Medicare and Medicaid Programs: Reporting Outcome and Assessment Information Set Data as Part of the Conditions of Participation for Home Health Agencies, 76199-76208 [05-24389]
Download as PDF
<![CDATA[
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
interest and incorporate a statement of
the finding and the reasons for it into
the notice issued.
We find it unnecessary to undertake
notice and comment rulemaking
because this notice merely provides
technical corrections to the regulations.
Therefore, we find good cause to waive
notice and comment procedures.
(Catalog of Federal Domestic Assistance
Program No. 93.773, Medicare—Hospital
Insurance; and Program No. 93.774,
Medicare—Supplementary Medical
Insurance Program)
Dated: December 20, 2005.
Ann C. Agnew,
Executive Secretary to the Department.
[FR Doc. 05–24445 Filed 12–22–05; 8:45 am]
BILLING CODE 4120–01–P
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Centers for Medicare and Medicaid
Services
42 CFR Part 484
[CMS–3006–F]
RIN 0938–AJ10
Medicare and Medicaid Programs:
Reporting Outcome and Assessment
Information Set Data as Part of the
Conditions of Participation for Home
Health Agencies
Centers for Medicare and
Medicaid Services (CMS), HHS.
ACTION: Final rule.
AGENCY:
SUMMARY: This final rule makes
revisions in response to public
comments received on the January 25,
1999 interim final rule with comment
period (64 FR 3748). The interim final
rule requires electronic reporting of data
from the Outcome and Assessment
Information Set as a Condition of
Participation for home health agencies.
DATES: Effective Dates: This final rule is
effective on June 21, 2006.
FOR FURTHER INFORMATION CONTACT:
Rebecca Donnay (410) 786–1428,
Patricia Sevast (410) 786–8135, Steve
Miller (410) 786–6656.
SUPPLEMENTARY INFORMATION:
I. Background
erjones on PROD1PC68 with RULES
A. General Legislative Background
Home health services are furnished to
Medicare beneficiaries under the
Hospital Insurance (Part A) and
Supplemental Medical Insurance (Part
B) benefits of the Medicare program,
and are described in section 1861(m) of
the Social Security Act (the Act). These
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
services must be furnished by, or under
arrangement with, a home health agency
(HHA) that participates in the Medicare
program, and must be provided on a
visiting basis in the beneficiary’s home.
Section 1861(o) of the Act specifies
certain requirements that an HHA must
meet to participate in the Medicare
program. In particular, section
1861(o)(6) of the Act provides that an
HHA must meet the Conditions of
Participation (CoPs) specified in section
1891(a) of the Act, and any other CoPs
that we find necessary in the interest of
the health and safety of HHA patients.
Section 1861(o)(8) of the Act provides
that an HHA must meet additional
requirements that the Secretary finds
necessary for the effective and efficient
operation of the home health program.
Section 1891 of the Act sets forth
many of the conditions that HHAs must
meet to participate in the Medicare
program. Specifically, section 1891(a) of
the Act establishes requirements for
HHAs with respect to patient rights,
home health aide training and
competency, and compliance with
applicable Federal, State, and local
laws. Under section 1891 of the Act, we
are responsible for assuring that the
CoPs, and their enforcement, are
adequate to protect the health and safety
of all individuals under the care of an
HHA and to promote the effective and
efficient use of Medicare funds.
Under the authority of sections
1861(o), 1871, and 1891 of the Act, we
have established in regulations the
requirements that an HHA must meet to
participate in Medicare. These
requirements are set forth at 42 CFR part
484, Home Health Services. The CoPs
apply to an HHA as an entity and the
services furnished to all individuals
under the care of the HHA, unless a
condition is specifically limited to
Medicare beneficiaries. Existing
regulations in § 440.70(d) specify that
HHAs participating in the Medicaid
program must also meet the Medicare
CoPs.
In accordance with sections 1864 and
1891(c) of the Act, State agencies
generally conduct surveys of HHAs to
determine whether they are complying
with the CoPs. Section 1864 of the Act
authorizes the use of State agencies to
determine providers’ compliance with
the CoPs. Responsibilities of States in
ensuring compliance with the CoPs are
set forth at 42 CFR part 488, Survey,
Certification, and Enforcement
Procedures.
B. Legislation and Related Regulations
Section 1861(o) of the Act, as
amended by section 4603 of the
Balanced Budget Act of 1997 (BBA)
PO 00000
Frm 00071
Fmt 4700
Sfmt 4700
76199
(Pub. L. 105–33), enacted on August 5,
1997, requires us to establish a Home
Health Prospective Payment System
(HHPPS) for services on or after October
1, 1999. Section 5101 of the Omnibus
Consolidated and Emergency
Supplemental Appropriations Act for
1999 (OCESAA) (Pub. L. 105–277),
enacted on October 21, 1998, delayed
the implementation date of the HHPPS
until October 1, 2000.
In order to implement the prospective
payment system, it was necessary that
we have data from HHAs to develop a
reliable case-mix adjustor system.
Section 4602 of the BBA provided that,
for cost reporting periods beginning on
or after October 1, 1997, we may require
HHAs to submit additional information
that we consider necessary for the
development of a reliable case-mix
system. The Outcome and Assessment
Information Set (OASIS), the assessment
instrument developed to measure
patient health care outcomes in HHAs,
is also a vehicle through which
information is collected and used for the
case-mix system.
Thus, to facilitate the implementation
of the prospective payment system and
to gather data to be used to evaluate and
develop plans to improve outcomes of
care in HHAs, we published two
regulations in the Federal Register on
January 25, 1999. The final rule,
Comprehensive Assessment and Use of
the OASIS as Part of the Conditions of
Participation for Home Health Agencies
(64 FR 3764), requires that HHAs
complete a comprehensive assessment
for each patient, and that they
incorporate the OASIS into their current
patient assessment process. In addition,
we published an interim final rule with
comment period to require HHAs to
electronically report data from the
OASIS to the State survey agency, or
other entity designated by us (64 FR
3748).
The June 18, 1999, notice (64 FR
32984) in the Federal Register entitled
‘‘Mandatory Use, Collection, Encoding,
and Transmission of Outcome and
Assessment Information Set (OASIS) for
Home Health Agencies (HHAs)’’,
announced the effective dates for the
mandatory use, collection, encoding,
and transmission of OASIS data for all
Medicare/Medicaid patients receiving
skilled services. This notice also
described the development of a new
OASIS System of Records (SOR). We
indicated that for patients receiving
only personal care services, regardless
of payer source, requirements for OASIS
and the transmission of those data
would be delayed until further notice.
In addition, the notice announced that
for non-Medicare/non-Medicaid
E:\FR\FM\23DER1.SGM
23DER1
erjones on PROD1PC68 with RULES
76200
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
patients receiving skilled services, there
would be no encoding and transmission
of OASIS data until further notice.
Until recently, HHAs were required
by § 484.55 to perform a comprehensive
assessment on non-Medicare/nonMedicaid patients receiving skilled
services using OASIS even though they
were not required to encode and
transmit OASIS data collected on these
patients. Section 704 of the Medicare
Prescription Drug, Improvement, and
Modernization Act of 2003 (MMA),
enacted on December 8, 2003 (Pub. L.
108–173), however, temporarily
suspended the collection of OASIS data
on an HHA’s non-Medicare/nonMedicaid patients required by § 484.55
until we reported to the Congress how
OASIS information on non-Medicare/
non-Medicaid patients was and could be
used by large HHAs, including the value
of collecting OASIS information by
small HHAs compared to the
administrative burden. We are also
required by the MMA to publish final
regulations regarding the collection and
use of OASIS information. On December
11, 2003, we issued a survey and
certification memorandum (S&C–04–12)
instructing State survey agencies (SAs)
that: (1) Effective December 8, 2003, and
until further notice, SAs must not cite
any deficiency for an HHA’s failure to
include the OASIS data set as part of the
patient-specific, comprehensive
assessment for non-Medicare/nonMedicaid patients otherwise required by
§ 484.55; and (2) any pending survey
findings related to an HHA’s omission
to collect OASIS data on non-Medicare/
non-Medicaid patients will be
suspended.
After the January 25, 1999, and June
18, 1999, Federal Register publications,
we expected that HHAs would
incorporate the OASIS data set into
their own agency assessment process,
and that all patients receiving skilled
services from Medicare-approved HHAs
would be assessed at certain times,
incorporating the specified OASIS data
items. HHAs would encode and
transmit OASIS data to the State agency,
and HHAs would use the validation
feedback reports, data management
system reports, the Outcome-based
Quality Monitoring (OBQM) reports,
and the Outcome-based Quality
Improvement (OBQI) reports generated
by the State for agency improvement.
Since the effective date of the OASIS
requirements, HHAs nationwide have
been actively working to meet these
goals. State OASIS Educational
Coordinators (OECs) report that most
HHAs have successfully incorporated
the OASIS data set into their own
agency assessment process and have
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
trained their own staff in implementing
OASIS. HHAs are assessing Medicare
and Medicaid patients receiving skilled
care, and are encoding and transmitting
these assessments to the State agency. In
most cases, HHAs are using the OASIS
State system feedback reports to
improve data collection and submission.
Most clinicians and other agency staff
have developed skills for tasks
associated with OASIS data collection,
data entry, and transmission. By using
the many resources we have made
available to providers (for example,
State-sponsored training, Home
Assessment Validation Entry (HAVEN),
telephone and e-mail help lines,
comprehensive User’s Manuals, and the
CMS OASIS Web page) agencies have,
for the most part, successfully
implemented OASIS.
An analysis of OASIS data in the CMS
national repository shows that nearly all
of the HHAs expected to submit OASIS
data have done so. Over 56.4 million
assessments have been submitted by
HHAs from every State since August
1999. Currently, the State survey and
certification agencies are contacting
HHAs that have not submitted OASIS
data and are initiating standard
monitoring and enforcement
procedures.
Over the next several years, home
health agencies are encouraged to take
steps toward the adoption of electronic
medical records (EMRs) that will allow
for reporting of clinical quality data
from the electronic record directly to a
CMS data repository. CMS intends to
begin working toward creating measures
specifications and a system or
mechanism, or both, that will accept the
data directly. The Department is
presently working cooperatively with
other Federal agencies in the
development of Federal health
architecture data standards. CMS
encourages home health agencies that
are developing systems to conform them
to both industry standards and any
Federal health architecture data
standards, and to ensure that they
would capture the data necessary for
quality health measures. Ideally, such
systems will also provide point-of-care
decision support that enables high
levels of performance on the measures.
Home health agencies using EMRs to
produce data on quality measures will
be held to the same performance
expectations as home health agencies
not using EMRs. We are exploring
requirements for the submission of
electronically produced data and other
options to encourage the submission of
such data.
PO 00000
Frm 00072
Fmt 4700
Sfmt 4700
II. Provisions of the Interim Final Rule
With Comment Period and Discussion
of Public Comments
In the January 25, 1999, interim final
rule with comment period (64 FR 3749),
we generally mandated that all HHAs
participating in Medicare and Medicaid
(including managed care organizations
providing home health services to
Medicare and Medicaid beneficiaries)
report their OASIS data to the database
we established within each State via
electronic transmission. The interim
final rule required State agencies and
the CMS OASIS contractors to maintain
OASIS databases according to our
specifications. To ensure confidentiality
of individual patient-identifiable data
collected for OASIS databases, we set
forth requirements for State agencies,
CMS OASIS contractors, and HHAs
regarding the release of this information.
We received approximately 200 public
comments on the interim final rule (64
FR 3748), which we address below.
A. Section 484.11, Condition of
Participation: Release of PatientIdentifiable OASIS Information
At § 484.11, Condition of
Participation: Release of PatientIdentifiable OASIS Information, we
require that the HHA, or an agent acting
on behalf of the HHA, ensure the
confidentiality of all patient-identifiable
information contained in the clinical
record and may not release patientidentifiable OASIS information to the
public. We also specify that an agent
acting on behalf of the HHA, in
accordance with a written contract
between the HHA and the agent, may
not use or disclose the information. The
agent may use or disclose data only to
the extent that the HHA itself is
permitted to do so.
Comment: Many commenters were
concerned about the confidential nature
of OASIS data that are transmitted and
questioned how we will ensure the
protection of collected and reported
patient-identifiable information.
Response: Confidentiality of medical
information is not a new requirement.
Health information, by its very nature is
sensitive and private. Because the
privacy of patient-identifiable
information is one of our major
priorities we have taken exhaustive
steps to ensure the privacy of this
information by making the provision a
condition of participation to emphasize
its seriousness. We endeavor to ensure
that access to an agency’s OASIS data
(hard copy or electronic data) is
adequately controlled by the HHA.
Under this requirement, the HHA must
ensure the confidentiality of all patient-
E:\FR\FM\23DER1.SGM
23DER1
erjones on PROD1PC68 with RULES
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
identifiable OASIS information
contained in the clinical records, and
may not release it for any reason other
than for its intended purpose in
conducting the business of the agency.
As with any other medical information
maintained by the agency, HHAs must
have policies and procedures governing
the confidentiality of OASIS data. In
addition, we note that HHAs that are
covered entities must comply with the
requirements of the Privacy and
Security Rules issued under the Health
Insurance Portability and
Accountability Act of 1996 (HIPPA).
Ensuring confidentiality of OASIS
data includes mechanisms such as
having policies and procedures for
assigning and maintaining passwords—
that must be kept secure—for access to
HAVEN and for transmitting OASIS
data to the State agency. This CoP also
allows HHAs to choose to encode and
transmit OASIS data to the State agency
itself, or to contract with an outside
entity (agent or vendor) to fulfill these
requirements. Experience indicates that
there are a number of secure methods
that can be used to send OASIS data to
vendors. Some examples of secure
methods are to use a courier service, the
United States Postal Service, or fax.
However, use of fax transmissions must
comply with section 2202.16 of the
State Operations Manual, which
provides guidelines for fax transmission
of OASIS data.
Agents or vendors acting on behalf of
the HHA, such as a data entry and
submission vendor, are bound by the
same confidentiality rules as the HHA.
OASIS data must be used only as a
matter of agency business. As such, a
written contract must be in place that,
among other things, defines the nature
of agency business with regard to OASIS
data. Violations that compromise data
confidentiality by an entity that is
contracted with the HHA are the
responsibility of the HHA, and will
constitute a condition-level finding of
non-compliance.
