Medicare Program; Availability of Medicare Data for Performance Measurement, 33566-33588 [2011-14003]

Agencies

• Centers for Medicare & Medicaid Services
• DEPARTMENT OF HEALTH AND HUMAN SERVICES

[Federal Register Volume 76, Number 110 (Wednesday, June 8, 2011)]
[Proposed Rules]
[Pages 33566-33588]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2011-14003]



[[Page 33565]]

Vol. 76

Wednesday

No. 110

June 8, 2011

Part III





Department of Health and Human Services





-----------------------------------------------------------------------



Centers for Medicare & Medicaid Services



-----------------------------------------------------------------------



42 CFR Part 401



Medicare Program; Availability of Medicare Data for Performance 
Measurement; Proposed Rule

Federal Register / Vol. 76, No. 110 / Wednesday June 8, 2011 / 
Proposed Rules

[[Page 33566]]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Centers for Medicare & Medicaid Services

42 CFR Part 401

[CMS-5059-P]
RIN 0938-AQ17


Medicare Program; Availability of Medicare Data for Performance 
Measurement

AGENCY: Centers for Medicare & Medicaid Services (CMS), HHS.

ACTION: Proposed rule.

-----------------------------------------------------------------------

SUMMARY: This rule proposes to implement new statutory requirements 
regarding the release and use of standardized extracts of Medicare 
claims data to measure the performance of providers and suppliers in 
ways that protect patient privacy. This rule explains how entities can 
become qualified by CMS to receive standardized extracts of claims data 
under Medicare Parts A, B, and D for the purpose of evaluation of the 
performance of providers of services and suppliers.

DATES: To be assured consideration, comments must be received at one of 
the addresses provided below, no later than 5 p.m. on August 8, 2011.

ADDRESSES: In commenting, please refer to file code CMS-5059-P. Because 
of staff and resource limitations, we cannot accept comments by 
facsimile (FAX) transmission.
    You may submit comments in one of four ways (please choose only one 
of the ways listed):
    1. Electronically. You may submit electronic comments on this 
regulation to https://www.regulations.gov. Follow the ``Submit a 
comment'' instructions.
    2. By regular mail. You may mail written comments to the following 
address ONLY: Centers for Medicare & Medicaid Services, Department of 
Health and Human Services, Attention: CMS-5059-P, P.O. Box 8012, 
Baltimore, MD 21244-1850.
    Please allow sufficient time for mailed comments to be received 
before the close of the comment period.
    3. By express or overnight mail. You may send written comments to 
the following address ONLY: Centers for Medicare & Medicaid Services, 
Department of Health and Human Services, Attention: CMS-5059-P, Mail 
Stop C4-26-05, 7500 Security Boulevard, Baltimore, MD 21244-1850.
    4. By hand or courier. Alternatively, you may deliver (by hand or 
courier) your written comments ONLY to the following addresses prior to 
the close of the comment period: a. For delivery in Washington, DC-- 
Centers for Medicare & Medicaid Services, Department of Health and 
Human Services, Room 445-G, Hubert H. Humphrey Building, 200 
Independence Avenue, SW., Washington, DC 20201.
    (Because access to the interior of the Hubert H. Humphrey Building 
is not readily available to persons without Federal Government 
identification, commenters are encouraged to leave their comments in 
the CMS drop slots located in the main lobby of the building. A stamp-
in clock is available for persons wishing to retain a proof of filing 
by stamping in and retaining an extra copy of the comments being 
filed.)
    b. For delivery in Baltimore, MD--Centers for Medicare & Medicaid 
Services, Department of Health and Human Services, 7500 Security 
Boulevard, Baltimore, MD 21244-1850.
    If you intend to deliver your comments to the Baltimore address, 
please call telephone number (410) 786-9994 in advance to schedule your 
arrival with one of our staff members.
    Comments erroneously mailed to the addresses indicated as 
appropriate for hand or courier delivery may be delayed and received 
after the comment period.
    For information on viewing public comments, see the beginning of 
the SUPPLEMENTARY INFORMATION section.

FOR FURTHER INFORMATION CONTACT: Colleen Bruce, (410) 786-5529.

SUPPLEMENTARY INFORMATION: 
    Inspection of Public Comments: All comments received before the 
close of the comment period are available for viewing by the public, 
including any personally identifiable or confidential business 
information that is included in a comment. We post all comments 
received before the close of the comment period on the following Web 
site as soon as possible after they have been received at: https://www.regulations.gov. Follow the search instructions on that Web site to 
view public comments.
    Comments received in a timely fashion would also be available for 
public inspection as they are received, generally beginning 
approximately 3 weeks after publication of a document, at the 
headquarters of the Centers for Medicare & Medicaid Services, 7500 
Security Boulevard, Baltimore, Maryland 21244, Monday through Friday of 
each week from 8:30 a.m. to 4 p.m. To schedule an appointment to view 
public comments, phone 1-800-743-3951.

I. Background

    On March 23, 2010, the Patient Protection and Affordable Care Act, 
(``Affordable Care Act'') Public Law 111-148, was enacted. Effective 
January 1, 2012, section 10332 of the Affordable Care Act would amend 
section 1874 of the Social Security Act (the Act) by adding a new 
subsection (e) requiring standardized extracts of Medicare claims data 
under parts A, B, and D be made available to ``qualified entities'' for 
the evaluation of the performance of providers of services and 
suppliers. Such a disclosure is permitted under the Privacy Rule issued 
under the Health Insurance Portability and Accountability Act as a 
disclosure ``required by law.'' Qualified entities may use the 
information obtained under section 1874(e) of the Act for the sole 
purpose of evaluating the performance of providers of services and 
suppliers, and to generate specified public reports. Qualified entities 
may receive data for one or more specified geographic areas and must 
pay a fee equal to the cost of making the data available. Congress also 
required that qualified entities combine claims data from sources other 
than Medicare with the Medicare data when evaluating the performance of 
providers of services and suppliers. Potential qualified entities that 
wish to request data under these provisions would have to submit an 
application to the Secretary that includes, among other things, a 
description of the methodologies that the applicant proposes to use to 
evaluate the performance of providers of services and suppliers in the 
geographic area(s) they select. Qualified entities would generally be 
required to use standard measures for evaluating the performance of 
providers of services and suppliers unless the Secretary, in 
consultation with appropriate stakeholders, determines that use of 
alternative measures would be more valid, reliable, responsive to 
consumer preferences, cost-effective, or relevant to dimensions of 
quality and resource use not addressed by standard measures. Reports 
generated by the qualified entities may only include information on 
individual providers of services and suppliers in aggregate form, that 
is, at the provider of services or supplier level, and may not be 
released to the public until the providers of services and suppliers 
have had an opportunity to review them and ask for corrections. 
Congress included a provision at section 1874(e)(3) of the Act to allow 
the Secretary to take such actions as may be necessary to protect the 
identity of individuals entitled to or enrolled in Medicare.

