FTC attorneys have taken the position that physicians are creditors, if they do not require full payment upfront at the time they see patients, but bill patients after the services are rendered. The physician associations have called on the FTC to not apply this rule to the physician community.

In February, the FTC responded to physicians associations in a written letter that the creditor definition does apply to the physician community. The FTC noted that the rule's requirements are risk-based, meaning that the steps covered entities must take to address potential identity theft should be commensurate with the risks they encounter. Therefore, if a physician's practice is at low risk for identity theft, an appropriate program may consist of checking photo identification and having procedures in place in case the physician's office is notified that the patient's identity has been misused.

The AOA recently signed onto a letter with the AMA and other physician associations maintaining our position that the FTC rule should not apply to the physician community. We also called on the FTC to reopen the rule for public comment. In the meantime, the AOA has compiled this Frequently Asked Questions and Guide to help our members with the red flag rule.

What is a Red Flag?

The FTC defines the Red Flag as a pattern, practice, or specific activity that indicates the possible risk of identity theft. Examples include:

1) Alerts, notifications, or other warnings received from consumer reporting agencies or service providers, such as fraud detection services;
2) The presentation of suspicious documents;
3) The presentation of suspicious personal identifying information, such as a suspicious address change;
4) The unusual use of, or other suspicious activity related to, a covered account; and
5) Notice from customers, victims of identity theft, law enforcement authorities, or other persons regarding possible identity theft in connection with covered accounts held by the financial institution or creditor.

Does the red flag policy differ from HIPAA?

HIPAA's privacy and security requirements are meant to protect a patient's personal health information. The FTC Red Flag Rule extends protection to other information such as credit card information, tax identification numbers (i.e., Social Security numbers), and insurance claim information.

How prevalent is Medical Identity Theft?

According to the FTC, 8.3 million American adults were victims of identity theft in 2005. Three percent of those victims said that the thief had obtained medical treatment, services, or supplies using their personal information.

What are some examples of Medical Identity Theft?

The World Privacy Forum has released a report on how the FTC rule applies to health care providers. The report gives many examples of medical identity theft, such as your patient receives a bill for another individual, or for a product or service he/she did not receive, or from a doctor he/she did not see. (For the full report, go to www.worldprivacyforum.org) Other examples are:

Records showing medical treatment inconsistent with physical exam or medical history of the patient;
Coverage for a legitimate hospital stay is denied because insurance benefits have been depleted or a life time cap has been reached;
A complaint or question from a patient about information added to a credit report by a health care provider or insurer;
A dispute of a bill by a patient who claims to be the victim of any type of identity theft;
A patient who has an insurance number but never produces an insurance card or other physical documentation of insurance.

How to detect a suspicious document?

According to the FTC, suspicious documents include ones for identification that are inconsistent with: the appearance of the individual presenting the identification; information provided by the individual; readily accessible information that is on file with the physician's practice such as a recent check. Other examples that could indicate identity theft: the individual's phone number is invalid, or associated with a pager or answering service; there's no correlation between the Social Security Number range and date of birth; the address provided is fictitious, a mail drop, or a prison; and the documents presented for identification appear forged or altered.

What is my practice required to do under the FTC Red Flag Rule?

As stated earlier, the rule's requirements are risk-based, meaning that the steps covered entities must take to address potential identity theft should be commensurate with the risks they encounter. For example, the risk of identity theft may be low for a small practice in which the patients are more familiar to the physician and staff. In that case, checking photo identification, i.e., driver's license and having a plan in place in case the physician's office is notified that the patient's identity has been misused may be sufficient.

In general, however, physicians who are creditors by the agency's definition must:

Develop and implement a written Identity Theft Prevention Program that is designed to identify, detect, respond, prevent and mitigate identity theft relevant to their practice and in the way patient accounts are established and maintained.
Periodically update the program to reflect any changes in the risks, prevention, as well as changes to business arrangements such as new billing or collection contracts.
Involve owners, board of directors, or senior management including a designated employee in the oversight, development, implementation and administration of the program.
Train staff to effectively implement the program.
Require staff to develop a report at least annually on program compliance, effectiveness of policies and procedures in addressing the risk of identity theft, service provider arrangements, significant incidents involving identity theft and management's response, and recommendations for changes to the program.
Take steps to ensure that service providers that conduct activities with patient accounts have reasonable policies and procedures designed to detect, prevent and mitigate the risk of identity theft.

What procedures should my practice consider?

When a patient makes an appointment, the patient should be instructed to bring at the time of the appointment a photo ID and health insurance card. If the photo identification does not indicate a current home address, the patient should bring utility bills or other correspondence indicating current residence. This procedure could be waived if this is an established patient. Staff should update patient information particularly if the patient has not been seen within the last six months.

