November 15, 2017
To avoid penalties in 2019 from the 2017 MIPS Reporting period, you must pick one of the following categories and report the specific requirements by the end of the year. Below are some detailed summaries of what each category requires, what we recommend, and why we recommend that specific solution.
Though MIPS inherits most of its Quality measures from PQRS, the MIPS measures are far less arduous. Clinicians can choose the measures from a master list, or a specialty-specific measure list. To avoid penalties by participating in the Quality Measure category, you must choose a patient, choose one quality measure that is applicable to your practice and patient, then, submit your data through a CMS 1500 form. 
According to CMS proposed rules, clinicians can receive credit for more than 90 listed CPIAs, with a specific number of points assigned to each. To avoid penalties by participating in the Improvement Activity category, you must submit either a high or medium weighted activity depending on your practice size.  For a complete list of activities, you can view them here.
The CMS version of Meaningful Use, Advancing Care Information (ACI) requires clinicians to submit the following measures for a minimum of 90 days (usually):
However, instead of the 90-day reporting period, you must report for either 4 or 5 of the measures only once by the end of 2017 to avoid penalties within the Advancing Care Information category. Whether you must report on either 4 or 5 measures depends on if your EHR software is 2014 or 2015 certified (respectively) .
For 2014 CEHRT Software, you must report on:
For 2015 CEHRT Software, you must report on all the above, in addition to:
While the Quality and Improvement categories may seem like the most approachable route in terms of their summaries, reporting within these categories can be complex and time-consuming so we have chosen ACI as the simplest route to avoiding penalties, and here’s why.
If you have been using a capable EHR throughout 2017, these measures are extremely simple and easy to report on. For someone using a 2014 CEHRT EHR, the four base measures that must be reported on would look something like this:
Security Risk Analysis:
Conduct or review a security risk analysis in accordance with the requirements in 45 CFR 164.308(a)(1), including addressing the security (to include encryption) of ePHI data created or maintained by certified EHR technology in accordance with requirements in 45 CFR164.312(a)(2)(iv) and 45 CFR 164.306(d)(3), and implement security updates as necessary and correct identified security deficiencies as part of the MIPS eligible clinician’s risk management process. Seems complicated… Not so much! You can use a free security risk analysis (SRA) tool here.
At least one permissible prescription written by the MIPS eligible clinician is queried for a drug formulary and transmitted electronically using certified EHR technology.
Provide Patient Access:
At least one patient seen by the MIPS eligible clinician during the performance period is provided timely access to view online, download, and transmit to a third party their health information subject to the MIPS eligible clinician’s discretion to withhold certain information.
Health Information Exchange:
The MIPS eligible clinician that transitions or refers their patient to another setting of care or health care clinician (1) uses CEHRT to create a summary of care record; and (2) electronically transmits such summary to a receiving health care clinician for at least one transition of care or referral.
As you can see, out of the four base measures, none of them are overly complicated. Keep in mind, if you still don’t want to something as simple as this, a 4% penalty could range anywhere from $0 up to $10,000 or more depending on how much your practice charges to Medicare. Whether you are paying someone to report for you, or doing it yourself, it’s more than worth it to avoid the penalties.