[[Page 33567]]

    We believe the sharing of Medicare data with qualified entities 
through this program and the resulting reports produced by qualified 
entities would be an important driver of improving quality and reducing 
costs in Medicare, as well as for the healthcare system in general. 
Additionally, we believe this program would increase the transparency 
of provider and supplier performance, while ensuring beneficiary 
privacy.

II. Provisions of the Proposed Rule

    To implement the new statutory provisions of section 1874(e) of the 
Act, we are proposing to revise Part 401 by adding a new subpart G, 
``Availability of Medicare Data for Performance Measurement.'' The 
proposals in this rule would be consistent with section 10332 of the 
Affordable Care Act. Throughout the preamble, we identify options and 
alternatives to the provisions we propose. We have attempted to take 
into consideration comments received during the listening session on 
September 20, 2010. However, we strongly encourage comments on our 
proposed approach and on alternatives that would help us implement the 
appropriate requirements and regulatory provisions under section 
1874(e) of the Act.

A. Considerations for the Definition, Eligibility Criteria, and 
Operating Requirements of Qualified Entities

1. Definitions
    Section 1874(e)(1) of the Act requires the Secretary to make 
available to qualified entities data for the evaluation of the 
performance of providers of services and suppliers, as proposed at 
Subpart G of this proposed rule. Section 1874(e)(2) of the Act defines 
a qualified entity as a public or private entity that:
     Is qualified (as determined by the Secretary) to use 
claims data to evaluate the performance of providers of services and 
suppliers on measures of quality, efficiency, effectiveness, and 
resource use; and
     Agrees to meet the requirements described in section 
1874(e)(4) of the Act and meets such other requirements as the 
Secretary may specify, such as ensuring security of data.
    We have proposed a definition that is consistent with these 
statutory provisions at 42 CFR 401.702(a). Specifically, we have 
defined a qualified entity as a public or private entity that: (1) is 
qualified, as determined by the Secretary, to use claims data to 
evaluate the performance of providers of services and suppliers on 
measures of quality, efficiency, effectiveness, and resources use, and 
(2) agrees to meet the requirements of the Act and meets stated 
regulatory requirements at Sec. Sec.  401.703 through 401.710.
2. Eligibility Criteria
    As amended, section 1874(e)(2)(A) of the Act provides the Secretary 
with discretion to establish criteria to determine whether an entity is 
qualified to use claims data to evaluate the performance of providers 
of services and suppliers. In determining the qualified entity 
eligibility requirements, we sought to balance the need to ensure the 
production of timely, high quality, usable reports on providers of 
services and suppliers with the need to protect the privacy and 
security of beneficiary identifiable data and the need to ensure 
providers of services and suppliers have the opportunity to review the 
reports, appeal, and correct errors prior to public release.
    We are proposing at Sec.  401.703 to evaluate an organization's 
eligibility qualifications across three areas: organizational and 
governance capabilities, addition of claims data from other sources, 
and data privacy and security. In determining an applicant's 
eligibility, potential qualified entities would be evaluated 
individually to ensure they are prepared to meet the requirements in 
the statute for serving as a qualified entity. We are not planning to 
limit the number of qualified entities. Any entity that meets the 
eligibility criteria would be able to become a qualified entity.
a. Organizational and Governance Capabilities
    Section 1874(e)(2)(A) of the Act gives the Secretary the authority 
to establish the criteria to determine whether an entity is qualified 
to fulfill the requirements of the statute. We propose to thoroughly 
evaluate potential qualified entities on their organizational and 
governance capabilities to perform all of the following tasks:
     Accurately calculating quality, efficiency, effectiveness, 
and resource use measures from claims data, including:
    [cir] Identifying an appropriate method to attribute a particular 
patient's services to specific providers of services and suppliers.
    [cir] Ensuring the use of approaches to ensure statistical validity 
such as a minimum number of observations or minimum denominator for 
each measure.
    [cir] Using methods for risk-adjustment to account for variation in 
both case-mix and severity among providers of services and suppliers.
    [cir] Identifying methods for handling outliers.
    [cir] Correcting measurement errors and assessing measure 
reliability.
    [cir] Identifying appropriate peer groups of providers and 
suppliers for meaningful comparisons.
     Successfully combining claims data from different payers 
to calculate performance reports.
     Designing, and continuously improving the format of 
performance reports on providers of services and suppliers.
     Preparing an understandable description of the measures 
used to evaluate the performance of providers of services and suppliers 
so that consumers, providers of services and suppliers, health plans, 
researchers, and other stakeholders can assess performance reports.
     Implementing and maintaining a process for providers of 
services and suppliers identified in a report to review the report 
prior to publication, and providing timely responses to provider of 
services and supplier inquiries regarding requests for data, error 
correction, and appeals.
     Establishing, maintaining, and monitoring a rigorous data 
privacy and security program, including disclosing to CMS in its 
application any inappropriate disclosures of beneficiary identifiable 
information or HIPAA violations for the preceding 10-year period, and 
any corrective actions taken to address such issues.
     Accurately preparing performance reports on providers of 
services and suppliers and making performance report information 
available to the public in aggregate form, that is, at the provider of 
services or supplier level.
    Applicants would generally be expected to demonstrate expertise and 
sustained experience on each of these criteria. Generally, an applicant 
would be considered to have demonstrated expertise and sustained 
experience on these criteria if the applicant can show that it has been 
handling claims data and calculating performance measures for a period 
of at least three years. We believe that to be a successful qualified 
entity, an applicant would need to have an established track record of 
profiling providers of services and suppliers. However, we propose to 
consider applicants with fewer years of experience in handling claims 
data and calculating performance measures, or limited experience 
implementing and maintaining a process for providers of services and 
suppliers to request error correction if the applicant has sufficient