What are appropriate responses to detecting Red Flags?

If a red flag is detected, the staff should document and report the incident to his/her supervisor or designated compliance officer. If the activity is determined to be fraudulent, the physician practice should consider: 1) not open a new account; 2) cancel existing account; 3) contact the affected patient; 4) contact law enforcement; 5) contact affected physician(s).

What steps should I consider if my patient claims to be a victim of identity theft?

Encourage your patient to contact law enforcement and to fill out the FTC's ID Theft Affidavit (www.ftc.gov/bcp/edu/resources/forms/affidavit.pdfhttp://www.ftc.gov/bcp/conline/pubs/credit/affidavit.pdf), or call (877) IDTHEFT. Compare the patient's documentation with personal information in the practice's records. If the patient's identity has been stolen, the practice should consider additional actions to determine whether the patient's medical records were affected and if they were, identity theft should be noted in the record. The practice also should determine if any additional files were affected and take appropriate action.

Are there penalties for non-compliance?

Physician practices may face a penalty of up to $2,500 per "knowing violation."

An article regarding the Red Flag rule and this FAQ will be published in the April 27 edition of the DO Washington Update. To download a PDF version of this FAQ document click here.

12.18.08

CSOM members can receive a bonus payment for their Medicare patients

by participating in the AOA's Clinical Assessment Program (CAP).

The AOA has added a new module to the Clinical Assessment Program which allows osteopathic physicians to qualify for a 1.5 % bonus payment from the Centers for Medicare & Medicaid Services (CMS) for the 2008 Physician Quality Reporting Initiative (PQRI). Osteopathic physicians can access this free AOA member benefit and submit patient data for 2008 through the end of February 2009.

The Centers for Medicare & Medicaid Services (CMS) selected the AOA's Clinical Assessment Program (CAP) as one of the registries qualified for its 2008 Physician Quality Reporting Initiative (PQRI) incentive payment program. A voluntary program, the PQRI offers a financial incentive to physicians who successfully report quality data related to covered services provided under the Medicare Physician Fee Schedule (PFS). A PQRI participant who reports successfully will be eligible for a lump-sum bonus payment of 1.5% of the Medicare (PFS) allowed charges for covered services provided during the reporting period. Patient data for 2008 can be submitted to CAP through the end of February 2009.

The opportunity to earn a bonus payment is available by taking part in the CAP's diabetes mellitus measure group, which contains five PQRI measures. You must report on all measures in the group that are applicable to each patient.

PQRI Measures for Diabetes Mellitus:

Hemoglobin A1c Poor Control in Type 1 or 2 Diabetes Mellitus
Low Density Lipoprotein Control in Type 1 or 2 Diabetes Mellitus
High Blood Pressure Control in Type 1 or 2 Diabetes Mellitus
Dilated Eye Exam in Diabetic Patient
Urine Screening for Micro albumin or Medical Attention for Nephropathy in Diabetic Patients

To get started, all you need to do is follow these instructions. And remember, as an AOA member, the CAP is available to you at no charge.

1. Log on to https://www.do-online.org using your AOA ID and password. Click on the Clinical Resources tab and select CAP for PQRI. On the right hand side of the next screen, select Click here to login to CAP PQRI. This will take you to the My CME Profile screen. On the drop down screen, select Physician as your profession and enter. This takes you to the Activity screen for PQRI. Enter the activity.

2. Register for the AOA-CAP for PQRI by providing your office information, Tax Identification Number, and National Provider Identifier (NPI).

3. Print out, sign and fax the attestation form from the Web site.

4. Select your time frame for reporting and the number of medical records you will abstract. This determines the total CMS allowed charges for which you will receive a 1.5% bonus.

a. Reporting all of 2008 (12 months) will require 30 consecutive charts to be abstracted and entered into the CAP Web site.
b. Reporting for the last six months of 2008 will require 15 consecutive charts to be abstracted.

5. Enter required patient information into the CAP Web site, making sure to include at least two Medicare Fee for Service patients.

6. Submit your data through the CAP Web site. All data during the reporting period(s) for 2008 must be submitted by February 28, 2009 to be eligible for the PQRI incentive payment. CMS payments for PQRI 2008 will be made by late summer in 2009.

For more information on how to use the CAP to report PQRI data, visit https://www.do-online.org/index.cfm?PageID=gov_pqrimain or contact Sharon L. McGill, MPH, Department of Quality and Research, at smcgill@osteopathic.org or (800) 621-1773, ext. 8150.