Medicaid Enterprise Certification Toolkit



CMS is dedicated to keeping current with federal regulations and Medicaid priorities and will continue to publish updated versions of the Medicaid Enterprise Certification Toolkit (MECT) to reflect key changes. It is recommended that states and vendors review and understand the latest guidance in the MECT to ensure alignment.

CMS developed the Medicaid Enterprise Certification Toolkit (MECT) in 2007 to assist states as they plan, develop, test, and implement their Medicaid Management Information Systems (MMIS). Since the initial release of MECT, CMS has updated the toolkit to accommodate modular and agile development, refined certification criteria, developed a new approach to CMS-state partnership, updated criteria to reflect the latest regulations and guidance, and provided templates and tools to assist states and their contractors in the certification process.

A cornerstone of the toolkit is the Medicaid Enterprise Certification Life Cycle (MECL). MECL includes milestone reviews throughout the MMIS life cycle so the state receives early feedback about issues that may impede certification. MECL is flexible to fit various state approaches such as agile, waterfall, or outsourcing of Medicaid services. The MECL and certification checklists ensure alignment with Medicaid Information Technology and Architecture (MITA), and the standards and conditions for Medicaid IT.

CMS offers a list of MMIS-related questions and answers on its Frequently Asked Questions page.

Medicaid Enterprise Certification Toolkit Version 2.2

CMS has released the newest version of the toolkit (v2.2):

  • Medicaid Enterprise Certification Toolkit 2.2
    • 00 MECT 2.2 Welcome Release Notes
    • 01 MECT 2.2 Medicaid Enterprise Certification Life Cycle
    • 02 MECT 2.2 Appendix A_MECL and At a Glance Sheets
    • 03 MECT 2.2 Appendix B_Required Artifacts List
    • 04 MECT 2.2 Appendix C_Std IVV Language
    • 05 MECT 2.2 Appendix D_MMIS IVV Progress Report Template
    • 06 MECT 2.2 Appendix E_MMIS ConOps Template
    • 07 MECT 2.2 Appendix F_ MITA eSelf Assessment Scorecard
    • 08 MECT 2.2 Appendix G_2007 Criteria to MECT 2.2 Criteria Map
    • 09 MECT 2.2 Appendix H_PPU Template
    • 10 MECT 2.2 Appendix I_Unified RFP Guide
    • 11 MECT 2.2 Appendix J_MMIS Certification Request Letter Template
  • MECT 2.2 MITA Business Area Module Checklist Set
  • MECT 2.2 MMIS Module Checklist Set

Updates in MECT 2.2 include, but are not limited to:

  • The five core checklists—Information Architecture, Standards and Conditions (S&C) for Medicaid IT, Technical Architecture (TA) Access & Delivery (A&D), TA Intermediary & Interface (I&I), and TA Integration & Utility (I&U)—have been streamlined, and guidance for providing evidence for each type of milestone review has been added.
  • A Project Partnership Understanding (PPU) is completed between the state and CMS early in the life cycle.
  • The Unified RFP Guide is included.
  • MMIS IV&V Certification Progress Reports are to be submitted to the MMIS certification email address as well as to the Regional Office, and only reports submitted in preparation for a milestone review need to have checklists attached.
  • The MMIS IV&V Certification Progress Report template is now an Excel workbook.
  • The Project Initiation and Operational Milestone reviews generally consist of CMS reviewing and commenting on the MMIS IV&V Certification Progress Report. Site or virtual visits are not required unless CMS deems them necessary. 
  • Clarification has been added about what the state must send to CMS before milestone reviews can be scheduled.
  • Guidance has been included about the preferred methods for providing evidence to CMS to comply with HIPAA.

The toolkit was last updated July 31, 2017.