[[Page 33568]]

experience in the other areas described above. In all other areas, 
applicants must demonstrate expertise and sustained experience as 
stated above. We seek comment on our approach to evaluating qualified 
entities, and whether three years of demonstrated expertise is 
sufficient to ensure that only the highest quality entities are 
admitted to this program.
    We note that several of the tasks that are required of the 
qualified entities necessitate expertise and careful attention to the 
required processes as outlined below. Due to the importance of ensuring 
that the qualified entity is able to achieve the goals of the program, 
we wish to ensure that the qualified entities have the resources to 
meet their obligations to measure providers of services and suppliers 
and publish reports under the statute. Therefore, we propose that 
qualified entity applicants would also need to submit a description of 
the business model they plan to use for covering the costs of 
performing the required functions listed below, including paying the 
fee for the data. We solicit comment on our proposal.
b. Addition of Claims Data From Other Sources
    Section 1874(e)(1) and Section 1874(e)(3) of the Act require the 
Secretary to provide standardized extracts of claims data under 
Medicare Parts A, B, and D for one or more specified geographic areas 
and time periods to qualified entities so they can use the information 
in concert with other claims data to evaluate the performance of 
providers and suppliers. As discussed in section II.B. below, the 
qualified entities are to evaluate the performance of providers of 
services and suppliers using measures that may be calculated from the 
claims data only. At Sec.  401.702(d), we propose to define claims 
data, whether from Medicare claims or other sources, to be 
administrative claims data only, meaning, itemized billing statements 
from providers of services and suppliers that, except in the context of 
Part D drug event data, request reimbursement for a list of services 
and supplies that were provided to a Medicare beneficiary in the fee-
for-service context or to a participant in another insurance or 
entitlement program. Claims data would need to have characteristics and 
variables similar to the data discussed in section II.C. below. Data 
from other sources, such as registry data, chart abstracted data, or 
data from electronic medical records would not be considered claims 
data.
    Section 1874(e)(4)(B)(iii) of the Act requires qualified entities 
to combine Medicare data made available under this section with claims 
data from sources other than Medicare in their performance evaluations 
of providers of services or suppliers. We believe that this provision 
was intended to make Medicare data available to those already working 
with other claims data in order to increase sample sizes used to 
calculate measures and evaluate the performance of providers of 
services and suppliers. This belief is based on past experiences where 
measurement entities have expressed an interest in obtaining Medicare 
data to combine with other claims data to improve the population sample 
upon which their performance findings are based, and to address 
concerns expressed by stakeholders regarding small sample sizes in 
performance reports generated from a single payer source. The relative 
size of Medicare enrollment makes it one of the largest payers in any 
given market.
    In addition, since Medicare serves an older population with 
declining health, using claims data from Medicare would provide more 
opportunities to assess care provided to the chronically ill and other 
resource-intensive populations than is found in other claims data. The 
goal expressed by those seeking this data in the past has been that 
Medicare data, when coupled with other claims data, can provide 
measurement initiatives with greatly increased sample sizes upon which 
to calculate more reliable performance results.
    The statute requires the inclusion of claims data from other 
sources, but it does not specify a minimum amount of such data to 
qualify as a qualified entity. CMS has considered how to best ensure 
that Medicare data is combined with a sufficient amount of other claims 
data to meaningfully address some of the concerns regarding sample size 
and reliability outlined above. We are proposing at Sec.  401.703(a)(2) 
that applicants demonstrate to CMS that the claims data from other 
sources, which they are combining with Medicare data, addresses the 
concerns regarding sample size and reliability expressed by multiple 
stakeholders regarding the calculation of performance measures from a 
single payer source. In order to ensure that Medicare data is only made 
available to qualified entities that have additional claims data from 
other sources, applicants would not be approved as qualified entities 
unless they possess the claims data from other sources at the time of 
their application, and that data meets the requirements outlined above.
    We considered imposing a specific threshold amount of additional 
claims data, but we believe that it would be difficult to precisely 
establish a threshold amount of data to address concerns about small 
sample sizes and reliability. We are requesting comments on this policy 
decision, as well as suggestions for other possible options or 
alternatives. We are also considering a proposal to require qualified 
entities to have claims data from two or more other sources. For 
example, a qualified entity would need to have claims data from two 
private payers, or one private payer and Medicaid claims data, in order 
to be eligible to receive Medicare data. We believe that a requirement 
for claims data from two or more other sources may help further 
alleviate some of the methodological issues associated with performance 
measurement based on single-source data. Measurement of a provider of 
services or supplier based on one other source plus Medicare may still 
not represent enough of a provider of services' or supplier's patient 
population to provide meaningful data that would help improve 
performance. We are considering a proposal to require claims data from 
two or more other sources to ensure that performance reports produced 
by qualified entities are as fair a representation as possible of any 
provider of services' or suppliers' practice to encourage behavior 
change. We seek comments on this alternative proposal of requiring 
claims data from two or more other sources to be combined with Medicare 
claims data, and whether there are particular challenges associated 
with requiring claims data from multiple sources before a qualified 
entity can participate in this program.
c. Data Privacy and Security
    It is of the utmost importance to CMS that beneficiary identifiable 
Medicare data remain private and secure. Section 1874(e)(3) of the Act 
requires the Secretary to take actions necessary to protect the 
identity of individuals entitled to or enrolled in our programs.
    In order to fulfill this obligation, we are proposing at Sec.  
401.703(a)(3) to require that applicants demonstrate that they have 
rigorous privacy and security practices in place to protect the data 
released to them and have programs in place to train staff on data 
privacy protections and general data security protocols. Applicants 
would not be eligible to serve as qualified entities unless CMS 
determines that they have thoroughly documented data privacy and 
security practices including enforcement mechanisms. The data privacy 
and security requirements for qualified entities are discussed in 
detail at Section II.D.

[[Page 33569]]

3. Proposed Operating and Governance Requirements for Serving as a 
Qualified Entity
    CMS recognizes that applicants may not have fully developed plans 
for every aspect of serving as a qualified entity; however, there are 
key aspects that we believe are important enough to require the 
submission of proposed plans as a condition of being approved as a 
qualified entity. Specifically, we propose at Sec.  401.704 that 
applicants would submit, as part of their application: (1) The measures 
they intend to use, including, among other things, the methods of 
creating and disseminating reports; (2) the report review process they 
would use to afford providers of services and suppliers with reports 
confidentially prior to public release, including addressing report 
recipient requests for data and for error correction; (3) a prototype 
for the required reports, including any narrative language, and 
dissemination plans for providing reports to the public. Additional 
information regarding the application requirements may be found in 
section II.G. below.

