Dive Brief:
- CMS announced last Friday it has finalized new rules to update the Qualified Entity Program, allowing organizations approved as qualified entities to purchase Medicare data, combine it with private payer data, and sell their analyses to providers, employers, suppliers, and others.
- The rule dictates strict privacy and security requirements and comes with expanded annual reporting requirements.
- The move, driven by the Medicare Access and CHIP Reauthorization Act, aims to increase the use of Medicare and private claims data to improve care and lower costs.
Dive Insight:
The rule comes as part of the admnistration's underlying efforts toward healthcare reform, with the Qualified Entity Program having been authorized by Section 10332 of the Affordable Care Act.
“Increasing access to analyses and data that include Medicare data will make it easier for stakeholders throughout the healthcare system to make smarter and more informed healthcare decisions,” CMS Chief Data Officer Niall Brennan said in a prepared statement.
By combining federal claims data with private data, entities can help illustrate how providers and suppliers are performing across payers, and can focus on specific issues such as chronically ill or other resource-intensive populations, the CMS said.
So far there are 15 organizations that have applied and been approved to become qualified entities, and of those, two have completed their public reporting. Further details on the qualified entity program are available at the Qualified Entity Certification Program website.
The final rule closely followed the proposed rule, though as Modern Healthcare noted, it clarified the definition of an “authorized user” to add that contractors and associates of the authorized users can also use the data -- a potentially thorny area in the view of the World Privacy Forum.