Once the HHA data reach the State
agency, there are additional safeguards
in place to protect the confidentiality of
the OASIS data. The HHA OASIS
system is designed to conform to
applicable law and policy governing the
privacy and security of Federal
automated information systems. These
include, but are not limited to: The
Privacy Act of 1974, Computer Security
Act of 1987, the Paperwork Reduction
Act of 1995, the Health Insurance
Portability and Accountability Act of
1996 (HIPAA), the Clinger-Cohen Act of
1996, the Federal Information Security
Management Act of 2002, the
Department’s Privacy and Security
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
Rules, and OMB Circular A–130
(revised), Appendix III, ‘‘Security of
Federal Automated Information
Resources.’’ We have prepared a
comprehensive system security plan as
required by the OMB Circular. This plan
conforms fully to guidance issued by the
National Institute for Standards and
Technology (NIST) in NIST Special
Publication 800–18, ‘‘Guide for
Developing Security Plans for
Information Technology Systems.’’
Some of the specific methods that we
are using to ensure the security of the
HHA OASIS system and the information
within it are described below.
We have safeguards for authorized
users and monitors these users to ensure
against excessive or unauthorized use.
Personnel having access to the system
have been trained in the Privacy Act
and systems security requirements.
Employees who maintain records in the
system are instructed not to release any
data until the intended recipient agrees
to implement appropriate
administrative, technical, procedural,
and physical safeguards sufficient to
protect the confidentiality of the data
and to prevent unauthorized access to
the data.
In addition, we have physical
safeguards in place to reduce the
exposure of computer records and, thus,
achieve an optimum level of protection
and security for the HHA OASIS system.
For computerized records, we have
established safeguards in accordance
with HHS standards and NIST
guidelines; for example, security codes
will be used, permitting access to
authorized personnel exclusively.
System security procedures are
established in accordance with HHS,
Information Resource Management
Circular #10, HHS Information Systems
Security Program Policy of December
15, 2004; CMS Information Systems
Security Policy, Standards and
Guidelines; and OMB Circular No. A–
130 (revised) Appendix III.
Comment: One commenter was
particularly concerned about patients’
social security numbers. The commenter
stated that social security numbers
should not be used as an identifier for
medical records stored by the
government. Other commenters were
concerned about reporting information
collected from the OASIS that pertains
to a patient’s psychological profile and
lifestyle.
Response: We have endeavored to put
many physical, technical, and
procedural safeguards in place to
protect health information. Only those
individuals with a legitimate need for
this information will be allowed to have
access. States and HHAs must take
PO 00000
Frm 00073
Fmt 4700
Sfmt 4700
76201
similar precautions. The transmission of
all identifiable health information will
be secure at all times if it is transmitted
according to the requirements outlined
in this final rule, which strictly controls
access to prevent any unauthorized use.
In addition, health information
(including OASIS) is encoded and
transmitted from providers to State
agencies over closed loop telephone
lines. In July 2000, in response to
industry concerns, we made available
the Medicare data communication
network (MDCN) communications link
from each HHA to its respective State
health agency to allow the HHAs to
submit OASIS data and retrieve reports.
The MDCN, both hardware and
software, allows direct dial-up access to
the State agency by each registered
MDCN user in each HHA. This
supersedes use of the current dial-up
connection process, which previously
was the only way HHAs could submit
OASIS data and retrieve reports. This
new system allows each HHA to control
all aspects of encoding, submitting, and
receiving reports according to its policy
and promotes a higher level of personal
security with individual user IDs. There
will be no additional cost to the HHA
for the use of this dial-up service.
Multiple users in an agency will be able
to access the State agency with
individual MDCN user IDs. In order to
verify that the person trying to access
the information is authorized, several
safeguards are in place. For example, in
the OASIS State system, a person must
enter a user ID and password at three
different checkpoints before access is
permitted. There is no ‘‘back door’’ into
the system that would allow
unauthorized or illegal access.
Comment: A few commenters
suggested that we eliminate OASIS
questions that solicit sensitive financial
information on patients, and remove the
requirement for information to be
reported to CMS.
Response: We believe commenters
were referring to OASIS item M0160,
‘‘Financial Factors.’’ We have never
required the collection or transmission
of OASIS item M0160. In addition, we
established a Regulations Reform
Advisory Committee to further reduce
regulatory burden. As a result of earlier
recommendations from that committee,
we have eliminated this item from the
OASIS instrument. In addition to the
OASIS item related to financial factors,
we have also eliminated the following
items from the OASIS instrument:
M0310, ‘‘Structural Barriers’; M0320,
‘‘Safety Hazards’; M0330, ‘‘Sanitation
Hazards’; and M0600, ‘‘Patient
Behaviors.’’ Earlier versions of HAVEN
(5.0 and earlier) currently allow
E:\FR\FM\23DER1.SGM
23DER1
76202
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
encoding of these items for HHA use,
but will automatically prevent
transmission at the source. As part of
the assessment process, HHAs may
continue to collect the information.
However, if HHAs transmit the
information, it will not be stored in the
State’s system.
erjones on PROD1PC68 with RULES
B. Section 484.20, Condition of
Participation: Reporting OASIS
Information
In § 484.20, Condition of
Participation: Reporting OASIS
Information, we require HHAs to report
to CMS OASIS data collected on all
patients. This requirement applies to all
patients except prepartum and
postpartum patients, patients under the
age of 18, patients not receiving skilled
health care services, and non-Medicare/
non-Medicaid patients. As stated above,
on June 18, 1999, we published a notice
(64 FR 32984) that delayed the
applicability of the collection
requirements to patients receiving only
personal care services and delayed the
requirement to encode and report
collected OASIS data on non-Medicare/
non-Medicaid patients until further
notice. Currently, the policy to delay the
applicability of the collection
requirements to patients receiving only
personal care services and to delay the
requirement to encode and report
collected OASIS data on non-Medicare/
non-Medicaid patients remains in effect.
There is also a temporary suspension on
the collection of OASIS data on nonMedicare/non-Medicaid patients
effective December 8, 2003, under
section 704 of the Medicare Prescription
Drug, Improvement and Modernization
Act of 2003 (Pub L. 108–173) (MMA).
General Comments on Reporting OASIS
Data
We received several comments in
support of our efforts to collect and
report OASIS data for the purpose of
tracking the quality of patient outcomes.
Comment: One commenter stated that
many nurses, because of the substantial
demands of their jobs, have not been
able to devote sufficient time to
assessing a patient’s health care needs,
compromising the quality of the care
provided. The commenter believes that
OASIS enables nurses to more
thoroughly assess their patients’ needs.
The commenter also stated that OASIS
is ‘‘the best thing created by CMS.’’ The
commenter also noted that OASIS data
could indicate that some patients
actually need home care and may also
reveal abuses of the Medicare program.
Response: We appreciate the positive
comment. In addition to using OASIS to
develop the HHPPS, in the quality
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
measurement and improvement system,
and in the Survey and Certification
program, we plan to use OASIS to
support our program integrity efforts as
we administer the Medicare program.
Comment: Several commenters
supported the principle of having HHAs
collect and report OASIS data for
quality outcome measurement and
stated that they were looking forward to
using the data. Commenters believed
that OASIS would have positive results
in identifying standards of care
industry-wide, in addition to offering
State-specific information concerning
the care patients received. Other
commenters stated that the industry has
many questions regarding OASIS and its
use and asked that we continue to
provide clear and precise guidelines for
OASIS reporting requirements.
Response: We appreciate the
endorsement and support for OASIS,
and we believe that OASIS data will
assist HHAs in improving the quality of
their services. We recognize that
agencies may continue to require
guidance on collecting and reporting
OASIS information. Therefore, we will
continue to provide guidance and
updated information to HHAs via statesponsored training, telephone, and email help lines and by posting relevant
information on our Web site.
Comment: One commenter
acknowledged the usefulness of OASIS
outcome data for both HHAs and CMS
but questioned the connection between
CMS obtaining data and translating
those data into useable information to
improve care.
Response: We appreciate the
supportive comments. Since April 1999,
HHAs have collected, encoded, and
reported OASIS information. The
reports generated from the information
are outcome-based and used for quality
improvement. For some time, these
Outcome Based Quality Improvement
and Outcome Based Quality Monitoring
(OBQI/OBQM) reports have been used
for comparative analyses. These reports
are shared with HHAs for use in their
quality monitoring and improvement
activities.
For example, through a contract with
the Center for Health Services Research,
University of Colorado, we
implemented the Medicare Home
Health Quality Assurance (MEQA)
demonstration to determine the
feasibility of, and establish the
methodology for, implementing OBQI
programs in HHAs. Under the
demonstration, 50 HHAs nationwide
collected OASIS data at regular intervals
for all adult patients. We computed
outcome measures using OASIS data
and provided risk-adjusted outcome
PO 00000
Frm 00074
Fmt 4700
Sfmt 4700
reports for specific patient conditions
(focused reports) and for all adult
patients (global reports). We provided
instruction to HHAs in using outcome
reports to target areas for improvement
or reinforcement. We implemented and
monitored a plan of action for
behavioral change while using yearly
outcome reports to determine if targeted
outcomes improved. Data from the
reports during the MEQA demonstration
indicate that there has been a 25 percent
rate of reduction in hospitalizations
over the length of the demonstration
and 80 percent of participating HHAs
experienced a significant improvement
in targeted outcomes.
In the Home Health Outcome Based
Quality Improvement (HH–OBQI)
System Pilot Project, five Quality
Improvement Organizations (QIOs)
found similar levels of improvement in
targeted outcomes to those levels
experienced in the MEQA
demonstration. The pilot project tasked
QIOs in five States (Maryland,
Michigan, New York, Rhode Island, and
Virginia) with helping HHAs
nationwide to identify opportunities to
use the quality reports for improvement
of home health quality of care for
Medicare beneficiaries. These five QIOs
serve as a coordinating body to oversee
the establishment of a national HH
OBQI System for home health care. The
five QIOs, using OASIS outcome reports
and their own analysis of OASIS data,
the five QIOs distribute information and
guidance to all other QIOs participating
in the HH OBQI System. The other
QIOs, in turn, provide education,
consultation, and other technical
assistance to HHAs in developing and
managing outcome-based, continuous
quality improvement programs.
Comment: Several commenters stated
that OASIS should only be used for
Medicare patients, so as not to destroy
its usefulness for the HHPPS.
Commenters were concerned that the
quality of OASIS data would be
adversely affected if collected and
reported on patients from such diverse
programs as Medicare, Medicaid,
Medicaid waiver patients, and nonMedicare/non-Medicaid patients.
Several commenters specifically
stated that OASIS should be reevaluated for Medicaid patients,
patients under Medicaid Home and
Community-Based Waiver programs,
and patients receiving ‘‘personal-careonly’’ services. One commenter stated
the belief that the OASIS demonstration
projects did not include patients
receiving personal-care-only services. A
few commenters suggested that we limit
OASIS reporting to only a core set of
E:\FR\FM\23DER1.SGM
23DER1
erjones on PROD1PC68 with RULES
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
data elements needed for the
development of the HHPPS.
Response: We received many
comments regarding the application of
OASIS to HHA populations. Collecting
OASIS data on all patients for quality
and assessment purposes does not affect
the integrity of the HHPPS. Limiting
reported OASIS data only to items
under consideration for HHPPS will
harm the integrity and risk adjustment
of quality indicators (as discussed in the
July 3, 2000 final rule for HHPPS) and
eliminate the ability to evaluate the
effects of HHPPS on quality or to
improve HHPPS over time.
With regard to the quality of OASIS
data, the intent of OASIS is to ensure
that HHA patients are receiving quality
care. However, we recognize the
assessment needs for patients requiring
personal-care-only services may be
different than for patients who require
skilled services, such as nursing and
rehabilitative therapy. To address these
concerns and further research the
issues, we have delayed the requirement
for agencies to use OASIS for the
personal-care-only population until
further notice. We published the notice
of the delay (64 FR 32984) on June 18,
1999. We are continuing this delay until
we determine an appropriate balance
between the advantages of collecting
OASIS data from this population of
patients and the reported burdens on
providers.
In addition, MMA, which was enacted
on December 8, 2003, temporarily
suspends the collection of OASIS data
on an HHA’s non-Medicare/nonMedicaid patients until further notice.
HHAs may continue to incorporate
OASIS items into their patient-specific,
comprehensive assessment of nonMedicare/non-Medicaid patients for
their own use but are no longer required
to do so.
The inclusion of Medicaid waiver
patients in the collection and reporting
of OASIS data is a decision that may be
made by individual States. Medicareapproved HHAs must report OASIS data
for all other patients (that is, other than
the previously discussed exceptions,
and those for whom collection is
delayed). The requirements governing
who may provide services under waiver
programs are left to each state’s
discretion. We do not require Medicaid
waiver patients to be served by
Medicare-approved HHAs, and States
may choose providers that do not meet
Medicare requirements (including the
collection and reporting of OASIS data)
to furnish services to individuals in
State waiver programs.
Comment: Many commenters asked
that we clarify our policy concerning a
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
patient’s refusal to answer a question.
Commenters were concerned that
agencies would be penalized if a patient
refused to answer an OASIS question
and stated that because of the patient’s
refusal, there would be no OASIS
information to be reported to us.
Response: There is no Federal
requirement that an HHA deny services
to a home health patient if the patient
refuses to allow clinicians to conduct a
comprehensive assessment, refuses to
answer any question during the
comprehensive assessment, or refuses to
allow the release of any information
from the comprehensive assessment to
us. However, for Medicare and
Medicaid patients, the collection and
transmission of OASIS data is required
to meet the home health CoPs and for
payment.
Doctors, nurses, and therapists are
trained to do assessments of their
patients as part of their routine care
whether the patient is cooperative or
not. Patient assessments are critical for
providers to know if patients’ needs are
being met or if their health conditions
are improving. It is important to
understand that HHAs will continue to
perform comprehensive assessments of
their uncooperative clients. OASIS is a
standardized data format for nurses and
other home health professionals for
assessing patients’ needs, developing
the appropriate plan of care, assessing
that care over the course of treatment,
and learning how to improve the quality
of care over time. While patients may
refuse to answer a direct question (or
indeed, may provide an inaccurate or a
misleading response), clinicians are
taught to assess patients to the best of
their ability. However, State surveyors
are obligated to assess the HHA’s
performance of its data collection
responsibilities. If an agency has an
unusually high rate of patients refusing
to answer assessment questions, it may
warrant a review of the process the HHA
is using to conduct assessments.
