CMS intends to use and share the data to fight waste, fraud and abuse. CMS will share the data with other federal agencies as well as state and government agencies, who will then use their data analysis  tools to spot waste, fraud and abuse. Such data analytics programs already exist within a number of federal and state agencies. With this data reporting requirement, hospice owners and operators should consider taking this opportunity to evaluate whether additional internal compliance programs are needed. Specifically, operators should consider implementing internal data analytics programs -- and using their 'big data' -- to find potential waste, fraud and abuse prior to CMS discovering potential issues. Such programs can also be used to find trends and other quality improvement and cost savings opportunities. There are a number of software vendors on the market providing data analytics software to healthcare providers.

Section 3004(c) of the ACA directed the Secretary of HHS to establish a quality reporting program for hospices for the purpose of collecting, compiling and eventually publishing data measuring the quality of care provided to patients receiving hospice care. The quality measure data is required to be valid, meaningful, and feasible to collect, and to address symptom management, patient preferences and care coordination. Although CMS administers the HIS, information is also collected on hospice patients who may not be Medicare beneficiaries.

. . .

The HIS was developed specifically for use by hospices and contains data elements that can be used by CMS to collect the patient-level data required for seven National Quality Forum—(NQF) endorsed quality measures and a modification of one NQF-endorsed measure. These measures include:

(1) Hospice and Palliative Care—Pain Screening (NQF #1634);

(2) Hospice and Palliative Care—Pain Assessment (NQF #1637);

(3) Hospice and Palliative Care—Dyspnea Screening (NQF #1639);

(4) Hospice and Palliative Care—Dyspnea Treatment (NQF #1638);

(5) Patients Treated With an Opioid who are Given a Bowel Regimen (NQF #1617);

(6) Hospice and Palliative Care—Treatment Preferences (NQF #1641); and

(7) Beliefs/values addressed (modified version of the NQF #1647 measure).

Hospices will begin using the HIS for all patients beginning July 1, 2014.

Hospices will be required to submit two HIS records for each patient admitted to their organization:

• HIS-Admission record - contains both administrative items for patient identification and clinical items for calculating the seven quality measures; and
  

• HIS-Discharge record - a limited set of administrative items used for patient identification, as well as discharge information, which will be used primarily to determine patient exclusions for some of the seven quality measures.

The system will contain information about the following categories of individuals who participate in or are involved with the HQRP:

(1) Hospice patients and Medicare beneficiaries, who receive health care services coordinated and managed by hospices; and,

(2) any individual providers and/or any contact persons for a hospice whose personal information (such as, home or personal contact information, or Social Security Number (SSN) if used for business purposes) is provided as business-identifying information on the collection instrument.

Information in the HIS about hospice patients includes but not limited to information related to condition, selected covariates about the condition, and patient/beneficiary demographic records containing the patient/beneficiary's name, gender, beneficiary's Health Insurance Claim Number (HICN), SSN, Medicaid number (MA number), race, and date of birth. Information collected about providers who work in hospices considered to be PII includes records containing the provider's name, address, National Provider Identifier (NPI), and CMS Certification Number (CCN), personal contact information, tax identification number, and SSN if used for business purposes.

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from HIS without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We propose to establish the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or CMS grantees who have been engaged by the Agency to assist in accomplishment of a CMS function relating to the purposes for this collection and who need to have access to the records in order to assist CMS.

2. To assist another Federal Agency, agency of a State government, an agency established by State law, or its fiscal agents with information that is necessary and/or required in order to perform the statutory functions of the HQRP;

3. To provide hospices with information they need to meet any statutory requirements of the program, assist with other reports as required by CMS, and to assist in the implementation of quality standards;

4. To support an individual or organization for research, as well as evaluation or epidemiological projects related to end of life care, or for understanding and improving payment projects;

5. To support Quality Improvement Organizations (QIOs) in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part B of Title XI of the Act, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans;

6. To assist national accrediting organization(s) whose accredited providers are presumed to meet certain Medicare requirements (e.g., the Joint Commission for the Accreditation of Healthcare Organizations, the Community Health Accreditation Program (CHAP), or the Accreditation Commission for Health Care (ACHC);

7. To provide information to the U.S. Department of Justice (DOJ), a court, or an adjudicatory body when (a) the Agency or any component thereof, or (b) any employee of the Agency in his or her official capacity, or (c) any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or (d) the United State Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court, or adjudicatory body is compatible with the purpose for which the agency collected the records;

8. To assist a CMS contractor (including, but not limited to Medicare Administrative Contractors, fiscal intermediaries, and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such program;

9. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers or that has the authority to investigate potential fraud, waste or abuse in a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs;

10. To disclose records to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information maintained in this system of records, and the information disclosed is relevant and necessary for that assistance; and

11. To assist the U.S. Department of Homeland Security (DHS) cyber security personnel, if captured in an intrusion detection system used by HHS and DHS (e.g., pursuant to the Einstein 2 program).