The Centers for Medicare & Medicaid Services has issued a notice in the Federal Register under the federal Privacy Act that it will disclose certain information to entities which are administering state health insurance exchanges.
"Under this CMA, the state-based administering entities will use the data, accessed through the CMS Data Services Hub, to make eligibility determinations for insurance affordability programs and certificates of exemption," the notice says. "State-based AEs are state entities administering insurance affordability programs and may include a state agency, a state Children's Health Insurance Program, a state basic health program or a Marketplace [Exchange]."
The Privacy Act, amended, would require federal agencies involved in computer matching programs to:
Negotiate written agreements with the other agencies participating in the matching programs
Obtain the Data Integrity Board approval of the match agreements;
Furnish detailed reports about matching programs to Congress and OMB;
Notify applicants and beneficiaries that the records are subject to matching; and
- Verify match findings before reducing, suspending, terminating, or denying an individual's benefits or payments
CMS can make eligibility-related data available for 18 to 30 months.
"Although the Privacy Act requires only that CMS provide an opportunity for interested persons to comment on the proposed matching program, CMS invites comments on all portions of this notice," the notice states.
In a letter sent to U.S. Department of Health & Human Services Secretary Kathleen Sebelius last Friday, 16 Republican lawmakers raised concerns about the data services hub to be used to connect state health insurance exchanges with federal agencies.
The lawmakers took issue with the fact that to date, the hub has not been tested, and that HHS has missed "several key deadlines" for the implementation of the insurance exchanges.
To learn more:
- read the notice
GOP to Sebelius: ACA data hub raises privacy concerns
Lawmaker: ACA-mandated data hub a privacy nightmare
Feds dragging feet on insurance exchange education
HHS Secretary Sebelius: Exchanges 'on track' to meet Oct. 1 deadline
Does HIPAA apply to health insurance exchanges?