60 Day Public Comment Response

Centers for Medicare and Medicaid Services Response to Public Comments Received for
CMS-10630
The Centers for Medicare and Medicaid Services (CMS) received comments from seven
commenters including existing and prospective Programs of All-Inclusive Care for the Elderly
(PACE) organizations (POs), a state administering agency, and an advocacy organization related
to CMS-10630. This is the reconciliation of the comments.
General Comments
Comment: Two commenters expressed appreciation for CMS’s consideration and incorporation
of PACE stakeholder feedback to improve the audit process and overall experience and one
expressed appreciation for the timely update to the audit protocol to reflect the new regulatory
provisions.
Response: Thank you for these comments.
Comment: A commenter stated that it is unclear how CMS calculates a PO’s final audit score
and requested clarification regarding CMS’s audit scoring methodology.
Response: Information about how an audit score was calculated is included in the Executive
Summary of Findings section of the Draft and Final Reports issued to audited POs. In that
section of the report, CMS summarizes CMS’s findings, the points assigned to each finding, and
the overall audit score calculation.
Comment: A commenter asked CMS to provide additional clarity on how it determines whether
to issue an observation, Corrective Action Required (CAR), and Immediate Corrective Action
Required (ICAR) for non-compliance identified during an audit.
Response: CMS includes descriptions of each classification type (i.e., observations, CARs, and
ICARs) in the Findings section of the Draft and Final Audit Reports that are issued to audited
POs. The facts and circumstances that lead to non-compliance vary and are typically unique to
each audited organization. Because of that, CMS reviews and evaluates all the documentation for
each condition of non-compliance on an individual basis to determine the appropriate
classification.
Audit Protocol – General
Comment: A commenter noted that the Initial Comprehensive Review (ICR) process is not
addressed in the Audit Purpose and Scope section of the Audit Protocol and recommended CMS
clarify the ICR process and provide POs with process documents.

Response: The ICR process is effectively the same audit processes and application of
compliance standards described in the audit protocol. The only difference is CMS may not
require a PO undergoing an ICR to submit all the data collection elements specified in
attachment I.
Comment: A commenter supported the removal of the monitoring reports from the
documentation collected by CMS during the audit.
Response: Thank you for this comment.
Audit Protocol – Elements
Service Determination Requests, Appeals and Grievances (SDAG)
Comment: A commenter recommended that CMS modify the compliance standard 3.3.2.4 to
reflect the current PACE regulations, which allow for notification of an extension through either
oral or written communication.
Response: CMS agrees and has updated the compliance standard to reflect that when the
interdisciplinary team extends the timeframe, it must notify the participant or their designated
representative either orally or in writing.
Comment: A commenter recommended CMS reorganize the compliance standards section
similar to the way the documentation section is organized to evaluate each element separately
under the SDAG element. The commenter also recommended that compliance standard 3.4.2 be
modified to demonstrate that CMS will consider information about supply or labor shortages
beyond the PO’s control that either delayed care to a participant or caused the PO to take interim
measures to address the participant’s needs.
Response: The documentation section and the compliance standards section serve different
purposes and are organized to best meet those purposes. The purpose of the documentation
section is to outline the necessary information for each sample case file to evaluate compliance
with CMS requirements. This section has been organized by each component of that element to
improve clarity. The compliance standards section is based on regulatory requirements and
provides information on how PO compliance is evaluated. To avoid redundancy, the compliance
standards are organized by themes (e.g., appropriate processing, timeliness) that are common
across the SDAG components. CMS believes aligning the compliance documentation section and
the compliance standards section would undermine the efficiency of the audit process, so we are
not modifying the protocol as recommended. CMS also does not believe it needs to modify the
protocol to allow submission of circumstances that delayed care or caused a PO to take interim
measures to address participants’ needs because CMS routinely asks POs about potential
mitigating or aggravating factors during audits.
Provision of Services
Comment: A commenter supported the reduction in the number of medical records subject to
review.

Response: Thank you for this comment.
Personnel Records
Comment: A commenter supported the inclusion of additional criteria to guide the auditors’
evaluation of the PO’s compliance with medical clearance requirements and the opportunity for
the PO to demonstrate compliance through the Request for Additional Information process.
Response: Thank you for this comment.
Audit Protocol – Appendix
Comment: For Table 1 Service Determination Request (SDR) Record Layout Row J, a
commenter recommended including the option to notify the participant and/or designated
representative of the extension either orally or in writing.
Response: CMS agrees and has updated Table 1 Row J to include oral communication.
Comment: A commenter made a few recommendations related to minor typos or grammatical
errors in the record layouts.
Response: CMS agrees and has fixed all grammatical errors noted by the commenter.
Attachment II PACE Supplemental Questions – Instructions Tab
Comment: A commenter stated that there are no questions related to grievances or SDRs in the
Supplemental Questions tab and requested that CMS clarify whether the PO is required to upload
grievance and SDR policies.
Response: CMS appreciates the opportunity to clarify the expectation for submitting grievance
and SDR policies. POs are not required to upload their grievance and SDR policies, and CMS
has removed that language from the instructions tab. POs will be evaluated for compliance
related to grievances and SDRs based upon regulatory requirements.
Attachment III Pre-Audit Issue Summary – Instructions Tab
Comment: A commenter recommended CMS change September 3, 2023, to September 2025 to
reflect a 6-month audit review period.
Response: CMS agrees and has changed the date to September 3, 2025.
Attachment IV PACE Audit Survey

