Health and Human Services Extends Public Health Emergency for Covid-19

The Department of Health and Human Services has extended the PHE (public health emergency) for Covid-19; this newest order went in to effect on October 18, 2021. For another 90 days, all “telehealth waivers and other flexibilities pursuant to the PHE determination” will continue. This pushes the most current PHE declaration to end on January 16, 2022. Indicated by the Biden Administration, they intend to give the healthcare community 60 days’ notice before allowing the PHE to lapse in order to give them time for preparation. You can view the full renewal here.

This renewal will be the 8^th order revolving around Covid-19 nationally. The initial order titled “Determination that a Public Health Emergency Exists Nationwide as the Result of the 2019 Novel Coronavirus,” was put into effect on January 31, 2020. On April 21, 2020, this PHE was extended, and is also when this disease got its name that we know it as now “Coronavirus; Covid-19.” According to the CDC, “an outbreak is called an epidemic when there is a sudden increase in cases. As COVID-19 began spreading in Wuhan, China, it became an epidemic. Because the disease then spread across several countries and affected a large number of people, it was classified as a pandemic.”

Sources:

https://www.phe.gov/emergency/news/healthactions/phe/Pages/default.aspx

https://www.phe.gov/emergency/news/healthactions/phe/Pages/COVDI-15Oct21.aspx

A new surprise billing rule that “establishes dispute resolution process for patients, providers, and plans,” was released recently in September of this year. The Department of Health and Human Services released an addition to the rules that outlines the “No Surprises Act.” The No Surprises Act “prohibits balance billing in the case of surprise medical bills — those for non-emergency services furnished by out-of-network providers during a visit by the patient at an in-network facility — unless the law’s notice and consent requirements are met,” (National Law Review, Cummings). This act was first introduced as a part of the Consolidated Appropriations Act, which was enacted in December of 2020.

“A surprise bill is an unexpected bill from a health care provider or facility. This can happen when a person with health insurance unknowingly gets medical care from a provider, facility, or provider of air ambulance services outside their health plan’s network. Surprise billing happens in both emergency and non-emergency care settings,” (CMS, 2021). In an emergency, the patient will be treated by the facility nearest them; this can result in care being performed by those not in-network with the patient’s insurance. In non-emergency cases, patients may have chosen a facility and/or physician that is in-network with their insurance, however, someone behind the scenes of their care, for example a radiologist or an anesthesiologist, may not be in-network. This can cause an outstanding bill for the patient that they were not expecting, which is where this No Surprises Act comes into play.

This new rule continues to protect patients against surprise medical bills by following through with out-of-pocket limits, and requiring patient consent before performing any medical procedures or examinations. Along with following previous procedures and ideals for this rule, MDHHS has included a new process and guidelines for independent dispute resolution (IDR). This allows patients to dispute a surprise medical bill when the care provided was not discussed and approved beforehand. Patients will also be granted good faith estimates for uninsured (or self-pay) individuals. Patient-provider dispute resolution processes are outlined in this new rule, allowing patients to discuss these matters directly with their medical provider with expanded rights to external review. The process that agencies will use to evaluate the IDR disputes are outlined as well. IDR will be implemented starting at the first of the year in 2022. The Federal Register released the second interim final rule on their website.

Please visit the new CMS Surprise Billing Page for all of the latest updates. “The Departments and OPM intend to post additional information over the next several months, including information about how to initiate an independent dispute resolution process in the federal portal, and plan to highlight different provisions as they become more relevant to different stakeholders and audiences,” (CMS, 2021).

Sources:

https://www.natlawreview.com/article/federal-agencies-release-interim-final-rule-to-implement-no-surprises-act

https://www.cms.gov/newsroom/fact-sheets/requirements-related-surprise-billing-part-ii-interim-final-rule-comment-period?mkt_tok=MTQ0LUFNSi02MzkAAAF_-Z7Rq4t6LtH4XO94aNvLgdrMXckHFlUzYOiYaVuXSMXmvgJdLUnk_PULrga7oyfT7u170ig8dhBRxugMCmGOYffSsmAvCIfj2gy-qSGO

Article Updated September 30, 2021

Starting September 29, 2021, health care providers will be able to apply for $25.5 billion in relief funds that includes $8.5 billion in American Rescue Plan (ARP) resources for providers who serve rural Medicaid, Children’s Health Insurance Program (CHIP), or Medicare patients. Additionally, $17 billion is available for Provider Relief Fund (PRF) Phase 4 for a broad range of providers who can document revenue loss and changes in expenses associated with the pandemic.

Those providers that can provide documentation of significant losses due to the pandemic from July 1, 2020, to March 31, 2021, may be eligible for funding. The providers’ most recent tax documents and financial statements for the second half of calendar year (CY) 2020 and the first quarter of CY 2021, may be used as supporting documentation.

The application will be open for four weeks. Providers must submit their completed application by the deadline of October 26 at 11:59 p.m. ET.

