What the New MIPS SAFER Assessment Measure Means for Your Organization



In 2022, a new reporting measure in the Promoting Interoperability (PI) and MACRA MIPS programs is being introduced to clinics and hospitals.

In our previous blog post, we covered the nine Safety Assurance Factors for EHR Resilience (SAFER) Guides. The SAFER Guides were created to help healthcare providers protect electronic health records (EHRs) and use them safely, in a world of increasing threats to sensitive digital information. Each of the nine guides includes a list of recommended practices for organizations to implement.

The Centers for Medicare and Medicaid Services (CMS) now requires all hospitals and CAHs to “attest to having conducted an annual self-assessment of all nine SAFER guides” by stating “Yes” or “No” in response to each assessment. This Promoting Interoperability Program change was finalized in October of 2021.

How has PI and MIPS reporting been affected?

Beginning this year, all MIPS eligible clinicians “must attest YES or NO to conducting an annual self-assessment of the High Priority Practices Guide of the SAFER Guides” in the 2022 performance period.

Taking a look at the three categories of SAFER Guides that we discussed previously, we can see that High Priority Practices is one of the Foundational Guides. In most cases, hospitals that are required to conduct an assessment for each of the nine guides should begin with the Foundational Guides before moving on to the other assessments.

For MIPS clinicians who are not required to complete all nine assessments, it is still recommended that they examine the other eight guides for useful tips. However, the High Priority Practices Guide is the only one you will have to complete to attest “Yes” in your MIPS reporting.

What is the High Priority Practices Guide?

“The High Priority Practices SAFER Guide identifies ‘high risks’ and ‘high priority’ recommended safety practices intended to optimize the safety and safe use of EHRs.”  It begins with a checklist broken into three “Domains:” Safe Health IT, Using Health IT Safely, and Monitoring Safety. Each of these three domains contains several Recommended Practices, each with a corresponding worksheet. Organizations must mark the Implementation Status of each practice as either “Fully in all areas,” “Partially in some areas,” or “Not implemented.”

To take the stress out of this requirement, Medcurity has created an intuitive, guided assessment, that is free for organizations in 2022.

Here are some things to keep in mind as you conduct the assessment:

  • Performing an assessment of your High Priority Practices is not the equivalent of the Security Risk Analysis required by HIPAA. The SRA must be completed separately.
  • The SAFER Guides include helpful recommendations for security practices, but not all recommendations may apply to all sizes and types of organizations. You will likely have a unique way of following the guides that may differ from others.

In the coming years, if an organization does not conduct the High Priority Practices Guide assessment, they will automatically receive a Promoting Interoperability score of zero. However in 2022 this measure is required, but will not affect your score. Conducting the assessment will not add bonus points to your MIPS score.

Medcurity works with you to meet requirements and better protect your patients. Find out about our Guided SAFER Assessment here.