Comment: A commenter recommended CMS evaluate the PACE Audit Survey response rate to
determine if the survey process needs to be reassessed to more effectively capture the necessary
data to support accurate burden estimates and consider including questions to help identify the
specific PACE staff involved in audit activities throughout the entire audit.
Response: When issuing the final audit report, CMS includes a weblink to the PACE Audit
Survey, although completing the survey is voluntary and not required. The survey provides an
opportunity for POs to provide any additional comments or suggestions regarding the audit
process, and there are also opportunities for organizations to enter free text responses if they
have feedback to provide that was not specifically requested. CMS will continue to carefully
consider the feedback collected from each survey to improve the audit process.
Root Cause Analyses (RCAs) and Impact Analyses (IAs) – General
Comment: A commenter recommended CMS raise thresholds for requesting RCAs and IAs.
Response: RCAs are critical to understanding the cause and potential impact of non-compliance
identified during an audit, and they can provide the PO additional opportunities to submit
documentation that may address or mitigate identified non-compliance. Additionally, RCAs
improve a POs ability to develop Corrective Action Plans (CAPs) targeted at fixing the cause of
non-compliance to prevent it from recurring. Raising the thresholds would increase the risk that
the causes for non-compliance would not be properly identified and resolved. However, CMS is
sensitive to the burden that producing RCAs and IA creates, which is why CMS carefully
considers all information received from the PO prior to deciding whether to request an IA, and
has limited IAs to requesting information related to potential access concerns for participants.
CMS believes this approach strikes the right balance between minimizing burden on POs and
risk to participants.
Comment: Multiple commenters stated IAs take a considerable amount of time to complete.
One commenter stated that 50 percent of a PO’s census is typically reviewed. Commenters
recommended CMS initially select fewer participants and if the results of the initial analysis
indicate there is or may be a potential systemic issue of non-compliance, additional participants
may be selected for review.
Response: IAs continue to be an effective mechanism to determine the magnitude of an issue,
and to allow a PO to identify participants that may need remediation. However, CMS
understands that completing IAs can be burdensome and takes an approach to requesting IAs that
minimizes the burden as much as possible without increasing risk to participants. In particular,
the 50 percent threshold represents an upper limit that CMS reduces depending on the nature of
the noncompliance and in consideration of the PO’s enrollment size. Further, these analyses are
not routinely requested as part of all audits and are only requested when an organization is noncompliant with regulatory requirements. At this time, CMS will continue following its current
methodology for selecting participants for IAs.

Impact Analyses (IAs) – Specific
Comment: For the Wound Care 1P02 IA, a commenter recommended “medication error’ be
changed to “wound care error” in Column I of the Participant Impact tab.
Response: CMS agrees and has changed “medication error’ to “wound care error” in Column I
of the Participant Impact tab.
Audit Templates
Comment: For the CAP template, a commenter asked CMS to clarify its expectations for
developing and submitting CAPs. Specifically, whether the amount of information provided in
the examples are sufficient and the expectations regarding timeframes or milestones which are no
longer asked about in the template.
Response: Following an audit, the PO is required to provide complete and accurate CAPs that
will fully address all identified non-compliance and prevent future non-compliance. The level of
CAP detail necessary will be dependent on each individual issue contributing to the noncompliance. The examples provided in the template should be used as a guide representing the
minimum amount of information needed in the CAP. CMS has added clarifying text in the
instructions tab in response to this comment. Furthermore, to reduce the burden on the PO, the
PO is no longer required to submit monitoring reports and implementation plans. As a result of
this update, the template was modified to remove the information request related to monitoring
activities.
Comment: For the CAP template Column H, a commenter stated the question asks how the CAP
will be integrated into the compliance program, but the example provided relates to the quality
program which may be a separate part of the PO. This commenter recommended CMS modify
the language in the example provided so it relates to the compliance program to prevent
confusion.
Response: Corrective actions taken in response to compliance issues should be integrated into
the PO’s compliance program and their quality program if applicable. CMS has modified the
language in the CAP template Column H to reflect the Compliance and/or Quality program.
Comment: For the Request for Additional Information (RAI) template, a commenter expressed
appreciation for the template stating it will serve as an invaluable resource for PACE
organizations, providing clear and structured guidance on how to effectively respond to requests
for information during an audit.
Response: Thank you for this comment.
Comment: For the CaseFileCoversheet, a commenter recommended CMS align the language in
the Information Requested by CMS column with the Instructions column to improve the clarity