• Eligibility requirements, application instructions and links, technical webinars and other helpful resources are available on the Health Resources and Services Administration (HRSA) website here: https://www.hrsa.gov/provider-relief/future-payments

To ensure equity and to support healthcare providers with the most need, HRSA will reimburse a higher percentage for those providers that are considered smaller than others. They will also provide extra payments to providers based on the amount of services rendered to Medicaid, CHIP, and Medicare patients.

For those providers that render services to those patients that live in Federal Office of Rural Health Policy-defined rural areas, $8.5 billion will be distributed based on the number of services provided. Price payments will be at the higher Medicare rates for Medicaid and CHIP patients.

• Review what areas qualify providers for this potential funding here: https://data.hrsa.gov/tools/rural-health?tab=Address 

Sources:

“Future Payments.” Official Web Site of the U.S. Health Resources & Services Administration, 10 Sept. 2021, www.hrsa.gov/provider-relief/future-payments.

“Rural Health Grants Eligibility Analyzer.” Rural Health Grants Eligibility Analyzer, data.hrsa.gov/tools/rural-health?tab=Address.

“Provider Relief Fund Reporting Requirements and Auditing.” Official Web Site of the U.S. Health Resources & Services Administration, 10 Sept. 2021, www.hrsa.gov/provider-relief/reporting-auditing.

“The Centers for Medicare & Medicaid Services has established code pairs that identify procedure codes that are either mutually exclusive or incidental to one another, or that shouldn’t be reported together due to an overlap in services. [They] currently use the National Correct Coding Initiative, or NCCI, list as published by CMS,” (BCBS, 2021). When in line with Medicare Plus Blue claims, BCBS will begin editing claims that have a 59-modifier attached. The list from NCCI establishes whether or not a 59-modifier can be applied to allow two opposing codes to be billed together and accepted. Along with changes for Medicare Plus Blue claims, changes surrounding the 59-modifier will impact Medicare Advantage PPO claims as well. These changes will promote appropriate use of this modifier to prevent any inaccuracy when billing. Modifier 59 is used when services are performed on the same day that aren’t normally reported together. This code separates the two services as two billable codes. Please see the attached articles for more information and specific scenarios, as well as guidelines to follow when billing in the future.

https://www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/sep/Record_0921v.shtml

https://www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/aug/Record_0821r.shtml

Sources:

“Claim Editing Update for Modifier 59 Coming Later This Year to MEDICARE PLUS Blue Claims.” The

Record,www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/sep/ ecord_0921v.shtml.

“Claim Editing Update Coming This Year to Medicare Advantage Ppo Claims with Modifier 59.” The

Record,www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/aug/

ecord_0821r.shtml.

“Starting in November 2021, Blue Cross Blue Shield of Michigan will begin working with Optum, a data, analytics and consulting group, for enhanced prospective claim editing for services provided to our commercial members. We anticipate that this change will help promote correct coding and support payment accuracy,” (BCBS, 2021). In a recent article from BCBS, they explained to surgical providers that coding will need to be changed starting in November of 2021. However, it is highly recommended to start this process sooner, rather than later. In addition to normal CPT codes for surgical procedures, there will need to be an anatomical code attached to let insurance companies know the part of the body in which the surgery was performed.

BCBS will begin performing enhanced prepayment claim reviews; these reviews will help monitor the usage of codes and if they are being overutilized – in addition, they will prevent unnecessary costs. As a result of these reviews, providers may be asked to provide medical records to back these codes. When asked to submit medical records, there will be complete instructions on each request letter as to how to do that. Forewarning, there is limited allotted time to get the medical records submitted, otherwise providers will see denials on their claims until Optum gets the requested information.

Please follow the links below for more information, and to know which CPT code range needs these enhancements.

https://www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/sep/Record_0921w.shtml

https://www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/aug/Record_0821q.shtml

Sources:

“Claim Editing Enhancements Coming to Blue CROSS Commercial Claims.” The Record, www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/sep/Record_0921w.shtml.

“Optum to Provide ENHANCED Prospective CLAIM Editing for Blue CROSS Commercial Claims.” The Record, www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/aug/Record_0821q.shtml.

The Covid-19 National Public Health Emergency has been extended as of July 19^th, 2021 to October 17^th, 2021; this will affect the temporary provisions that have already been in place for testing and patient visits that are Covid related. The temporary provisions were expected to be just that, temporary. The PHE was scheduled to end July 19^th, however, due to the new Delta variant of the virus, new precautions have been put into effect and the emergency has been extended.

Continuing from February of 2020, United Healthcare will continue to waive cost-sharing for in and out-of-network Covid-19 testing and Covid related patient visits, including telehealth visits and antibody testing. This does not include routine or surveillance testing (i.e. testing in order to return to the workplace, travel, or entertainment purposes). Cost -sharing only applies to tests that are physician, or licensed health care professional, ordered and administered. Covid-19 testing that has been purchased over the counter that will not have been ordered or administered by a healthcare professional will not be covered by the member’s insurance plan, however, the patient may choose to use their health savings account (HSA). If an over the counter test has been ordered, the patient may submit a claim for reimbursement. Some services that are outside of the Covid-19 scope can continue to be done through telehealth, however, there are no cost-sharing waivers in effect at this time and will continue to be the member’s responsibility. Please reference the links below for more information on what services still fall under the umbrella of cost-sharing waivers. 

