iQIES Patient Assessment Minimum Data Set Launch and Provider Security Official Recruitment
The Quality Improvement and Evaluation System (QIES) is being upgraded to make the system more reliable, scalable, secure, and accessible. The enhanced system, referred to as the Internet Quality Improvement and Evaluation System (iQIES), aims to reduce provider burden and enhance the ability for the Centers for Medicare & Medicaid Services (CMS) to better serve our community. CMS is excited to announce that we are preparing to release the iQIES for Minimum Data Set (MDS) submission in early 2023.
To comply with federal security mandates, CMS is initiating new security requirements for access control to the CMS Quality Systems through Remote Identify Proofing (RIDP) via the Healthcare Quality Information System (HCQIS) Access, Roles, and Profile Management system. To gain access to the iQIES system, all users must create an account and establish credentials in the HCQIS Access Roles and Profile (HARP) system, which is a secure identity management portal provided by CMS. To learn more about HARP, click the HARP link below under Resources to review Frequently Asked Questions.
Through HARP, the level of access for iQIES will be similar to the roles in QIES but with the addition of a Provider Security Official (PSO). The individual designated as the PSO must work for the provider and will be responsible for approving or rejecting iQIES user access requests for their respective organizations, including vendors. A user will not be granted access unless a PSO approves the request. The first PSO for your provider will need to be approved by CMS. Once approved, PSOs can approve additional Provider Security Official role requests.
For your organization to receive access to iQIES, your organization must complete the steps below no later than October 28, 2022:
1. Identify at least one individual who will be the Provider Security Official (PSO). Note: At a minimum, at least one PSO needs to be selected, but CMS highly recommends at least two PSOs are designated so there is a higher likelihood that someone will be available to approve/reject iQIES access requests. The PSO must work for the provider and cannot be a vendor.
2. Create an account in the HARP system using your corporate email address* at: https://harp.cms.gov/register. Note: HARP User IDs cannot be adjusted. As such, please refrain from using facility names or any special characters when creating the HARP User ID. *If the facility handles 2 or less providers and does not have a corporate email domain, the PSO may use a personal email address.
3. Access iQIES at: https://iqies.cms.gov/ and log in with your HARP credentials (completed in step 2 above) to request the Provider Security Official role for YOUR specific provider CMS Certification Number (CCN).
4. Once the PSO role request has been submitted AND approved, you will receive notification via email. At this point you will be one of the designated PSOs for your CCN and have the authority to approve/reject subsequent requests for access of various role types to your provider’s CCN.