CMS proposes to make the ACO a prerequisite for the ACO`s participation in the shared management programme – failure to comply with this requirement would result in the ACO no longer being entitled to obtain data and could lead to the termination of the shared management programme or to additional sanctions and sanctions available under the law. 8. The ACO undertakes not to disclose any information derived from the patient`s data, even if the information does not contain direct identifiers, if the information can be used alone or in combination with other data to establish the identity of an individual. The opt-out right for beneficiaries and the obligation for ACOs to enter into data use agreements with CMSs provide Medicare beneficiaries who register with ACOs with better data protection than what was currently granted by the HIPC. ACOs need to be trained to understand that data protection and confidentiality obligations go beyond the general requirements of the HIPC. It will be important to structure the flow of data within and outside the ACO, as well as between ACO participants, suppliers and suppliers, to ensure compliance with enhanced data protection and confidentiality obligations. CCO subscribers, suppliers and suppliers must update their data protection and security policies, procedures and practices to reflect additional requirements of the ACO regulations. The proposed ACO rules are highly dependent on the ability of participating covered companies to exchange PHI for health purposes.
Posted by: lavhekadmin / Category: Uncategorized / No Comments