Stage 1 Meaningful Use Supporting Documentation
Certified EHR Technology Documentation: all certified modules or EHRs that are available at a practice(s) at the start of the EHR reporting period must be added to the cart on the Office of the National Coordinator Certified Health IT Product List (CHPL) website to generate an accurate CMS EHR Certification ID. Eligible Professionals (EPs) must upload a screenshot of the CHPL webpage with the CMS EHR Certification ID at the time of attestation.
Core Measure, Menu Measure, and Clinical Quality Measures (CQMs) Supporting Documentation: EPs must upload EHR screenshots and other supporting documentation that fully support their Meaningful Use Core and Menu measures and Clinical Quality Measures data at the time of attestation in order for the payment request to be processed. EHR screenshots and other supporting documentation must have all HIPAA or other protected health information (PHI) removed or blacked out prior to uploading them with the attestation. To prevent risk of modification of audit documents, print to a version that is not modifiable such as PDF and/or paper. Per CMS, EPs must keep documentation supporting their demonstration of meaningful use for 6 years.
EPs must be able to provide documentation to support each measure to which they attested. The primary MU and CQM documentation are the source documents that the EP used when completing the attestation. These documents should provide a summary of the data that supports the information entered during attestation. Ideally, this would be reports from the certified EHR technology (CEHRT), but EPs may upload other documents that demonstrate how the data was accumulated and calculated. All claimed exclusions must also have supporting documentation.
For Core and Menu measures that require percentage-based attestations, reports generated from the EHR must identify that the report was generated by the EHR (i.e. EHR logo displayed on the report or step-by-step screenshots that demonstrate how the report was generated by the EHR) with Protected Health Information redacted (i.e., HIPAA protected information). Reports should include:
- Numerators and denominators for the measures;
- Time period covered by the report;
- Evidence to support that the report was generated for the EP that is attesting (identified by National Provider Identifier; CMS Certification Number; provider name; practice name, etc.).
For Core and Menu measures that require Yes/No attestations, one or more CEHRT screenshots that are dated during the MU reporting period and provide evidence that the report was generated for the EP that is attesting with Protected Health Information redacted (i.e., HIPAA protected information) must be uploaded (with the exception of the security risk analysis which must be available upon request).
CQM data must be reported directly from the CEHRT; associated reports must identify the EHR, date, etc., and evidence that the report was generated for the EP that is attesting with Protected Health Information redacted (i.e., HIPAA protected information).