Main Menu



Recent COVID-19 Developments Impacting Healthcare Providers


CMS Extends MIPS, MSSP, and other Quality Reporting Programs Deadlines

Clinicians, providers and facilities participating in Medicare’s quality reporting programs, including the Quality Payment Program, are being granted certain exceptions and extensions related to their CMS program reporting requirements. As part of its response to the 2019 Novel Coronavirus (COVID-19) crisis, the “Trump Administration is cutting bureaucratic red tape so the healthcare delivery system can direct its time and resources toward caring for patients,” said CMS Administrator Seema Verma. CMS is invoking the “extreme and uncontrollable circumstances” policy exceptions under such programs for their upcoming measure reporting and data submission deadlines.

With respect to the MIPS and MSSP programs, the March 31, 2020 deadline has been extended to April 30, 2020. Additionally, MIPS clinicians who have not submitted any MIPS data by the new deadline will qualify for the automatic extreme and uncontrollable circumstances policy and receive a neutral payment adjustment for the 2021 MIPS payment year. Fourth quarter data submission deadlines for various hospital and post-acute care programs (e.g., the ASC Quality Reporting Program, ESRD Quality Incentive Program, Hospital Value-Based Purchasing Program, Hospice Quality Reporting Program, and SNF Quality Reporting Program) are being made optional, and if Q4 data is not submitted, 2019 performance will be calculated based on Q1 through Q3.

Furthermore, no data reflecting services provided January 1, 2020 through June 30, 2020 will be used in CMS’s calculations for the Medicare quality reporting and value-based purchasing programs. “CMS recognizes that quality measure data collection and reporting for services furnished during this time period may not be reflective of their true level of performance on measures such as cost, readmissions and patient experience during this time of emergency and seeks to hold organizations harmless for not submitting data during this period.” For more information, visit (Mar. 22, 2020).

DHHS Office for Civil Rights Waives Penalties for HIPAA Violations in Connection with Telehealth

In recognition of the challenges being faced by healthcare providers, the Office for Civil Rights, which enforces HIPAA, has announced that it will not impose penalties against covered healthcare providers for noncompliance with HIPAA Rules in connection with their good faith provision of telehealth services during the COVID-19 nationwide public health emergency.

This exercise of discretion applies to telehealth services provided for any reason, regardless of whether the telehealth service is related to the diagnosis and treatment of health conditions related to COVID-19. Thus, a healthcare provider can use a non-public-facing video-chat application (e.g., Skype or Zoom) to connect with the patient’s phone, tablet, or home computer in order to (for example): examine a patient who is exhibiting COVID-19 symptoms; assess a sprained ankle; or conduct a psychological evaluation. Other such video-chat applications include Apple FaceTime, Facebook Messenger video chat, Amazon Chime, GoToMeeting, and Cisco WebEx Meeting. (Note: OCR has not approved the use of “public facing” video communication applications, such as Facebook Live, Twitch and TikTok.) Additionally, OCR will not impose penalties against healthcare providers for failing to have a business associate agreement with such video-chat communication providers to the extent they are used during the COVID-19 nationwide public health emergency.

In sum, OCR has cleared the way (under HIPAA) for covered healthcare providers to sign up and use non-public-facing video-chat applications to conduct telehealth without the need to revise their Notice of Privacy Practices and HIPAA privacy/security procedures, to enter into BAAs with video-chat application vendors, or to institute other measures as would normally be required under the HIPAA Rules.

OCR has not set an expiration date for its Notification of Enforcement Discretion regarding COVID-19 and will issue a public notice when OCR is no longer exercising its enforcement discretion, based upon the latest facts and circumstances. Healthcare providers should remain attentive to OCR’s announcements over the coming weeks to ensure that they remain in compliance with HIPAA Rules following the expiration of this limited non-enforcement period. Additional information and answers to FAQs can be found here:

Koley Jessen continues to monitor the situation and stay current on the issues facing healthcare providers in light of the COVID-19 outbreak. If you have additional questions or concerns as the situation develops, please contact a member of the Koley Jessen Health Law Practice Group.

* The information contained in this document is provided for informational purposes only. It should not be construed as business, legal, accounting, tax, financial, investment or other advice on any matter and should not be relied upon for such.

The information in this document may not reflect the most current developments as the subject matter is extremely fluid and may change daily. The content and interpretation of the issues addressed herein is subject to revision. Koley Jessen, P.C., L.L.O. disclaims any and all liability with respect to actions taken or not taken based on any or all of the contents of this document to the fullest extent permitted by law. Do not act or refrain from acting upon the information contained in this document without seeking professional or other advice.

Practice Areas

Back to Page

We use cookies on our website to improve functionality and performance, analyze website traffic and enable social media features. By continuing to use our website, you agree to our use of cookies.