An HHA will have the opportunity to
respond to any deficiencies cited by the
surveyor in the HHA’s plan of
correction. CMS and its agents (State
survey agencies) expect HHAs to
comply with these regulations and will
work with agencies to achieve
compliance. We expect agencies to
make a good faith effort to use OASIS.
During initial implementation, which
lasted until the end of 1999, we did not
cite deficiencies unless an HHA was
doing nothing to comply with the
OASIS collection and reporting
requirements. Beginning in 2000, we
shifted from a more ‘‘global’’ approach
of determining overall compliance to a
more specific consideration of each
PO 00000
Frm 00075
Fmt 4700
Sfmt 4700
76203
requirement. Now each OASIS
requirement is reviewed for compliance
exactly as it is written, in the same
manner as all other existing home
health requirements. We took this action
because proper OASIS data collection
and reporting has payment and quality
implications.
1. Section 484.20(a), Standard: Encoding
and Transmitting OASIS Data
We have revised § 484.20(a) to require
HHAs to encode and electronically
transmit to the State agency or CMS
OASIS contractor accurate and complete
OASIS data for each applicable agency
patient within 30 calendar days from
the date the assessment was completed
(that is, the date entered at OASIS item
M0090). We have removed the ‘‘lock’’
requirement that appeared at
§ 484.20(c)(1) to allow HHAs the option
of making corrections to OASIS data at
any time without edit warnings. Since
HHAs will now be able to make
corrections to transmitted OASIS data at
any time, we determined that there is no
compelling reason to require HHAs to
encode OASIS data within a specific
timeframe. Therefore, we are no longer
requiring HHAs to encode OASIS data
within 7 days of completing an OASIS
data set. Instead, HHAs will have 30
calendar days from the date the
assessment was completed to both
encode and transmit completed OASIS
data to the State agency or CMS OASIS
contractor. In other words, once the
qualified clinical staff member has
collected the OASIS data set at the time
specified in § 484.55, HHAs may take up
to 30 calendar days after collection to:
(1) Enter it into their computer systems
using the Home Assessment Validation
Entry (HAVEN) software or the vendor
software meeting our data submission
specifications; (2) electronically
transmit the accurate, complete, and
encoded data to the State agency or
CMS OASIS contractor; and (3) establish
HHA policy which will be in
compliance with the instructions within
the OASIS Implementation Manual
Chapter 1, page 1.4, which require that
HHAs develop ‘‘policies and procedures
establishing the necessary data entry
and transmission mechanisms and, very
importantly, develop and maintain
appropriate data quality monitoring
activities.’’
The changes in § 484.20(a) do not
alter the need for HHAs to ensure that
the data items on the patients clinical
record match the encoded data that are
sent to the State (see OASIS
Implementation Manual, Chapter 12,
pages 12.1 and 12.2). HHAs must also
continue to conduct data quality audits
on a routine basis as outlined in the
E:\FR\FM\23DER1.SGM
23DER1
76204
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
erjones on PROD1PC68 with RULES
OASIS Implementation Manual, Chapter
12, pages 12.1 and 12.2.
Currently, OBQI/OBQM reports are
available 2 months after submission of
completed assessments. However, many
HHAs are requesting that the OBQI/
OBQM reports be more timely. Now that
we are requiring HHAs to both encode
and transmit completed OASIS data
within 30 calendar days, we expect the
reports to be available 30 days sooner.
Currently, 50 percent of the HHAs
transmit OASIS assessments by the 16th
day after completion, and the majority
of HHAs (75 percent) transmit
assessments by the 30th day after
completion. HHAs must continue to
comply at all times with requirements
for safeguarding the confidentiality of
patient-identifiable information.
Comment: Several commenters were
concerned about the resources required
to encode and transmit OASIS data. One
commenter stated that the increased
time to complete data entry adds to
difficulties in meeting the 7-day
encoding requirement. Another
commenter suggested that the
requirement be extended to 14 days,
especially for rural providers.
Response: After reviewing comments,
we agree with commenters’ concerns
about the 7-day time frame for encoding.
Therefore, we will allow HHAs 30
calendar days after the assessment is
completed to encode and transmit
OASIS data items. We have revised this
timeframe based on industry concerns
and the need to confirm the accuracy of
their data. We believe this revised
timeframe will be less burdensome for
HHAs. These 30 calendar days are in
addition to the time frames currently
allowed for collection of the OASIS
items set forth at § 484.55. We are
providing the revised timeframe of 30
calendar days for agencies to encode
their OASIS data, resolve any
outstanding data collection issues, and
transmit the accurate and completed
OASIS data. We assigned time frames
that we believe best represent a balance
between efficient, timely data collection
and entry, and the burden placed on the
HHA. As this process evolves, we will
continue to explore techniques to make
the reporting process as efficient as
possible.
2. Section 484.20(b), Standard:
Accuracy of Encoded OASIS Data
Section 484.20(b) requires that the
encoded OASIS data accurately reflect
the patient’s status at the time of the
assessment. Before transmission, the
HHA must ensure that data items on its
own collection record match the
encoded data that are sent to the State.
We expect HHAs to devise a method to
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
track this process that includes
comparison of data collected at the time
of the assessment to data entered after
the initial assessment. We expect
agencies to use their validation reports
to confirm proper data submission or to
identify areas for improving data
submission.
Comment: Several commenters
expressed concern that we did not
include time spent calling the
professionals responsible for the
assessment to obtain clarification of
assessment data if there are errors found
during encoding in our estimate of the
costs associated with OASIS reporting.
Commenters also stated that a registered
nurse or other full-time employee would
need to manage the paper work and
computerization of OASIS.
Response: We agree with commenters
that HHAs may need to designate a staff
person to coordinate the OASIS data
collection and reporting systems. The
burden estimate took this into account
in the January 25, 1999 final rule (64 FR
3748). Some agencies may be able to
assign these duties to current staff,
while others may decide they need to
hire additional personnel, at the HHA’s
discretion. This person could have a
clinical or computer background.
3. Section 484.20(c), Standard:
Transmittal of OASIS Data
In existing § 484.20(c)(1), we required
HHAs to electronically transmit to the
State agency or CMS OASIS contractor
accurate, completed, encoded, and
locked OASIS data for each applicable
patient at least monthly. Now that we
are combining the requirement to
electronically transmit OASIS data with
the requirement to encode OASIS data
in § 484.20(a) and removing the ‘‘lock’’
requirement, we have removed existing
§ 484.20(c)(1) and redesignated
§ 484.20(c)(2) through § 484.20(c)(4) as
§ 484.20(c)(1) through § 484.20(c)(3),
respectively.
Newly designated § 484.20(c)(1)
requires HHAs to transmit the OASIS
data in a format that meets the data
format standard specified at § 484.20(d).
Newly designated § 484.20(c)(2) requires
HHAs to transmit successfully test data
to the State agency or CMS OASIS
contractor. Newly designated
§ 484.20(c)(3) requires HHAs to transmit
data using electronic communications
protocols as directed by us. As of July
1, 2000, those HHAs that are required to
submit OASIS data for submission and
interim reports must do so via the
MDCN, which replaces the previous
dial-up connection for submission and
interim reports. In January 2004, we
started requiring HHAs to use a CMSassigned branch identification number
PO 00000
Frm 00076
Fmt 4700
Sfmt 4700
(where applicable) to identify branchspecific OASIS assessment information
in a uniform fashion nationwide. This
process is described below.
During the development stage of
OASIS implementation, the National
Association for Home Care (NAHC),
engaged in a series of teleconferences
with its member HHAs to solicit
suggestions about OASIS data entry
software. HHAs proposed that the
outcome reports be made available at
the branch level, rather than limited to
data that represent the agency as a
whole. NAHC transmitted its concerns
to us, and, in response, we agreed to
create a field in the HAVEN data entry
software to allow HHAs to enter a selfdefined number that identifies the
assessment information sent to the State
agency by a branch office.
An analysis of OASIS data submitted
by HHAs to State agencies nationwide,
from the period July 1999 to January
2000, shows that 1.8 million of the 4
million assessments submitted included
identifying information for branches.
We were encouraged that so many
HHAs wanted to identify assessment
information submitted by their
branches. Subsequently, we determined
that assignment of unique branch
identification numbers would facilitate
HHAs’ ability to receive outcome
reports specific to their branches.
Providing HHAs with the outcome
reports specific to their branches will
help both the State agency and HHAs to
monitor the quality of care being
furnished to branch patients. The State
agency, after reviewing the specific
branch outcome reports, will be better
able to target scarce survey resources
when conducting HHA surveys. Branchspecific information will also allow the
parent HHA to use its own objective
performance criteria to assess and
improve patient services, outcomes, and
satisfaction at the branch level.
As a result of input from the home
health industry, we revised the OASIS
data set to accommodate branch
identifications. The new items
developed are: (M0014) Branch State
and (M0016) Branch ID. The State in
which the branch is located is the twoletter postal service abbreviation where
the agency branch is located. For the
Branch ID, rather than continuing to
allow HHAs to enter a self-defined
number that identifies the assessment
information that the branch sent to the
State agency, we have standardized the
identification numbering system for
HHA branches to ensure that these
assessments will be linked to the proper
branch. This national numbering system
links each branch number to the parent
HHA provider number by numbering
E:\FR\FM\23DER1.SGM
23DER1
erjones on PROD1PC68 with RULES
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
each branch with the same Federally
assigned provider number as the parent
with two modifications. There is a ‘‘Q’’
between the State code and four-digit
provider designation plus three more
digits for a 10-character branch
identifier. The last three digits allows us
to assign up to 999 branches to one
parent HHA with branch identification
numbers being used only once. If an
HHA branch closes, we will terminate
its unique branch identification number
and will not re-use it to identify another
branch of that HHA or subunit. For
example, an HHA in a state has three
branches. The parent agency’s Medicare
provider number is 017001. The
branches are assigned the branch
identification numbers 01Q7001001,
01Q7001002, and 01Q7001003. We have
made a corresponding revision to the
regulation text by adding a new
paragraph § 484.20(c)(4).
On the OASIS B–1 (10/1998) data set,
which we used to implement OASIS
data collection and reporting initially,
the fields ‘‘Branch State’’ and ‘‘Branch
ID’’ are optional. On the December 2002
version of the OASIS B–1 data set,
which is being used for OASIS
collection and reporting as of January 1,
2004, ‘‘Branch ID’’ is required for
submission of all assessment records
completed by a branch. We expect HHA
branches to place their CMS-assigned
branch identification number on each
OASIS assessment at M0016, and
subsequently encode and transmit the
assessment to the State agency. We have
added the requirement to include
branch identification numbers in
§ 484.20(c)(4).
Comment: One commenter was
concerned that HHA branch offices are
not allowed to transmit their own
OASIS data to the State. The commenter
stated that the interim final rule is silent
regarding this policy, but according to
our Web site, branch offices are required
to deliver OASIS assessment data to the
parent for transmission to the State
agency. The commenter stated that this
practice would generate mistakes, thus
compromising OASIS data. The
commenter suggested that HHA branch
offices be allowed to transmit their own
OASIS data via a dial-up connection to
the State agency using the same OASIS
ID code and password as the parent
agency.
Response: The HAVEN data entry
software was originally designed for
single submission by the parent HHA
for security reasons. The State survey
agency assigned one specific user
identification and password to each
parent HHA in the State. Moreover, the
previous data management program
could not accommodate separate user
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
identification numbers and passwords
to all existing HHA branches. Based on
industry concerns, and in response to
their needs to permit submission by
branches, we installed in each HHA, a
communication link to the State agency
for submission of OASIS and the
retrieval of reports. The MDCN was
installed in all HHAs in July 2000, to
allow direct dial-up access to the State
agency by each registered MDCN user in
each HHA. This was a change to the
previous system, which allowed the
dial-up connection to be used only for
submission of OASIS data and retrieval
of reports. There was no additional
charge to the HHA for the use of this
MDCN dial-up service. Multiple users in
an agency, including branch users, are
now able to access the State agency with
individual MDCN user IDs. This system
allows the branch to control all aspects
of encoding, submission, and receiving
reports, according to the parent HHA
policy, and promotes a higher level of
personal security with the assignment of
individual user IDs.
We have begun to assign
identification numbers to every existing
branch of a parent HHA and subunit.
The identification system has been
implemented nationally and uniquely
identifies every branch of every HHA
certified to participate in the Medicare
home health program. It also links the
parent to the branch. Having a system to
identify branches gives us the capability
of associating survey results with
individual HHA branches. Also, by
including the branch identification
number on OASIS assessments, we will
have the capability of developing
outcome reports that will help HHAs
differentiate and monitor the quality of
care delivered by their agencies down to
the HHA branch level.
4. Section 484.20(d), Standard: Data
Format
At § 484.20(d), we specify that HHAs
must encode and transmit data using the
software available from CMS or software
that conforms to CMS standard
electronic record layout, edit
specifications, and data dictionaries and
includes OASIS data items specified in
§ 484.55(e). To meet the data format
requirements, HHAs may use the
HAVEN software developed by CMS, or
use other vendors’ software if it
conforms to our standardized electronic
record formats, edit specifications, data
dictionaries, and can pass [CMSdefined] standardized edits. The
HAVEN software is made available to all
HHAs free of charge, either via
download from the Internet or by
requesting a compact disc (CD).
Agencies can call the HAVEN help line
PO 00000
Frm 00077
Fmt 4700
Sfmt 4700
76205
at 1–877–201–4721 to order a HAVEN
CD and/or to ask any other HAVENrelated questions they may have.
The required OASIS data set is
available at all times on our Web site
located at https://www.cms.hhs.gov/
oasis. HHAs may access the Web site
and download the required OASIS data
set for each data collection time point.
HHAs may also obtain hard copies of
the OASIS data set from the National
Technical Information Service (NTIS) at
1–800–553–6847.
Comment: Several commenters stated
that the HAVEN computer screen is
extremely slow and that HHA staff
spend time waiting for screen response.
The commenter believes that the
slowness of the software directly relates
to an increase in agency cost. One
commenter stated that while HAVEN is
free, it does not meet the needs of every
agency, nor can every agency access the
Internet. This commenter also stated
that some agencies are opting to scan
the hard copy assessments, because it is
more cost effective. However, the
commenter stated that HAVEN does not
allow for scanning. One commenter
stated that their agency convened a
taskforce to prepare for OASIS. The
taskforce recommended that the agency
not use CMS HAVEN software because
the software did not have the ability to
track outcomes internally.
