A couple of weeks ago we started unpacking the second stage of meaningful use. With this post let’s begin to get into the proverbial weeds. The Stage 2 framework requires the provider to report 20 objectives. 17 of these are considered core objectives and three will be selected from a menu of six. I like to divide the meaningful use objectives into those with a target threshold and those for which the nephrologist is compelled to attest to the fact that something happened during the reporting period. The Stage 2 core consists of 13 objectives with a target threshold and four objectives that simply require attestation.
Today, let’s focus on the four attestation objectives on the Stage 2 core. The good news is all four of these objectives were present in some form in Stage 1. During their migration from Stage 1 to Stage 2, two of the objectives did not change. The other two arrive with minor “upgrades”.
The Song Remains the Same
Generate Patient List
Perhaps the easiest objective in the entire framework, Generate Patient List was part of the Stage 1 core and it remains the same for the Stage 2 core. Every certified EHR will have provide the opportunity for you to generate a list of patients defined by a filter or set of filters. You might, for example, ask the EHR to generate a list that displays every patient over the age of 18 with 585.4 on their problem list. Actually, you may need to use the appropriate SNOMED code for stage 4 CKD as the new certification standards require moving from ICD-9 to SNOMED codified problem lists, but that’s a story for another day. At any rate, if you generate a single list during the reporting period you have met this objective.
By the way, don’t forget the prospect of a meaningful use audit. CMS has recommendations regarding what constitutes appropriate supporting documentation in the event of an audit. Saving a screen shot of your EHR-generated patient list with the appropriate identifiers is not a bad idea.
Protect Health Information
The Protect Health Information objective is also a hold over from the Stage 1 core. This one requires you (or your practice) to conduct a security risk analysis and to correct identified security deficiencies. This is in fact part of the HIPAA Security Rule and it is something we all have been expected to do since 2006. When you attest for this objective, you are confirming you performed the risk analysis and corrected any deficiencies identified. One thing meaningful use has clarified: this analysis/correction must be done annually. If you are subject to an audit, the auditor will ask for a copy of your risk analysis. One final point, in what appears to be a nod to the growing presence of mobile technology, ONC has made a minor addition to this objective by clarifying that your risk analysis should include attention to “the encryption/security of data at rest.”
Good Times, Bad Times
Clinical Decision Support
The Clinical Decision Support objective was part of the Stage 1 core and remains on the core for Stage 2 with a couple of new twists. In Stage 1, CDS required the provider to attest to the fact that he or she utilized a single clinical decision support rule during the reporting period. The CDS intervention in Stage 1 could basically be almost anything other than drug-drug and drug-allergy checks, which was a separate core objective in Stage 1. In Stage 2, you will attest to the fact that you are using five CDS interventions where at least four of the five are related to a Clinical Quality Measure that you are reporting as part of meaningful use. Tossed in for good measure is the inclusion of the Stage 1 drug-drug and drug-allergy interaction objective. In other words, ONC has augmented the Stage 1 CDS objective and combined it with the Stage 1 drug-drug, drug-allergy objective to create the Stage 2 CDS objective.
Immunization Registry
This public health objective moved from the Stage 1 menu to the Stage 2 core, but that’s only half the fun. If you elected to report the Immunization Registry objective in Stage 1, you could send test data for a single patient, and if the public health authority on the receiving end was not capable of consuming your message (as many were not in the early years) you could claim an exclusion, which still counted as one of your five Stage 1 menu objectives. Times have changed. Now that Immunization Registry is a core objective, if you administer immunizations, you are compelled to report this objective to the appropriate local public health authority on an “ongoing” basis. This last term creates a bit of haziness, which I suspect will clear up as the program continues to unfold.
Ramble On
The four Stage 2 core objectives that require you to attest to the fact that you “did something” contain some minor changes as outlined above. The only one on this list that would cause me to raise an eyebrow is the immunization registry objective. As I have informally polled practices around the country, I find fewer and fewer nephrologists who are actually providing the vaccines in their offices. If this objective creates enough of a hassle factor, it could have the unintended consequence of driving nephrologists out of the vaccine administration business. (You would qualify for the objective’s exclusion if you did not vaccinate patients.) Also notice the challenge for those of you compelled to include the dialysis patients in your reporting group. While you may not administer immunizations in your office, they are certainly administered in the dialysis facility as a consequence of your order. Yet another reason for those of you soon facing Stage 2 to take a closer look at the hardship exceptions.
Be sure to check back in on the blog. In two weeks we will begin to tackle the Stage 2 core objectives that have a target threshold.
rg says
Thank your for the wonderful post. Is there an exclusion for the immunization module if they cannot accept our data?
Terry Ketchersid, MD, MBA, VP, Clinical Health Information Management says
There are four exclusions for the immunization objectives which are displayed below and included among them is the one you refer to. Thanks for the comment RG.
(1) the EP does not administer any of the immunizations to any of the populations for which data is collected by their jurisdiction’s immunization registry or immunization information system during the EHR reporting period;
(2) the EP operates in a jurisdiction for which no immunization registry or immunization information system is capable of accepting the specific standards required for CEHRT at the start of their EHR reporting period;
(3) the EP operates in a jurisdiction where no immunization registry or immunization information system provides information timely on capability to receive immunization data; or
(4) the EP operates in a jurisdiction for which no immunization registry or immunization information system that is capable of accepting the specific standards required by CEHRT at the start of their EHR reporting period can enroll additional EPs.