Here are some of the most frequently asked questions about NCQA’s various programs. If you don’t see what you are looking for in one of the entries below, you can ask a question through My NCQA.
Save your favorite pages and receive notifications whenever they’re updated.
You will be prompted to log in to your NCQA account.
Save your favorite pages and receive notifications whenever they’re updated.
You will be prompted to log in to your NCQA account.
Share this page with a friend or colleague by Email.
We do not share your information with third parties.
Share this page with a friend or colleague by Email.
We do not share your information with third parties.
Print this page.
Print this page.
Individual plan data are the HEDIS and CAHPS performance rates submitted by health plans that chose to publicly report their results to NCQA. Users have access to all publicly reported plans in a specific product line (commercial, Medicaid, Medicare) and can easily select a subset of plans based on coverage in different regions/states.
HEDIS 2022
All versions of Quality Compass allow users to build customized reports within the tool. Versions of Quality Compass that include the Data Exporter feature allows users to download and export those custom reports into Microsoft Excel.
The Data Exporter feature also grants access to the “All Measures Download” file. This file contains plan-level performance data for all publicly reported health plan submissions and all HEDIS and CAHPS measure results in a single downloadable file. Versions purchased without Data Exporter will not have the ability to export plan level data but will still have access to Excel versions of the benchmarks.
HEDIS 2022
Starting in 2023 for Transforming practices and in 2024 for currently recognized practices, direct collection of data on sexual orientation and gender identity of patients is required for KM 09. This requirement applies to all patients aged 18+, though practices are encouraged to also ask adolescent patients if they have a system for doing so.
PCMH 2017
| Topic | Update Highlights |
| Policies and Procedures | Section restructured |
| Policies and Procedures | Addition of language regarding Corrective Action Plans |
| KM 06 | Addition of Sexual Orientation and Gender Identity as required topics of data collection. Added requirement that data be direct collection. |
| KM 06 | Added requirement that data be direct collection. |
| PM 19 | New elective criterion regarding person-driven outcomes. |
| Appendix 2 – Glossary | Added “Age as a Vulnerability” |
PCSP 2019
| Topic | Update Highlights |
| Policies and Procedures | Section restructured |
| Policies and Procedures | Addition of language regarding Corrective Action Plans |
| KM 09 | Addition of Sexual Orientation and Gender Identity as required topics of data collection. Added requirement that data be direct collection |
| KM 10 | Added requirement that data be direct collection |
| CM 10 | New elective criterion regarding person-driven outcomes |
| Appendix 2 – Glossary | Added “Age as a Vulnerability” |
PCMH 2017
For CVO 3, Element B:
CVO 2022
Both the organization and delegate must monitor the delegate’s system security controls as part of the delegation oversight requirements and may choose audit as the monitoring method. If auditing is the chosen method, the delegate provides an audit report of modifications that did not comply with its policies and procedures or with the delegation agreement.
The organization is not required to conduct an audit if it determines that the delegate adequately monitored and reported noncompliant modifications, but must provide documentation (a report, meeting minutes or other evidence) that it reviewed and agreed with the delegate’s findings. If the organization determines that the delegate did not adequately monitor noncompliant modifications, it must conduct its own audit of the delegate’s system controls.
The organization must submit its documentation and the delegate’s documentation as part of the survey.
CVO 2022
No. Delegate files may be audited using one of the following methods as described in the factor explanation and noted below:
Either methodology is allowed, for consistency with other Delegation Oversight requirements for annual file audits.
CVO 2022
New delegation agreements implemented on or after July 1, 2022, must include a description of the delegate’s CR system security controls.
For delegation agreements in place prior to July 1, 2022, NCQA has extended the time frame for including a description of CR system controls in the delegation agreement. All delegation agreements under the 2024 CVO standards (effective July 1, 2024) must include a description of CR system controls. Prior to July 1, 2024, organizations may alternatively provide a delegation agreement and other mutually agreed upon documentation OR the delegate's system controls policies and procedures in lieu of a delegation agreement with a description of CR System controls.
CVO 2022
It is to ensure patient safety and routine implementation of medical home activities. Depending on the population served and/or the reporting period, a small denominator is unexpected and may indicate issues (e.g., with data, documentation, implementation). Providing additional information allows the practice to explain—beyond the numbers—when performance is outside the expected range.
PCSP 2019