B. Considerations for the Definition, Selection, and Use of Performance 
Measures by Qualified Entities

    Section 1874(e)(2)(A) of the Act requires qualified entities be 
qualified to use claims data to evaluate the performance of providers 
of services and suppliers using measures of quality, efficiency, 
effectiveness, and resource use. Specifically, section 
1874(e)(4)(B)(ii)(I) of the Act requires qualified entities requesting 
standardized extracts of Medicare claims to use standard measures, if 
available, such as measures endorsed by the entity with a contract 
under section 1890(a) of the Act, and measures developed pursuant to 
section 931 of the Public Health Service Act. Section 
1874(e)(4)(B)(ii)(II) of the Act also provides for the use of 
alternative measures by qualified entities if the Secretary, in 
consultation with appropriate stakeholders, determines that use of such 
alternative measures would be more valid, reliable, responsive to 
consumer preferences, cost-effective, or relevant to dimensions of 
quality and resource use not addressed by the standard measures. 
Qualified entities may only use standard or approved alternative 
measures to evaluate the performance of providers of services and 
suppliers using claims data from Medicare parts A, B, or D.
1. Proposed Definition of, and Process for Identifying and Approving 
Standard Measures for Use by Qualified Entities
    For purposes of a qualified entity selecting and using measures to 
evaluate the performance of providers of services and suppliers, we 
propose to define at Sec.  401.708(a) a ``standard measure'' to be a 
measure that can be calculated using only claims data and that is--(1) 
endorsed by the entity with a contract under section 1890(a) of the 
Act; (2) developed pursuant to section 931 of the Public Health Service 
Act; or (3) was adopted through notice and comment rulemaking and is 
currently being used in a CMS program that includes performance 
measurement, even if it is not endorsed by the entity with a contract 
under section 1890(a) of the Act.
    Currently, the entity with a contract under section 1890(a) of the 
Act is the National Quality Forum (NQF). NQF uses its formal Consensus 
Development Process to evaluate and endorse consensus standards, 
including performance measures, on an ongoing basis. It is viewed as a 
trusted partner in ensuring that any nationally endorsed provider of 
services and supplier performance measures are subject to rigorous 
multi-stakeholder scrutiny to ensure they are scientifically valid, 
address clear performance improvement needs and can be calculated in a 
manner that does not impose undue burden on providers and suppliers. 
There are currently hundreds of NQF-endorsed quality measures covering 
a range of clinicians, settings, and specialties, although not all of 
these measures can be calculated using only claims data.
    A list of currently NQF-endorsed performance measures can be 
obtained from the NQF Web site at https://www.qualityforum.org/Measures_List.aspx. We propose to define any measure endorsed by the 
entity with a contract under section 1890(a) of the Act which can be 
calculated from standardized extracts of Medicare parts A, B, or D 
claims as a standard measure. In addition to endorsed NQF measures, we 
propose to also define a measure which can be calculated from 
standardized extracts of Medicare parts A, B, or D claims data that has 
time-limited NQF endorsement as a standard measure. Measures that are 
time-limited endorsed that were not developed pursuant to section 931 
of the Public Health Service Act, or that are being used by a CMS 
program that includes performance measurement, would only be considered 
standard measures until such time as the NQF determines their 
endorsement status. Time-limited endorsed measures that ultimately 
receive endorsement would remain standard measures for as long as they 
remain endorsed, and time-limited endorsed measures that do not 
ultimately receive endorsement would lose their status as standard 
measures unless they were developed pursuant to section 931 of the 
Public Health Service Act, or can be calculated from standardized 
extracts of Medicare parts A, B, or D claims data, were adopted through 
notice and comments rulemaking, and are being used in a CMS program 
that includes quality measurement. Time-limited measures that do not 
receive NQF endorsement and that were not developed pursuant to Section 
931 of the Public Health Act, or are not used in a CMS program that 
includes performance measurement could however, be submitted for 
approval as alternative measures through the alternative measure 
process outlined below at II.B.2.
    Section 931 of the Public Health Service Act, as added by Section 
3013 of the Affordable Care Act supports the development, improvement, 
update, or expansion of quality measures for use in Federal health 
programs. To date, no measures have been developed under this 
provision. We propose that any measures developed or updated under this 
provision would also be considered standard measures regardless of 
their NQF endorsement status, as long as the measures can be calculated 
from the standardized extracts of Medicare parts A, B, and D claims 
data available to the qualified entity.
    We also propose to include in the definition of standard measure 
any measure that was adopted through notice and comment rulemaking and 
that is currently used in a CMS program that involves performance 
measurement, even if it is not NQF-endorsed or developed under section 
931 of the Public Health Service Act, as long as the measure can be 
calculated from the standardized extracts of Medicare parts A, B, and D 
claims data available to the qualified entity. For example, several 
measures in the hospital Inpatient Quality Reporting program beginning 
in FY 2012 (foreign object retained after surgery, air embolism, 
catheter-associated urinary tract infection, blood incompatibility, 
pressure ulcer stages III and IV, falls and trauma, manifestations of 
poor glycemic control, and vascular catheter associated infection) fit 
this criteria.
    The notice and comment rulemaking process includes a public comment 
period in which stakeholders are able to express their views regarding 
the proposed measures. Measures

[[Page 33570]]

