Congress may be poised to roll back the Affordable Care Act, but HIPAA and MACRA, the Center for Medicare & Medicaid’s (CMS) new model for reimbursements, are as certain to remain as death and taxes. Moreover, MACRA and HIPAA go hand in hand. Physicians cannot participate in MACRA, which went into effect on January 1, 2017, without performing a security risk assessment (SRA) and making sure patient health information is protected. However, even if a physician is not participating, HIPAA compliance, including the essential SRA, is still a legal requirement.
MACRA is one of those rare laws that passed with bipartisan support from Republicans and Democrats in Congress, which ensures that it will continue under the current administration. Under MACRA, medical reimbursements are directly tied to the Triple Aim of providing better care, at lower costs and improving health, all in an effort to move to value-based care.
Fees and reimbursements paid to physicians will be scored based on performance and quality metrics care, using the Merit-based Incentive Payment System (MIPS). To achieve 25 percent of the MIPS score, for example, medical practices must use a certified EHR system with a set of measures that show how it’s used in their day-to-day practice, and with a particular emphasis on increased interoperability between their EHR and electronic information exchange with patients.