During the Public Health Emergency, United Healthcare will not require a referral for an emergency for those with a Medicare Advantage plan, as well as others. Again, please follow your states specific guidelines as they may vary from state-to-state. In regards to credentialing and recredentialing, “these are consistent with National Council on Quality Assurance (NCQA) standards, as well as any specific state and federal regulations for participation in Medicare and Medicaid programs. Some states may have additional requirements as part of the credentialing and recredentialing process,” (United Healthcare Services, Inc.). Any radiology services that are performed related to potential Covid-19 exposure or symptoms does not require prior-authorization, but providers are asked to submit particular CPT codes when billing. Please reference the Covid-19 Temporary Provisions link for more information, specifically page 6, 12, 13, and 18.

Please refer to your states specific Covid-19 website or hotline for more information on Medicaid variations state-by-state.

For more information, please follow the links below. 

Covid-19 Information and Resources | Covid-19 Temporary Provisions 

Sources:

“Covid-19 Information and Resources.” UnitedHealthcare Provider, United Healthcare Services, Inc., 19 July 2021, www.uhcprovider.com/en/resource-library/news/Novel-Coronavirus-COVID-19.html.

“Covid-19 Temporary Provisions.” Uhcprovider.com, United Healthcare Services, Inc., 19 July 2021, www.uhcprovider.com/content/dam/provider/docs/public/resources/news/2020/covid19/COVID-19-Date-Provision-Guide.pdf?cid=em-providernews-PCA12102634-jul21.

Recently, the Centers for Medicare and Medicaid services released a new proposal of the Medicare physician fee schedule for 2022; this may mean big changes to all requirements for 2022. The final ruling is expected to be set by November 1^st of this year. This new proposal is expected to make a more easily accessible and inclusive health care system.

This proposal includes changes to the Merit-based Incentive Payment System, more commonly known as MIPS. MIPS is a program that allows eligible clinicians to receive a bonus in payments, or a penalty on their payments, based on their performance score. The performance model’s threshold will be set at 75 points, while the threshold for exceptional performance will be placed at 89 points. Changes proposed may also include the options for participation for the Alternative Payment Model, APM for short. APM is a way to incentivize affordable quality care. There could be potential changes in payment rates using a conversion factor, that would decrease just under 4% from 2021 rates.

Another change to note would be the delay of the payment penalty phase of the Appropriate Use Criteria (AUC) until 2023, or until the end of COVID-19 health emergency – whichever comes later. AUC is a criterion in which procedures can be determined if they are suitable for the patient or not, expecting that the medical gains significantly outweigh the medical risks. With reference to COVID-19, these changes will allow the continuation of audio-only visits for mental health services. This proposal is hoping to extend the CMS web interface in order to allow collections and submissions.

One final topic to note is the setting of 2023 as the first year that will follow the new MIPS Value Pathways (MVPs). MVPs are predetermined measures and activities that allow eligible clinicians to meet the MIPS requirements with guidance. With this change, in 2023, it will allow more to participate in the program; i.e. clinical social workers and certified nurse midwives. The list continues as they plan to include these select clinical topics: rheumatology, stroke care and prevention, heart disease, chronic disease management, emergency medicine, lower extremity joint repair, and anesthesia. As of now there is no policy in place on how to remove activities that raise possible safety concerns for patients, so in addition to adding to the list of approved activities, this proposal allows some to be removed. There is already a program in place to reweight to MIPS eligible clinicians, and along with allowing more clinicians to register for the program, they plan to apply automatic reweighting for them as well. Currently, smaller practices with 15 or fewer eligible clinicians, can apply for an exemption for hardship, that way the reweighting can be applied to a different performance category.

Changes to quality reporting are going to continuously grow in ways that allow more medical affiliates to report. Currently, Care Compare allows quality reporting to be displayed for hospital affiliations, which then links the corresponding office to that report. Moving forward, this proposal expects to add more facility types, including but not limited to: inpatient rehab centers, hospice, and skilled nursing facilities. In addition to those joining the program, there are also reporting requirement additions to note. Reports under the foundational layer will need to include population health measures and promotions of the interoperability performance category. Under the quality performance category, MVP participants will need to select 4 quality measures, which would have to include an outcome measure; this can be measured by CMS through administrative claims (if available). Additionally, the improvement activities performance category requires participants to choose 2 medium-weighted improvement activities, or one high-weighted activity of the same nature. Furthermore, another area of reporting comes from the cost performance category. CMS calculates a facility’s performance solely on the cost measures that are apart of the MVP administrative claims data. For specifics on how CMS will score these categories, please follow the link below. For a quick look at reporting requirements, registration deadlines, and the information required when registering, please read over the tables below provided by CMS.

View Table 1 | View Table 2 | View Table 3

For more information regarding this proposal, please direct your attention to the following links.

