|
The Center for Medicare & Medicaid Services (CMS) is committed to maintaining the integrity and security of health care data in accordance with applicable laws and regulations. Disclosure of Medicare Beneficiary eligibility data is restricted under the provisions of the Privacy Act of 1974 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA.) The Provider Medicare Beneficiary eligibility transaction is to be used for conducting Medicare business only. Providers interested in utilizing the HETS UI are advised to become familiar with the security related documents on this page and understand that CMS monitors the transaction for aberrant behavior. Refer to Section 10.3 of the Medicare Claims Processing Manual in the Downloads section below. Cautions & Warnings The HETS UI Internet application will suspend a User's account access when the number of User errors exceeds the CMS parameterized values for either consecutive errors, or the number of total errors in a single web session. This modification is being made to provide greater system security against End-User fraud and abuse. To protect the privacy of beneficiary data, the subscriber last name, subscriber first name, subscriber primary ID (HICN), and subscriber birth date must match the beneficiary's data maintained by Medicare. Providers/suppliers must use caution to ensure that accurate information is entered into the HETS UI system in order to prevent User lockout. Authorized Users of the HETS UI Internet application agree to use appropriate safeguards to prevent use or disclosure of Protected Health Information other than as permitted or as required by the HIPAA. Unauthorized disclosure may result in prosecution to the fullest extent of the law. The following identifies incident severity levels and describes the required action: Incident Severity Levels and Required Action LOW SEVERITY (User is very infrequently locked out): The External Point of Contacts (EPOC currently referred to as User Group Administrators – UGA) (if applicable) or Security Official contacts Medicare Customer Assistance Regarding Eligibility (MCARE) Help Desk to request reinstatement. MCARE notifies Security Official (and UGA, if applicable) of reinstatement via email. HIGH SEVERITY (User is frequently locked out): Security Official contacts MCARE Help Desk to request reinstatement. MCARE notifies Security Official (and UGA, if applicable) that User will remain suspended for at least one week. Security Official will also be required to complete a Corrective Action Plan (CAP) using CMS provided form. CMS must receive and approve CAP before User will be reinstated (User suspension will last at least one week). SECURITY INCIDENT EMERGENCY SEVERITY (User continues to be locked out frequently after a CAP has been submitted OR Organization's Users demonstrate systematic failure to enter valid data): Security Official contacts MCARE Help Desk to request reinstatement. MCARE notifies Security Official (and UGA, if applicable) that due to repeated suspensions, User and all other Users in the Organization will be suspended for at least one week. Security Official will also be required to complete an updated CAP using CMS provided form. CMS must receive and approve revised CAP before all organization Users will be reinstated (suspension will last at least one week). The HETS UI will display the following alert message within the application's browser window when a User has been locked out: Access Denied Your session has been terminated because you have exceeded the error limit. Please contact the Medicare Eligibility Help Desk at 1-866-440-3805 to restore your access to the system. The Help Desk is available Monday – Friday from 7AM – 9PM Eastern Time. ID's and Password Policy User IDs and Passwords are assigned to individuals. Individuals are strictly forbidden from sharing or "handing off" their User IDs and Passwords with others. The unauthorized use of an individual's User ID and Password will result in the termination of that User's ID and Password. If you have any questions or concerns, please feel free to contact the MCARE Help Desk listed on the Contact Us page by email or phone. Medicare Customer Assistance Re: Eligibility (MCARE) Help Desk 1-866-440-3805
Page Last Modified: 11/20/2008 3:23:29 PM
Help with File Formats and Plug-Ins
Submit Feedback
|
Email
Print