CLOSE X

Checking in … Again

CMS proposes more routine reassessments of HCBS needs to promote person-centered care planning

Sitting on her living room couch – the place in her home that normally serves as a sanctuary – Diane was very aware of all her limitations. The four-hour assessment she had just completed was at times too intimate for comfort as she outlined the difficulties she faces preparing meals, getting dressed and performing other daily activities.

Diane’s case manager assured her this was the best way to figure out how to build a person-centered plan of care – one that included all the services she would need to live at home safely and independently. Diane knew she needed to trust the case manager, just as so many of her peers had trusted theirs. She’d seen the improvements in their lives, and she wanted the same, not only for herself, but for her children who were constantly worried about her.   

Enrollment in a home- and community-based services (HCBS) Medicaid waiver program often begins with meetings and assessments like these. These assessments are crucial to determine the level of care and types of services eligible program participants need to live and thrive in their homes and communities.

The Centers for Medicare & Medicaid Services (CMS) has proposed these assessments occur on a more regular basis.

In the new proposed rule (CMS-2442-P: Medicaid Program; Ensuring Access to Medicaid Services), the agency has outlined several ways it would like to see states improve and standardize the way state Medicaid agencies and managed care organizations (MCOs) develop and implement person-centered plans of care. One way is to increase the frequency of reassessments to every 12 months for at least 90 percent of individuals continuously enrolled in a state’s HCBS programs. This frequency of reassessment would allow agencies and MCOs to adequately accommodate for any functional and circumstantial changes that necessitate adjustments in the person-centered services provided.  

CMS acknowledged in the proposed rule that changes in functional needs or circumstances requiring an updated plan of care do not occur very often, but routine assessments are “important safeguards that are in the best interest of beneficiaries because they ensure that an individual’s section 1915(c) waiver program services change to meet the beneficiary’s needs most appropriately as those needs change.”

With regular intervals for reassessments, CMS said agencies will be better equipped to adjust plans of care to accommodate major life changes like availability of natural supports (family) or other requests like choosing a different provider.

The proposed rule, more than 300 pages long, seeks to improve access to HCBS through increased transparency and accountability, standardizing data and monitoring and creating opportunities for states to promote active beneficiary engagement in their Medicaid programs.

The rule garnered a lot of attention during the comment period. Between its March release and July, CMS received hundreds of comments from advocacy groups, state agencies and others about the proposed changes to current HCBS program management requirements.

When it comes to the reassessment provisions, CMS received a commentary from the National Association of Medicaid Directors (NAMD), ADvancing States and the National Association for State Directors of Developmental Disabilities Services (NASDDDS) asking the agency to define reassessment more explicitly so their state partner agencies would understand what was required for reassessments. These groups also expressed concern that frequently conducting reassessments may overburden participants. Some state commenters said they were already meeting the annual re-assessment requirement, some called for a good-cause exemption and others called for no exemptions. Others suggested a “screening” be developed to determine if a full assessment was required. 

The Arc of Minnesota and The Arc of Northland commented that underlying assessment issues must be addressed before further regulation is put into effect. They believe current assessments are subjective, inaccurate and administered by professionals without proper training. They reminded CMS that assessments force members, like Diane, to relive their worst days and then relay them to someone whose interpretation directly impacts the support they receive, potentially triggering fear and trauma.

At FEI, we recognize the magnitude of the impacts this proposed rule may have on our state partners, and we are prepared to help. With our configurable case management solutions, we can design business rules and automated processes that will ensure our solutions support CMS requirements for assessment and person-centered care building.

We stand ready to work with you to mitigate subjectivity and inaccuracy concerns with comprehensive case management and assessment tools. We offer a software as a solution (SaaS) case management platform that meets common CMS requirements, but is also configurable to address unique state waiver program needs. When it comes to person-centered care, our case management solutions provide our partners with a 360-degree view of waiver program participants, which includes all touchpoints with state or managed care services and providers. Additionally, our solutions use business rules to auto-populate person-centered plans of care based on intake and assessment data, as determined by our state partners. Those auto-generated plans can be altered by service coordinators or administrators with intimate knowledge of a participant’s unique needs – minimizing the impact on enrollees like Diane, yet obtaining the information the case managers need to create a person-centered plans of care.

See All News

FEI.com, Inc. dba FEI Systems – Notice of Data Security Incident

Columbia, Maryland, May 13, 2024 – FEI.com, Inc. dba FEI Systems (“FEI”) currently contracts with The Texas Health and Human Service Commission (“HHSC”) to provide a critical incident management system which captures critical incident reportable events for persons receiving services from health care providers in Texas (“Texas CIMS”). Among other things, Texas CIMS provides reports permitting health care providers to access certain personal information of individuals for whom they provide services.  The reporting tools in Texas CIMS are configured such that health care providers are able to view personal information only for those individuals they serve. Between May 1, 2023 and August 4, 2023, however, one of the reports in the system was not so configured, and, as a result, up to 17 administrators for various Texas health care providers may have viewed information in the report that did not belong to the individuals served by their respective providers. The information involved may have included individuals’ first names, last names, dates of birth, social security numbers, Medicaid IDs, and/or Care IDs.