implemented via the rulemaking process are not finalized until the 
public comment period closes, the comments are reviewed and considered, 
and a final rule is published. Because the notice and comment 
rulemaking process involves extensive opportunity for public input, we 
believe that measures used in CMS programs, regardless of whether they 
are endorsed by the NQF or developed under section 931 of the Public 
Health Service Act, have been subjected to sufficient scrutiny that 
they can be considered standard measures. We propose to make a list of 
measures that meet the requirements of being adopted through notice and 
comment rulemaking and currently being used in a CMS program that 
includes performance measurement, available in subregulatory guidance.
    In using any standard measure, we propose to require that the 
qualified entity must follow the measure specifications as written, 
including all numerator and denominator inclusions and exclusions, 
measured time periods, and specified data sources. We recognize that 
some measure specifications may require additional customization to 
implement in specific contexts, but such customization should not 
change the defined numerator, denominator, and exclusion criteria for 
the measure.
    We invite comments on the proposed definition of standard measures 
and the proposed requirement for qualified entities to follow the 
measure specifications as written.
2. Proposed Definition of, and Process for Identifying and Approving 
Alternative Measures for Use by Qualified Entities
    We also recognize that a qualified entity may wish to measure 
performance in an area for which there are no standard measures. We 
note that there are several areas of performance measurement with very 
few available measures that meet the definition of a standard measure 
as proposed above. We hope to encourage innovation in the development 
of new claims-based measures to evaluate the performance of providers 
of services and suppliers through the use of alternative measures. 
While the statute does not require the Secretary to allow the use of 
alternative measures, we believe that allowing qualified entities to 
propose the use of alternative measures encourages the development of 
additional claims-based performance measures.
    For qualified entities wishing to use alternative measures, we 
propose to adopt an alternative measure selection process through 
future notice and comment rulemaking that would subject proposed 
alternative measures to public comment after qualified entities propose 
candidate alternative measures for the Secretary's consideration. At 
Sec.  401.708(b)(1), we propose to define ``alternative measure'' as a 
measure that is not a standard measure, but that can be calculated 
using only standardized extracts of Medicare parts A, B, and D claims, 
and that has been found by the Secretary to be more valid, reliable, 
responsive to consumer preferences, cost effective, or relevant to 
dimensions of quality and resource use not addressed by standard 
measures.
    As discussed above, section 1874(e)(4)(B)(ii)(II) of the Act 
permits the use of alternative measures if the proposed alternative 
measure is more valid, reliable, responsive to consumer preferences, 
cost-effective, or relevant to dimensions of quality and resource use 
than existing claims-based standard measures. If there is a claims-
based standard measure for the clinical area or topic(s) that the 
qualified entity chooses to measure, we propose that the qualified 
entity must use the standard measure in lieu of any alternative 
measures, unless the qualified entity can provide detailed scientific 
justification for asserting that the proposed alternative measure in 
that clinical area or topic is more valid, reliable, responsive to 
consumer preferences, cost-effective, or relevant to dimensions of 
quality and resource use than the existing claims-based standard 
measure, and such assertions are accepted through the notice and 
comment rulemaking process outlined below.
    Similarly, in the case where a standard measure was not previously 
available for a particular clinical area or condition, but such a 
measure subsequently becomes available, we propose that qualified 
entities must cease use of the alternative measure and switch to the 
standard measure within 6 months (for example, if a standard measure 
becomes available in February 2013, either through being endorsed by 
the entity with a contract under section 1890(a) of the Act, developed 
pursuant to section 931 of the Public Health Service Act, or adopted 
through notice and comment rulemaking to be used in a CMS program that 
includes performance measurement, qualified entities would have to 
begin using the standard measure instead of the alternative measure in 
any reports by August 2013). If the qualified entity wishes to continue 
to use the alternative measure, then it must provide the scientific 
justification outlined above to obtain approval for the use of 
alternative measures when a standard measure for the clinical area or 
condition(s) that the qualified entity chooses to measure is available.
    In order to provide us with the information necessary to determine 
whether an alternative measure is more valid, reliable, responsive to 
consumer preferences, cost-effective, or relevant to dimensions of 
quality and resource use not addressed by the standard measures as 
required by section 1874(e)(4)(B)(ii)(II) of the Act, we propose that 
the qualified entity would need to submit to the Secretary the 
following information about a proposed alternative measure:
     The name of the alternative measure that the qualified 
entity is requesting the Secretary to consider as an alternative 
measure.
     The name of the alternative measure's developer or owner.
     Detailed specifications for the alternative measure.
     Information demonstrating how the alternative measure is 
more valid, reliable, responsive to consumer preferences, cost-
effective, or relevant to dimensions of quality and resource use not 
addressed by standard measures.
    We solicit comments on our proposals regarding alternative 
measures, and we welcome comments on whether any additional information 
regarding proposed alternative measures should be required in order to 
request the Secretary's consideration of a candidate alternative 
measure.
    Section 1874(e)(4)(B)(ii)(II) of the Act further requires the 
Secretary to review the candidate alternative measures in consultation 
with appropriate stakeholders in order to determine if an alternative 
measure would be more valid, reliable, responsive to consumer 
preferences, cost-effective or relevant to dimensions of quality and 
resource use not addressed by standard measures. In order to obtain 
consultation with appropriate stakeholders, we propose that once all 
qualified entities have submitted the above information regarding a 
proposed alternative measures, we would use the notice and comment 
rulemaking process to obtain public comment on approving the measures 
as alternative measures. We solicit comment on our proposal to engage 
in consultation with appropriate stakeholders through notice and 
comment rulemaking and we also welcome comments on alternative 
processes to consider for meeting the stakeholder consultation 
requirement.
    The statute requires the Secretary to make the final determination 
regarding whether an alternative measure is more valid, reliable, 
responsive to consumer

[[Page 33571]]

