10:08 PM
Are You MMSEA Compliant? If Not, It Could Cost You
By Jeremy Westerman, TIBCO Software Inc.
By July 17, 2010, all insurance companies must be MMSEA (Medicare, Medicaid and SCHIP Extension Act of 2007) complaint per government mandate.Penalty for non-compliance is $1,000 per claimant per day. While that might not seem like a steep penalty, try multiplying that by 1,000 claimants over a 30-day period. For a larger enterprise insurance company, non-compliance can get very expensive very fast.
The Centers for Medicare & Medicaid Services (CMS), an agency within the Federal Government's Department of Health and Human Services, is responsible for oversight of the Medicare program. The CMS has instituted this regulatory change referred to as Section 111 of the MMSEA (P.L. 110-173).
MMSEA Section 111 Medicare Secondary Payer imposes mandatory reporting requirements with respect to Medicare beneficiaries who have coverage under group health plan (GHP) arrangements as well as for Medicare beneficiaries who receive settlements, judgments, awards or other payment from liability insurance (including self-insurance), no-fault insurance, or workers' compensation.
There are essentially three ways insurance companies can comply with these new rules: 1. Manually: However, this is a very time-consuming process and introduces the risk of human error. 2. Outsource: However, with this approach, any form of internal visibility gets lost. 3. Automated: This is the most economically feasible option for larger enterprise companies, as it: • Reduces headcount as it leverages existing people and system resources. • Gives better internal visibility into the processes to make sure everything is executed correctly. • Leaves an audit trail for all transactions. • Is HIPAA-compliant. • Submits better data to the government. • Leverages existing assets and systems.
As mentioned above, the penalty for non-compliance is $1,000 per claim per day with only one seven-day reporting window per quarter. Failure to submit eligible data on Medicare recipients during that timeframe leads to incurring penalties until the next window opens, which is 90 days later. Insurers therefore need to immediately start planning how they will comply with this regulation.
The reporting regulations were originally enacted for Group Health Plan insurers but were extended to property & casualty carriers as providers of liability insurance. Most Group Health Plan insurers already have some form of data exchange agreement with the CMS, but for many liability insurers this will be new.
In addition to the aggressive timeline, there are technical requirements to achieving compliance that will severely challenge the current IT infrastructure of most liability insurers. These include, but are not limited to: • Extracting claimant data from a variety of systems. • Supporting EDI 270/271message types with HIPAA security. • Identifying "active covered individuals" for submission. • Automating submissions to the CMS. • Workflow for manual data correction.
Application infrastructure provides a cost-effective solution to establish a permanent MMSEA-processing capability that leverages the insurer's existing assets. Using a combination of Service Oriented Architectures (SOA) and Business Process Management (BPM), application infrastructure provides a solution that can be deployed within the mandated timelines and is flexible to accommodate an insurer's specific IT environment.
Such an application infrastructure solution will need to provide the following technology capabilities: • Legacy integration to extract claimant data from a combination of claims and policy administration systems regardless of platforms. • Enterprise Service Bus to move data seamlessly between claims, policy administration, business process management, the B2B gateway, and the MMSEA-screened claimants' data store. Timer support will also be required to automatically initiate the monthly eligibility queries and upload the quarterly claims to Medicare. • Business Process Management to orchestrate the management of data entry tasks to claims workers to complete missing MMSEA data fields. • B2B Gateway that supports X.12 EDI with HIPAA and EDI protocol support and Web Services over HTTPS transport to transmit MMSEA claimants' data. • MMSEA-screened claimants data store to persist screened and cleaned MMSEA claimants' data for future filtering to prevent duplicate processing.
Application infrastructure effectively ties together all of the different systems required to identify, correct and transmit MMSEA claimant records to the CMS to ensure full compliance. By automating and streamlining many of the key steps in the process, the number of employees involved in data remediation is significantly reduced to where they are most needed -- completing missing MMSEA data fields that would result in rejected records returned by the MMSEA processing system.
From a compliance and legal perspective, a complete audit trail of the process is generated to avoid lost or orphaned records and to provide a legal backstop to prove the process was followed in the event of a penalty dispute with the MMSEA regulatory authorities.
Jeremy Westerman is a Senior Product Marketing Manager at TIBCO Software Inc. (Palo Alto, Calif.) and is responsible for the worldwide outbound marketing functions for TIBCO's Business Process Management products. He has also managed inbound and outbound product management functions for EAI and SOA products for leading enterprise software providers.