The final 90 days reporting period started October 1^st, 2020. In addition to the measures that need to be collected CMS reminds everyone to complete their Security Risk Analysis during this period if the same has not been completed earlier in the year.

Medicare actually released the following guidance:

“The Centers for Medicare & Medicaid Services (CMS) wants to remind Medicare Promoting Interoperability Program participants that Saturday, October 3, is the last day to begin the program’s 90-day electronic health record (EHR) reporting period.

The Medicare Promoting Interoperability Program requires new and returning eligible hospitals, dual-eligible hospitals, and critical access hospitals to report for at least 90 consecutive days during calendar year 2020 (through December 31, 2020). Participants who cannot demonstrate over the course of the 90-day EHR reporting period that they are meaningful EHR users will receive a negative payment adjustment.

In addition to a continuous 90-day EHR reporting period and other program requirements, Medicare Promoting Interoperability Program participants must:

• Use 2015 Edition Certified EHR Technology (CEHRT) for a minimum of any continuous 90-day period
  • Note: The 2015 Edition CEHRT did not have to be implemented on January 1, 2020, but the functionality must be in place by the first day of the EHR reporting period
• Submit a “yes” to the Prevention of Information Blocking Attestations
• Submit a “yes” to the Office of the National Coordinator for Health Information Technology Direct Review Attestation
• Submit a “yes” for the Security Risk Analysis measure
• Report the required numerator and denominator or yes/no measures from each of the 4 objectives or claim their exclusion(s)
• Earn a minimum total score of 50 points (out of 100 possible points)
• Report on 4 self-selected eCQMs from the set of 8 available

For More Information

To learn more about these requirements, please review the:

• 2020 Medicare Promoting Interoperability Program Requirements
• FY 2020 Medicare Promoting Interoperability Program Overview Fact Sheet”

Keep in mind that a yes answer mentioned above represents your acknowledgment that the actions below have taken place:

• Prevention of Information Blocking Attestation. You are acting in good faith when you implement and use Certified Electronic Health Record Technology (CEHRT) to exchange electronic health information. This includes acting in good faith to:
  • Work with your EHR vendor to make sure the technology is used correctly and is connected (and enabled) to meet applicable standards and laws.
  • Ensure organizational policies and workflows are enabled and do not restrict the CEHRT’s functionality in any way.
• Office of the National Coordinator for Health Information Technology Direct Review Attestation. You are aware of the requirement to cooperate in good faith with ONC direct review of your Health Information Technology if a request is received. 
• Security Risk Analysis. Under the HIPAA SecurityRule, you are required to conduct an accurate and thorough analysis of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information (ePHI) held by the covered entity or business associate.

For more information on the Promoting Interoperability Programs, visit the Promoting Interoperability Programs website.