Response: HAVEN is a tool designed
solely for entering, creating, and
maintaining OASIS data files for
transmission to the State survey agency.
HAVEN is not a tool for developing
outcome reports. Rather, the files
created by HAVEN are part of the
process that we use to develop these
reports. Outcome reports will be
available to all agencies, free of charge.
HHAs can electronically access the
OBQI/OBQM reports in a manner
similar to the submission process.
While HAVEN will operate on older
systems, we continue to recommend
that agencies use a computer system
compatible with the current industry
standard. We have always cautioned
that HAVEN may not perform as well on
older computer systems as it would if
run on a newer or more powerful
system. Finally, some of the slowness
may be due to multiple simultaneous
users. Newer versions of HAVEN are
released to accommodate multiple
simultaneous use. Although we provide
HAVEN as a tool to assist agencies in
complying with the requirements,
agencies may use vendors’ products or
develop software that meets their own
unique needs in addition to meeting
OASIS regulatory requirements. Vendor
products, however, must meet our
E:\FR\FM\23DER1.SGM
23DER1
76206
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
erjones on PROD1PC68 with RULES
minimum data, format, and
transmission specifications.
Comment: One commenter suggested
the need to enter the same data multiple
times was a flaw in the software that
could be reduced if HHAs allowed
software vendors to interface, or to map
data entry so that one entry would
satisfy both data sets.
Response: We believe the commenter
may be referring to the situation that
requires duplicate entry into an HHA’s
original claims and assessment software,
and then re-entry of the same data into
the HAVEN software. Since HAVEN
software is available free of charge, our
experience is that vendors of the
original claims and assessment software
are now incorporating the HAVEN
software into their own software so that
duplicate entry will no longer occur.
In addition, we implemented the
patient tracking sheet (PTS) for HHAs
nationwide on December 16, 2002. With
implementation of the PTS, HHAs no
longer need to re-enter the information
from 18 common patient demographic
items collected at the start of care and
on subsequent assessments. These items
only need to be updated as appropriate.
C. Section 488.68,State Agency
Responsibilities for OASIS Collection
and Database Requirements
Under section 1891(b) of the Act, we
must assure that processes are in place
to protect the health and safety of
individuals under the care of an HHA
and to promote the effective and
efficient use of public moneys. Section
1864 of the Act authorizes the use of
State agencies to determine a provider’s
compliance with the CoPs. State
responsibilities for ensuring compliance
with the CoPs are set forth in part 488,
and entitled ‘‘Survey, Certification, and
Enforcement Procedures.’’ We did not
receive any public comments on this
section. Nevertheless, we have
summarized the provisions of § 488.68
as set forth in the January 25, 1999,
interim final rule below.
In accordance with the provisions
referenced above, we added a new
§ 488.68, State agency responsibilities
for OASIS collection and data base
requirements. This section provides that
the overall responsibility for fulfilling
requirements to operate and maintain
the OASIS system rests with the State
agency or other entity that we designate.
The State may delegate this
responsibility to the State agency,
another State component, or enter into
an agreement with a private entity to
operate the system, or we may contract
with an entity directly, if the State is
unable or unwilling to perform these
operations. If the State system is
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
operated by an entity other than the
State agency, the State must ensure that
it has suitable access to this system to
fully support all OASIS-driven
functions required of it (for example,
outcome-based quality improvement
reports and survey-specific data).
1. Section 488.68(a), Establish and
Maintain the OASIS Data Base
In § 488.68(a), we require that the
State agency or other entity that we
designate must use a standard system
developed or approved to collect, store,
and analyze CMS data generated by
OASIS. To meet this requirement, we
are using the system developed to
compile the Minimum Data Set (MDS)
assessments (the CMS standard State
system), which has already been
procured, installed, and utilized. As
part of the survey responsibilities,
§ 488.68(a) also provides that States will
be responsible for basic system
management responsibilities, such as
hardware and software maintenance,
system backup, and monitoring the
status of the database.
We also set forth requirements that
States must meet if they seek
modification of the standard State
system. Specifically, State agencies
must obtain our approval before
modifying any parts of the system. The
State agency or CMS OASIS contractor
may not modify any aspect of the
standard State system that pertains to
the standard CMS-approved OASIS data
items, standard CMS-approved record
formats and validation edits, and
standard CMS-approved agency
encoding and transmission methods. It
also cannot maintain patient data on the
system that we do not require to be
reported on the OASIS State system.
2. Section 488.68(b), Analyze and Edit
OASIS Data
In § 488.68(b), we provide that the
State agency or CMS OASIS contractor
is responsible for analyzing and
preparing OASIS data for us to retrieve.
Upon receipt of data from an HHA, we
require that the State agency or CMS
OASIS contractor edit the data as
specified by us, and ensure that the
HHA resolves errors within the time
limits we specify.
We also require that the State agency
or CMS OASIS contractor analyze the
data and generate outcome reports as we
specify. In addition to the responsibility
for generating outcome reports, the State
system issues validation reports once
OASIS data are received in the system,
to provide feedback to HHAs as to
whether the OASIS data they sent has
been accepted or rejected, and if
rejected, the reasons why.
PO 00000
Frm 00078
Fmt 4700
Sfmt 4700
3. Section 488.68(c), Ensure Accuracy of
OASIS Data
In § 488.68(c), we require the State
agency to review an HHA’s records to
verify that the records are consistent
with the OASIS data reported to the
State agency or CMS OASIS contractor
as part of the survey process. In keeping
with § 484.20(b), which requires that
HHAs’ encoded OASIS data accurately
reflect the patient’s status at the time the
information is collected, we expect that
HHAs will develop a means to ensure
that the data input into the computer
and transmitted to the State agency or
CMS OASIS contractor reflects the data
collected by the appropriate skilled
professionals. We expect HHAs to
devise a method to track this process,
which should include the comparison of
data collected at the time of the
assessment to data entered after
assessment. We expect HHAs to use the
validation reports created by the State
agencies to confirm proper data
submission or to identify areas for
improving data submission. We suggest
that HHAs retain final validation reports
for about 12 months, or until the next
OBQI report is available.
4. Section 488.68(d), Restrict Access to
OASIS Data
To secure and control access to
patient-identifiable information, in
§ 488.68(d) we require that the State
agency or CMS OASIS contractor be
responsible for restricting the access to
OASIS data. Specifically, we require
that the State agency or CMS OASIS
contractor must assure that access to
data is restricted to the State agency
component that conducts surveys for
purposes related to this function, except
for the transmission of data and reports
to us and to other entities only when
authorized by us.
We also specify that patientidentifiable OASIS data may not be
released to the public by the State
agency or CMS OASIS contractor except
to the extent it is permitted under the
Privacy Act of 1974 and the HHS
Privacy Rule, 45 CFR Parts 160 and 164.
In the June 18, 1999 SOR (64 FR 32992),
and subsequently revised notice
published December 27, 2001 (66 FR
66903), we outlined the provisions
governing the disclosure of the
information we collect. Consistent with
the provisions in those notices, the State
agency or CMS OASIS contractor is not
permitted to release patient-identifiable
information to the public but may
release provider-specific aggregated data
that do not contain individual patient
identifiers.
E:\FR\FM\23DER1.SGM
23DER1
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
5. Section 488.68(e), Provide Training
and Technical Support for HHAs
In § 488.68(e), we require the State
agency or CMS OASIS contractor to
provide training and technical support
for HHAs. Specifically, we require
training on the administration and
integration of the OASIS data set into
the HHA’s own assessment process. We
also specify that the State agency is
responsible for instructing each HHA on
the use of software to encode and
transmit OASIS data.
The State agency staff (or contractors)
who operate the CMS standard system
will provide training as needed to
designated HHA staff on the use of the
software that we provide. In a similar
manner, we will continue to provide
standardized instructions for using the
free software and submitting
information on our website. The
designated trainer in the HHA should
train HHA staff responsible for
collecting OASIS information, as
needed, using a standard training
curriculum and manual, which we
provide. A User’s Manual is available
electronically on our website and is
available in hard copy from the National
Technical Information Service by
calling 1–800–553–6847.
erjones on PROD1PC68 with RULES
III. Provisions of the Final Rule
In this final rule, we are adopting the
provisions as set forth in the interim
final rule with comment period with the
following revisions:
• We have revised the standard in
§ 484.20(a), Encoding and transmitting
OASIS data, to allow 30 days from the
date the assessment is completed for the
agency to encode and submit OASIS
data.
• We have removed the requirement
in § 484.20(c)(1), which required HHAs
to electronically transmit accurate,
completed, encoded, and locked OASIS
data for each patient to the State agency
or CMS OASIS contractor at least
monthly. This removes the ‘‘lock’’
requirement, which was required at
implementation. Experience has
indicated that the lock function is no
longer necessary.
• We have redesignated the
requirement in § 484.20(c)(2) as
§ 484.20(c)(1). This requirement
provides that OASIS data must be
transmitted in a format that meets the
data format standard specified in
§ 484.20(d).
• We have redesignated the data
submission requirement at § 484.20(c)(3)
as § 484.20(c)(2) and have removed the
reference to a specific time frame of
March 26, 1999 to April 26, 1999. When
the January 25, 1999, interim final rule
VerDate Aug<31>2005
15:34 Dec 22, 2005
Jkt 208001
was published, we assumed that no
agencies were reporting OASIS
information, and all would need to
establish connectivity via a test
transmission to the State agency before
submission of the required data. Now
that we are beyond the effective date
when all existing agencies were
expected to transmit required data, a
test transmission is only required when
an HHA that is not currently Medicareapproved applies for approval. As such,
we expect that HHA to meet all of the
Medicare home health CoPs, including
demonstrating that it is collecting and
can transmit OASIS data, before
receiving its Medicare approval. States
will work with agencies on a case-bycase basis to issue a temporary user
identification number and password for
the new HHA to demonstrate
compliance.
• We have redesignated the
requirement in § 484.20(c)(4) as
§ 484.20(c)(3). This requirement
provides that HHAs must transmit data
using electronic communications
software that provides a direct
telephone connection from the HHA to
the State agency or CMS OASIS
contractor.
• We have added a new paragraph
§ 484.20(c)(4) to include the CMSassigned branch identification number
as applicable.
IV. Collection of Information
Requirements
The information collection
requirements contained in § 484.20 of
this document are subject to the PRA;
however, these information collection
requirements are currently approved
under OMB control number 0938–0761
‘‘Medicare and Medicaid Programs Use
of the OASIS as Part of the CoPs for
HHAs,’’ with a current expiration date
of June 30, 2006. The currently
approved collection authorizes HHAs to
collect and transmit OASIS data.
V. Regulatory Impact Statement
We have examined the impact of this
rule as required by Executive Order
12866 (September 1993, Regulatory
Planning and Review), the Regulatory
Flexibility Act (RFA) (September 19,
1980, Pub. L. 96–354), section 1102(b) of
the Social Security Act, the Unfunded
Mandates Reform Act of 1995 (Pub. L.
104–4), and Executive Order 13132.
Executive Order 12866 directs
agencies to assess all costs and benefits
of available regulatory alternatives and,
if regulation is necessary, to select
regulatory approaches that maximize
net benefits (including potential
economic, environmental, public health
and safety effects, distributive impacts,
PO 00000
Frm 00079
Fmt 4700
Sfmt 4700
76207
and equity). A regulatory impact
analysis (RIA) must be prepared for
major rules with economically
significant effects ($100 million or more
in any 1 year). This rule does not reach
the economic threshold and thus is not
considered a major rule.
The RFA requires agencies to analyze
options for regulatory relief of small
businesses. For purposes of the RFA,
small entities include small businesses,
nonprofit organizations, and
government agencies. Most hospitals
and most other providers and suppliers
are small entities, either by nonprofit
status or by having revenues of $6
million to $29 million in any 1 year.
Individuals and States are not included
in the definition of a small entity. We
are not preparing an analysis for the
RFA because we have determined that
this rule will not have a significant
economic impact on a substantial
number of small entities.
In addition, section 1102(b) of the Act
requires us to prepare a regulatory
impact analysis if a rule may have a
significant impact on the operations of
a substantial number of small rural
hospitals. This analysis must conform to
the provisions of section 603 of the
RFA. For purposes of section 1102(b) of
the Act, we define a small rural hospital
as a hospital that is located outside of
a Metropolitan Statistical Area and has
fewer than 100 beds. We are not
preparing an analysis for section 1102(b)
of the Act because we have determined
that this rule will not have a significant
impact on the operations of a substantial
number of small rural hospitals.
Section 202 of the Unfunded
Mandates Reform Act of 1995 also
requires that agencies assess anticipated
costs and benefits before issuing any
rule that may result in expenditure in
any 1 year by State, local, or tribal
governments, in the aggregate, or by the
private sector, of $110 million. This rule
will have no consequential effect on the
governments mentioned or on the
private sector.
Executive Order 13132 establishes
certain requirements that an agency
must meet when it promulgates a
proposed rule (and subsequent final
rule) that imposes substantial direct
requirement costs on State and local
governments, preempts State law, or
otherwise has federalism implications.
Since this regulation does not impose
any costs on State or local governments,
the requirements of E.O. 13132 are not
applicable.
In accordance with the provisions of
Executive Order 12866, this regulation
was reviewed by the Office of
Management and Budget.
E:\FR\FM\23DER1.SGM
23DER1
76208
Federal Register / Vol. 70, No. 246 / Friday, December 23, 2005 / Rules and Regulations
List of Subjects in 42 CFR Part 484
Health facilities, Health Professions,
Medicare, Reporting and Recordkeeping
Requirements.
For reasons set forth in the preamble,
CMS amends 42 CFR part 484 as
follows:
I
PART 484—HOME HEALTH SERVICES
1. The authority citation for part 484
continues to read as follows:
I
2. Section 484.20 is amended by
revising paragraphs (a) and (c) to read as
follows:
I
§ 484.20 Condition of participation:
Reporting OASIS information.
*
*
*
*
*
(a) Standard: Encoding and
transmitting OASIS data. An HHA must
encode and electronically transmit each
completed OASIS assessment to the
State agency or the CMS OASIS
contractor, regarding each beneficiary
with respect to which such information
is required to be transmitted (as
determined by the Secretary), within 30
days of completing the assessment of
the beneficiary.
