Supporting Statement for Paperwork Reduction Act Submissions
Security Consent and Surrogate Authorization Form
A. Background
The primary function of the Medicare enrollment application is to obtain information about the Provider or supplier and whether they meet the Federal and/or State qualifications to participate in the Medicare program. In addition, the Medicare enrollment application gathers information regarding the provider or supplier’s practice location, the identity of the owners of the enrolling organization, and information necessary to establish the correct claims payment.
Enrollees have the option of submitting either an CMS 855 form, or submitting information via a web based process. In establishing a web based application process, we allow providers and suppliers the ability to enroll in the Medicare program, revalidate their enrollment and make changes to their enrollment information via Internet-based Provider Enrollment, Chain and Ownership System (PECOS). Individual providers/suppliers (hereinafter referred to as “Individual Providers”) log into Internet-based PECOS using their User IDs and passwords established when they applied on-line to the National Plan and Provider Enumeration System (NPPES) for their National Provider Identifiers (NPIs). Authorized Officials (AOs) of the provider or supplier organizations (hereinafter referred to as “Organizational Providers”) must register for a user account and authenticate their identity and connection to the organization they represent before being able to log into Internet-based PECOS. Once authenticated, AOs for Organizational Providers, receive complete access to their enrollment information via Internet- based PECOS. Individuals and AOs of Organizational Providers are not required to submit a Security Consent and Surrogate Authorization Form to enroll, revalidate or make changes to their Medicare enrollment information.
Individual and Organizational Providers may complete their Medicare enrollment responsibilities on their own or elect to delegate this task to a Surrogate. A Surrogate is an individual or organization identified by an Individual or Organizational Provider as someone authorized to access CMS computer systems, such as Internet-based PECOS, National Provider Plan and Enumeration System (NPPES) and the Medicare and Medicaid Electronic Health Records (EHR) Incentive Program Registration and Attestation System (HITECH), on their behalf and to modify
or view any information contained therein that the Individual or Organizational Provider may have permission or right to access in accordance with Medicare statutes, regulations, policies, and usage guidelines for any CMS system. Surrogates may consist of administrative staff, independent contractors, 3rd party consulting companies or credentialing departments. In order for an
Individual or Organizational Provider to delegate the Medicare credentialing process to a
Surrogate to access and update their enrollment information in the above mentioned CMS systems on their behalf, it is required that a Security Consent and Surrogate Authorization Form be completed, or Individual and Organizational Providers use an equivalent online process via the
PECOS Identity and Access Management (I&A) system. The Security Consent and Surrogate Authorization form replicates business service agreements between Medicare providers/suppliers and Surrogates providing enrollment services.
We are proposing one version of the Security Consent and Surrogate Authorization Form. The form, once signed, mailed and approved, grants a Surrogate access to all current and future enrollment data for the Individual or Organization Provider.
B. Justification
1 . Need and Legal Basis
Various sections of the Act and the Code of Federal Regulations require providers and suppliers to furnish information concerning the amounts due and the identification of individuals or entities that furnish medical services to beneficiaries before payment can be made.
Sections 1814(a), 1815(a), and 1833(e) of the Act require the submission of information necessary to determine the amounts due to a provider or other person.
Section 1842(r) of the Act requires us to establish a system for furnishing a unique identifier for each physician who furnishes services for which payment may be made. In order to do so, we need to collect information unique to that provider or supplier.
Section 1842(u) of the Act requires us to deny billing privileges under Medicare to physicians and certain other health care professionals certified by a State Child Support Enforcement Agency as owing past-due child support.
Section 1834(j) of the Act states that no payment may be made for items furnished by a supplier of durable medical equipment, prosthetics, and supplies (DMEPOS) unless that supplier obtains, and renews at such intervals as we may require, a billing number. In order to issue a billing number, we need to collect information unique to that supplier.
Section 1866(j)(1)(C) of the Act requires us to consult with providers of services and suppliers before making changes in provider enrollment forms.
The Balanced Budget Act of 1997 (BBA) (Public Law 105-33) section 4313, amended sections 1124(a)(1) and 1124A of the Act to require disclosure of both the Employer Identification Number (EIN) and Social Security Number (SSN) of each provider or supplier, each person with ownership or control interest in the provider or supplier, as well as any managing employees. The Secretary of Health and Human Services (the Secretary) signed and sent to the Congress a “Report to Congress on Steps Taken to Assure
Confidentiality of Social Security Account Numbers as Required by the Balanced Budget Act” on January 26, 1999, with mandatory collection of SSNs and EINs effective on or about April 26, 1999.
Section 31001(I) of the Debt Collection Improvement Act of 1996 (DCIA) (Public Law
104-134) amended 31 U.S.C. 7701 by adding paragraph (c) to require that any person or entity doing business with the Federal Government must provide their Tax Identification
Number (TIN).
