Our Results

Based on CMS guidelines, below are some of the important upcoming MIPS (Merit-based Incentive Payment System) dates and deadlines:

October 3, 2020

Last day to start promoting Interoperability (PI) and Improvement Activities (IA) Reporting periods

November 30, 2020

Last day to complete active engagement for Public Health reporting requirements

December 31, 2020

  • PI Hardship and Exception Applications window closes.
  • Fourth Snapshot for Full TIN APMs (in MSSP’s) to determine which eligible clinicians are participating in a MIPS APM for purposes of the APM scoring standard.
  • Eligibility to be finalized for Reporting Year 2020.
  • 2021 virtual group election period closes.

January 4, 2021 

2020 MIPS performance year data submission window opens.

March 1, 2021 

Deadline for CMS to receive 2020 claims for the Quality performance category.

March 31, 2021 

2020 MIPS performance year data submission window closes.

July 2021

2020 Reporting is finalized, and ready for review.

August 2021

Submit Targeted Review (deadline is 60day after finalized feedback is provided.)

January 1, 2022

2020 Performance Year payment adjustment apply for MIPS participants.

** The above dates are not inclusive of all APM dates and deadlines. **

by Tiffany Short – Director Consulting Services | TriumpHealth

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is a federal law that establishes national standards to protect individuals’ medical records and other personal health information. The law applies to health plans, clearinghouses, health care providers and related entities conducting health care transactions electronically. The Health and Human Services (HHS) department implemented the omnibus Rule in 2013 strengthening these privacy and security standards. As technology has become more leveraged in healthcare organizations, large and small, understanding HIPAA regulations has become even more critical for the stakeholders. For instance:

  • Participants in Medicare MIPS and Medicaid Meaningful Use programs must complete and upload the Security Risk Assessment (SRA) upon attestation in the majority of the cases. The SRA needs to be followed by remediation of deficiencies.
  • Similarly, covered entities are responsible to hold their Business Associates accountable for HIPAA compliance by ensuring that they have proper documentation to support access and compliance.
  • Both Covered Entities and Business Associates are vulnerable to audits.
  • SRA should be completed annually at a minimum, plus during any significant organizational change.

HIPAA auditors routinely look for deficiencies and additional documentation to verify your continued and strengthened participation in HIPAA compliance. Below are some of the key requirements from a HIPAA compliance process standpoint.

  • Implementation and management of HIPAA policies and procedures, including the definition of requirements
  • Evaluation of the organization’s HIPAA compliance status, including documentation of risks and remediation plan/actions
  • Identification and documentation of breaches and non-compliance instances with regards to HIPAA’s privacy and security laws, such as logging of issues and reporting
  • Central administration of all HIPAA-related data, documentation, and information
  • Consistently updated HIPAA agreements between covered entities and business associates

To evaluate whether you are meeting the minimum requirements for HIPAA compliance, you can ask yourselves below questions:

  • Did you complete a Security Risk Assessment (SRA) of your organization in 2019, and did you work with your IT staff to remediate the findings of the SRA?
  • If you have a wireless network, are the security controls properly defined and enabled (e.g., known access points, data encryption, firewalls, etc.)?
  • Do you have an updated HIPAA agreement in place from each of your Business Associates or Vendors?
  • Do you have documentation of what updates or changes have been implemented to improve your HIPAA compliance?
  • Do your employees receive regular training on HIPAA compliance, including how to use technology securely and stay protected from external threats?

If you answered “No” to any of the above questions, you may consider getting some help navigating the HIPAA rules and regulations. You are welcome to get in touch with one of our well-versed HIPAA consultants for a complementary consultation.

By: Tiffany Short, Director of Consulting Services

1. What are the categories for MIPS 2019 reporting and how are they weighted?

  • Quality – 45 points
    • Weighted from 50% to 45%
    • Many benchmarks changed
    • Multiple measures removed and many common measures given a seven-point-cap
  • Promoting Interoperability – 25 points
    • Moved from “MU Stage 2 Modified” to “MU Stage 3”
    • Multiple measure removed
    • New measures added which require significant resources and planning
  • Improvement Activities – 15 points
    • Some measures added
    • CEHRT bonus removed
    • Multiple updates to current measures and new measures added
  • Cost – 15 points
    • Weighted up from 10% to 15%
    • New procedure-based measures added

2. Will it be more challenging for small clinics to participate and achieve maximum incentives in 2019?

Yes, CMS increased the exceptional performance threshold to 75-points versus 70-points in 2018. Below are some of the category updates that will make reaching the 75-point threshold more difficult, especially for smaller organizations with less resources:

  • Multiple Quality measures removed
  • Quality benchmarks updated with more difficult to report measures
  • Most Promoting Interoperability bonus measure removed

3. What is a topped-out measure?

The performance on the measure is high and unvarying across the board, so meaningful distinctions and
improvements can no longer be made. When a measure reaches a topped-out status, the measure could be
removed unless it’s a QCDR measure which is excluded from the removal process.

4. What is a Quality measure decile?

The decile refers to the number of points that a measure can receive for a given performance. The decile can
also vary depending on the chosen reporting method.

5. What is the financial impact of MIPS?

Your 2019 payments are impacted by what you reported in 2017, and what you report in 2019 will impact your 2021 payments.

Performance Year

Payment Year


Exceptional Performance Score Threshold

Maximum Incentive































By: Tiffany Short, Director of Consulting Services.