Recently, we received a number of inquiries about DHS requests for new information about Board Members and others in ownership and control of facilities.  In response to these questions, we asked DHS to help us clarify the issues.  The following is their guidance on what new information is being requested and why.  It is important to note that for Board of Directors members, following our inquiry, they will no longer be asking for Drivers License numbers.  Also note the explanation that they will process things without the Social Security Numbers or Dates of Birth pending guidance from federal regulations they anticipate around March 23, 2011.  However, also note that if the name comes up on their List of Excluded Individuals and Entities, they will seek clarification to differentiate between individuals by asking for Social Security Numbers and Dates of Birth.  If this cross check demonstrates that the individual is on the Exclusion List, you will be subject to the consequences.

Federal regulations at 42 CFR 455.100 – 106 necessitate that state Medicaid agencies require disclosure of information by providers on ownership and control to include the name and address of each person with an ownership or control interest in the disclosing entity and managing employees.

Recently, the information requested by DHS has included Social Security numbers as well.  We are told that the primary reason DHS has requested SSNs is to verify that no managing employee or person with an ownership or control interest is found on the Federal Office of Inspector General (OIG) List of Excluded Individuals and Entities (LEIE).  DHS verifies this status because financial participation is not available for items or services provided by an excluded provider. Further, DHS is required to report excluded persons or organizations to the Office of Inspector General.  Date of birth is requested to differentiate between individuals with the same name in their provider files.  If an excluded provider is associated with an enrolled entity, the relationship could result in take backs of claims paid, so the LEIE check benefits the provider as well.

While the Federal Privacy Act authorizes states to collect the SSNs of any persons affected by its welfare programs, at this time there is no explicit mandate in law that requires state Medicaid agencies to collect SSNs from individuals with an ownership or control interest or who are agents or managing employees of provider entities.  There are federal regulations in process but as yet they are not completed; final federal regulations are expected to be effective March 23, 2011, and these could address disclosure of SSN and date of birth.

Until the final federal regulations are issued, DHS will continue to ask for SSNs, but will not delay the enrollment process if SSNs are not provided.  However, if a person named on the disclosure statement is found on the LEIE, DHS will require that individual’s SSN.  Similarly, DHS will not delay enrollment if date of birth is not provided.  DHS will no longer request drivers’ license numbers on the disclosure statement.

This updated process will apply to all provider types, enrollments, re-enrollments, and renewals until further federal guidance is received.  If SSNs and dates of birth are required by the federal final screening regulations effective March 23rd, 2011, DHS will revisit this policy.

With respect to the data privacy questions created by asking for all the new data, all government data is public, unless classified otherwise by statute.  SSNs are not public data.  Please follow this link to the MHCP Data Privacy Notice for more information.  DHS follows both state and federal regulations (Minnesota Government Data Practices Act, 45 CFR part 164 Subpart C, Health Insurance Portability and Accountability Act of 1996 and American Recovery and Reinvestment Act of 2009) in the secure and private handling of the data retained within the MMIS system.  DHS utilizes role-based access controls, which limit individual access to the data elements required to do one’s job, as well as limiting access to only what is permitted by law.

Toby Pearson
952.851.2480
tpearson@careproviders.org

Our Sponsors