The Centers for Medicare & Medicaid Services Thursday cleared up what officials called confusion about the types of skilled nursing facilities now required to report annual healthcare personnel influenza vaccinations.

During an Open Door Forum Thursday, the agency clarified that the new addition to the SNF Quality Reporting Program is intended for freestanding SNFs, SNFs affiliated with acute care facilities, and all non-critical access hospital swing beds in rural hospitals. 

The confusion about the new measure, which covers a season ranging from Oct. 1 through March 31, stemmed from a Sept. 27 webinar hosted by the National Healthcare Safety Network. In it, health officials reviewed updates to the annual healthcare personnel influenza vaccinations data.

Also vaccination-related, the October Care Compare provider data refresh that the CDC adopted for SNF QRP COVID-19 vaccination coverage among healthcare personnel will be publicly reported for the first time as the SNF QRP measure. That release will be data submitted for the fourth quarter of 2021, the officials said.

(The data is already available in more up-to-date form on the public facing CMS data site.)

iQIES access not so broad

In other action, CMS Health Insurance Specialist Ellen Berry addressed new question about  CMS’ transition of MDS to the Internet Quality Improvement and Evaluation System, or iQIES, platform for skilled nursing providers. The system will migrate by early 2023, possibly in March. Berry said. By this November, all nursing homes were expected to have at least one privacy security official. While those officials can be data and analytics vendors, a staff member should be the initial security officer to oversee additional access.

Berry said only about 40% of providers have appointed a security official so far. 

The privacy security official controls access to the platform, through which CASPER and MDS transmissions, validation and reporting will be done.

“It’s expected that the security official is familiar with provider staff and what their level of access should be,” Berry said. “It is imperative that all entities ensure that access to MDS data is as minimal as necessary, as you would also ensure this with your medical records. 

“You don’t allow any and all staff to access medical records, and this is the same for the CMS system. Given the type of data within iQIES, CMS expects that a provider security official be a provider staff person not a vendor staff. Vendor staff will not know what level role a person should have in the provider setting. If you have allowed your vendor to be a security official you must work with your vendor to ensure that you have a staff person with a security official role.”