Frequently Asked Questions

For questions related to state expenditure reporting and claiming instructions for EQR activities, please contact your CMS regional office financial representative. For specific external quality review questions, including what activities qualify for enhanced match, please contact the Division of Quality and Health Outcomes at ManagedCareQualityTA@cms.hhs.gov.

Supplemental Links:

• This FAQ was released as part of a larger set. View the full set. (PDF, 185.26 KB)

FAQ ID:94666

Yes. CMS acknowledges that states may have legitimate reasons to set capitation rates for a time period that differs from 12 months and will take unusual circumstances into account when reviewing compliance with the rating period duration requirements. CMS will approve a rating period other than of 12 months when a state transitions the contract term and rating period from a calendar year to a state fiscal year basis and setting capitation rates for a 6 month or 18 month period would facilitate that transition. There may be other reasonable justifications for such variations in the rating period that CMS would be open to considering. The rationale for a rating period that differs from 12 months as defined in the regulation in section 438.2 should be specified in the rate certification required in section 438.7 for such consideration.

Supplemental Links:

• This FAQ was released as part of a larger set. View the full set. (PDF, 185.26 KB)

FAQ ID:93456

The implementation date for non-risk PIHPs and PAHPs, PCCMs, and PCCM entities for provisions tied to a rating period is the earliest date that a risk-based MCO, PIHP, or PAHP would need to comply. For example, the provisions in subpart F relating to appeals and grievances have an implementation date for risk-based contracts of the rating period for contracts starting on or after July 1, 2017. Non-risk PIHPs and PAHPs would need to implement those provisions by July 1, 2017.

Supplemental Links:

• This FAQ was released as part of a larger set. View the full set. (PDF, 185.26 KB)

FAQ ID:93461

The regulation at section 438.3(m) has a general reference to "generally accepted accounting principles" and "generally accepted auditing principles." This means that states have the flexibility to specify the applicable generally accepted accounting and auditing principles for the audited financial reports in the managed care plan contracts. The federal regulation does not endorse a particular standard.

Supplemental Links:

• This FAQ was released as part of a larger set. View the full set. (PDF, 185.26 KB)

FAQ ID:93466

MARS-E 2.0 compliance is not required by CMS for states' MMIS, but CMS recommends that states follow applicable national privacy and security standards and practices for their MMIS. MARS-E 2.0 compliance is required for states' Medicaid/CHIP Eligibility and Enrollment (E&E) systems in order to maintain their Authority to Connect with CMS. Link for more information about MARS-E 2.0: https://www.medicaid.gov/federal-policy-guidance/downloads/cib-09-23-2015.pdf (PDF, 105.5 KB).

FAQ ID:94871

For E&E and MMIS, enhanced FFP funding is available at 90 percent via the usual Advanced Planning Document process.

FAQ ID:94876

CMS encourages states to reuse modular solutions as much as possible. If a state can reuse a modular solution from another state with minimal changes or customization, CMS will work with the state to streamline the certification process as much as possible to leverage knowledge of the reused solution. However, CMS will still require a certification decision for each state implementation of reused solutions to ensure compliance with federal regulations.

FAQ ID:94896

All the criteria in the checklists (MITA, MMIS or Custom) are the same. The difference between checklists is the criteria organization within the checklists. If the services solution is innovative, unique, or an unconventional approach, then the custom checklist approach might be appropriate. The RO will work with the state and vendors to decide which checklist set is best suited for the state's certification. Both service and traditional-type solutions need to meet all certification criteria to ensure compliance with federal regulations.

FAQ ID:94901

Yes, CMS will support the costs for this kind of MMIS transition. We encourage states to ensure that both the current vendor's and new solutions provider's contracts account for this transition period and address a prorating of cost during this time. States should minimize the costs of transition by performing due diligence on the anticipated spending. The legacy system provider should be compensated for its role in ensuring a smooth transition, with a ramp-down of other operational costs. The new solutions provider should have deliverables in its contract that speak to the soft launch or phased launch approach, with an uptick in operational costs as the transition progresses.

FAQ ID:94906

State Medicaid agencies are required to have MMIS System Security Plan and Privacy Impact Assessment documents. State Medicaid agencies must perform regular routine security and privacy risk assessments to ensure the protection and safeguard of beneficiary data that is consistent with Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules. Please refer to the MECT for more details: https://www.medicaid.gov/medicaid/data-and-systems/mect/index.html

FAQ ID:94911