QPP Fact Sheet | PFS Fact Sheet | Proposal Article

“Medicare Proposes 2022 Payment and Quality Reporting Changes.” MGMA,

pages.mgma.com/index.php/email/emailWebview?md_id=6605.

The Occupational Safety and Health Administration (OSHA) issued a COVID-19 emergency temporary standard (ETS) with which healthcare employers will be required to comply. This ETS includes an outline and description for an effective COVID-19 plan designed to reduce injuries and illnesses in healthcare workplaces. A COVID-19 plan is essential to responding to COVID-19 hazards in an effective manner. These safety and health programs must proactively and constantly identify and mitigate hazards before employees develop illness or injury in order to be truly effective. In the case of COVID-19 hazards in healthcare settings, this includes identifying employees at risk of exposure to the virus and developing ways to protect them. This type of approach helps employers meet their obligation to provide a safe workplace under the OSH Act. The ETS requires a COVID-19 plan that contains the main components of this kind of safety and health program. According to the ETS OSHA released, there are studies showing that these programs are positively impacting the safety, health, and performance of healthcare workers.

OSHA has identified seven core elements of a successful safety and health program. These are:

1. Management Leadership – establish a safety plan, communicate it to all employees and assign a coordinator to track the progress.
2. Worker Participation – train employees to recognize hazards and develop open communication to use their expertise and insight to identify and address hazards. This is the most important.
3. Hazard Identification & Assessment – use a team approach to identify hazards. Observe work habits and evaluate employee input from surveys or meetings to determine if, where, and how workers could be exposed and if there are safeguards in place to reduce those risks.
4. Hazard Prevention & Controls – assess if hazards can be eliminated (e.g. work from home) and when they cannot be, consider how the risks may be reduced (e.g. disinfecting, social distancing, physical barriers, ventilation).
5. Evaluation and Improvement – evaluate regularly to make sure the plan is implemented as intended, continue to identify new hazards, and make improvements where necessary.
6. Coordination & Communication at Multi-Employer Sites – in some settings, employees may travel from one site to another, possibly exposing employees of a different location. Communicate with all affiliated employers to review your plans and to share information on reported hazards and illness.
7. Education & Training – ensure that all employees are able to recognize hazards and know the procedures for addressing them. Establish ways for employees to contribute to the safety and health plan.

In addition to the COVID-19 plan, the ETS also requires that covered employees:

• Clean and disinfect the workplace.
• Screen employees for symptoms of COVID-19 and follow requirements for removing potential infected employees from the workplace.
• Ensure social distancing.
• Screen patients upon arrival.
• Report COVID-19 hospitalizations and fatalities.
• Provide reasonable time off and paid leave for COVID-19 vaccinations.

View the full ETS document here. Here is a list of Frequently Asked Questions.

Works Cited
Occupational Exposure to COVID-19; Emergency Temporary Standard, 29 C.F.R. §1910.502. (June 21, 2021).

On June 11, 2021, the U.S. Department of Health and Human Services (HHS) released a revision to the reporting requirements for practices that received Provider Relief Fund (PRF) payments. This revision supersedes the previous update from January of this year. The deadlines for spending the PRF money and for reporting the spending have been extended to relieve some of the burden experienced by smaller practices. The PRF Reporting Portal will be open on July 1, 2021 for providers to begin submitting information. Providers can register for PRF Reporting Portal accounts now.

The revisions apply to those providers who received one or more payments of over $10,000 during a single Payment Received Period (including General, Targeted, Skilled Nursing Facility, and Nursing Home Infection Control distributions). These reporting requirements do not apply to Rural Health Clinic COVID-19 Testing Program, HRSA COVID-19 Uninsured Program or the HRSA COVID-19 Coverage Assistance Fund. Rather than require all payments be used by June 30, 2021, the availability of the funds is dependent on the date the payment was received. The funds received must only be used for expenses within the period of availability. Practices that received one or more payments over, in total, $10,000 must report for each applicable Payment Received Period (rather than $10,000 total across all PRF payment periods). The previous 30-day reporting period has been extended to 90 days. Practices must complete the reporting by the last day of the reporting period or be subject to recoupment. The table below outlines specific dates for both spending and reporting in each period.

	Payment Received Period	Deadline to Use Funds	Reporting Time Period
Period 1	April 10, 2020 – June 30, 2020	June 30, 2021	July 1 – September 30, 2021
Period 2	July 1, 2020 – December 31, 2020	December 31, 2021	January 1 – March 31, 2022
Period 3	January 1, 2021 – June 30, 2021	June 30, 2022	July 1 – September 30, 2022
Period 4	July 1, 2021 – December 31, 2021	December 31, 2022	January 1 – March 31, 2023

According to the HHS notice, the Reporting Entity is that which registers its Tax Identification Number (TIN) and reports on the payments received by that TIN and/or its subsidiaries. The following table outlines types of PRF recipients.

