At first glance, it appeared that hospitals were complying with the Centers for Medicare & Medicaid Services’ (CMS) price transparency requirement, which became effective January 1, 2021. Upon a closer look; however, multiple deficiencies were found.
CMS previously advised that it would begin auditing compliance with the rule this past January. Interestingly, it was the published findings of a Wall Street Journal (WSJ) investigation that first identified non-compliance. The investigation uncovered hospitals technically posting such data but intentionally hiding it from online search engines.
The new rule requires US hospitals to have detailed pricing information prominently displayed on their websites. The rule’s specific details are discussed in our recent blog. Among the requirements are that standard charges be posted online. (45 CFR § 180.50). Standard charges are “the regular rate[s] established by a hospital for an item or service provided to a specific group of paying patients.” (45 CFR § 180.20). Hospitals; however, were obscuring these standard charges from consumers.
Hospitals Found Hiding Data
WSJ’s investigation revealed that while hospitals appeared to be in compliance by posting standard charge information online, at least one requirement was overlooked. Many hospitals failed to “ensure that the standard charge information is easily accessible, without barriers, including but not limited to ensuring the information is accessible.” (45 CFR § 180.50).
Hospitals were using blocking codes that hid the pricing information from appearing in search results. Surprisingly, 307 hospitals were found utilizing the blocking code. After WSJ reached out to their owners for comment, 182 removed the syntax.
Requests for Stronger Enforcement
The House Energy and Commerce Committee (the Committee) leaders sent a letter to the U.S. Department of Health and Human Services (HHS), on April 13, 2021, calling on HHS to take action. They asked that HHS conduct “vigorous oversight and enforce[ ] full compliance with the final rule.” Other compliance studies were discussed that had uncovered further rule-breaking by hospitals.
The Committee leaders referenced a report by ADVI, a healthcare consulting company that had reviewed the data for 20 of the largest hospitals in the United States, and found the following:
- Pricing information did not appear to “completely comply” with the rule for showing 300 shoppable procedures
- Data was not uploaded in useable formats
- Services did not include associated Healthcare Common Procedure Coding System (HCPCS) codes, the coding system used to identify medical services, procedures, and supplies furnished by health care professionals (the rule requires hospitals post common billing and accounting codes, such as HCPCS codes or other commonly used payer identifiers, as applicable)
- Variability in pricing information among hospitals (e.g., a Level 3 Evaluation and Management code, one of the most commonly billed services in Medicare, ranged from $200 to $1534)
As part of HHS’ oversight activities, the Committee leaders asked HHS to “revisit its enforcement tools, including the amount of the civil penalty, and to conduct regular audits of hospitals for compliance.” Currently, the maximum amount to which a hospital may be subject for non-compliance is a civil monetary penalty of only $300 per day. (45 CFR § 180.90(c)(2))
CMS Issues Some Guidance, but for Insurance Issuers
CMS has not issued formal guidance to hospitals in response to the multiple reports of hospitals failing to adhere to the rule. It has, however, issued guidance for insurers who soon must comply with their own transparency in coverage requirements. Effective January 1, 2022, the majority of non-grandfathered group health plans and health insurance issuers must make available to the public, including consumers, certain machine-readable files detailing various types of pricing information related to items and services covered by the plans.
CMS posted the recent technical guidance on GitHub, an online software forum. Perhaps in an attempt to prevent similar non-compliance from insurers, CMS informed them that the machine-readable files must be posted “without restrictions that would impede the re-use of that information.” In addition, the data posted must “allow for search engine discoverability…”
Hospitals Must Comply
CMS previously made clear, even before the recent reports, that it will audit hospitals to ensure compliance with the requirements. If CMS finds that a hospital has failed to comply, CMS may (1) issue a written warning notice to the hospital, (2) request a corrective action plan, or (3) impose a civil monetary penalty along with publicizing the penalty on the CMS website. (45 CFR § 180.70).
It is imperative that hospitals perform internal audits to ensure that they are in compliance. Multiple resources are posted on the CMS website to assist in these efforts, such as “Frequently Asked Questions,” “8 Steps to a Machine-readable File,” “10 Steps to a Consumer-Friendly Display,” and a “Quick Reference Checklist.”