CMS Making Strides on Mission-Driven Modernization

The Centers for Medicare and Medicaid Services (CMS) is not modernizing for modernization’s sake. Instead, its IT developments are driven by mission and use cases.

As part of its modernization initiative, CMS is strategically moving its business processes to the cloud rather than relying on a “lift-and-shift” method.

“From the business side, for the last three years we’ve been working on modernizing the claims payment system and starting to move that to the cloud,” said Misu Tasnim, executive director of digital services for CMS, at GovCIO’s Infrastructure: Health IT event. “It is a 50- or 60-year-old system where we have put policy on top of policy over the last few decades. So, it is a complicated system to modernize, but three years ago we started this journey and we have made a ton of progress. Now we have a cloud environment, and we’re slowly working our way and moving that business logic into the cloud and thinking very strategically about it, so it’s not just lift-and-shift.”

Modernizing the claims payment system is no simple task, but it will result in improved data accessibility and analysis capabilities for CMS.

“We have 40 million Americans that are in the Medicare Fee-for-Service program and 1.2 billion claims being processed each year,” said Mary Greene, director of the Office of Burden Reduction and Health Informatics at CMS. “There’s different kinds of claims depending on whether you’re an institutional provider or whether you’re an individual clinician. … And that system varies depending on what kind of institutional provider you are. So, not only is part of the challenge here moving into the cloud environment, it’s also how to keep all that data up to date and how to maintain the nuances of the various policies across the different programs. It’s complex, it’s tough, but it’s important to sort that out because of the end users who need to find specific claims for specific programs when they’re doing their analysis.”

Ben Cushing, chief architect for federal health at Red Hat, emphasized the importance of relying on use cases to drive and guide federal modernization.

“You don’t just modernize for the sake of modernization,” said Cushing. “Now that we have the compute, we need to actually execute those activities we just couldn’t do before on-prem. … Modernization, especially for a federal agency, has to happen against mission, right? How does it impact mission? Because otherwise you’re wasting taxpayer dollars.”

In addition to the claims payment system, CMS is also looking to modernize its prior authorization process. Prior authorization is a cost-control process that requires a physician to obtain advance approval from a health plan before delivering a health care service.

“When you just hear about the process, it sounds like it could easily be automated,” Greene said. “Right now, a good proportion of that process is handled by telephone and fax machines. A lot of it’s still done on paper. But even if you were to get a system-to-system interaction, there’s still concern on the provider side that, ‘Oh, well, this is not going to make it easier for me to find out what the authorization requirements are, and I still have to do a lot of work filling out whatever you want filled out.’ So, the smarter the EHRs are, the more tools they have within the EHR to pre-populate whatever that data needs to be — that is a huge part of the potential reduction in burden for clinicians.”

The push for electronic prior authorization is prompting CMS technology leadership to implement faster and more streamlined data processing.

“This blends very nicely with the modernization initiatives on both the infrastructure and the technology side because we can work with the EHRs and Mary’s team and the policy folks to say, ‘This is the way the data should be coming in if all of our systems can talk to each other,’” Tasnim said. “Right now, the way that they talk to each other is everything gets processed at the end of the night. … Even if things came in through the fast health interoperability world of FHIR packages, it would still be a batch process on our end. It’ll still take a little bit of time. I think the push from Mary’s team and ONC to really nudge the health care industry puts a little bit of that pressure back on CMS to say, ‘We have to modernize and meet them where they’re at so we can intake this and do something with it.’”

Cushing identified some of the ways that APIs can be leveraged to deliver on mission. CMS is currently using FHIR-based APIs in programs such as the Blue Button API, which allows beneficiaries to access their health claims information electronically, and the Data at the Point of Care pilot program, which expanded the use of Blue Button to clinicians.

“APIs have changed the way we exchange data and have greatly improved access and capability,” Cushing said. “The flip side is it’s been a lot easier for malicious actors to breach systems and retrieve data. Zero trust requires that we apply least privilege, which ensures that every data request is authorized for purpose. I think those systems are really starting to provide us with the infrastructure and the ability to execute on mission — especially on real-time policy; real-time authorization; looking for fraud, waste and abuse. All of those things are possible now because of the kinds of technologies that are coming to bear.”