Today, a final rule issued by the Centers for Medicare & Medicaid Services (CMS) establishing new enforcement initiatives aimed at removing and excluding previously sanctioned entities from Medicare, Medicaid, and the Children’s Health Insurance Program (CHIP) goes into effect.[1] Published September 10 with a comment period that also closed today, the new rule expands CMS’s “program integrity enhancement” capabilities by introducing new revocation and denial authorities and increasing reapplication and enrollment bars as part of the Trump Administration’s efforts to reduce spending. While CMS suggests that only “bad actors” will face additional burdens from the regulation, the new policies will have significant impacts on all providers and suppliers participating in Medicare, Medicaid, and CHIP.[2]
AN OVERVIEW OF THE NEW RULE
The New “Affiliations” Revocation Authority
The new “affiliations” enforcement framework—the regulation’s most significant expansion of CMS’s revocation authority—permits CMS to revoke or deny a provider’s or supplier’s enrollment in Medicare if CMS determines an “affiliation” with a problematic entity presents undue risk of fraud, waste, or abuse. Generally to bill Medicare, providers and suppliers not only must submit an enrollment application to CMS for initial enrollment, but also must recertify enrollment, reactivate enrollment, change ownership, and to change certain information.[3] In the rule’s current form, providers or suppliers submitting an enrollment application or recertification to CMS (“applicants”) will be required to submit affiliation disclosures upon CMS’s request if the agency determines the entity likely has an affiliation with a problematic entity as described below.[4] CMS will base its request on a review of various data, including Medicare Provider Enrollment, Chain, and Ownership System data and other CMS and external databases that might indicate problematic behavior, such as patterns of improper billing.[5] Upon CMS’s request, applicants identified as having at least one affiliation with a problematic entity would be required to report any current or previous direct or indirect “affiliations” to CMS.[6]
On February 11th, blockchain advocates, digital health enthusiasts, and patients received positive news from the Center for Medicare and Medicaid Services (“CMS”) and the Office of the National Coordinator for Health Information Technology (“ONC”) regarding patient data sharing. These rules, taken together, seek to make data more liquid, which can promote patient access, continuity of care, research, collaboration across the industry and several other activities that previously faced challenges within a health care system built on data silos.
First, CMS ...
Blog Editors
Recent Updates
- CMS Issuing First Risk Adjustment Data Validation Audit Notices for PY2018 Since the RADV Final Rule
- Just Released: Telemental Health Laws – Download Our Complimentary Survey and App
- HISAA: New Legislation Would Bring Cybersecurity Requirements for HIPAA Covered Entities and Business Associates
- Post-Hurricane Flexibilities Offered by the U.S. Department of Health and Human Services Through the Centers for Medicare & Medicaid Services
- Unpacking Averages: CDRH Recognition of Consensus Standards Appears to Overlook Software