Due to the ongoing impact of the Change Healthcare cyberattack on physician practices, the Centers for Medicare & Medicaid Services (CMS) has added an option to cite the cyberattack when requesting a hardship exemption within the 2024 Merit-based Incentive Payment System (MIPS). You would do this through the Extreme and Uncontrollable Circumstances (EUC) application. The 2024 MIPS EUC portal is now open, and physicians have until Dec. 31 to file a hardship application and avoid a 2026 MIPS negative payment adjustment.
When in the EUC portal, physicians can select the event type as “ransom/malware.” after which a drop-down box will appear asking whether the event pertains to the Change Healthcare cyberattack. More information can be found on page 8 of the 2024 MIPS EUC Application User Guide.
When applying for a hardship, physicians have the option to request reweighting of up to four MIPS categories. Reweighting of all performance categories will result in avoiding a negative MIPS payment penalty of up to 9% in 2026. (Remember that this could put a lot more emphasis on the Quality Reporting category, which is getting harder and harder for wound care practitioners.) As a reminder, if a physician or group submits data, that submission will override the hardship exception and the physician or group may be scored.