*
*
*
*
*
(c) Standard: Transmittal of OASIS
data. An HHA must—
(1) For all completed assessments,
transmit OASIS data in a format that
meets the requirements of paragraph (d)
of this section.
(2) Successfully transmit test data to
the State agency or CMS OASIS
contractor.
(3) Transmit data using electronics
communications software that provides
a direct telephone connection from the
HHA to the State agency or CMS OASIS
contractor.
(4) Transmit data that includes the
CMS-assigned branch identification
number, as applicable.
*
*
*
*
*
erjones on PROD1PC68 with RULES
(Catalog of Federal Domestic Assistance
Program No. 93.773, Medicare—Hospital
Insurance; and Program No. 93.778, Medical
Assistance Program)
Dated: May 20, 2005.
Mark B. McClellan,
Administrator, Centers for Medicare &
Medicaid Services.
Approved: September 12, 2005.
Michael O. Leavitt,
Secretary.
[FR Doc. 05–24389 Filed 12–22–05; 8:45 am]
15:34 Dec 22, 2005
Jkt 208001
[CG Docket No. 03–123; FCC 05–203]
Telecommunications Relay Services
and Speech-to-Speech Services for
Individuals With Hearing and Speech
Disabilities
Federal Communications
Commission.
ACTION: Final rule.
Subpart B—Administration
VerDate Aug<31>2005
47 CFR Part 64
AGENCY:
Authority: Secs. 1102 and 1871 of the
Social Security Act (42 U.S.C. 1302 and
1395(hh)).
BILLING CODE 4121–01–P
FEDERAL COMMUNICATIONS
COMMISSION
SUMMARY: In this document, the
Commission concludes that its current
rules regarding eligibility criteria for
compensation from the Interstate
Telecommunications Relay Services
(TRS) Fund do not reflect advances in
the way that TRS is offered, particularly
with respect to the two Internet-based
forms of TRS, Video Relay Service
(VRS) and Internet-Protocol (IP) Relay.
Therefore, the Commission amends its
rules to permit common carriers
desiring to offer VRS and IP Relay
service and receive compensation from
the Interstate TRS Fund (Fund) to seek
certification from the Commission. In
doing so, the Commission largely adopts
the proposal set forth in the Second
Improved TRS Order’s NPRM. Through
this action, the certification procedure
will permit common carriers desiring to
offer only VRS and/or IP Relay, and not
the other forms of TRS, to receive
compensation from the Fund without
having to meet one of the existing three
eligibility criteria set forth in the
Commission’s rules. Also in this
document, the Commission addresses a
related issue raised in Hands On Video
Relay Services, Inc.’s (Hands On)
petition for reconsideration of the 2004
TRS Report and Order, which
challenges the Commission’s dismissal
of Hands On application for certification
as a VRS provider eligible for
compensation from the Fund. Because
the Commission adopts a new eligibility
rule that permits Hands On to seek
certification as a VRS provider eligible
for compensation from the Fund
without being part of a certified state
TRS, the Commission concludes this
issue is moot. Also, in this document,
the Commission seeks approval from the
Office of Management and Budget
(OMB) for any Paperwork Reduction Act
(PRA) burdens contained in this
document that will modify OMB
Control No. 3060–1047. The revised
PRA burdens are related to new rules
permitting common carriers seeking to
offer VRS or IP Relay service, that are
not part of a certified state program or
have not contracted with an entity that
PO 00000
Frm 00080
Fmt 4700
Sfmt 4700
is, to qualify for compensation from the
Fund through a Commission-level
certification process.
DATES: Effective January 23, 2006,
except for § 47 CFR 64.605 (a)(2), (c)(2),
(e)(2), (f)(2), and (g), which contains
information collection requirements that
have not been approved by the Office of
Management and Budget (OMB). The
Commission will publish a document in
the Federal Register announcing the
effective date. Written comments on the
Paperwork Reduction Act (PRA)
information collection requirements
must be submitted by the general
public, Office of Management and
Budget (OMB), and other interested
parties on or before January 23, 2006.
ADDRESSES: You may submit PRA
comments identified by [CG Docket
Number 03–123 and/or OMB Control
Number 3060–1047], by any of the
following methods:
• Federal eRulemaking Portal: https://
www.regulations.gov. Follow the
instructions for submitting comments.
• Federal Communications
Commission’s Web site: https://
www.fcc.gov/cgb/ecfs/. Follow the
instructions for submitting comments.
• E-mail: Parties who choose to file
by e-mail should submit their comments
to Leslie Smith at Leslie.Smith@fcc.gov
and to Kristy L. LaLonde at
Kristy_L.LaLonde@omb.eop.gov. Please
include the CG Docket Number 03–123
and/or OMB Control Number 3060–
1047 in the subject line of the message.
• Mail: Parties who choose to file by
paper should submit their comments to
Leslie Smith, Federal Communications
Commission, Room 1–A804, 445 12th
Street SW., Washington, DC 20554, and
to Kristy L. LaLonde, OMB Desk Officer,
Room 10234 NEOB, 725 17th Street,
NW., Washington, DC 20503.
• People with Disabilities: Contact
the FCC to request reasonable
accommodations (accessible format
documents, sign language interpreters,
CART, etc.) by e-mail: FCC504@fcc.gov
or phone (202) 418–0539 or TTY: (202)
418–0432.
FOR FURTHER INFORMATION CONTACT:
Thomas Chandler, Consumer &
Governmental Affairs Bureau, Disability
Rights Office at (202) 418–1475 (voice),
(202) 418–0597 (TTY), or e-mail at
Thomas.Chandler@fcc.gov. For
additional information concerning the
PRA information collection
requirements contained in the
document, contact Leslie Smith at (202)
418–0217, or via the Internet at
Leslie.Smith@fcc.gov. If you would like
to obtain or view a copy of this revised
information collection, you may do so
E:\FR\FM\23DER1.SGM
23DER1
]]>Agencies
[Federal Register Volume 70, Number 246 (Friday, December 23, 2005)]
[Rules and Regulations]
[Pages 76199-76208]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 05-24389]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Medicare and Medicaid Services
42 CFR Part 484
[CMS-3006-F]
RIN 0938-AJ10
Medicare and Medicaid Programs: Reporting Outcome and Assessment
Information Set Data as Part of the Conditions of Participation for
Home Health Agencies
AGENCY: Centers for Medicare and Medicaid Services (CMS), HHS.
ACTION: Final rule.
-----------------------------------------------------------------------
SUMMARY: This final rule makes revisions in response to public comments
received on the January 25, 1999 interim final rule with comment period
(64 FR 3748). The interim final rule requires electronic reporting of
data from the Outcome and Assessment Information Set as a Condition of
Participation for home health agencies.
DATES: Effective Dates: This final rule is effective on June 21, 2006.
FOR FURTHER INFORMATION CONTACT: Rebecca Donnay (410) 786-1428,
Patricia Sevast (410) 786-8135, Steve Miller (410) 786-6656.
SUPPLEMENTARY INFORMATION:
I. Background
A. General Legislative Background
Home health services are furnished to Medicare beneficiaries under
the Hospital Insurance (Part A) and Supplemental Medical Insurance
(Part B) benefits of the Medicare program, and are described in section
1861(m) of the Social Security Act (the Act). These services must be
furnished by, or under arrangement with, a home health agency (HHA)
that participates in the Medicare program, and must be provided on a
visiting basis in the beneficiary's home.
Section 1861(o) of the Act specifies certain requirements that an
HHA must meet to participate in the Medicare program. In particular,
section 1861(o)(6) of the Act provides that an HHA must meet the
Conditions of Participation (CoPs) specified in section 1891(a) of the
Act, and any other CoPs that we find necessary in the interest of the
health and safety of HHA patients. Section 1861(o)(8) of the Act
provides that an HHA must meet additional requirements that the
Secretary finds necessary for the effective and efficient operation of
the home health program.
Section 1891 of the Act sets forth many of the conditions that HHAs
must meet to participate in the Medicare program. Specifically, section
1891(a) of the Act establishes requirements for HHAs with respect to
patient rights, home health aide training and competency, and
compliance with applicable Federal, State, and local laws. Under
section 1891 of the Act, we are responsible for assuring that the CoPs,
and their enforcement, are adequate to protect the health and safety of
all individuals under the care of an HHA and to promote the effective
and efficient use of Medicare funds.
Under the authority of sections 1861(o), 1871, and 1891 of the Act,
we have established in regulations the requirements that an HHA must
meet to participate in Medicare. These requirements are set forth at 42
CFR part 484, Home Health Services. The CoPs apply to an HHA as an
entity and the services furnished to all individuals under the care of
the HHA, unless a condition is specifically limited to Medicare
beneficiaries. Existing regulations in Sec. 440.70(d) specify that
HHAs participating in the Medicaid program must also meet the Medicare
CoPs.
In accordance with sections 1864 and 1891(c) of the Act, State
agencies generally conduct surveys of HHAs to determine whether they
are complying with the CoPs. Section 1864 of the Act authorizes the use
of State agencies to determine providers' compliance with the CoPs.
Responsibilities of States in ensuring compliance with the CoPs are set
forth at 42 CFR part 488, Survey, Certification, and Enforcement
Procedures.
B. Legislation and Related Regulations
Section 1861(o) of the Act, as amended by section 4603 of the
Balanced Budget Act of 1997 (BBA) (Pub. L. 105-33), enacted on August
5, 1997, requires us to establish a Home Health Prospective Payment
System (HHPPS) for services on or after October 1, 1999. Section 5101
of the Omnibus Consolidated and Emergency Supplemental Appropriations
Act for 1999 (OCESAA) (Pub. L. 105-277), enacted on October 21, 1998,
delayed the implementation date of the HHPPS until October 1, 2000.
In order to implement the prospective payment system, it was
necessary that we have data from HHAs to develop a reliable case-mix
adjustor system. Section 4602 of the BBA provided that, for cost
reporting periods beginning on or after October 1, 1997, we may require
HHAs to submit additional information that we consider necessary for
the development of a reliable case-mix system. The Outcome and
Assessment Information Set (OASIS), the assessment instrument developed
to measure patient health care outcomes in HHAs, is also a vehicle
through which information is collected and used for the case-mix
system.
Thus, to facilitate the implementation of the prospective payment
system and to gather data to be used to evaluate and develop plans to
improve outcomes of care in HHAs, we published two regulations in the
Federal Register on January 25, 1999. The final rule, Comprehensive
Assessment and Use of the OASIS as Part of the Conditions of
Participation for Home Health Agencies (64 FR 3764), requires that HHAs
complete a comprehensive assessment for each patient, and that they
incorporate the OASIS into their current patient assessment process. In
addition, we published an interim final rule with comment period to
require HHAs to electronically report data from the OASIS to the State
survey agency, or other entity designated by us (64 FR 3748).
The June 18, 1999, notice (64 FR 32984) in the Federal Register
entitled ``Mandatory Use, Collection, Encoding, and Transmission of
Outcome and Assessment Information Set (OASIS) for Home Health Agencies
(HHAs)'', announced the effective dates for the mandatory use,
collection, encoding, and transmission of OASIS data for all Medicare/
Medicaid patients receiving skilled services. This notice also
described the development of a new OASIS System of Records (SOR). We
indicated that for patients receiving only personal care services,
regardless of payer source, requirements for OASIS and the transmission
of those data would be delayed until further notice. In addition, the
notice announced that for non-Medicare/non-Medicaid
[[Page 76200]]
patients receiving skilled services, there would be no encoding and
transmission of OASIS data until further notice.
Until recently, HHAs were required by Sec. 484.55 to perform a
comprehensive assessment on non-Medicare/non-Medicaid patients
receiving skilled services using OASIS even though they were not
required to encode and transmit OASIS data collected on these patients.
Section 704 of the Medicare Prescription Drug, Improvement, and
Modernization Act of 2003 (MMA), enacted on December 8, 2003 (Pub. L.
108-173), however, temporarily suspended the collection of OASIS data
on an HHA's non-Medicare/non-Medicaid patients required by Sec. 484.55
until we reported to the Congress how OASIS information on non-
Medicare/non-Medicaid patients was and could be used by large HHAs,
including the value of collecting OASIS information by small HHAs
compared to the administrative burden. We are also required by the MMA
to publish final regulations regarding the collection and use of OASIS
information. On December 11, 2003, we issued a survey and certification
memorandum (S&C-04-12) instructing State survey agencies (SAs) that:
(1) Effective December 8, 2003, and until further notice, SAs must not
cite any deficiency for an HHA's failure to include the OASIS data set
as part of the patient-specific, comprehensive assessment for non-
Medicare/non-Medicaid patients otherwise required by Sec. 484.55; and
(2) any pending survey findings related to an HHA's omission to collect
OASIS data on non-Medicare/non-Medicaid patients will be suspended.
After the January 25, 1999, and June 18, 1999, Federal Register
publications, we expected that HHAs would incorporate the OASIS data
set into their own agency assessment process, and that all patients
receiving skilled services from Medicare-approved HHAs would be
assessed at certain times, incorporating the specified OASIS data
items. HHAs would encode and transmit OASIS data to the State agency,
and HHAs would use the validation feedback reports, data management
system reports, the Outcome-based Quality Monitoring (OBQM) reports,
and the Outcome-based Quality Improvement (OBQI) reports generated by
the State for agency improvement.
Since the effective date of the OASIS requirements, HHAs nationwide
have been actively working to meet these goals. State OASIS Educational
Coordinators (OECs) report that most HHAs have successfully
incorporated the OASIS data set into their own agency assessment
process and have trained their own staff in implementing OASIS. HHAs
are assessing Medicare and Medicaid patients receiving skilled care,
and are encoding and transmitting these assessments to the State
agency. In most cases, HHAs are using the OASIS State system feedback
reports to improve data collection and submission. Most clinicians and
other agency staff have developed skills for tasks associated with
OASIS data collection, data entry, and transmission. By using the many
resources we have made available to providers (for example, State-
sponsored training, Home Assessment Validation Entry (HAVEN), telephone
and e-mail help lines, comprehensive User's Manuals, and the CMS OASIS
Web page) agencies have, for the most part, successfully implemented
OASIS.