Type of PRF Recipient	Definition
General Distribution recipient that received payment in Phase 1 only	Entity that received Phase 1 General Distribution payment totaling more than $10,000 in a Payment Received Period
General Distribution recipient with no parent organization or subsidiaries except PRF recipients that received Phase 1 General Distribution only	Entity (TIN level) that received one or more General Distribution payments totaling more than $10,000 in a Payment Received Period
General Distribution recipient with one or more subsidiaries that received payments in Phase 1 to 3	Entity that meets these 3 criteria: 1. Is the parent of one or more subsidiary billing TINs that received General Distribution payments in Phase 1 to 3 2. Has associated providers that were providing diagnoses, testing, or treatment for individuals with possible or actual cases of COVID-19 on or after January 31, 2020 3. Can otherwise attest to the Terms and Conditions
Targeted Distribution recipient (including Nursing Home Infection Control Distribution)	Entity (TIN level) that received Targeted Distribution payments totaling more than $10,000 in a Payment Received Period

Parent entities can report on their subsidiaries’ General Distribution payments whether the subsidiaries received the payments directly or the money was transferred to them by the parent company. The parent entity can report on the General Distribution payments no matter which entity, the parent or subsidiary, agreed to the Terms and Conditions. However, for Targeted Distribution payments, the original recipient is always the Reporting Entity. Parent entities may not report on their subsidiaries’ Targeted Distribution payments regardless of whether the original recipient transferred the payment. A subsidiary Reporting Entity must note the amount of the Targeted Distributions received that were transferred to or by the parent entity. Transferred Targeted Distribution payments are more likely to be audited by HRSA.

For more information regarding the steps for reporting on the use of the PRF payments, see pages 4 through 11 of the HHS publication, “Provider Relief Fund General and Targeted Distribution Post-Payment Notice of Reporting Requirements,” linked here.

Works Cited

“HHS Issues Revised Notice of Reporting Requirements and Reporting Timeline for Recipients of Provider Relief Fund Payments.” HHS.gov, U.S. Department of Health & Human Services, 11 June 2021, www.hhs.gov/about/news/2021/06/11/hhs-issues-revised-reporting-requirements-timeline-for-provider-relief-fund-recipients.html?mkt_tok=MTQ0LUFNSi02MzkAAAF9uNPWCB3NbbYhyumTBHK6pfIynjAWdjpGChnfxH4n8K9-TuAevbeYoIoEuSWc6lGpI24iL_kXpC2LNO1TGbDnziySn24OslezAzeFPUdj.

According to a recent alert issued by Blue Cross Blue Shield, value-based reimbursement will be applied to the new codes for COVID-19 vaccine administration. This change is effective July 1, 2021 and applies to primary care providers (PCPs) and specialists receiving value-based reimbursement. Currently, value-based reimbursement for PCPs is applied to select E&M, preventative health, telehealth, and care management codes. The procedure codes that will now receive value-based reimbursement under this change are:

*0001A	*0021A
*0002A	*0022A
*0011A	*0031A
*0012A

Additionally, value-based reimbursement for PCPs will be applied to six other vaccine administration codes, effective July 1, 2021. These codes are:

*90460	*90472
*90461	*90473
*90471	*90474

Works Cited
“We’re Applying Value‑Based Reimbursement to Procedure Codes for COVID‑19 Vaccine, Other Immunizations.” The Record, Blue Cross Blue Shield of Michigan, May 2021, www.bcbsm.com/content/dam/microsites/corpcomm/provider/the_record/2021/may/Record_0521i.shtml.

Yeo & Yeo Medical Billing & Consulting is pleased to announce that Denise Garrett has earned the Certified Outpatient Clinical Appeals Specialist (COCAS^SM) credential. The COCAS credential formally recognizes Garrett’s expertise in medical insurance claims, denials and appeals.  

“I continue to stay current with new developments in medical billing and gain knowledge in all areas of revenue cycle management, so I am armed with the tools necessary to help our healthcare clients,” Garrett said. “When it comes to medical insurance appeals, if the documentation supports the billing and the insurance company policy, I will fight to ensure that the practice’s denied claims are paid.”

To earn the credential, Garrett passed the American Institute of Healthcare Compliance’s COCAS exam, which encompasses four main topics:

1. Appeals and revenue cycle management
2. Auditing before the appeal and understanding medical necessity
3. Medicare and ERISA appeals processes
4. How to create an effective appeals program to avoid unnecessary investigations and probes

Garrett is an account manager with more than 20 years of medical billing and coding experience. She is a Certified Healthcare Auditor (CHA), Certified Professional Coder (CPC), Certified Physician Practice Manager (CPPM^®), Certified Professional Compliance Officer (CPCO™), Certified Professional Medical Auditor (CPMA^®), and a Certified Foot & Ankle Surgical Coder (CFASC), with expertise in the coding of diagnoses, services, and procedures for physician practices. Garrett serves on the national board of directors of the American Academy of Professional Coders Chapter Association (AAPCCA). She is also a member of the American Medical Billers Association and the American Institute of Healthcare Compliance.