FEI conducted a thorough review of the reasons why the information may have been viewable and has now remedied the issue such that provider administrators who access the report can only see information about the individuals directly served by their respective health care providers.  It is important to note that this was not a hacking incident. Instead, each of the provider administrators who may have accessed the report between May 1, 2023 and August 4, 2023 was authorized by HHSC to access Texas CIMS to view the confidential information of their health care providers and are trained to properly protect personal information, and each administrator attests upon signing on to Texas CIMS to protect the information that they see. FEI has no reason to believe the administrators that accessed Texas CIMS or the report at issue have misused any personal or sensitive information.

On May 9, 2024, FEI provided notice of this incident to potentially impacted individuals. In so doing, FEI provided information about the incident and about steps that potentially impacted individuals can take to protect their information. FEI also offered impacted individuals with access to complimentary credit monitoring and identity protection services.

FEI has established a toll-free call center to answer questions about the incident and to address related concerns. Call center representatives can be reached at 1-844-710-1716 between the hours of 8:00 a.m. to 8:00 p.m. Eastern time, Monday through Friday, excluding holidays.

The privacy and protection of personal information is a top priority for FEI, and FEI regrets any inconvenience or concern this incident may cause.

While we have no evidence of the misuse of any potentially impacted individual’s information, we are providing the following information to help those wanting to know more about steps they can take to protect themselves and their personal information:

 

What steps can I take to protect my personal information?

  • Please notify your financial institution immediately if you detect any suspicious activity on any of your accounts, including unauthorized transactions or new accounts opened in your name that you do not recognize. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities.
  • You can request a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To do so, free of charge once every 12 months, please visit http://www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is listed at the bottom of this page.
  • You can take steps recommended by the Federal Trade Commission to protect yourself from identify theft. The FTC’s website offers helpful information at http://www.ftc.gov/idtheft.

How do I obtain a copy of my credit report?

You may obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting http://www.annualcreditreport.com/, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You also can contact one of the following three agencies:

How do I put a fraud alert on my account?

You may want to consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for one year. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact any of the three credit reporting agencies identified above. Additional information is available at http://www.annualcreditreport.com.

 

How do I put a security freeze on my credit reports?

You have the right to place a security freeze on your credit report. A security freeze is intended to prevent credit, loans, and services from being approved in your name without your consent. To place a security freeze on your credit report, you need to make a request to each consumer reporting agency. You may make that request by certified mail, overnight mail, or regular stamped mail, or online by following the instructions found at the websites listed below. You will need to provide the following information when requesting a security freeze (note that if you are making a request for your spouse, this information must be provided for him/her as well): (1) full name, with middle initial and any suffixes; (2) Social Security number; (3) date of birth; and (4) address. You may also be asked to provide other personal information such as your email address, a copy of a government-issued identification card, and a copy of a recent utility bill or bank or insurance statement. It is essential that each copy be legible, display your name and current mailing address, and the date of issue. There is no charge to place, lift, or remove a freeze.

 

What should I do if my family member’s information was involved in the incident and is deceased?

You may choose to notify the three major credit bureaus, Equifax, Experian and TransUnion, and request they flag the deceased credit file. This will prevent the credit file information from being used to open credit. To make this request, mail a copy of your family member’s death certificate to each company at the addresses below.

  • Equifax
    Equifax Information Services
    P.O. Box 105139,
    Atlanta, GA 30348
  • Experian
    Experian Information Services
    P.O. Box 9701
    Allen, TX 75013
  • TransUnion
    Trans Union Information Services
    P.O. Box 2000
    Chester, PA 19016

What should I do if my minor child’s information is involved in the incident?

You can request that each of the three national credit reporting agencies perform a manual search for a minor’s Social Security number to determine if there is an associated credit report. Copies of identifying information for the minor and parent/guardian may be required, including birth or adoption certificate, Social Security card and government issued identification card. If a credit report exists, you should request a copy of the report and immediately report any fraudulent accounts to the credit reporting agency. You can also report any misuse of a minor’s information to the FTC at https://www.identitytheft.gov/. For more information about Child Identity Theft and instructions for requesting a manual Social Security number search, visit the FTC website: https://www.consumer.ftc.gov/articles/0040-child-identity-theft. Contact information for the three national credit reporting agencies may be found above.

 
Steps You Can Take to Further Protect Your Information

Review Your Account Statements and Notify Law Enforcement of Suspicious Activity

As a precautionary measure, we recommend that you remain vigilant by reviewing your account statements and credit reports closely. If you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You also should promptly report any fraudulent activity or any suspected incidence of identity theft to proper law enforcement authorities, including your state attorney general and the Federal Trade Commission (FTC).

To file a complaint with the FTC, go to IdentityTheft.gov or call 1-877-ID-THEFT (877-438-4338). Complaints filed with the FTC will be added to the FTC’s Identity Theft Data Clearinghouse, which is a database made available to law enforcement agencies.

 

Obtain and Monitor Your Credit Report

We recommend that you obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting www.annualcreditreport.com, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You can access the request form at https://www.annualcreditreport.com/requestReport/requestForm.action. Or you can elect to purchase a copy of your credit report by contacting one of the three national credit reporting agencies. Contact information for the three national credit reporting agencies for the purpose of requesting a copy of your credit report or for general inquiries is provided below:

Consider Placing a Fraud Alert on Your Credit Report

You may want to consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact any of the three credit reporting agencies identified above. Additional information is available at www.annualcreditreport.com.

 

Credit Report Monitoring/Identity Theft Protection Services

In addition, FEI will arrange to provide you with credit monitoring/identity theft protection services for one year, at no cost to you. Please contact us within 90 days of this notice to do so.