CMS Pub. 100-11, ch. 12
(Rev. 2, Issued: 06-09-11)
10 - Medical Records
10.1 - Requirements
10.2 - Minimal Content of Medical Records
10.3 - Medical Record Availability during Termination
10.4 - Documentation of Disruptive or Threatening Behavior for Involuntary Disenrollment
20 - Maintenance of Records and Reporting of Data
30 - Safeguarding Medical Records
40 - Retention of Records
50 - HIPAA Privacy
60 - Electronic Record Management (EMR) Guidance
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
A PACE organization must maintain a single, comprehensive medical record for each participant in accordance with accepted professional standards.
The medical record for each participant must meet the following requirements:
[42 CFR § 460.210(a)]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
The medical record must contain the following:
Interdisciplinary assessments, reassessments, plans of care, treatment, and progress notes that include the participant's response to treatment;
Laboratory, radiological and other test reports;
The actual incident report is not a required element of the participant medical record. However, a narrative description of the care rendered during and subsequent to the incident is required. This narrative description should be documented in the progress notes of the IDT specialist(s) rendering care. If the incident results in a significant change in health status, the changes in the problem, interventions, measurable outcomes, timelines for monitoring and evaluation, and responsible person(s) performing the intervention should be updated in the individual's care plan.
[42 CFR § 460.210(b); 71 FR 71326 through 71327 (Dec. 8, 2006)]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
An entity whose PACE Program Agreement is in the process of being terminated must provide assistance to each participant in obtaining necessary transitional care through appropriate referrals and making the participants' medical records available to the new providers in a timely manner to ensure the continuity of care for the participant.
[42 CFR §§460.52; 460.168(a)]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
If a PACE organization proposes to disenroll a participant who is disruptive or threatening, the organization must document the following information in the participant's medical record:
[42 CFR § 460.164(c)]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
A PACE organization must allow CMS and the State Administering Agency access to data and records, including, but not limited to, participant health outcomes data, financial books and records, medical records, and personnel records. In addition, the PACE organization must maintain complete records and relevant information in an accurate and timely manner. The PACE organization must grant each participant timely access, upon request, to review and copy his or her own medical records and to request amendments to those records and abide by all Federal and State laws regarding confidentiality and disclosure for mental health records, medical records and other personal health information. PACE organizations must provide advance notice to participants if they intend to charge for copies of records.
[42 CFR § 460.200(b) and (e)(2) through (4)]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
A PACE organization must establish written policies and implement procedures for safeguarding all data, books, and records against loss, destruction, unauthorized use, or inappropriate alteration. These policies and procedures must include the following elements:
Grant each participant timely access, upon request, to review and copy his or her own medical records and to request amendments to those records; and
Abide by all Federal and State laws regarding confidentiality and disclosure for mental health records, medical records, and other participant health information, including information that qualifies as protected health information.
Further information is available at http://www.cms.hhs.gov/HIPAAGenInfo/Downloads/HIPAALaw.pdf.
[42 CFR § 460.200]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
A PACE organization must retain records for the longest of the following periods:
If litigation, a claim, a financial management review, or an audit arising from the operation of the PACE program started before the expiration of the retention period, as specified in the prior three bullets, the PACE organization must retain the records, at a minimum, until the completion of the litigation, or solution of the claims or audit findings.
The PACE organization must dispose of medical records that are scanned or imaged in accordance with CMS policy as referenced in http://www.cms.hhs.gov/manuals/downloads/ge101c07.pdf.
For purposes of Medicare Part D, PACE organizations are required to retain Part D related records for a period of 10 years in accordance with 42 CFR § 423.505(d). At this time CMS recommends that all PACE organizations keep all records (Part D related and general records) for 10 years.
[42 CFR § 460.200(f)]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
A PACE organization must establish written policies and implement procedures to do the following:
[42 CFR § 460.200(e)]
(Rev. 2, Issued: 06-09-11; Effective: 06-03-11; Implementation: 06-03-11)
At the present time, there is no specific guidance from CMS regarding PACE EMR management. However, there are guidance formats for all providers and programs on the http://www.cms.hhs.gov for reference of the new interim rule (45 CFR Part 170 Health Information Technology: Initial Set of Standards, Implementation Specifications, and Certification Criteria for Electronic Health Record Technology: Interim Final Rule; Federal Register: January 13, 2010 [Volume 75, Number 8]][Rules and Regulations][Page 2013-2047]) at http://edocket.access.gpo.gov/2010/E9-31216.htm.
The adopted standards are organized into the following four categories:
Transport Standards (e.g., standards used to establish a common, predictable, secure communication protocol between systems); and
Privacy and Security Standards (e.g., authentication, access control, transmission security) which relate to and span across all of the other types of standards.
Use Cases and Requirements for EMR/EHR are available at:
http://healthit.hhs.gov/portal/server.pt?open=512&objID=1255&parentname=CommunityPage&parentid=6&mode=2&in_hi_userid=10741&cached=true.
EMR report of standards for Health Information Security and Privacy Collaboration: Adoption of Standard Policies Collaborative Final Report is available at:
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_10741_872248_0_0_18/ASP_2_1_Final_Rpt_with_app_ABCDEHJK.pdf.
| Rev # | Issue Date | Subject | Impl Date | CR# |
|---|---|---|---|---|
| R2PACE | 06/09/2011 | Initial Publication of Manual | 06/03/2011 | NA |
| R1_SO | 06/03/2011 | Initial Publication of Manual - Rescinded and replaced by Transmittal 2 | 06/03/2011 | NA |
Back to top of Chapter