preferences, cost-effective, or relevant to dimensions of quality and 
resource use not addressed by standard measures. The Secretary would 
consider the information received from the qualified entity and other 
stakeholders during the notice and comment rulemaking process in order 
to determine whether a proposed alternative measure meets the statutory 
criteria for approval as an alternative measure. Once an alternative 
measure has been approved by the Secretary, the alternative measure 
would be available for use by all qualified entities, not just the 
submitting entity.
    Any measure that is not approved as an alternative measure may not 
be used to evaluate the performance of providers of services and 
suppliers using data from the qualified entity program. In the event 
additional information is available for an alternative measure that was 
previously denied approval, the alternative measure may be resubmitted 
to the Secretary for consideration.
    Because our proposals for the approval process of alternative 
measures would require notice and comment rulemaking, it would be 
logistically challenging for alternative measures to be approved in 
time to enable measure calculation and reporting of alternative 
measures in the first year of the program. While qualified entities 
would be able to submit alternative measures for consideration during 
the first year of the program, the approval process would likely not 
conclude in time to use the alternative measure in the first year of 
the program.
    Depending on the volume and timing of alternative measure 
submissions, we anticipate conducting the notice and comment rulemaking 
process on an annual basis. We are proposing to establish an annual 
deadline of May 31 for the submission of proposed alternative quality 
measures in order to allow for the measures to go through notice and 
comment rulemaking prior to the start of the next calendar year. The 
notice and comment rulemaking period generally takes 6 months from the 
publication of a proposed rule to the effective date of a final rule, 
so the alternative measures submitted by May 31 would be ready for use 
in the following calendar year, i.e., a measure submitted by May 31, 
2012 would be available for calendar year 2013. If no proposed 
alternative measures are received by the annual deadline, we would not 
publish a rule. Proposed alternative measures submitted after the 
annual deadline would be considered for rulemaking during the following 
calendar year.
    We believe this proposed approach is adequate because:
     We have proposed an expansive definition of what 
constitutes a standard measure (including non-NQF endorsed measures 
which can be calculated from standardized extracts of Medicare parts A, 
B, and D claims if they were adopted through notice and comment 
rulemaking and are currently being used in CMS programs that include 
quality measurement), and this would greatly increase the number of 
standard measures available for use by qualified entities.
     It is appropriate for qualified entities to focus on well 
established measures that are either NQF-endorsed or used in CMS 
programs in their first year of operation as qualified entities.
    We solicit comment on our proposals regarding the approval process 
for alternative measures.
    As with standard measures, when using an alternative measure 
approved by the Secretary, we propose to require that the qualified 
entity follow the measure specifications as written, including all 
numerator and denominator inclusions and exclusions, measured time 
periods, and specified data sources. We recognize that some measure 
specifications may require additional customization to implement the 
measure in specific contexts, but such customization should not change 
the defined numerator, denominator, and exclusion criteria for the 
measure. We invite comments on the proposed requirement for qualified 
entities to follow the measure specifications as written.
3. Selection and Justification of Measures by Qualified Entities
    We propose, at Sec.  401.704(a), to require that qualified entities 
provide a description of each standard or alternative measure they plan 
to use to calculate the performance of providers of services and 
suppliers as part of their application. This description should include 
the name of the measure, the name of the measure developer/owner, and 
the measure specifications including the numerator and the denominator. 
In addition, we propose to require an explanation of the applicant's 
rationale for selecting the measure, which would include a description 
of the relationship of any proposed measure (standard or alternative) 
to existing measurement efforts, and the relevancy of each proposed 
measure to the population(s) in the geographic area(s) the applicant is 
proposing to serve. The rationale would also include a specific 
description of the geographic area(s) the applicant intends to serve 
and a specific description of how each measure evaluates providers of 
services and suppliers on quality, efficiency, effectiveness, and/or 
resource use. Finally, we propose to require an applicant to provide a 
description of the methodologies it intends to use in creating reports 
with respect to attribution of beneficiaries to providers of services 
and suppliers, benchmarking performance data, and severity and case-mix 
adjustments.
    We propose at Sec.  401.706(a)(1) to allow a qualified entity to 
calculate and report measures that were not included in its initial 
application if the qualified entity submits the information described 
above about the additional measure(s) to CMS no less than ninety (90) 
days prior to the anticipated date for the confidential distribution of 
reports using those measures to providers of services and suppliers. We 
would review this information and approve or disapprove the use of the 
measure. We propose barring qualified entities from using a measure 
that has not been approved by CMS, even if CMS' review takes longer 
than ninety days.
4. Methodologies Used in Performance Reports
    Section 1874(e)(4)(B)(I) of the Act requires qualified entities to 
submit a description of the methodologies that they would use to 
evaluate the performance of providers services and suppliers. In 
keeping with this requirement, we have proposed Sec.  401.704(a)(5), 
which requires an applicant to submit a description of methodologies it 
intends to use in creating reports. We believe, however, that a review 
of methodologies is inadequate in the absence of a review of the 
abilities of the qualified entity to appropriately apply those 
methodologies. Therefore, we propose at Sec.  401.703(a)(1) that in 
order to be eligible to serve as a qualified entity, applicants must 
demonstrate expertise and sustained experience in several areas 
necessary for performance measurement.
5. Reports and Reporting
    Section 1874(e)(4)(C)(ii) of the Act requires qualified entities to 
make their draft reports available in a confidential manner to 
providers of services and suppliers identified in the reports before 
such reports are released publicly in order to offer them an 
opportunity to review these reports, and, if appropriate, appeal to 
request correction of any errors. We propose to require the qualified 
entities to include a plan for establishing and maintaining these 
appeal and correction processes in their

[[Page 33572]]

application materials, as we have stated in proposed Sec.  401.704(b). 
The plan must clearly describe how the qualified entity would make 
providers of services and suppliers aware of the process and establish 
procedures, including timeframes, for how providers of services and 
suppliers can request data from the qualified entity and request error 
corrections in the reports before the reports are made public.
    After reports have been shared confidentially with providers of 
services and suppliers, and any errors have been corrected, Section 
1874(e)(4)(C)(iv) of the Act requires the reports to be made available 
to the public. As discussed further below in Section II.E., in cases 
where provider requests for error correction cannot be resolved prior 
to a date specified by the qualified entity (at least 30 business days 
after the report was originally shared with providers of services and 
suppliers), the reports would be released publically with information 
that a provider of services or supplier error correction is ongoing. As 
stated in the statute at Section 1874(e)(4)(C)(iii) of the Act, the 
reports must include ``an understandable description'' of the measures, 
rationale for use, methodology (including risk-adjustment and physician 
attribution), data specifications and limitations, and sponsors. We 
interpret ``an understandable description'' to mean any descriptions 
that can be easily read and understood by a lay person. Additionally, 
the reports to the public may only include data on providers of 
services or suppliers at the provider of services or supplier level 
with no claim or person-level information to ensure beneficiary 
privacy.
    Pursuant to Section 1874(e)(4)(B)(vi) of the Act, we propose 
requiring qualified entities to submit prototype reports for both the 
reports they would send to providers of services and suppliers, and the 
reports they would release to the public (if they are different) in 
their application, including the narrative language they plan to use in 
the reports to describe the data and results. The prototype report 
should also contain an easily comprehensible description of the 
proposed measures, the rationale for the use of those measures, a 
description of the methodologies to be used, and a description of the 
data specifications and limitations.
    We have given extensive consideration to when in the process 
qualified entities should submit these prototype reports to CMS. One 
option would be for qualified entities to submit prototype reports with 
their applications to become qualified entities. As outlined above, one 
of the eligibility criteria for qualified entities is demonstrated 
expertise and experience in designing, disseminating, and continuously 
improving performance reports to providers of services and suppliers. 
Given this criteria, it seems reasonable to assume that qualified 
entities would be in a position to provide CMS with prototype reports 
at the time of their applications.
    A countervailing argument would be that qualified entities may need 
some time working with Medicare data and claims data from other sources 
before they would be in a position to identify an appropriate format 
for the required performance reports. This scenario would support 
requiring the submission of the prototype report sometime after an 
organization has been approved as a qualified entity, but at a time 
prior to the confidential release to providers of services and 
suppliers. Under this scenario, the qualified entity would receive 
Medicare data without having to demonstrate that they had considered 
how they could use that data to produce measure results.
    While we believe that qualified entities may identify changes that 
would be necessary as they work with the data, we believe that it is 
appropriate to expect that they have sufficiently considered these 
reporting obligations as they consider their desires to apply for 
qualified entity status, and that such considerations would include at 
least an initial concept of what they could provide in the reports. 
Therefore, despite the concern that qualified entities would need some 
time with the data to identify the appropriate format for reports, we 
believe that qualified entities should have the expertise and skills to 
be able to submit prototype reports at the time of their applications 
to become qualified entities.
    In recognition of the advances that could be made to these 
prototypes as the qualified entities work, we propose, at Sec.  
401.706(a)(2), providing for a process whereby they can modify the 
initial prototypes as long as these modifications are submitted to, and 
approved by, CMS. We propose requiring these submissions no less than 
90 days prior to the confidential release of report to providers of 
services and suppliers. We would review the modified prototype report 
and make a determination regarding the use of the new report. This 
determination would be based on the extent to which the proposed 
changes make the description of the measures used in the report more 
understandable. We propose barring qualified entities from using a 
report that has not been approved by CMS, even if CMS' review takes 
longer than 90 days.
    In addition, we propose to require the submission of plans for 
making the reports available to the public at the time of application. 
To the extent that the report formats or delivery mechanisms differ 
from those proposed at the time of application, we propose to also 
require an explanation and justification of those differences no less 
than 90 days prior to the release of differing report formats or 
delivery mechanisms.
    Finally, at Sec.  401.705(d) we propose requiring qualified 
entities to produce reports on the performance of providers of services 
and suppliers at a minimum of at least once a year. If CMS provides 
qualified entities with yearly updates to the data, as discussed below, 
we believe qualified entities should be expected to use the updates to 
produce performance reports. We seek comments on these proposals.