Since 2012, Medicare payments to medical practices have been subject to a -2% sequestration in an effort by Congress to address the debt ceiling crisis. The Coronavirus Aid, Relief, and Economic Security (CARES) Act temporarily suspended that sequestration in May of 2020, meaning that physicians have seen a 2% increase in their payments on Medicare claims. The expiration of this suspension – previously extended from December 21, 2020 to March 31, 2021 – has again been extended through the end of 2021. On April 13, 2021, Congress passed legislation approving this extension and President Biden is expected to sign the bill into law soon.

Back at the end of March, the Centers for Medicare & Medicaid Services (CMS) instructed Medicare Administrative Contractors (MACs) to hold claims with dates of service on or after April 1 without affecting the practitioners’ cash flow. They recommended this hold until this legislation was passed to avoid having to reprocess the claims. Now that the legislation is passed, these claims will be processed. The expense of this suspension is expected to be recouped by extending the sequester through the end of the 2030 budget year.

Works Cited
Coronavirus Aid, Relief, and Economic Security Act of 2020, Pub. L. 116-136, §3709, 134 Stat. 421 (2020).
To prevent across-the-board direct spending cuts, and for other purposes., Pub. L. 117-7, §1 (2021).

The Medicare Accelerated and Advance Payment Program (AAP) were expanded on March 28, 2020. The Centers for Medicare & Medicaid Services (CMS) made the program available to most Medicare physicians and group practices. The AAP provided loans to medical practices suffering financial distress or disruption due to COVID-19. The loans were determined based on the practice’s history of Medicare billing. Originally, providers were to begin payments on these loans in August of 2020. However, the repayment was delayed until one year after the payment was issued to the practice. This means that repayment could begin as early as April 2021 for some providers.

Group practices that have received AAP loans have two repayment options, automatic claims recoupment and lump sum repayment. The automatic claims recoupment is the default method and involves automatically reducing the Medicare payments owed to providers to gradually recoup the amount of the loan. Beginning one year after the loan disbursement, Medicare Administrative Contractors (MACs) will reduce the payments owed to the provider by 25% for 11 months. If the loan has not been paid in full after the 11-month period, the Medicare payments will be reduced by 50% for 6 more months. Any balance remaining after that is due within 30 days or it will accrue 4% interest until it is payed off. Loans paid off before this time will not accrue interest. Providers may also repay their AAP loans by making a lump sum payment(s) to their MAC. If a group practice is interested in making lump sum payments, they should consult their MAC for details and forms to accompany the payments.

The CMS has not issued further details on the repayment process. They have not yet stated exactly when recoupment will begin. Questions should be directed to providers’ MACs at this time. 

Works Cited:  Continuing Appropriations Act, 2021 & Other Extensions Act, 5 U.S.C. §2501 (2020).

Due to the COVID-19 public health emergency, the Centers for Medicare & Medicaid Services (CMS) will be applying the MIPS extreme and uncontrollable circumstances (EUC) policy automatically for all eligible clinicians for the 2020 performance period. This policy applies to providers that are unable to submit sufficient MIPS data for the 2020 reporting year during the submission period. MIPS eligible individual providers will not be required to submit an application to reweight the MIPS performance categories.

However, the enforcement of the EUC policy does not automatically apply to groups or virtual groups. Groups, virtual groups, and Alternative Payment Model entities wishing to request reweighting of any or all of the MIPS performance categories due to COVID-19 must submit an EUC exception application by the extended deadline of March 31, 2021. Groups that do not apply for EUC will be scored by the existing MIPS scoring policies. The individual clinicians in the group will receive the payment adjustment associated with the group’s final score unless their individual participation score is higher. Virtual groups will be scored according to the existing MIPS scoring policies regardless of data submission and the eligible clinicians in the group will receive the payment adjustment associated with the group’s final score.

The four MIPS performance categories are Quality, Promoting Interoperability, Improvement Activities, and Cost. The MIPS Cost category is calculated automatically based on data from claims and does not require reporting. There are concerns, however, that COVID-19 will have significant effects on the cost measures. For that reason, the cost category will be weighted at zero percent under the automatic EUC policy even if data is submitted for any or all of the other performance categories. If a practice covered under the EUC policy does not submit data for any of the other (3) categories, they will receive a neutral or no payment adjustment for the 2020 MIPS performing year (the 2022 MIPS payment year). If data is submitted for only one of the three categories, that category will be weighed for 100% of the score and the practice will receive a neutral or no payment adjustment under the EUC policy. If data is submitted for two or more of the three performance categories, each category will be weighed according to the table (Appendix A) published by the CMS and a positive, negative, or neutral payment adjustment will be issued for the 2022 MIPS payment year.

If you believe that you qualified for the automatic EUC policy and it does not appear to be reflected in your performance feedback, you can submit a targeted review within 60 days following the release of your 2020 performance feedback. 

Works Cited: Scoring, 42 C.F.R. §414.1380. (2021). 

According to Alissa Knight, a former hacker, personal health information (PHI) is the most highly valued data on the dark web. She states that the value of a single PHI record is 10 times more the price of a credit card number. Knight partnered with Approov, a mobile security company, to test mobile health apps by hacking them through their application program interfaces (APIs). They tested 30 apps this way to identify threats to said apps and the PHI they contain. Their findings were then published in a report, “All That We Let In.”

