Here are some of the most frequently asked questions about NCQA’s various programs. If you don’t see what you are looking for in one of the entries below, you can ask a question through My NCQA.
Save your favorite pages and receive notifications whenever they’re updated.
You will be prompted to log in to your NCQA account.
Save your favorite pages and receive notifications whenever they’re updated.
You will be prompted to log in to your NCQA account.
Share this page with a friend or colleague by Email.
We do not share your information with third parties.
Share this page with a friend or colleague by Email.
We do not share your information with third parties.
Print this page.
Print this page.
You can contact the Information Products team for assistance in expanding your permissions to meet your data usage needs. This includes any changes to the amount of data being shared (number of indicators) and how/with who the data is being shared with (internally for quality analysis purposes, external reporting on a brochure, email broadcast, website, blog) or commercial use of the data.
You can obtain access to performance data and benchmarks via the NCQA Quality Compass tool. Quality Compass is an interactive database containing individual plan performance results for HEDIS® and CAHPS® measures, as well as benchmark data at the national, regional (Census, HHS) and state levels. To learn more about Quality Compass and licensing access to HEDIS performance results, visit our Quality Compass homepage.
To obtain a list of health plan submissions and/or measures publicly reported in Quality Compass for a specific reporting year, contact the Information Products team by submitting your question on my.ncqa.org.
Quality Compass contains HEDIS and CAHPS measures that were eligible for publicly reporting during the measurement year. First year HEDIS measure results are not publicly reported in the tool.
All versions of Quality Compass allow users to build customized reports within the tool. Versions of Quality Compass that include the Data Exporter feature allows users to download and export those custom reports into Microsoft Excel.
The Data Exporter feature also grants access to the “All Measures Download” file. This file contains plan-level performance data for all publicly reported health plan submissions and all HEDIS and CAHPS measure results in a single downloadable file. Versions purchased without Data Exporter will not have the ability to export plan level data but will still have access to Excel versions of the benchmarks.
Individual plan data are the HEDIS and CAHPS performance rates submitted by health plans that chose to publicly report their results to NCQA. Users have access to all publicly reported plans in a specific product line (commercial, Medicaid, Medicare) and can easily select a subset of plans based on coverage in different regions/states.
Starting in 2023 for Transforming practices and in 2024 for currently recognized practices, direct collection of data on sexual orientation and gender identity of patients is required for KM 09. This requirement applies to all patients aged 18+, though practices are encouraged to also ask adolescent patients if they have a system for doing so.
| Topic | Update Highlights |
| Policies and Procedures | Section restructured |
| Policies and Procedures | Addition of language regarding Corrective Action Plans |
| KM 06 | Addition of Sexual Orientation and Gender Identity as required topics of data collection. Added requirement that data be direct collection. |
| KM 06 | Added requirement that data be direct collection. |
| PM 19 | New elective criterion regarding person-driven outcomes. |
| Appendix 2 – Glossary | Added “Age as a Vulnerability” |
| Topic | Update Highlights |
| Policies and Procedures | Section restructured |
| Policies and Procedures | Addition of language regarding Corrective Action Plans |
| KM 09 | Addition of Sexual Orientation and Gender Identity as required topics of data collection. Added requirement that data be direct collection |
| KM 10 | Added requirement that data be direct collection |
| CM 10 | New elective criterion regarding person-driven outcomes |
| Appendix 2 – Glossary | Added “Age as a Vulnerability” |
For CVO 3, Element B:
Both the organization and delegate must monitor the delegate’s system security controls as part of the delegation oversight requirements and may choose audit as the monitoring method. If auditing is the chosen method, the delegate provides an audit report of modifications that did not comply with its policies and procedures or with the delegation agreement.
The organization is not required to conduct an audit if it determines that the delegate adequately monitored and reported noncompliant modifications, but must provide documentation (a report, meeting minutes or other evidence) that it reviewed and agreed with the delegate’s findings. If the organization determines that the delegate did not adequately monitor noncompliant modifications, it must conduct its own audit of the delegate’s system controls.
The organization must submit its documentation and the delegate’s documentation as part of the survey.
