Medicare Compliance & Reimbursement

Plan on keeping your MIPS data for six years or longer.

If you were just prepping your Merit-Based Incentive Payment System (MIPS) data for Performance Year (PY) 2019, that’s great. But you may also want to revisit and collate your 2017 and 2018 measures and information, too — in case your files are pulled for an audit.

Details: CMS uploaded a new fact sheet to its Quality Payment Program (QPP) resource library on July 23 titled “MIPS Data Validation and Audit Overview.” The release reveals that not only has CMS contracted with a new audit service — Guidehouse — but that MIPS audits of 2017 and 2018 PY data may have already begun.

“MIPS participants selected for [data validation audit] DVA can expect notification of selection and initial requests for information in July 2019,” the QPP fact sheet says. “There may also be ad hoc data validation and audit work that is conducted through December 2019.”

Here’s What You Need to Know

Similar to other CMS audits and reviews, the DVA program expects chosen MIPS-eligible clinicians to respond to “both the initial population and the follow-up requests for individual selections … within 45 calendar days of the request,” mentions the fact sheet. Here is a quick breakdown of how the MIPS audit process works:

• Selection: Participants selected for a DVA will be chosen randomly; however, QPP guidance suggests there will be a “variety of clinician types (urban, rural, large groups, small practices) and submission methods (Electronic Health Record (EHR), Qualified Clinician Data Registry (QCDR), Claims, Qualified Registry, CMS Web-Interface, CAHPS for MIPS Survey)” in the sampling, notes the fact sheet.
• Categories: The Cost category is exempt from the MIPS DVA, but during the audits, CMS will look at 2017 and 2018 submissions in the Quality, Improvement Activities, and Promoting Interoper­ability categories.
• Performance measures: The MIPS DVA will home in on “approximately 40 measures” that pose the “highest identified risk[s]” to the QPP, the fact sheet suggests. But, “if you are selected for DVA, you will be requested to respond to requests related to at least one and up to all performance category measures and activities you submitted,” cautions CMS.
• Documentation: In agreement with False Claims Act (FCA) mandates, CMS can request all data pertaining to MIPS — and that includes medical records — for up to six years after the initial submission. Postpayment MIPS audits may be on the horizon, so it’s critical that MIPS-eligible clinicians keep this information on file if their files do end up getting pulled in the future, suggests Lora Woltz, ONC HIT certification manager in the Eye Care Leaders webinar, “Bulletproofing the MIPS Audit File.”
• Chances: The PY 2018 DVA fact sheet offers a good overview of what MIPS auditors will be looking for and what data you should be retaining in your MIPS files. Plus, if you submitted fewer than six measures in the Quality category, you should expect a call to validate whether you submitted all applicable MIPS measures and encounters, warns the QPP Year 2 DVA guidance.

Remember: High risk behaviors will land your practice on the MIPS auditors’ radar, and that includes unusual activity and submissions made by the registries and vendors you work with. Clinicians are encouraged to retain their own records, even when working with a third-party intermediary, reminds the PY 2018 DVA fact sheet.

Providers should take screenshots and make copies of the data they upload to EHRs and registries, advises Cherie Kelly-Aduli, CEO of QPP Consulting Group in Mandeville, Louisiana, and a MedAxiom consultant, in a MedAxiom blog post.

Tip: The MIPS participant can submit follow-up materials or designated staff can, but choose ahead of time who will be your point of contact with CMS and Guidehouse, recommends the agency. If your MIPS files are pulled for a DVA, ensure your files are sent securely, advises the QPP.

Resource: Find the DVA resources, including links to PY 2017 and 2018 specifics at https://qpp.cms.gov/about/resource-library.