Knight and Approov discovered that all 30 of the apps they tested were vulnerable to API attacks. Some even allowed them to access electronic health records such as x-rays, pathology reports, prescriptions, mental health services, etc. Upwards of 20 million mobile heath users are exposed to potential attacks by these tested apps alone. The vast majority of the tested apps had hardcoded API keys. As Approov CEO, David Stewart explains it, APIs are channels of communication between an app and a server or hospital infrastructure. Essentially, they are the keys to a deeper wealth of information. If these API keys are hardcoded into the mobile app, hackers can dig through the programming and find the API keys, thus gaining access to PHI and more. The report by Approov also states that a small percentage of the tested apps had hardcoded usernames and passwords.

Knight hacked a hospital system as part of the test and was able to access health records and additional registration information for a patient’s family members by simply changing the EHR value by one digit. She used a tool that made it appear as though the access was coming from a mobile health app. She sates that, “The traffic looks exactly the same as traffic that’s coming from the actual mobile app, and that gives the hackers so much more flexibility about the things that they can do.” It was also discovered that these apps are susceptible to various other attacks including Broken Object Level Authorization attacks.

API attacks continue to rise in frequency and are on their way to being the most frequently used attack against mobile applications. The current global heath crisis due to COVID-19 has increased the use of mobile health applications and virtual healthcare which is why Alissa Knight and Approov decided to join for this study. Though the names of the applications tested are being kept anonymous, Stewart acknowledges that apps from large healthcare systems and mobile health vendors were among those tested and found to have vulnerabilities. These vulnerabilities put large amounts of PHI at risk which is why it is critical for APIs to be secured.

How to Protect Against API Attacks

Tools such as APIsec are recommended. These tools perform security testing to find vulnerabilities in APIs. Secure mobile and web applications begin with building secure APIs. The controls for these apps should be monitored and adjusted to comply with the Health Insurance Portability and Accountability Act (HIPAA). Additionally, Knight states that security should be implemented from the very beginning when developing and coding new apps because healthcare needs to keep up with the technological advances of the time despite the security threats posed against mobile apps.

Works Cited:
Horowitz, Brian T. “Mobile Health Apps Leak Sensitive Data through APIs, Report Finds.” FierceHealthcare, Questex, 24 Feb. 2021.

Due to the current COVID-19 health emergency, healthcare providers need to schedule vast numbers of appointments for individuals to receive COVID-19 vaccinations. In the interest of ease and efficiency for all parties, they may use apps and other digital scheduling tools to do so.

Covered providers will not be penalized for potential violations of the Health Insurance Portability and Accountability Act (HIPAA) related to use of online scheduling applications for COVID-19 vaccinations. The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services announced that it will not enforce fines against healthcare providers for use of such apps that may not be fully HIPAA compliant.

This discretion of HIPAA enforcement applies to covered healthcare providers and their associates, including web-based scheduling applications vendors (WBSAs), when these vendors are a) used in good faith and b) limited to the scheduling of COVID-19 vaccination appointments during the nationwide health emergency. This enforcement discretion is retroactively affective to Dec. 11, 2020 and will remain in effect until it is deemed that the public health emergency has ended.

WBSAs offer online or web-based apps that are non-public facing for the purpose of scheduling appointments for COVID-related services on a large scale. According to the OCR, “non- public facing” means that these apps only allow the patient and intended health care provider(s) to access the data created, received, maintained, or transmitted by the app. The OCR encourages the reasonable use of safeguards to protect privacy security of patients’ protected health information (PHI). These safeguards include using only the minimum of necessary data to complete the scheduling as well as encryption technology and enabling all available privacy settings.

Healthcare providers are encouraged to use vendors that state that their WBSAs support HIPAA compliance when seeking additional privacy protection for PHI. Additionally, they can look for vendors that will enter into a business agreement in connection with use of their WBSAs.

Works Cited
Notification of Enforcement Discretion, 45 C.F.R. §§ 160, 164. (2021). 

The U.S. Department of Health and Human Services (HHS) will distribute payments up to $20 billion in Phase 3 of the General Distribution of the CARES Act Provider Relief Fund to offer financial relief to providers impacted by COVID-19.

You may be eligible regardless of whether you previously applied for, received, accepted, or rejected payment from prior PRF distributions. You should apply for funding if you experienced expenses and/or lost revenues attributable to COVID-19 that have not been reimbursed by other sources. 

Under Phase 3, applicants that have not yet received Provider Relief Fund payments of 2% of patient revenue will receive a payment that, when combined with prior payments, equals 2% of patient care revenue.

Submit your application to the Provider Relief Fund Application and Attestation Portal between October 5, 2020, and November 6, 2020, at 11:59 p.m. 

The Phase 3 application is slightly different from the Phase 2 form, requiring additional revenue and expense data. Even if you previously submitted revenue information, you will need to submit a new application. Instructions and a sample application form are available at hhs.gov/providerrelief. The website also includes a step-by-step application guide and FAQs.

HHS will host a webcast on October 15, 2020, at 3:00 p.m. to review the process and answer questions. Register here.