We are authorized to collect information on the Form HCFA 855 (Office of Management and Budget (OMB) approval number 0938-0685) to ensure that correct payments are made to providers and suppliers under the Medicare program as established by Title XVIII of the Act.
The Medicare Health Care Provider/Supplier Enrollment Application collects this information, including the information necessary to uniquely identify and enumerate the provider/supplier. Additional information necessary to process claims accurately and timely is also collected on the provider/supplier enrollment application.
2. Information Users
The information on the Security Consent and Surrogate Authorization Form will be used by the CMS External User Services (EUS) to establish a relationship between the Individual or Organizational Provider and the Surrogate. The Surrogate will be able to create and have access to an Individual or Organizational Provider’s enrollment information.
3. Use of Information Technology
The Security Consent and Surrogate Authorization Form is used by Medicare Individual and Organizational Providers to grant a Surrogate access to and administrative rights over all current and future enrollment data for the Medicare provider/supplier. Internet-based PECOS will generate the Security Consent and Surrogate Authorization Form with the relevant data printed on the form. The Medicare applicant is required to verify, sign and mail the Security Consent and Surrogate Authorization Form to the EUS.
4. Duplication of Efforts
There is no duplicative information collection instrument or process.
5. Small Businesses
These forms will affect small businesses; however, these businesses have always been required to complete and submit substantially the same information in order to enroll or make a change in their Medicare enrollment information.
6. Less Frequent Collection
This information is collected on an as needed basis. The information provided on these forms is necessary for enrollment in the Medicare program if a Surrogate will be submitting enrollment information on the Individual or Organizational Provider’s behalf. It is essential to collect this information the first time a provider/supplier enrolls with a Medicare contractor so that CMS’ contractors can process the provider/supplier claims in a timely and accurate
manner.
7. Special Circumstances
There are no special circumstances associated with this collection.
8. Federal Register/Outside Consultation
The 60-day Federal Register notice published on June 7, 2013.
9. Payments/Gifts to Respondents
There are no payments or gifts to respondents.
10. Confidentiality
CMS will comply with all Privacy Act, Freedom of Information laws and regulations that apply to this collection. Privileged or confidential commercial or financial information is protected from public disclosure by Federal law 5 U.S.C. 522(b)(4) and Executive Order
12600.
11. Sensitive Questions
There are no questions of a sensitive nature associated with these requirements.
12. Burden Estimates (Hours & Wages)
With the implementation of the new electronic web-based enrollment process, we calculate the total annual hour burden for the respondents to complete the security consent form is approximately 22,162 hours. This assumes that approximately 90 percent of individuals (i.e., physicians, non-physician practitioners) and 50 percent of organization providers and suppliers will use an entity other than themselves to complete their Medicare enrollment application and to submit updates.
The number of respondents is based on the information associated with OMB number 0938-
0685 and the estimated time to verify, sign and mail the security consent form is 15 minutes.
HOURS ASSOCIATED WITH COMPLETING THE SECURITY CONSENT AND SURROGATE AUTHORIZATION FORM:
INDIVIDUALS
CMS 855I – 75,000 respondents x 30% = 22,500 respondents
CMS 855R – 100,000 respondents x 30% Total CMS 855I and 855R 52,500 respondents @ 15 minutes each |
=
=
= |
30,000 respondents
52,500 respondents
13,125 hours |
ORGANIZATIONS
CMS 855A – 5,000 respondents x 30% |
= |
1,500 respondents |
CMS 855B – 35,000 respondents x 30% CMS 855S – 80,500 respondents x 30% Total CMS 855A, 855B and 855S 36,150 respondents @ 15 minutes each |
=
=
=
= |
10,500 respondents
24,150 respondents
36,150 respondents
9,037 hours |
Cost to the respondents is calculated as follows based on the following assumptions:
The CMS 855I and CMS 855R can be completed by administrative staff , and
The CMS 855A, CMS 855B and CMS 855S will most likely be completed by professional staff (attorney or accountant).
The cost per respondent per form has been determined using the follow wages:
$20.00 per hour (administrative wage)
$150.00 per hour (professional wage)
CMS 855A, CMS 855B and CMS 855S = $37.50
CMS 855I and CMS 855R = $5
13. Capital Costs
There are no capital costs to the respondents.
14. Cost to Federal Government
There is no additional cost to the Federal government. Applications will be processed in the normal course of Federal duties.
15. Changes to Burden
The burden has been adjusted downward to account for a decrease in the number of respondents. With respect to the instruments, the form has been condensed from two forms into one.
16. Publication/Tabulation Dates
N/A
17. Expiration Date
We will not display the expiration date.
18. Certification Statement
There are no exceptions to item 19 of OMB Form 83-I.
C. Collections of Information Employing Statistical Methods
N/A
File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
File Title | Supporting Statement for Paperwork Reduction Act Submissions |
Author | CMS |
File Modified | 0000-00-00 |
File Created | 2021-01-28 |