The Centers for Medicare and Medicaid Services recently finalized meaningful Medicare Advantage policy changes in response to industry concerns, including those regarding data integrity, the Star Ratings and encounter data. These adjustments, however, may not fully address the challenges facing Medicare Advantage Organizations with respect to these issues.
The Centers for Medicare and Medicaid Services (CMS) finalized several meaningful policy changes in the Calendar Year (CY) 2018 Announcement and Final Call Letter released on April 3, 2017. Although the changes, including those related to encounter data and the Star Ratings, apparently signal CMS acknowledgement of several industry concerns, they may not fully address the challenges facing Medicare Advantage Organizations (MAOs). Notably, CMS issued a Request for Information (RFI), soliciting additional comments from stakeholders on “ideas for regulatory, sub-regulatory, policy, practice and procedural changes” to further Medicare Advantage and Part D program goals. This invitation represents a significant opportunity for MAOs to present a wide variety of ideas to CMS and the new administration. Responses are due April 24, 2017.
Changes to the Star Ratings: Data Integrity Policy and BAPP Measure
CMS signaled two significant potential changes to the Star Ratings measures and methodology. First, CMS stated a willingness to revise the data integrity policy–at least with respect to some data–so that the downgrade to a measure that CMS determines may be based on incomplete, biased or erroneous data is not automatically reduced to a one star but is calibrated to the severity of the non-compliance. Specifically, CMS notes that it may use the results of the expanded, industry-wide appeals timeliness monitoring–if it finds them to be “valid and accurate”–to determine a way to more appropriately scale the reduction in stars to the seriousness of the non-compliance. Such a gradated approach would offer MAOs a reprieve from a policy many have criticized as being unduly harsh. CMS notes, however, that other MAOs are opposed to scaling the reduction in stars to the severity of the underlying error, as such a scale may be subjective. CMS commits to engaging with all stakeholders on this issue and solicits ideas about how to implement a scaled reduction. MAOs should consider submitting comments on the data integrity policy generally, and on scaling reductions specifically, in response to CMS’s RFI.
Second, CMS announced plans to introduce a new Beneficiary Access and Performance Problems (BAPP) measure in 2019, perhaps based solely upon Compliance Activity Module data. This means that the BAPP would no longer include enforcement actions, including civil money penalties and sanctions. In discussing this change, CMS noted that many MAOs favor decoupling audits and enforcement actions from the Star Ratings, and a revised BAPP could be a step in that direction.
Use of Encounter Data in Risk Adjustment Calculations
CMS will reduce the weight of diagnoses from encounter data in risk scores to 15 percent, with the remaining 85 percent sourced from Risk Adjustment Processing System (RAPS) and fee-for-service data. In 2017, diagnoses from encounter data made up 25 percent of the risk score, and CMS in February proposed retaining this 25 percent / 75 percent blend, rather than progressing to a 50 percent / 50 percent blend as previously planned. In reducing the weight of the encounter data diagnoses to 15 percent (and not to 0 percent or to the 2016 level of 10 percent), CMS cited the importance of “provid[ing] payment stability while also providing an incentive for plans to submit complete data.” In the February Advance Notice, CMS sought comment on whether to apply an adjustment to the encounter data-based risk scores, which industry has argued are artificially low. Although many commenters supported doing so and CMS implicitly acknowledged that the encounter data-based risk scores are not wholly reliable, CMS declined to adopt such an adjustment on grounds that the encounter data would be weighted at only 15 percent.
In stepping back the use of encounter data in risk scores, CMS specifically cited comments about technical difficulties associated with calculating risk scores using encounter data. This acknowledgement follows two recent extensions that CMS made to the encounter data submission deadlines for CY 2017. In December 2016, CMS extended the deadline for submission of encounter data from January 2017 to May 2017. Just a few weeks ago, CMS adjusted the layout of and data included in the MAO-004 report, through which CMS notifies MAOs of the submitted diagnoses that are eligible for inclusion in their risk scores. CMS also stated that it would conduct a “second run” of 2016 risk scores, taking into account encounter data submitted after the May 2017 deadline.
Federal Government Accountability Office (GAO) reports released in 2014 and 2017 largely echoed stakeholder concerns. Specifically, the GAO in 2014 noted that CMS’s plans for the use of encounter data, including the establishment of standards for completeness and accuracy of the data, were not yet developed enough to incorporate encounter data in risk adjustment calculations. After CMS moved forward with the use of encounter data without establishing processes to fully assess data completeness and accuracy, the GAO issued a second report in 2017 urging CMS to delay further use of encounter data in risk adjustment calculations until it developed such processes.
CMS’s retreat to a 15 percent / 85 percent blend acknowledges the numerous problems with encounter data, but leaves open the prospect that risk scores will not consistently and accurately reflect the health status of an MAO’s member population.
Increased Encounter Data Monitoring and Enforcement
CMS largely finalized its proposal to enhance its monitoring and compliance activities regarding encounter data. Specifically, CMS will evaluate MAOs based on four operational performance measures and three completeness performance measures. Results of this monitoring will guide CMS’s enforcement actions, and CMS will use it to evaluate whether an MAO is meeting the regulatory requirements regarding the submission of and attestation to accurate risk adjustment data. Recognizing comments regarding the timing of the enhanced scrutiny, CMS acknowledged the “need to phase-in monitoring and compliance activity” and noted its intent to “continue taking an incremental approach to implementing monitoring and compliance action relating to encounter data submission, completeness, and accuracy.” CMS nonetheless intends to begin applying enhanced scrutiny, even while remaining somewhat vague as to how and when MAOs will be assessed on these standards.
Notably, CMS reiterated its expectation that MAOs self-monitor the accuracy and completeness of their encounter data submissions and make adjustments based on their findings as appropriate. CMS suggests that such steps are necessary to enable MAOs to certify to the accuracy, completeness and truthfulness of their encounter data submissions. Although the certification required under the regulations has not changed, the shifting legal landscape, as evidenced by seemingly new expectations imposed by CMS and courts, places additional pressure on MAOs. Heightened scrutiny from CMS may only serve to exacerbate the difficulties MAOs already face in certifying compliance.