For additional information, please call the Provider Support Line at (866) 569-3522 from 7:00 a.m. to 10:00 p.m. Central Time, Monday through Friday. Reach out to your Yeo & Yeo professional for additional guidance on relief fund assistance for your situation.

The Department of Health & Human Services (HHS) released additional guidance on reporting requirements for certain recipients of Provider Relief Fund payments. Group practices that received more than $10,000 in Provider Relief Fund payments must report how they spent the funds on COVID-related expenses and lost revenue. More detailed reporting is required for those that received $500,000 or more.

The Department of Health & Human Services (HHS) released additional guidance on reporting requirements for certain recipients of Provider Relief Fund payments. Group practices that received more than $10,000 in Provider Relief Fund payments must report how they spent the funds on COVID-related expenses and lost revenue. More detailed reporting is required for those that received $500,000 or more.

PRF funds can be used in the following manner and order:

• Expenses attributable to coronavirus that are not reimbursed or obligated to be reimbursed from other sources
• Lost revenues, as represented by a change in net patient care operating income from 2019 to 2020 (revenue less expenses)

If recipients do not expend PRF funds in full by the end of calendar year 2020, they will have an additional six months in which to use remaining amounts toward expenses attributable to coronavirus but not reimbursed by other sources, or to apply toward lost revenues in an amount not to exceed the 2019 net gain. For example, the reporting period January – June 2021 will be compared to the same period in 2019.

The reporting system will be available in early 2021 rather than in October 2020, as HHS originally stated. Deadlines have changed numerous times, and any dates included in the guidance are still subject to change. To help you comply with the reporting requirements for Provider Relief Funds, please refer to the following:

• Fact sheet – summary of reporting deadlines and required reporting data elements
• Post-Payment Notice of Reporting Requirements for General and Targeted Distributions – more detailed guidance

For the latest information, visit the CARES Act Provider Relief fund website at hhs.gov/providerrelief.

For additional assistance, contact the HHS Provider Support Line at (866) 569-3522 Monday through Friday, 7:00 a.m. to 10:00 p.m. Central Time, or contact Yeo & Yeo.

The U.S. Department of Health and Human Services (HHS) is distributing payments in the Phase 2 General Distribution of the CARES Act Provider Relief Fund as part of ongoing efforts to offer financial relief to providers impacted by COVID-19.

Starting August 10, 2020, HHS began accepting applications from providers who received a payment under the Phase 1 General Distribution to determine if the provider is eligible for an additional payment.

Who is eligible?
You may be eligible for another payment if your organization received a payment under the General Distribution and:

1. Missed the June 3 deadline to submit your March and April revenue information; or
2. Have not received Phase 1 General Distribution payments totaling approximately 2% of your annual revenue.

As part of the application, HHS is collecting tax forms and revenue data to determine a payment that is approximately 2% of annual revenue from patient care. If a provider has already received a payment that is approximately 2% of their annual revenue from patient care, they will not receive additional payments. 

You must initiate an application and the Taxpayer Identification Number (TIN) verification process by Friday, August 28, to be considered for payment.

Application instructions
The application instructions and an application form are available at hhs.gov/providerrelief. The website also includes a step-by-step application guide and FAQs. Download and review all of these documents to help you complete the process through the Provider Relief Fund Application and Attestation Portal.

The portal has been updated to simplify the required application data fields. Even if you previously submitted revenue information, you will need to resubmit your information in the new portal.

If you are still in consideration for a Phase 1 General Distribution payment, you must receive either a final payment or communication of ineligibility before re-applying in the current portal.

HHS will host a webcast on August 13 at 3:00 p.m. for potential applicants to review the application process and have their questions answered. Register here.

For the latest information on the Provider Relief Fund Program, visit hhs.gov/providerrelief.

For additional assistance, you may contact the HHS Provider Support Line at (866) 569-3522 Monday through Friday, 7:00 a.m. to 10:00 p.m. Central Time.

Today, May 29, physicians and other healthcare providers may resume non-essential medical and dental procedures that were postponed under Governor Whitmer’s Executive Order 2020-17 (postponement of certain non-essential medical procedures and encounters).

Although non-essential medical procedures may resume, under Executive Order 2020-97, outpatient healthcare facilities must comply with new workplace standards.

Notably, one standard is that providers must continue to utilize telehealth to the greatest extent possible. The rules related to social distancing may otherwise limit the number of patients a facility can see in person. Other protocols include using personal protection equipment, special hours for highly vulnerable patients, workplace training for employees, contactless sign-in and a common screening protocol, which could require changes to a practice’s EMR.

These new standards are not optional. The State of Michigan has two routes of enforcement it may pursue against employers who fail to follow the workplace safety rules specified in the Order. As such, it will be necessary for medical practices to monitor for changes to Executive Orders issued by Michigan’s Governor. The Order does not provide an expiration date for the new safety measures.

Michigan State Medical Society (MSMS) provides on its website key aspects of the standards physicians and medical practices must implement to be in compliance and it is regularly updated. You can reference it here.