HEDIS 2015 Frequently Asked Questions
What is HEDIS?
Healthcare Effectiveness Data and Information Set (HEDIS) is a standardized set of performance measurements developed by the National Committee for Quality Assurance (NCQA) to evaluate consumer health care.
What health plan membership is included in HEDIS?
HEDIS data collection pertains to members enrolled in any health plan Medicare Advantage health plan. The Centers for Medicare & Medicaid Services (CMS) guidelines require completion of HEDIS data collection annually to meet contract requirements.
Does HIPAA permit me to release records to a health plan representative or designated vendor for HEDIS data collection?
Yes. You are permitted to disclose protected health information (PHI) to the vendors who are acting on a health plan’s behalf, as the health plan’s business associates. A signed consent form from the member is not required under the HIPAA privacy rule for you to release the requested information to the vendors. You can obtain more information about the HIPAA privacy rule at:
Does the American Recovery and Reinvestment Act of 2009 (ARRA) also permit me to release records to a health plan representative or designated vendor for HEDIS data collection?
Yes. While the ARRA maintains and expands the current HIPAA patient health information privacy and security protections, physicians and other covered entities are allowed to disclose patient health information for health care operation purposes as under the current HIPAA rules. (See question 3 above.)
Is my participation in HEDIS date collection mandatory?
Yes. Contracted network providers are required to provide medical record information so that we may fulfill our state and federal regulatory and accreditation obligations.
Do I have to participate even if I participate in one of the NCQA Recognition Programs?
Yes. NCQA Recognition Programs do not satisfy HEDIS data collection requirements.
What is a contracted vendor and what is their relationship with the health plan?
Health plans contract with medical record review vendors. These vendors meet stringent criteria related to HIPAA and confidentiality designed to document their ability to successfully complete all aspects of the HEDIS project. As a contracted entity to a health plan, they function as the health plan’s partner in completing the HEDIS data collection.
How should I provide the records to the contracted vendor?
The vendor will determine how to provide the information and will schedule an onsite review at your location or ask that you fax or mail the information to them. The methodology chosen will typically depend on the volume of records being requested from your office.
Will anyone else contact our office on behalf of a health plan for records?
Yes. At times the health plan staff staff will coordinate with the contracted vendor and may contact you directly for records.
How should I provide the records to health plan staff?
Each health plan will have their own process. Often a health plan will request that you either fax or mail the records directly to the health plan and provide you with the appropriate address and fax numbers.
Does the record review include members who are no longer with a particular health plan or for members who are deceased?
Yes. Medical record reviews may require data collection on services obtained over multiple years for prior or deceased health plan members.
Am I required to provide medical records for a member who was seen by a physician who has retired, died or moved?
Yes. HEDIS data collection includes reviewing medical records as far back as 10 years.
Archived medical records/data may be required to complete data collection.
What is my office’s responsibility regarding HEDIS data collection?
You and your office staff are responsible for responding to a vendor’s request for medical record documentation in a timely manner. The vendor will contact your office to establish a date for either onsite, fax or mail data collection. Typically, a patient list will be faxed to you a week prior to an onsite visit so the requested medical records can be made available for the appointment. The faxing/mailing of data must be sent to to the vendor in a timely fashion, often withintwo weeks after the request has been received. If a patient chart included on the vendor list is not available at your practice location or if a patient is listed that has never received services from your practice, you should notify the vendor or the health plan.
Who is the best person in my office to coordinate this medical record data collection?
Your office manager or designee is probably the best person to be responsible for coordinating the medical record data collection via onsite reviews or fax/mail. In offices with a medical record department, the office manager or designee should coordinate with the medical records department in accordance with your office/company policy.
When will the vendor (or health plan staff) need the records?
Medical records should be made available on the date of the onsite review, or by the date requested; in the case of fax/mail requests. Because HEDIS data collection is a time sensitive project, data collection usually begins in mid-to-late February and ends in late May for all health care plans.
It is imperative that you respond to a request for medical records within five business days to ensure we are able to report complete and accurate rates to state and federal regulatory bodies, as well as NCQA. Please note that even if you were contacted by a health plan to provide HEDIS data in 2014, it is possible you may be contacted again in 2015.
May I request a specific data collection method?
Vendors and health plan try to be as flexible as possible to accommodate your request for a specific data collection methodology for your organization. Health plans and their vendors will evaluate provider demographics to determine record volume by site, measure and geographical location to identify the most appropriate collection methodology.
What are Risk Adjustment record reviews and are they the same as HEDIS?
Risk Adjustment reviews are not the same as HEDIS. Risk Adjustment reviews capture medical record documentation to determine a Medicare patient’s health status and ultimately ensure accurate coding and reimbursement.