C. Data Extraction and Dissemination

    Section 1874(e)(3) of the Act requires the Secretary to provide 
qualified entities with standardized extracts of claims data from 
Medicare parts A, B, and D for one or more specified geographic areas 
and time periods. These data extracts would include information from 
all seven claim types that are submitted for payment in the Medicare 
Fee-For-Service Program. Information extracted from institutional 
claims includes inpatient hospital, outpatient hospital, skilled 
nursing facility, home health, and hospice services. Information 
extracted from non-institutional claims includes physician/supplier and 
durable medical equipment claims. These files contain only final action 
claims, meaning non-rejected claims for which a payment has been made. 
All disputes and adjustments have been resolved and details clarified.
    Medicare institutional and non-institutional claims include, but 
are not limited to, the following data elements: beneficiary ID, claim 
ID, the start and end dates of service, the provider or supplier ID, 
the principal procedure and diagnosis codes, the attending physician, 
other physicians, and the claim payment type.
    Qualified entities would also be eligible to receive certain Part D 
claims information for beneficiaries enrolled in the Medicare Fee-For-
Service Program. This type of information is known as ``drug event'' 
information, as opposed to ``claims'' information, because prescription 
drug coverage under Part D is provided by private insurance plans.

[[Page 33573]]

These plans have varied pricing methods, and often pay capitated rates. 
We note that the use of the term ``drug event'' does not mean this 
database includes information about adverse reactions to drugs. The key 
data elements for this database include: beneficiary ID, prescriber ID, 
drug service date, drug product service ID, quantity dispensed, days' 
supply, gross drug cost brand name, generic name, drug strength, and 
indication if the drug is on the formulary of the Part D plan.
    All claims files would contain a unique encrypted beneficiary 
identification number that would allow a qualified entity to link 
claims for an individual beneficiary. These files would not contain the 
actual beneficiary Medicare Health Insurance Claim Number.
    A comprehensive record layout for all three of these databases is 
offered at https://www.ccwdata.org/variables/var_claim_files.php for 
institutional claims, https://www.ccwdata.org/variables/var_claim_files2.php for non-intuitional claims, and https://www.ccwdata.org/variables/var_ptd_event.php for Part D drug events.
    The institutional claims database includes the following files:
    Inpatient claim file: The Inpatient claim file contains final 
action claims data submitted by inpatient hospital providers for 
reimbursement of facility costs. Some of the information contained in 
this file includes diagnosis, (ICD-9 diagnosis), procedure (ICD-9 
procedure code), Medicare Severity--Diagnosis Related Group (MS-DRG), 
dates of service, reimbursement amount, and hospital provider 
information. Each observation in this file is at the claim level.
    Skilled Nursing Facility claim file: The Skilled Nursing Facility 
(SNF) claim file contains final action claims data submitted by SNF 
providers. Some of the information contained in this file includes 
diagnosis and procedure (ICD-9 diagnosis and ICD-9 procedure code), 
dates of service, reimbursement amount, and SNF provider number. Each 
observation in this file is at the claim level.
    Outpatient claim file: The Outpatient claim file contains final 
action claims data submitted by institutional outpatient providers. 
Examples of institutional outpatient providers include hospital 
outpatient departments, rural health clinics, renal dialysis 
facilities, outpatient rehabilitation facilities, comprehensive 
outpatient rehabilitation facilities, and community mental health 
centers. Some of the information contained in this file includes 
diagnosis and procedure (ICD-9 diagnosis, Healthcare Common Procedure 
Coding System (HCPCS) codes), dates of service, reimbursement amount, 
outpatient provider number, and revenue center codes. Each observation 
in this file is at the claim level.
    Home Health Agency claim file: The Home Health Agency (HHA) claim 
file contains final action claims data submitted by HHA providers. Some 
of the information contained in this file includes the number of 
visits, type of visit (skilled-nursing care, home health aides, 
physical therapy, speech therapy, occupational therapy, and medical 
social services), diagnosis (ICD-9 diagnosis), dates of visits, 
reimbursement amount, and HHA provider number. Each observation in this 
file is at the claim level.
    Hospice claim file: The Hospice claim file contains final action 
claims data submitted by Hospice providers. Some of the information 
contained in this file includes the level of hospice care received (for 
example, routine home care, inpatient respite care), terminal diagnosis 
(ICD-9 diagnosis), dates of service, reimbursement amount, and Hospice 
provider number. Each observation in this file is at the claim level.
    The non-institutional claims database includes the following files:
    Carrier claim file: The Carrier claim file contains final action 
claims data submitted by non-institutional providers. Examples of non-
institutional providers include physicians, physician assistants, 
clinical social workers, nurse practitioners, independent clinical 
laboratories, ambulance providers, and free-standing ambulatory 
surgical centers. Some of the information contained in this file 
includes diagnosis and procedure (ICD-9 diagnosis, Healthcare Common 
Procedure Coding System (HCPCS) codes), dates of service, reimbursement 
amount, and non-institutional provider numbers (for example, UPIN, PIN, 
NPI). Each observation in this file is at the claim level.
    Durable Medical Equipment claim file: The Durable Medical Equipment 
(DME) claim file contains final action claims data submitted by Durable 
Medical Equipment suppliers. Some of the information contained in this 
file includes diagnosis, (ICD-9 diagnosis), services provided 
(Healthcare Common Procedure Coding System (HCPCS) codes), dates of 
service, reimbursement amount, and DME provider number. Each 
observation in this file is at the claim level.
    The Part D database includes the following file:
    Drug Event Database: The drug event database includes the 
following: encrypted beneficiary identifier, date of service, drug 
product dispensed, drug quantity, number of days supply of product, 
drug costs, beneficiary and other payer cost-sharing, formulary tier 
and utilization management, Part D benefit phase, encrypted pharmacy 
identifier, encrypted prescriber identifier, and encrypted plan 
identifier.
    We plan to provide identical standard data extracts to all 
qualified entities, that is, all extracts would include the same data 
elements and the same record layout. CMS does not plan to provide any 
customized data files to qualified entities under section 1874(e) of 
the Act. It would be the responsibility of the qualified entities to 
create customized analytical files and databases to support their 
calculation of performance measures for providers of services and 
suppliers.
    We seek comment on whether qualified entities would require any 
technical assistance to aid in understanding and working with Medicare 
data, what type of technical assistance would be beneficial, and 
whether we should include technical assistance in the fee charged for 
the data (see Section II.C.3. below). We plan to encourage the 
development of a voluntary knowledge sharing mechanism for qualified 
entities to communicate with each other regarding best practices for 
calculating measures, designing reports, and other important elements 
of this program. We seek comments on whether technical assistance is 
needed and how such a voluntary knowledge sharing mechanism would best 
be designed and operated.
1. Number of Years of Data
    Section 1874(e)(3) of the Act requires the Secretary to provide 
standardized extracts to qualified entities containing data from 
specific time periods. CMS is proposing to provide qualified entities 
with the most recent three years of Medicare data available at the time 
the qualified entity is approved for participation in the program. For 
example, if a qualified entity applies and is approved for 
participation in 2012, data for calendar years 2008, 2009, and 2010 
would be provided since they would be the most recent final action 
claims data available. Thereafter, CMS proposes to provide qualified 
entities with the most recent additional year of data on a yearly 
basis.

