Prolonging the process of figuring out quality measures under the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) and increasing scores for the Merit-Based Incentive Payment System (MIPS) could put medical practices at a competitive disadvantage.
Healthcare providers will earn a MIPS score each year, starting in 2019 (based on 2017 performance). According to Jim Tate, president of EMR Advocate Inc., Weaverville, N.C., and MIPS scoring consultant, the Centers for Medicare & Medicaid Services (CMS) will post their results on the Physician Compare website (medicare.gov/physiciancompare) for public viewing. Not only will Medicare Part B reimbursements have a swing of up to 4% by 2019 (escalating to plus or minus 9% in 2022), resulting in high gains or losses in revenues, but providers’ scores will be public.
Points lost for failure to perform a security risk assessment
There are four MIPS pillars that determine how providers will be scored. One of those pillars, advancing care information (ACI), requires a security risk assessment (SRA), among other criteria, to receive a base score. Practices must prove that their patients’ electronic protected health information (ePHI) is being protected on their networks. Failure to perform an SRA will result in a base core of zero, an automatic loss of 25 points from their MIPS score, lower reimbursements and a lower ranking accessible to the public.