An analysis of OASIS data in the CMS national repository shows that
nearly all of the HHAs expected to submit OASIS data have done so. Over
56.4 million assessments have been submitted by HHAs from every State
since August 1999. Currently, the State survey and certification
agencies are contacting HHAs that have not submitted OASIS data and are
initiating standard monitoring and enforcement procedures.
Over the next several years, home health agencies are encouraged to
take steps toward the adoption of electronic medical records (EMRs)
that will allow for reporting of clinical quality data from the
electronic record directly to a CMS data repository. CMS intends to
begin working toward creating measures specifications and a system or
mechanism, or both, that will accept the data directly. The Department
is presently working cooperatively with other Federal agencies in the
development of Federal health architecture data standards. CMS
encourages home health agencies that are developing systems to conform
them to both industry standards and any Federal health architecture
data standards, and to ensure that they would capture the data
necessary for quality health measures. Ideally, such systems will also
provide point-of-care decision support that enables high levels of
performance on the measures. Home health agencies using EMRs to produce
data on quality measures will be held to the same performance
expectations as home health agencies not using EMRs. We are exploring
requirements for the submission of electronically produced data and
other options to encourage the submission of such data.
II. Provisions of the Interim Final Rule With Comment Period and
Discussion of Public Comments
In the January 25, 1999, interim final rule with comment period (64
FR 3749), we generally mandated that all HHAs participating in Medicare
and Medicaid (including managed care organizations providing home
health services to Medicare and Medicaid beneficiaries) report their
OASIS data to the database we established within each State via
electronic transmission. The interim final rule required State agencies
and the CMS OASIS contractors to maintain OASIS databases according to
our specifications. To ensure confidentiality of individual patient-
identifiable data collected for OASIS databases, we set forth
requirements for State agencies, CMS OASIS contractors, and HHAs
regarding the release of this information. We received approximately
200 public comments on the interim final rule (64 FR 3748), which we
address below.
A. Section 484.11, Condition of Participation: Release of Patient-
Identifiable OASIS Information
At Sec. 484.11, Condition of Participation: Release of Patient-
Identifiable OASIS Information, we require that the HHA, or an agent
acting on behalf of the HHA, ensure the confidentiality of all patient-
identifiable information contained in the clinical record and may not
release patient-identifiable OASIS information to the public. We also
specify that an agent acting on behalf of the HHA, in accordance with a
written contract between the HHA and the agent, may not use or disclose
the information. The agent may use or disclose data only to the extent
that the HHA itself is permitted to do so.
Comment: Many commenters were concerned about the confidential
nature of OASIS data that are transmitted and questioned how we will
ensure the protection of collected and reported patient-identifiable
information.
Response: Confidentiality of medical information is not a new
requirement. Health information, by its very nature is sensitive and
private. Because the privacy of patient-identifiable information is one
of our major priorities we have taken exhaustive steps to ensure the
privacy of this information by making the provision a condition of
participation to emphasize its seriousness. We endeavor to ensure that
access to an agency's OASIS data (hard copy or electronic data) is
adequately controlled by the HHA. Under this requirement, the HHA must
ensure the confidentiality of all patient-
[[Page 76201]]
identifiable OASIS information contained in the clinical records, and
may not release it for any reason other than for its intended purpose
in conducting the business of the agency. As with any other medical
information maintained by the agency, HHAs must have policies and
procedures governing the confidentiality of OASIS data. In addition, we
note that HHAs that are covered entities must comply with the
requirements of the Privacy and Security Rules issued under the Health
Insurance Portability and Accountability Act of 1996 (HIPPA).
Ensuring confidentiality of OASIS data includes mechanisms such as
having policies and procedures for assigning and maintaining
passwords--that must be kept secure--for access to HAVEN and for
transmitting OASIS data to the State agency. This CoP also allows HHAs
to choose to encode and transmit OASIS data to the State agency itself,
or to contract with an outside entity (agent or vendor) to fulfill
these requirements. Experience indicates that there are a number of
secure methods that can be used to send OASIS data to vendors. Some
examples of secure methods are to use a courier service, the United
States Postal Service, or fax. However, use of fax transmissions must
comply with section 2202.16 of the State Operations Manual, which
provides guidelines for fax transmission of OASIS data.
Agents or vendors acting on behalf of the HHA, such as a data entry
and submission vendor, are bound by the same confidentiality rules as
the HHA. OASIS data must be used only as a matter of agency business.
As such, a written contract must be in place that, among other things,
defines the nature of agency business with regard to OASIS data.
Violations that compromise data confidentiality by an entity that is
contracted with the HHA are the responsibility of the HHA, and will
constitute a condition-level finding of non-compliance.
Once the HHA data reach the State agency, there are additional
safeguards in place to protect the confidentiality of the OASIS data.
The HHA OASIS system is designed to conform to applicable law and
policy governing the privacy and security of Federal automated
information systems. These include, but are not limited to: The Privacy
Act of 1974, Computer Security Act of 1987, the Paperwork Reduction Act
of 1995, the Health Insurance Portability and Accountability Act of
1996 (HIPAA), the Clinger-Cohen Act of 1996, the Federal Information
Security Management Act of 2002, the Department's Privacy and Security
Rules, and OMB Circular A-130 (revised), Appendix III, ``Security of
Federal Automated Information Resources.'' We have prepared a
comprehensive system security plan as required by the OMB Circular.
This plan conforms fully to guidance issued by the National Institute
for Standards and Technology (NIST) in NIST Special Publication 800-18,
``Guide for Developing Security Plans for Information Technology
Systems.''
Some of the specific methods that we are using to ensure the
security of the HHA OASIS system and the information within it are
described below.
We have safeguards for authorized users and monitors these users to
ensure against excessive or unauthorized use. Personnel having access
to the system have been trained in the Privacy Act and systems security
requirements. Employees who maintain records in the system are
instructed not to release any data until the intended recipient agrees
to implement appropriate administrative, technical, procedural, and
physical safeguards sufficient to protect the confidentiality of the
data and to prevent unauthorized access to the data.
In addition, we have physical safeguards in place to reduce the
exposure of computer records and, thus, achieve an optimum level of
protection and security for the HHA OASIS system. For computerized
records, we have established safeguards in accordance with HHS
standards and NIST guidelines; for example, security codes will be
used, permitting access to authorized personnel exclusively. System
security procedures are established in accordance with HHS, Information
Resource Management Circular 10, HHS Information Systems
Security Program Policy of December 15, 2004; CMS Information Systems
Security Policy, Standards and Guidelines; and OMB Circular No. A-130
(revised) Appendix III.
Comment: One commenter was particularly concerned about patients'
social security numbers. The commenter stated that social security
numbers should not be used as an identifier for medical records stored
by the government. Other commenters were concerned about reporting
information collected from the OASIS that pertains to a patient's
psychological profile and lifestyle.
Response: We have endeavored to put many physical, technical, and
procedural safeguards in place to protect health information. Only
those individuals with a legitimate need for this information will be
allowed to have access. States and HHAs must take similar precautions.
The transmission of all identifiable health information will be secure
at all times if it is transmitted according to the requirements
outlined in this final rule, which strictly controls access to prevent
any unauthorized use. In addition, health information (including OASIS)
is encoded and transmitted from providers to State agencies over closed
loop telephone lines. In July 2000, in response to industry concerns,
we made available the Medicare data communication network (MDCN)
communications link from each HHA to its respective State health agency
to allow the HHAs to submit OASIS data and retrieve reports. The MDCN,
both hardware and software, allows direct dial-up access to the State
agency by each registered MDCN user in each HHA. This supersedes use of
the current dial-up connection process, which previously was the only
way HHAs could submit OASIS data and retrieve reports. This new system
allows each HHA to control all aspects of encoding, submitting, and
receiving reports according to its policy and promotes a higher level
of personal security with individual user IDs. There will be no
additional cost to the HHA for the use of this dial-up service.
Multiple users in an agency will be able to access the State agency
with individual MDCN user IDs. In order to verify that the person
trying to access the information is authorized, several safeguards are
in place. For example, in the OASIS State system, a person must enter a
user ID and password at three different checkpoints before access is
permitted. There is no ``back door'' into the system that would allow
unauthorized or illegal access.
Comment: A few commenters suggested that we eliminate OASIS
questions that solicit sensitive financial information on patients, and
remove the requirement for information to be reported to CMS.
Response: We believe commenters were referring to OASIS item M0160,
``Financial Factors.'' We have never required the collection or
transmission of OASIS item M0160. In addition, we established a
Regulations Reform Advisory Committee to further reduce regulatory
burden. As a result of earlier recommendations from that committee, we
have eliminated this item from the OASIS instrument. In addition to the
OASIS item related to financial factors, we have also eliminated the
following items from the OASIS instrument: M0310, ``Structural
Barriers'; M0320, ``Safety Hazards'; M0330, ``Sanitation Hazards'; and
M0600, ``Patient Behaviors.'' Earlier versions of HAVEN (5.0 and
earlier) currently allow
[[Page 76202]]
encoding of these items for HHA use, but will automatically prevent
transmission at the source. As part of the assessment process, HHAs may
continue to collect the information. However, if HHAs transmit the
information, it will not be stored in the State's system.
B. Section 484.20, Condition of Participation: Reporting OASIS
Information
In Sec. 484.20, Condition of Participation: Reporting OASIS
Information, we require HHAs to report to CMS OASIS data collected on
all patients. This requirement applies to all patients except prepartum
and postpartum patients, patients under the age of 18, patients not
receiving skilled health care services, and non-Medicare/non-Medicaid
patients. As stated above, on June 18, 1999, we published a notice (64
FR 32984) that delayed the applicability of the collection requirements
to patients receiving only personal care services and delayed the
requirement to encode and report collected OASIS data on non-Medicare/
non-Medicaid patients until further notice. Currently, the policy to
delay the applicability of the collection requirements to patients
receiving only personal care services and to delay the requirement to
encode and report collected OASIS data on non-Medicare/non-Medicaid
patients remains in effect. There is also a temporary suspension on the
collection of OASIS data on non-Medicare/non-Medicaid patients
effective December 8, 2003, under section 704 of the Medicare
Prescription Drug, Improvement and Modernization Act of 2003 (Pub L.
108-173) (MMA).
General Comments on Reporting OASIS Data
We received several comments in support of our efforts to collect
and report OASIS data for the purpose of tracking the quality of
patient outcomes.
Comment: One commenter stated that many nurses, because of the
substantial demands of their jobs, have not been able to devote
sufficient time to assessing a patient's health care needs,
compromising the quality of the care provided. The commenter believes
that OASIS enables nurses to more thoroughly assess their patients'
needs. The commenter also stated that OASIS is ``the best thing created
by CMS.'' The commenter also noted that OASIS data could indicate that
some patients actually need home care and may also reveal abuses of the
Medicare program.
Response: We appreciate the positive comment. In addition to using
OASIS to develop the HHPPS, in the quality measurement and improvement
system, and in the Survey and Certification program, we plan to use
OASIS to support our program integrity efforts as we administer the
Medicare program.
Comment: Several commenters supported the principle of having HHAs
collect and report OASIS data for quality outcome measurement and
stated that they were looking forward to using the data. Commenters
believed that OASIS would have positive results in identifying
standards of care industry-wide, in addition to offering State-specific
information concerning the care patients received. Other commenters
stated that the industry has many questions regarding OASIS and its use
and asked that we continue to provide clear and precise guidelines for
OASIS reporting requirements.
Response: We appreciate the endorsement and support for OASIS, and
we believe that OASIS data will assist HHAs in improving the quality of
their services. We recognize that agencies may continue to require
guidance on collecting and reporting OASIS information. Therefore, we
will continue to provide guidance and updated information to HHAs via
state-sponsored training, telephone, and e-mail help lines and by
posting relevant information on our Web site.
Comment: One commenter acknowledged the usefulness of OASIS outcome
data for both HHAs and CMS but questioned the connection between CMS
obtaining data and translating those data into useable information to
improve care.
Response: We appreciate the supportive comments. Since April 1999,
HHAs have collected, encoded, and reported OASIS information. The
reports generated from the information are outcome-based and used for
quality improvement. For some time, these Outcome Based Quality
Improvement and Outcome Based Quality Monitoring (OBQI/OBQM) reports
have been used for comparative analyses. These reports are shared with
HHAs for use in their quality monitoring and improvement activities.
For example, through a contract with the Center for Health Services
Research, University of Colorado, we implemented the Medicare Home
Health Quality Assurance (MEQA) demonstration to determine the
feasibility of, and establish the methodology for, implementing OBQI
programs in HHAs. Under the demonstration, 50 HHAs nationwide collected
OASIS data at regular intervals for all adult patients. We computed
outcome measures using OASIS data and provided risk-adjusted outcome
reports for specific patient conditions (focused reports) and for all
adult patients (global reports). We provided instruction to HHAs in
using outcome reports to target areas for improvement or reinforcement.
We implemented and monitored a plan of action for behavioral change
while using yearly outcome reports to determine if targeted outcomes
improved. Data from the reports during the MEQA demonstration indicate
that there has been a 25 percent rate of reduction in hospitalizations
over the length of the demonstration and 80 percent of participating
HHAs experienced a significant improvement in targeted outcomes.
In the Home Health Outcome Based Quality Improvement (HH-OBQI)
System Pilot Project, five Quality Improvement Organizations (QIOs)
found similar levels of improvement in targeted outcomes to those
levels experienced in the MEQA demonstration. The pilot project tasked
QIOs in five States (Maryland, Michigan, New York, Rhode Island, and
Virginia) with helping HHAs nationwide to identify opportunities to use
the quality reports for improvement of home health quality of care for
Medicare beneficiaries. These five QIOs serve as a coordinating body to
oversee the establishment of a national HH OBQI System for home health
care. The five QIOs, using OASIS outcome reports and their own analysis
of OASIS data, the five QIOs distribute information and guidance to all
other QIOs participating in the HH OBQI System. The other QIOs, in
turn, provide education, consultation, and other technical assistance
to HHAs in developing and managing outcome-based, continuous quality
improvement programs.
Comment: Several commenters stated that OASIS should only be used
for Medicare patients, so as not to destroy its usefulness for the
HHPPS. Commenters were concerned that the quality of OASIS data would
be adversely affected if collected and reported on patients from such
diverse programs as Medicare, Medicaid, Medicaid waiver patients, and
non-Medicare/non-Medicaid patients.