[[Page 33574]]

2. Geographic Areas
    Section 1874(e)(3) of the Act requires the Secretary to provide 
standardized extracts to qualified entities containing data for 
specific geographic areas. CMS is proposing that qualified entities 
receive standardized data extracts for a single geographic area or 
multiple regions. We propose to limit the provision of Medicare data to 
the geographic spread of the qualified entity's other claims data. For 
example, if a qualified entity has a sufficient amount of claims data 
from other sources (as determined by CMS during the application 
process) for people in Maryland, CMS would provide Medicare data for 
the state of Maryland.
    During the September 20, 2010 public listening session for section 
10332 of the Affordable Care Act, CMS received suggestions to release 
nationwide Medicare claims if the data are necessary for qualified 
entities to evaluate the performance of the providers of services and 
suppliers at a national level. In this proposed rule, we are requesting 
comments as to whether CMS should provide an option for the release of 
nationwide Medicare data. We specifically welcome comments regarding 
how the qualified entities would obtain a sufficient amount of non-
Medicare nationwide claims data to include in the evaluation of 
providers of services and suppliers and how the qualified entities 
would implement and manage a nationwide provider of services and 
suppliers confidential review and appeal process.
3. Cost To Obtain the Data
    Section 1874(e)(4)(A) of the Act requires qualified entities to pay 
a fee for obtaining the data that is equal to the cost of making such 
data available. We interpret the cost of making the data available 
broadly, to include the cost of providing the technical assistance 
(described above), the cost of processing qualified entities' 
applications, and the costs of monitoring qualified entities to ensure 
appropriate use of the data and appropriate adherence to data privacy 
and security standards. This monitoring may include, but is not limited 
to, periodic requests for documentation relating to privacy and 
security policies and procedures. The data fees would vary in 
accordance with the amount of data requested by the qualified entities. 
CMS would provide each prospective qualified entity with the actual 
cost of obtaining the data they request, and post on the CMS Web site 
examples of data requests and what each costs. However, based on our 
past experience providing Medicare data to research entities, we 
estimate that the approximate costs to provide three years of data for 
2.5 million beneficiaries to a qualified entity would be $200,000. 
Approximately $75,000 of the $200,000 is the cost of the claims data, 
while $125,000 is the cost of making the data available including the 
cost of processing applications and data requests, providing technical 
assistance, and monitoring. Therefore, to provide a qualified entity 
with three years of data for 5.0 million beneficiaries, the approximate 
costs would be $275,000 ($150,000 for the data and $125,000 for the 
program costs).
    Qualified entities would be expected to pay the fee annually. 
However, after the first year, costs would be lower since qualified 
entities would only be receiving one year of Medicare claims data. We 
solicit comment on the prospective fee amount and the ability of 
prospective applicants to pay it.
    We note that the creation and dissemination of nationwide extracts 
of Medicare data (mentioned above) would significantly increase the 
cost to any qualified entity seeking such nationwide data of obtaining 
and processing Medicare data. As stated above, we seek comment on the 
likelihood of a qualified entity having sufficient other claims data to 
meet the requirements to receive a nationwide extract of Medicare data.

D. Data Security and Privacy

    This provision creates a new program that provides for the release 
of Medicare beneficiary level data to private entities that are not 
enrolled in Medicare. We recognize that many approved qualified 
entities would be organizations with many years of experience in using 
claims data to produce performance reports on providers of services and 
suppliers, and, as such, may have existing agreements with private 
health plans who provide them data regarding the data security and 
privacy standards they must observe. While CMS is committed to ensuring 
the success of qualified entities in combining Medicare data with