The Centers for Medicare & Medicaid Services (CMS) has finalized new rules that will expand access to analyses and data with the aim to help providers, employers, and others make more informed decisions about care delivery and quality improvement.
The new rules, as required by the Medicare Access and CHIP Reauthorization Act (MACRA), allow organizations approved as qualified entities to confidentially share or sell analyses of Medicare and private sector claims data to providers, employers, and other groups who can use the data to support improved care. In addition, qualified entities may provide or sell claims data to providers and suppliers, such as doctors, nurses, and skilled nursing facilities among others.
The rule also includes strict privacy and security requirements for all entities receiving patient identifiable and beneficiary de-identified analyses or data, as well as expanded annual reporting requirements, according to a CMS press release. For example, if entities receive patient identifiable data or analyses, they must use protections that are at least as stringent as what is required of covered entities and their business associates for protected health information (PHI) under the HIPAA Privacy and Security Rules.
This initiative is part of a broader effort by the Obama Administration to use data to help create a healthcare system that delivers better care for patients, spends dollars more wisely, and results in healthier people.
“Increasing access to analyses and data that include Medicare data will make it easier for stakeholders throughout the healthcare system to make smarter and more informed healthcare decisions,” CMS Chief Data Officer Niall Brennan said in a statement.