Several commenters specifically stated that OASIS should be re-
evaluated for Medicaid patients, patients under Medicaid Home and
Community-Based Waiver programs, and patients receiving ``personal-
care-only'' services. One commenter stated the belief that the OASIS
demonstration projects did not include patients receiving personal-
care-only services. A few commenters suggested that we limit OASIS
reporting to only a core set of
[[Page 76203]]
data elements needed for the development of the HHPPS.
Response: We received many comments regarding the application of
OASIS to HHA populations. Collecting OASIS data on all patients for
quality and assessment purposes does not affect the integrity of the
HHPPS. Limiting reported OASIS data only to items under consideration
for HHPPS will harm the integrity and risk adjustment of quality
indicators (as discussed in the July 3, 2000 final rule for HHPPS) and
eliminate the ability to evaluate the effects of HHPPS on quality or to
improve HHPPS over time.
With regard to the quality of OASIS data, the intent of OASIS is to
ensure that HHA patients are receiving quality care. However, we
recognize the assessment needs for patients requiring personal-care-
only services may be different than for patients who require skilled
services, such as nursing and rehabilitative therapy. To address these
concerns and further research the issues, we have delayed the
requirement for agencies to use OASIS for the personal-care-only
population until further notice. We published the notice of the delay
(64 FR 32984) on June 18, 1999. We are continuing this delay until we
determine an appropriate balance between the advantages of collecting
OASIS data from this population of patients and the reported burdens on
providers.
In addition, MMA, which was enacted on December 8, 2003,
temporarily suspends the collection of OASIS data on an HHA's non-
Medicare/non-Medicaid patients until further notice. HHAs may continue
to incorporate OASIS items into their patient-specific, comprehensive
assessment of non-Medicare/non-Medicaid patients for their own use but
are no longer required to do so.
The inclusion of Medicaid waiver patients in the collection and
reporting of OASIS data is a decision that may be made by individual
States. Medicare-approved HHAs must report OASIS data for all other
patients (that is, other than the previously discussed exceptions, and
those for whom collection is delayed). The requirements governing who
may provide services under waiver programs are left to each state's
discretion. We do not require Medicaid waiver patients to be served by
Medicare-approved HHAs, and States may choose providers that do not
meet Medicare requirements (including the collection and reporting of
OASIS data) to furnish services to individuals in State waiver
programs.
Comment: Many commenters asked that we clarify our policy
concerning a patient's refusal to answer a question. Commenters were
concerned that agencies would be penalized if a patient refused to
answer an OASIS question and stated that because of the patient's
refusal, there would be no OASIS information to be reported to us.
Response: There is no Federal requirement that an HHA deny services
to a home health patient if the patient refuses to allow clinicians to
conduct a comprehensive assessment, refuses to answer any question
during the comprehensive assessment, or refuses to allow the release of
any information from the comprehensive assessment to us. However, for
Medicare and Medicaid patients, the collection and transmission of
OASIS data is required to meet the home health CoPs and for payment.
Doctors, nurses, and therapists are trained to do assessments of
their patients as part of their routine care whether the patient is
cooperative or not. Patient assessments are critical for providers to
know if patients' needs are being met or if their health conditions are
improving. It is important to understand that HHAs will continue to
perform comprehensive assessments of their uncooperative clients. OASIS
is a standardized data format for nurses and other home health
professionals for assessing patients' needs, developing the appropriate
plan of care, assessing that care over the course of treatment, and
learning how to improve the quality of care over time. While patients
may refuse to answer a direct question (or indeed, may provide an
inaccurate or a misleading response), clinicians are taught to assess
patients to the best of their ability. However, State surveyors are
obligated to assess the HHA's performance of its data collection
responsibilities. If an agency has an unusually high rate of patients
refusing to answer assessment questions, it may warrant a review of the
process the HHA is using to conduct assessments.
An HHA will have the opportunity to respond to any deficiencies
cited by the surveyor in the HHA's plan of correction. CMS and its
agents (State survey agencies) expect HHAs to comply with these
regulations and will work with agencies to achieve compliance. We
expect agencies to make a good faith effort to use OASIS. During
initial implementation, which lasted until the end of 1999, we did not
cite deficiencies unless an HHA was doing nothing to comply with the
OASIS collection and reporting requirements. Beginning in 2000, we
shifted from a more ``global'' approach of determining overall
compliance to a more specific consideration of each requirement. Now
each OASIS requirement is reviewed for compliance exactly as it is
written, in the same manner as all other existing home health
requirements. We took this action because proper OASIS data collection
and reporting has payment and quality implications.
1. Section 484.20(a), Standard: Encoding and Transmitting OASIS Data
We have revised Sec. 484.20(a) to require HHAs to encode and
electronically transmit to the State agency or CMS OASIS contractor
accurate and complete OASIS data for each applicable agency patient
within 30 calendar days from the date the assessment was completed
(that is, the date entered at OASIS item M0090). We have removed the
``lock'' requirement that appeared at Sec. 484.20(c)(1) to allow HHAs
the option of making corrections to OASIS data at any time without edit
warnings. Since HHAs will now be able to make corrections to
transmitted OASIS data at any time, we determined that there is no
compelling reason to require HHAs to encode OASIS data within a
specific timeframe. Therefore, we are no longer requiring HHAs to
encode OASIS data within 7 days of completing an OASIS data set.
Instead, HHAs will have 30 calendar days from the date the assessment
was completed to both encode and transmit completed OASIS data to the
State agency or CMS OASIS contractor. In other words, once the
qualified clinical staff member has collected the OASIS data set at the
time specified in Sec. 484.55, HHAs may take up to 30 calendar days
after collection to: (1) Enter it into their computer systems using the
Home Assessment Validation Entry (HAVEN) software or the vendor
software meeting our data submission specifications; (2) electronically
transmit the accurate, complete, and encoded data to the State agency
or CMS OASIS contractor; and (3) establish HHA policy which will be in
compliance with the instructions within the OASIS Implementation Manual
Chapter 1, page 1.4, which require that HHAs develop ``policies and
procedures establishing the necessary data entry and transmission
mechanisms and, very importantly, develop and maintain appropriate data
quality monitoring activities.''
The changes in Sec. 484.20(a) do not alter the need for HHAs to
ensure that the data items on the patients clinical record match the
encoded data that are sent to the State (see OASIS Implementation
Manual, Chapter 12, pages 12.1 and 12.2). HHAs must also continue to
conduct data quality audits on a routine basis as outlined in the
[[Page 76204]]
OASIS Implementation Manual, Chapter 12, pages 12.1 and 12.2.
Currently, OBQI/OBQM reports are available 2 months after
submission of completed assessments. However, many HHAs are requesting
that the OBQI/OBQM reports be more timely. Now that we are requiring
HHAs to both encode and transmit completed OASIS data within 30
calendar days, we expect the reports to be available 30 days sooner.
Currently, 50 percent of the HHAs transmit OASIS assessments by the
16th day after completion, and the majority of HHAs (75 percent)
transmit assessments by the 30th day after completion. HHAs must
continue to comply at all times with requirements for safeguarding the
confidentiality of patient-identifiable information.
Comment: Several commenters were concerned about the resources
required to encode and transmit OASIS data. One commenter stated that
the increased time to complete data entry adds to difficulties in
meeting the 7-day encoding requirement. Another commenter suggested
that the requirement be extended to 14 days, especially for rural
providers.
Response: After reviewing comments, we agree with commenters'
concerns about the 7-day time frame for encoding. Therefore, we will
allow HHAs 30 calendar days after the assessment is completed to encode
and transmit OASIS data items. We have revised this timeframe based on
industry concerns and the need to confirm the accuracy of their data.
We believe this revised timeframe will be less burdensome for HHAs.
These 30 calendar days are in addition to the time frames currently
allowed for collection of the OASIS items set forth at Sec. 484.55. We
are providing the revised timeframe of 30 calendar days for agencies to
encode their OASIS data, resolve any outstanding data collection
issues, and transmit the accurate and completed OASIS data. We assigned
time frames that we believe best represent a balance between efficient,
timely data collection and entry, and the burden placed on the HHA. As
this process evolves, we will continue to explore techniques to make
the reporting process as efficient as possible.
2. Section 484.20(b), Standard: Accuracy of Encoded OASIS Data
Section 484.20(b) requires that the encoded OASIS data accurately
reflect the patient's status at the time of the assessment. Before
transmission, the HHA must ensure that data items on its own collection
record match the encoded data that are sent to the State. We expect
HHAs to devise a method to track this process that includes comparison
of data collected at the time of the assessment to data entered after
the initial assessment. We expect agencies to use their validation
reports to confirm proper data submission or to identify areas for
improving data submission.
Comment: Several commenters expressed concern that we did not
include time spent calling the professionals responsible for the
assessment to obtain clarification of assessment data if there are
errors found during encoding in our estimate of the costs associated
with OASIS reporting. Commenters also stated that a registered nurse or
other full-time employee would need to manage the paper work and
computerization of OASIS.
Response: We agree with commenters that HHAs may need to designate
a staff person to coordinate the OASIS data collection and reporting
systems. The burden estimate took this into account in the January 25,
1999 final rule (64 FR 3748). Some agencies may be able to assign these
duties to current staff, while others may decide they need to hire
additional personnel, at the HHA's discretion. This person could have a
clinical or computer background.
3. Section 484.20(c), Standard: Transmittal of OASIS Data
In existing Sec. 484.20(c)(1), we required HHAs to electronically
transmit to the State agency or CMS OASIS contractor accurate,
completed, encoded, and locked OASIS data for each applicable patient
at least monthly. Now that we are combining the requirement to
electronically transmit OASIS data with the requirement to encode OASIS
data in Sec. 484.20(a) and removing the ``lock'' requirement, we have
removed existing Sec. 484.20(c)(1) and redesignated Sec. 484.20(c)(2)
through Sec. 484.20(c)(4) as Sec. 484.20(c)(1) through Sec.
484.20(c)(3), respectively.
Newly designated Sec. 484.20(c)(1) requires HHAs to transmit the
OASIS data in a format that meets the data format standard specified at
Sec. 484.20(d). Newly designated Sec. 484.20(c)(2) requires HHAs to
transmit successfully test data to the State agency or CMS OASIS
contractor. Newly designated Sec. 484.20(c)(3) requires HHAs to
transmit data using electronic communications protocols as directed by
us. As of July 1, 2000, those HHAs that are required to submit OASIS
data for submission and interim reports must do so via the MDCN, which
replaces the previous dial-up connection for submission and interim
reports. In January 2004, we started requiring HHAs to use a CMS-
assigned branch identification number (where applicable) to identify
branch-specific OASIS assessment information in a uniform fashion
nationwide. This process is described below.
During the development stage of OASIS implementation, the National
Association for Home Care (NAHC), engaged in a series of
teleconferences with its member HHAs to solicit suggestions about OASIS
data entry software. HHAs proposed that the outcome reports be made
available at the branch level, rather than limited to data that
represent the agency as a whole. NAHC transmitted its concerns to us,
and, in response, we agreed to create a field in the HAVEN data entry
software to allow HHAs to enter a self-defined number that identifies
the assessment information sent to the State agency by a branch office.
An analysis of OASIS data submitted by HHAs to State agencies
nationwide, from the period July 1999 to January 2000, shows that 1.8
million of the 4 million assessments submitted included identifying
information for branches. We were encouraged that so many HHAs wanted
to identify assessment information submitted by their branches.
Subsequently, we determined that assignment of unique branch
identification numbers would facilitate HHAs' ability to receive
outcome reports specific to their branches.
Providing HHAs with the outcome reports specific to their branches
will help both the State agency and HHAs to monitor the quality of care
being furnished to branch patients. The State agency, after reviewing
the specific branch outcome reports, will be better able to target
scarce survey resources when conducting HHA surveys. Branch-specific
information will also allow the parent HHA to use its own objective
performance criteria to assess and improve patient services, outcomes,
and satisfaction at the branch level.
As a result of input from the home health industry, we revised the
OASIS data set to accommodate branch identifications. The new items
developed are: (M0014) Branch State and (M0016) Branch ID. The State in
which the branch is located is the two-letter postal service
abbreviation where the agency branch is located. For the Branch ID,
rather than continuing to allow HHAs to enter a self-defined number
that identifies the assessment information that the branch sent to the
State agency, we have standardized the identification numbering system
for HHA branches to ensure that these assessments will be linked to the
proper branch. This national numbering system links each branch number
to the parent HHA provider number by numbering
[[Page 76205]]
each branch with the same Federally assigned provider number as the
parent with two modifications. There is a ``Q'' between the State code
and four-digit provider designation plus three more digits for a 10-
character branch identifier. The last three digits allows us to assign
up to 999 branches to one parent HHA with branch identification numbers
being used only once. If an HHA branch closes, we will terminate its
unique branch identification number and will not re-use it to identify
another branch of that HHA or subunit. For example, an HHA in a state
has three branches. The parent agency's Medicare provider number is
017001. The branches are assigned the branch identification numbers
01Q7001001, 01Q7001002, and 01Q7001003. We have made a corresponding
revision to the regulation text by adding a new paragraph Sec.
484.20(c)(4).
On the OASIS B-1 (10/1998) data set, which we used to implement
OASIS data collection and reporting initially, the fields ``Branch
State'' and ``Branch ID'' are optional. On the December 2002 version of
the OASIS B-1 data set, which is being used for OASIS collection and
reporting as of January 1, 2004, ``Branch ID'' is required for
submission of all assessment records completed by a branch. We expect
HHA branches to place their CMS-assigned branch identification number
on each OASIS assessment at M0016, and subsequently encode and transmit
the assessment to the State agency. We have added the requirement to
include branch identification numbers in Sec. 484.20(c)(4).
Comment: One commenter was concerned that HHA branch offices are
not allowed to transmit their own OASIS data to the State. The
commenter stated that the interim final rule is silent regarding this
policy, but according to our Web site, branch offices are required to
deliver OASIS assessment data to the parent for transmission to the
State agency. The commenter stated that this practice would generate
mistakes, thus compromising OASIS data. The commenter suggested that
HHA branch offices be allowed to transmit their own OASIS data via a
dial-up connection to the State agency using the same OASIS ID code and
password as the parent agency.
