HCFA sets July 19 as the new date for OASIS data collection

HHBR Washington Correspondent

BALTIMORE – The new date home health agencies must begin collecting OASIS data is July 19, according to the revised timetable published by the Health Care Financing Administration (HCFA; Baltimore) last week. The agency’s notice, published in the Federal Register June 18, sets Aug. 25 as the date agencies must begin transmitting the encoded information to state agencies.

The changes included in the notice come as no surprise. The agency previewed these changes at a hearing on this subject before Sen. Charles Grassley’s Special Committee on Aging earlier this month. The notice confirms that HCFA will not require agencies to submit data for private-pay patients (non-Medicare and Medicaid) until it develops an encryption system that masks identifiable data for these patients sometime next year. It also makes clear that agencies will not be asked to refuse services if patients decline to complete the assessment. The notice also states that patients receiving only personal care will not be subject to OASIS requirements until next year.

HCFA’s Outcome and Assessment Information Set (OASIS) program was suspended earlier this year after a firestorm of protest about patient confidentiality engulfed the new data collection instrument. Unfortunately for the home care industry, most of the changes that HCFA included in the revised notice are aimed at diffusing the arguments about privacy rather than the major operational concerns of the industry, namely the time and cost associated with collecting and transmitting the information.

The last hope of further derailing the OASIS requirement hangs on the timing of the privacy legislation currently being drafted on Capitol Hill. Congress has until August to complete that legislation or that responsibility will be handed to the Department of Health and Human Services (Washington). Some observers believe that the new OASIS instrument, with its modest revisions, may wind up in conflict with the new requirements imposed by Congress. That is one reason Home Health Staffing and Services Association (Washington) legal counsel Jim Pyles and others urged HCFA to hold off on last week’s notice.

In its announcement about the revised notice released last week, HCFA said it is taking "extra precautions beyond its already stringent privacy protections to guard privacy while maintaining the legitimate focus of OASIS." Two separate notices were published. The first is a so-called "system of records" that specifies circumstances where individual specific records may or my not be released. The second outlines the steps HCFA is taking to ensure patient privacy. Among the several other new provisions are the following:

• Medicare and Medicaid patients will receive notice explaining why the data is being collected and informing them of their right to review the data and request changes.

• Routine uses of these data will be limited so that personally identifiable information will only be used where statistical information is not sufficient. Also, HCFA will not make personally identifiable data available to accrediting organizations.

• Medicare will accelerate efforts to encrypt data during transmission to provide an additional level of protection.