New Physician/Provider Requirements Relating to CMS Direct Messaging
By Jessica Roe, Credentialing Manager, Medic Management Group and Tamiya Williams, Senior Practice Manager, Medic Management Group
One of the real challenges that providers are facing today relating to patient care is the ability to easily share electronic health information (EHI) relating to patient care with one another. This is mainly due to providers using various Electronic Medical Record (EMR) platforms that do not integrate with one another. Another significant hurdle is that independent providers or providers within different health systems do not have each other’s direct messaging addresses. Without this information, data cannot be sent between Electronic Health Record (EHR) systems in an easy and protected manner. Typically, provider offices have had to contact one another to request this information and have had to use various platforms to share the necessary patient data with one another. As a result, on May 1, 2020, the Centers for Medicare and Medicaid Services (CMS) published a final rule regarding interoperability and patient access (CMS–9115–F). In this final rule, CMS announced that every provider will be required to have a specific email that confirms with the CMS requirements and that these emails will need to be entered through their direct messaging addresses in the National Plan and Provider Enumeration System (NPPES) registry. CMS has stated that this requirement will make sharing EHI easier since the information will be available on a public database.
Section IX of the final rule, titled “Provider Digital Contact Information Provisions, and Analysis of and Responses to Public Comments,” provides an overview of what will happen if a provider determines not to list their direct messaging information in the NPPES system by June 30, 2020. Beginning the second half of 2020, CMS will publicly report providers who do not list their digital contact information as information blocking. CMS will add an indicator on the Physician Compare tool on Medicare.gov for providers who have not provided their direct messaging information. No other penalties have been announced at this time.
To keep from being listed as information blocking, providers should enter their direct messaging information in the NPPES registry. Providers can update information by logging into their NPPES account and entering their direct messaging address into the Health Information Exchange page. Instructions for this section are available on the NPPES website.
How to set up your provider direct messaging address:
Direct messaging addresses are set up by the provider’s EHR vendor. They look like regular e-mail addresses but are not. Providers should not list their personal email address in NPPES for direct messaging. The direct messaging address will have the word “direct” in the address, and each provider should have their own.
There are a couple of options regarding who can enter this information into a provider’s NPPES account:
- The provider can log in to their individual account and make the update on their own. Since CMS now requires multi-factor authentication before logging into an account, only the provider can log in with their own username and password.
- If the practice is set up to work as a surrogate on behalf of the provider in CMS’ Identity & Access system (I&A), then an authorized official, access manager or staff end user can update this information.
The ability for providers to send and receive EHI is more important than ever. Sharing EHI allows for patient records to be kept up to date with their most current medical information. When a provider has the most current patient clinical information at their disposal, it allows them to make an informed decision on how best to care for and treat the patient. Sharing EHI effectively and securely will help providers safely treat patients and improve overall health outcomes.