Response: The HAVEN data entry software was originally designed for
single submission by the parent HHA for security reasons. The State
survey agency assigned one specific user identification and password to
each parent HHA in the State. Moreover, the previous data management
program could not accommodate separate user identification numbers and
passwords to all existing HHA branches. Based on industry concerns, and
in response to their needs to permit submission by branches, we
installed in each HHA, a communication link to the State agency for
submission of OASIS and the retrieval of reports. The MDCN was
installed in all HHAs in July 2000, to allow direct dial-up access to
the State agency by each registered MDCN user in each HHA. This was a
change to the previous system, which allowed the dial-up connection to
be used only for submission of OASIS data and retrieval of reports.
There was no additional charge to the HHA for the use of this MDCN
dial-up service. Multiple users in an agency, including branch users,
are now able to access the State agency with individual MDCN user IDs.
This system allows the branch to control all aspects of encoding,
submission, and receiving reports, according to the parent HHA policy,
and promotes a higher level of personal security with the assignment of
individual user IDs.
We have begun to assign identification numbers to every existing
branch of a parent HHA and subunit. The identification system has been
implemented nationally and uniquely identifies every branch of every
HHA certified to participate in the Medicare home health program. It
also links the parent to the branch. Having a system to identify
branches gives us the capability of associating survey results with
individual HHA branches. Also, by including the branch identification
number on OASIS assessments, we will have the capability of developing
outcome reports that will help HHAs differentiate and monitor the
quality of care delivered by their agencies down to the HHA branch
level.
4. Section 484.20(d), Standard: Data Format
At Sec. 484.20(d), we specify that HHAs must encode and transmit
data using the software available from CMS or software that conforms to
CMS standard electronic record layout, edit specifications, and data
dictionaries and includes OASIS data items specified in Sec.
484.55(e). To meet the data format requirements, HHAs may use the HAVEN
software developed by CMS, or use other vendors' software if it
conforms to our standardized electronic record formats, edit
specifications, data dictionaries, and can pass [CMS-defined]
standardized edits. The HAVEN software is made available to all HHAs
free of charge, either via download from the Internet or by requesting
a compact disc (CD). Agencies can call the HAVEN help line at 1-877-
201-4721 to order a HAVEN CD and/or to ask any other HAVEN-related
questions they may have.
The required OASIS data set is available at all times on our Web
site located at https://www.cms.hhs.gov/oasis. HHAs may access the Web
site and download the required OASIS data set for each data collection
time point. HHAs may also obtain hard copies of the OASIS data set from
the National Technical Information Service (NTIS) at 1-800-553-6847.
Comment: Several commenters stated that the HAVEN computer screen
is extremely slow and that HHA staff spend time waiting for screen
response. The commenter believes that the slowness of the software
directly relates to an increase in agency cost. One commenter stated
that while HAVEN is free, it does not meet the needs of every agency,
nor can every agency access the Internet. This commenter also stated
that some agencies are opting to scan the hard copy assessments,
because it is more cost effective. However, the commenter stated that
HAVEN does not allow for scanning. One commenter stated that their
agency convened a taskforce to prepare for OASIS. The taskforce
recommended that the agency not use CMS HAVEN software because the
software did not have the ability to track outcomes internally.
Response: HAVEN is a tool designed solely for entering, creating,
and maintaining OASIS data files for transmission to the State survey
agency. HAVEN is not a tool for developing outcome reports. Rather, the
files created by HAVEN are part of the process that we use to develop
these reports. Outcome reports will be available to all agencies, free
of charge. HHAs can electronically access the OBQI/OBQM reports in a
manner similar to the submission process.
While HAVEN will operate on older systems, we continue to recommend
that agencies use a computer system compatible with the current
industry standard. We have always cautioned that HAVEN may not perform
as well on older computer systems as it would if run on a newer or more
powerful system. Finally, some of the slowness may be due to multiple
simultaneous users. Newer versions of HAVEN are released to accommodate
multiple simultaneous use. Although we provide HAVEN as a tool to
assist agencies in complying with the requirements, agencies may use
vendors' products or develop software that meets their own unique needs
in addition to meeting OASIS regulatory requirements. Vendor products,
however, must meet our
[[Page 76206]]
minimum data, format, and transmission specifications.
Comment: One commenter suggested the need to enter the same data
multiple times was a flaw in the software that could be reduced if HHAs
allowed software vendors to interface, or to map data entry so that one
entry would satisfy both data sets.
Response: We believe the commenter may be referring to the
situation that requires duplicate entry into an HHA's original claims
and assessment software, and then re-entry of the same data into the
HAVEN software. Since HAVEN software is available free of charge, our
experience is that vendors of the original claims and assessment
software are now incorporating the HAVEN software into their own
software so that duplicate entry will no longer occur.
In addition, we implemented the patient tracking sheet (PTS) for
HHAs nationwide on December 16, 2002. With implementation of the PTS,
HHAs no longer need to re-enter the information from 18 common patient
demographic items collected at the start of care and on subsequent
assessments. These items only need to be updated as appropriate.
C. Section 488.68,State Agency Responsibilities for OASIS Collection
and Database Requirements
Under section 1891(b) of the Act, we must assure that processes are
in place to protect the health and safety of individuals under the care
of an HHA and to promote the effective and efficient use of public
moneys. Section 1864 of the Act authorizes the use of State agencies to
determine a provider's compliance with the CoPs. State responsibilities
for ensuring compliance with the CoPs are set forth in part 488, and
entitled ``Survey, Certification, and Enforcement Procedures.'' We did
not receive any public comments on this section. Nevertheless, we have
summarized the provisions of Sec. 488.68 as set forth in the January
25, 1999, interim final rule below.
In accordance with the provisions referenced above, we added a new
Sec. 488.68, State agency responsibilities for OASIS collection and
data base requirements. This section provides that the overall
responsibility for fulfilling requirements to operate and maintain the
OASIS system rests with the State agency or other entity that we
designate. The State may delegate this responsibility to the State
agency, another State component, or enter into an agreement with a
private entity to operate the system, or we may contract with an entity
directly, if the State is unable or unwilling to perform these
operations. If the State system is operated by an entity other than the
State agency, the State must ensure that it has suitable access to this
system to fully support all OASIS-driven functions required of it (for
example, outcome-based quality improvement reports and survey-specific
data).
1. Section 488.68(a), Establish and Maintain the OASIS Data Base
In Sec. 488.68(a), we require that the State agency or other
entity that we designate must use a standard system developed or
approved to collect, store, and analyze CMS data generated by OASIS. To
meet this requirement, we are using the system developed to compile the
Minimum Data Set (MDS) assessments (the CMS standard State system),
which has already been procured, installed, and utilized. As part of
the survey responsibilities, Sec. 488.68(a) also provides that States
will be responsible for basic system management responsibilities, such
as hardware and software maintenance, system backup, and monitoring the
status of the database.
We also set forth requirements that States must meet if they seek
modification of the standard State system. Specifically, State agencies
must obtain our approval before modifying any parts of the system. The
State agency or CMS OASIS contractor may not modify any aspect of the
standard State system that pertains to the standard CMS-approved OASIS
data items, standard CMS-approved record formats and validation edits,
and standard CMS-approved agency encoding and transmission methods. It
also cannot maintain patient data on the system that we do not require
to be reported on the OASIS State system.
2. Section 488.68(b), Analyze and Edit OASIS Data
In Sec. 488.68(b), we provide that the State agency or CMS OASIS
contractor is responsible for analyzing and preparing OASIS data for us
to retrieve. Upon receipt of data from an HHA, we require that the
State agency or CMS OASIS contractor edit the data as specified by us,
and ensure that the HHA resolves errors within the time limits we
specify.
We also require that the State agency or CMS OASIS contractor
analyze the data and generate outcome reports as we specify. In
addition to the responsibility for generating outcome reports, the
State system issues validation reports once OASIS data are received in
the system, to provide feedback to HHAs as to whether the OASIS data
they sent has been accepted or rejected, and if rejected, the reasons
why.
3. Section 488.68(c), Ensure Accuracy of OASIS Data
In Sec. 488.68(c), we require the State agency to review an HHA's
records to verify that the records are consistent with the OASIS data
reported to the State agency or CMS OASIS contractor as part of the
survey process. In keeping with Sec. 484.20(b), which requires that
HHAs' encoded OASIS data accurately reflect the patient's status at the
time the information is collected, we expect that HHAs will develop a
means to ensure that the data input into the computer and transmitted
to the State agency or CMS OASIS contractor reflects the data collected
by the appropriate skilled professionals. We expect HHAs to devise a
method to track this process, which should include the comparison of
data collected at the time of the assessment to data entered after
assessment. We expect HHAs to use the validation reports created by the
State agencies to confirm proper data submission or to identify areas
for improving data submission. We suggest that HHAs retain final
validation reports for about 12 months, or until the next OBQI report
is available.
4. Section 488.68(d), Restrict Access to OASIS Data
To secure and control access to patient-identifiable information,
in Sec. 488.68(d) we require that the State agency or CMS OASIS
contractor be responsible for restricting the access to OASIS data.
Specifically, we require that the State agency or CMS OASIS contractor
must assure that access to data is restricted to the State agency
component that conducts surveys for purposes related to this function,
except for the transmission of data and reports to us and to other
entities only when authorized by us.
We also specify that patient-identifiable OASIS data may not be
released to the public by the State agency or CMS OASIS contractor
except to the extent it is permitted under the Privacy Act of 1974 and
the HHS Privacy Rule, 45 CFR Parts 160 and 164. In the June 18, 1999
SOR (64 FR 32992), and subsequently revised notice published December
27, 2001 (66 FR 66903), we outlined the provisions governing the
disclosure of the information we collect. Consistent with the
provisions in those notices, the State agency or CMS OASIS contractor
is not permitted to release patient-identifiable information to the
public but may release provider-specific aggregated data that do not
contain individual patient identifiers.
[[Page 76207]]
5. Section 488.68(e), Provide Training and Technical Support for HHAs
In Sec. 488.68(e), we require the State agency or CMS OASIS
contractor to provide training and technical support for HHAs.
Specifically, we require training on the administration and integration
of the OASIS data set into the HHA's own assessment process. We also
specify that the State agency is responsible for instructing each HHA
on the use of software to encode and transmit OASIS data.
The State agency staff (or contractors) who operate the CMS
standard system will provide training as needed to designated HHA staff
on the use of the software that we provide. In a similar manner, we
will continue to provide standardized instructions for using the free
software and submitting information on our website. The designated
trainer in the HHA should train HHA staff responsible for collecting
OASIS information, as needed, using a standard training curriculum and
manual, which we provide. A User's Manual is available electronically
on our website and is available in hard copy from the National
Technical Information Service by calling 1-800-553-6847.
III. Provisions of the Final Rule
In this final rule, we are adopting the provisions as set forth in
the interim final rule with comment period with the following
revisions:
We have revised the standard in Sec. 484.20(a), Encoding
and transmitting OASIS data, to allow 30 days from the date the
assessment is completed for the agency to encode and submit OASIS data.
We have removed the requirement in Sec. 484.20(c)(1),
which required HHAs to electronically transmit accurate, completed,
encoded, and locked OASIS data for each patient to the State agency or
CMS OASIS contractor at least monthly. This removes the ``lock''
requirement, which was required at implementation. Experience has
indicated that the lock function is no longer necessary.
We have redesignated the requirement in Sec. 484.20(c)(2)
as Sec. 484.20(c)(1). This requirement provides that OASIS data must
be transmitted in a format that meets the data format standard
specified in Sec. 484.20(d).
We have redesignated the data submission requirement at
Sec. 484.20(c)(3) as Sec. 484.20(c)(2) and have removed the reference
to a specific time frame of March 26, 1999 to April 26, 1999. When the
January 25, 1999, interim final rule was published, we assumed that no
agencies were reporting OASIS information, and all would need to
establish connectivity via a test transmission to the State agency
before submission of the required data. Now that we are beyond the
effective date when all existing agencies were expected to transmit
required data, a test transmission is only required when an HHA that is
not currently Medicare-approved applies for approval. As such, we
expect that HHA to meet all of the Medicare home health CoPs, including
demonstrating that it is collecting and can transmit OASIS data, before
receiving its Medicare approval. States will work with agencies on a
case-by-case basis to issue a temporary user identification number and
password for the new HHA to demonstrate compliance.
We have redesignated the requirement in Sec. 484.20(c)(4)
as Sec. 484.20(c)(3). This requirement provides that HHAs must
transmit data using electronic communications software that provides a
direct telephone connection from the HHA to the State agency or CMS
OASIS contractor.
We have added a new paragraph Sec. 484.20(c)(4) to
include the CMS-assigned branch identification number as applicable.
IV. Collection of Information Requirements
The information collection requirements contained in Sec. 484.20
of this document are subject to the PRA; however, these information
collection requirements are currently approved under OMB control number
0938-0761 ``Medicare and Medicaid Programs Use of the OASIS as Part of
the CoPs for HHAs,'' with a current expiration date of June 30, 2006.
The currently approved collection authorizes HHAs to collect and
transmit OASIS data.
V. Regulatory Impact Statement
We have examined the impact of this rule as required by Executive
Order 12866 (September 1993, Regulatory Planning and Review), the
Regulatory Flexibility Act (RFA) (September 19, 1980, Pub. L. 96-354),
section 1102(b) of the Social Security Act, the Unfunded Mandates
Reform Act of 1995 (Pub. L. 104-4), and Executive Order 13132.
Executive Order 12866 directs agencies to assess all costs and
benefits of available regulatory alternatives and, if regulation is
necessary, to select regulatory approaches that maximize net benefits
(including potential economic, environmental, public health and safety
effects, distributive impacts, and equity). A regulatory impact
analysis (RIA) must be prepared for major rules with economically
significant effects ($100 million or more in any 1 year). This rule
does not reach the economic threshold and thus is not considered a
major rule.
The RFA requires agencies to analyze options for regulatory relief
of small businesses. For purposes of the RFA, small entities include
small businesses, nonprofit organizations, and government agencies.
Most hospitals and most other providers and suppliers are small
entities, either by nonprofit status or by having revenues of $6
million to $29 million in any 1 year. Individuals and States are not
included in the definition of a small entity. We are not preparing an
analysis for the RFA because we have determined that this rule will not
have a significant economic impact on a substantial number of small
entities.
In addition, section 1102(b) of the Act requires us to prepare a
regulatory impact analysis if a rule may have a significant impact on
the operations of a substantial number of small rural hospitals. This
analysis must conform to the provisions of section 603 of the RFA. For
purposes of section 1102(b) of the Act, we define a small rural
hospital as a