of the template. For example, changing the language from “not applicable for immediate
approvals” to “does not apply for immediate approvals” or vice-versa.
Response: CMS agrees and has aligned the language in the Information Requested by CMS
column with the Instructions column.
Burden
Comment: Multiple commenters have expressed that CMS’s audit data requirements are
extensive and burdensome. A commenter suggested CMS consider how adding additional
elements to the process will negatively impact care and operations at POs.
Response: CMS appreciates the commenters’ concerns. The audit protocol was developed to
assess compliance with statutory and regulatory requirements and ensure that participants receive
the benefits they are entitled to under the PACE program. Since 2017, CMS has made numerous
and significant changes to the documentation requests in response to comments and with each
protocol update, the agency has sought to strike a balance between ensuring participants are
receiving appropriate and timely care and services, while not overwhelming organizations with
intensive data requests over the course of the audit. The current audit protocol has helped CMS
improve the PACE program by identifying non-compliance and ensuring organizations
understand the actions that are needed to correct deficiencies. This includes identifying access to
services concerns, and inadequate processes and infrastructure that adversely impact the
provision of services, including processes for evaluating requests for services and complaints,
coordinating care across all settings, and ensuring care is provided by specialists as appropriate.
CMS will continue to request the minimal amount of information that is needed for CMS to
adequately investigate potential non-compliance that may negatively impact participants,
including full participant medical records when needed. CMS will continue working with POs to
identify opportunities to streamline the audit process while maintaining CMS’s ability to
effectively monitor organizations for compliance with regulatory requirements. Lastly, CMS did
not add elements to the audit protocol that would impact the length of the audit.
Comment: A commenter asked CMS to clarify why it reduced the burden estimates related to
the CAP process since POs are still required to develop, submit, and implement CAPs. This
commenter requested CMS to address the PO responsibilities related to developing, submitting,
and implementing corrective actions that were removed from the audit process.
Response: All POs are required by regulation to correct non-compliance identified by CMS
through the audits. In the previous data collection package, the CAP-related burden for POs
submitting implementation and monitoring information and data in the Health Plan Management
System (HPMS) was included as a part of the corrective action process for audits. While POs
will still be required to implement corrective action, they will no longer be required to submit
CAP-related implementation and monitoring information and data to CMS through the HPMS.
CMS therefore adjusted the burden estimates to remove the costs associated with those efforts.
Comment: Multiple commenters suggested that POs should not be expected to retrieve data

from their electronic medical record systems in the same manner CMS expects Medicare
Advantage Organizations (MAOs) and/or Part D plans to access their administrative databases,
because electronic medical records (EMRs) are not designed to produce data reports
representing all the information documented in the EMR. The commenters expressed that
CMS’s audit process creates excessive burden because the narrative nature of EMRs require
POs to perform manual reviews of audit data requests and diverts staff from participant care.
Response: POs have unique responsibilities, as both an insurer for purposes of implementing
the Medicare and Medicaid programs, and as a direct care provider that is responsible for
ensuring the health and safety of the participants enrolled in their programs. CMS understands
that some POs do not have systems that are capable of easily compiling information for
auditors about the provision of care and services for participants. However, because PACE is a
direct care provider, it is even more critical that POs have the ability to maintain information
on requested and approved services to ensure services are being provided to participants. CMS
has repeatedly found on audit that there is a direct correlation between a PO’s ability to track
services that have been ordered, care planned, or approved, and the PO’s ability to effectively
manage a participant’s condition and ensure the participant is receiving the care they need.
Therefore, CMS strongly encourages POs to develop and maintain an appropriate infrastructure
to ensure the needs of participants are being met in accordance with CMS’s requirements.
Comment: Multiple commenters stated the burden estimate of 780 hours for the 2026 PACE
audit protocol is too low and does not reflect the time and resources required for an audit.
Response: CMS acknowledged that the previous burden estimate may have been too low;
however, CMS made multiple modifications that reduce the burden of audits conducted in 2026
and beyond. CMS removed the collection of monitoring reports, removed the collection of
information during CAP implementation and monitoring, and has provided templates designed to
assist POs through the audit process. Based on these changes, CMS believes that the burden
estimates are now more appropriately representative of the time and effort that will be spent on a
CMS audit following adoption of this protocol.
Comment: A commenter expressed appreciation for the acknowledgement that CMS
underestimated the time required for certain new data collections in the 2023 PACE Audit
Protocol and CMS’s use of updated burden assumptions to more accurately account for total
burden conducting audits using the 2026 PACE Audit Protocol.
Response: Thank you for this comment.