Is Your Practice HIPAA Compliant?
- Are you ready to reduce liability?
- Have Peace of Mind?
- Do you need assistance on getting there?
- IMS is here to help you!
HIPAA and MACRA/MIPS 2018 You Need To Know
Many practices and physicians are starting to consider the data they will need to submit under the MACRA/MIPS program. The MACRA/MIPS rules change slightly every year, and this year is no exception. Even though the rules have been adjusted, a basic requirement remains in place: You will need to perform a HIPAA Security Risk Analysis (SRA) in order to maximize your MIPS score and avoid negative Medicare payment adjustments.
- Your 2018 MIPS score is divided into four categories:
- Quality (50 Points)
- Cost (10 Points)
- Improvement Activities (15 Points)
- Promoting Interoperability (25 Points)
- Promoting Interoperability replaces Advancing Care Information from last year, and it remains the category that involves the HIPAA Security Risk Analysis
- Promoting Interoperability has a base score, a performance score and a bonus score
- The base score is 50% of the overall Promoting Interoperability score
- There are several base score measures that are required. One of them is the requirement to perform a HIPAA Security Risk Analysis. You’ll need to meet the requirements of all the base score measures in order to receive the 50% base score. If these requirements are not met, you will get a 0 for the overall Promoting Interoperability performance category score
Conclusion: Not performing an SRA gets a zero base score, a zero performance score and a very low overall Promoting Interoperability score. This represents 25% of your total MIPS score. Best practice would dictate that you have a Security Risk Analysis performed and dated 2018. Of course, performing a Security Risk Analysis is always required for HIPAA compliance, regardless of whether a practice receives reimbursement from Medicare.
