Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            What is MACRA MIPS? (NEW FOR 2024-25)

            Modified on Thu, 19 Sep at 4:29 PM

            DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice. All information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.

            The Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) was signed into law to improve patient healthcare outcomes. Under MACRA, the Centers for Medicare and Medicaid Services (CMS) provides incentives that encourage healthcare providers to use secure health information technology. One of these incentives is the Merit-Based Incentive Payment System, or MIPS, program. Providers who meet MIPS requirements may receive more favorable Medicare reimbursement rates.

            What are the MIPS Rules?
            MIPS is an incentive program. MIPS contains a series of measurements. Providers receive a score for each of 4 measurement categories: 1) Quality; 2) Cost; 3) Improvement Activities; and 4) Promoting Interoperability (interoperability is the ability of computer systems or software to exchange and make use of information). The scores are added to give a total provider performance score for a given calendar year (e.g., January 1, 2024-December 31, 2024). Providers can receive a total score of anywhere from 0 to 100 points.

            What is the Promoting Interoperability (PI) Measurement?
            One of the Promoting Interoperability (PI) requirements is completion of a security risk assessment - the same assessment/analysis (the measure is also referred to as the "security risk analysis") required under the HIPAA Security Rule, 45 CFR 164.308(a)(1)(ii)(A).

            Currently (as of 2024), providers who earn a total score (based on their combined performance in all four categories) of between 75.1% to 100% can receive Medicare Part B incentive payments (more favorable reimbursement rates). Providers who earn less than 75% can receive less favorable reimbursement rates. Providers who receive an exact score of 75% receive neither incentive nor “disincentive” payments. The PI category comprises 25% of the total score.  

            Providers are not scored on the SRA. It has no numeric value. But, under the MIPS rules for 2024, if a provider fails to complete an SRA for the 2024 calendar year, that provider receives a total score of zero (0) for the entire Promoting Interoperability category for 2024 - regardless of how well the provider performed in the other PI measures. Failure to conduct the SRA automatically lowers the total score from a potential 100 to 75. 75 is the anti-magic number: Providers who obtain this score do not receive disincentive payments, but they do not receive incentive payments, either.

            Providers who have not completed their MIPS-required SRA for the calendar year 2024 should make sure to do so by the end of the reporting period for 2024. The end of the reporting period (measuring period) for 2024 is the last day of calendar year 2024 - December 31, 2024. If the SRA is not conducted for calendar year 2024, a provider automatically receives a score of zero in PI for the year 2024.

            HIPAA-covered providers can, if they desire, hire a HIPAA business associate to perform the SRA on the providers’ behalf. Before the business associate can access any provider PHI, the provider and the business associate must enter into a HIPAA business associate agreement.

            What Do I Need to Provide the Centers for Medicare and Medicare (CMS) With?
            To meet the MIPS "security risk assessment" requirement, by March 31 2025, MIPS eligible clinicians must attest YES to conducting or reviewing a security risk analysis and implementing security updates as necessary and correcting identified security deficiencies. Providers may log into their QPP account to provide the attestation.

            Where Can I Find MIPS Resources?
            The Center for Medicare and Medicaid Services (CMS) provides a series of MIPS resources. These are listed below.

            2024 MIPS Measures
            Timeline and Important Deadlines
            How MIPS Eligibility is Determined
            Learn about MIPS
            2024 MIPS Overview Quick Start Guide
            2024 MIPS Eligibility and Participation Quick Start Guide

            2024 Promoting Interoperability Quick Start Guide

            Does Compliancy Group Perform Security Risk Assessments?
            Compliancy Group does not provide legal advice or consulting services. We do not conduct or perform security risk assessments. The Guard's "Programs and Assessments" feature contains self-audit measures and guidance that describes the Security Risk Analysis requirement.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0