Mentor Research Institute

Healthy Contracts Legislation; Measurement & Value-Based Payment Contracting: Online Screening & Outcome Measurement Software

503 227-2027

Analysis of Mentor Research Institute “Healthy Contracts” Definitions: Legal and Policy Alignment

 

A Discussion Paper

This paper reviews definition offered by the Mentor Research Institute (MRI) Healthy Contracts Library and Summary It offers analysis of how the concepts are recognized or supported under Oregon law/policy and in U.S. federal law/policy. The paper notes consistency with legal usage and highlights any discrepancies, citing relevant statutes, regulations, or policies.

Access to Care

MRI Definition: Access to care is described as the “timely ability to obtain necessary health services, emphasizing affordability, availability of providers, reasonable proximity, timely treatment, insurance coverage, cultural competence, and transportation barriers”.

Oregon Law/Policy: While “access to care” isn’t explicitly defined by statute, improving access is a foundational goal of Oregon’s health system. The Oregon Health Authority’s mission prioritizes the goal that all Oregonians can access quality, affordable care oregon.gov. Oregon’s expansion of the Oregon Health Plan (Medicaid) and marketplace under the Affordable Care Act (ACA) dramatically increased insurance coverage, thereby improving access. For example, Oregon’s uninsured rate dropped significantly after the Medicaid expansion in 2014, reflecting greater access to services. In Oregon law, there are often provisions which address access indirectly, e.g. ORS 414.018 declares goals for the medical assistance program including accessible and effective health services. The Oregon Health Policy Board and OHA initiatives (such as the Coordinated Care model) focus on health equity and removing barriers to care in rural and underserved areas, aligning with the MRI definition’s points on cultural competence and geography. There are no conflicts between the MRI definition and Oregon’s use of the term; both treat “access” as a broad policy objective rather than a strict legal term.

Federal Law/Policy: The Affordable Care Act ACA was fundamentally aimed at improving access to care nationwide. By expanding Medicaid and creating insurance exchanges with subsidized plans, the ACA enabled an estimated 20 million previously uninsured Americans to gain coverage pmc.ncbi.nlm.nih.gov. This improved access by making care more affordable and available. Federal regulations also enforce network adequacy standards for health plans (to ensure provider availability) and patient protection rules (such as ensuring emergency services without prior authorization). While “access to care” isn’t formally defined in U.S. Code, it underpins many federal policies (e.g. ACA’s Section 2719A requires plans to have reasonable access to in-network emergency services). The MRI definitions of elements, affordability, availability, timeliness, etc., mirror the concerns addressed by federal health policy. Notably, ACA insurance reforms (community rating, prohibiting denials for preexisting conditions) were meant to improve equitable access. There is no discrepancy: the MRI definition is consistent with ways policymakers discuss access. Both Oregon and federal efforts treat access to care as a guiding principle, focusing on reduced cost barriers and improved provider availability to achieve timely, needed care for all.

Alternative Payment Methods (APM)

MRI Definition:Alternative Payment Methods (APMs) are payment models moving away from fee-for-service toward value-based approaches. The definition lists key types like pay-for-performance, bundled payments, shared savings, capitation/population-based payments, and risk-sharing (upside/downside risk)”mentorresearch.org mentorresearch.org. The emphasis is on rewarding quality, outcomes, and cost-effectiveness instead of volume of services.

Oregon Law/Policy: Oregon health policy strongly supports APMs, especially in Medicaid and state-regulated health plans. Although “Alternative Payment Methodology” is not specifically defined in Oregon Revised Statutes, Oregon’s Medicaid program (through Coordinated Care Organizations(CCOs) is contractually required to shift payments toward value-based models. For instance, Oregon’s CCO contracts mandate that a substantial percentage of provider payments be made through APMs (targeting 70% by 2024) hcinnovationgroup.com. This aligns with Oregon’s broader cost-containment and quality goals. Additionally, ORS 414.653 authorized an Alternative Payment Methodology pilot for community health centers, illustrating state support for non-fee-for-service payments. The Oregon Health Authority’s Transformation Center explicitly defines VBP/APM as “paying for quality rather than quantity” and ties it to achieving better health, better care, and lower costs oregon.gov. In short, Oregon’s use of APMs (in programs such as CCOs and the Oregon Value-Based Payment Compact) matches the MRI definition. No conflict exists, MRI’s list of APM types reflects models encouraged by Oregon’s Health Policy Board and OHA (e.g. bundled payments for episodes of care, shared savings through CCO incentive metrics, etc.).

Federal Law/Policy: The federal government has likewise promoted APMs in Medicare and beyond. The Centers for Medicare & Medicaid Services (CMS) defines an Alternative Payment Model as “a payment approach that gives added incentive payments to provide high-quality and cost-efficient care” cap.org. Under the Medicare Access and CHIP Reauthorization Act (MACRA), clinicians can earn bonuses by participating in Advanced APMs (like certain Accountable Care Organizations or bundled payment programs). CMS’s Innovation Center has tested and implemented APMs such as the Medicare Shared Savings Program (ACO model), Bundled Payments for Care Improvement (BPCI), Primary Care Medical Home models, etc. These mirror MRI definition categories. For example, capitation is used in Medicare Advantage and Medicaid managed care (fixed per-member payments), and shared savings are central to Medicare ACOs (providers share in savings if they reduce costs while meeting quality targets) mentorresearch.orgmentorresearch.org. Pay-for-performance is seen in programs like Medicare hospital value-based purchasing. There is strong consistency: the federal policy direction is firmly toward APMs to replace pure fee-for-service, as MRI describes. Without discrepancies, the MRI definition is legitimate; supported by federal initiatives and regulations (e.g., 42 U.S.C. 1395jjj establishing the Medicare Shared Savings Program, and CMS regulations guiding alternative payment demonstrations). Both Oregon and federal contexts embrace APMs to align payment with quality and outcomes, validating the MRI definition.

Audit and Compliance Committee

MRI Definition: “An Audit and Compliance Committee is described as an internal governance body overseeing internal audit functions, risk management, and legal/regulatory compliance. It ensures the organization adheres to laws, policies, and ethical standards, with responsibilities such as supervising internal audits, monitoring compliance with laws (e.g. HIPAA in healthcare), managing risk controls, reporting to the board, and ensuring whistleblower protections” mentorresearch.org, mentorresearch.org.

Oregon Law/Policy: Oregon law does not explicitly mandate that every healthcare organization have an “Audit and Compliance Committee,” but certain regulated entities are required to have such governance mechanisms. For example, insurance companies operating in Oregon must follow corporate governance rules derived from the NAIC Model Audit Rule. Oregon Administrative Rules (OAR) 836-011-0223 require insurers of a certain size to maintain an audit committee of the board, responsible for oversight of financial reporting and the internal audit function oregon.public.law. This includes ensuring independence of auditors and adequate resources for audits oregon.public.law. Similarly, publicly traded healthcare companies in Oregon (e.g. large hospital systems or insurance carriers listed on stock exchanges) are subject to the Sarbanes-Oxley Act, which requires audit committees of independent directors to oversee external audits and whistleblower complaint mechanisms. For healthcare providers that are not insurers or public companies, having a compliance committee is considered a “best practice” (and may be effectively required to meet OHA contracting standards or accreditation standards). For instance, Coordinated Care Organizations (CCOs) in Oregon’s Medicaid program must implement compliance plans that often include oversight committees. Conclusion: The concept is recognized as a standard governance practice. Oregon’s insurance regulations explicitly support the role and duties MRI describes (e.g. oversight of audits, ensuring compliance). No inconsistency, the MRI definition aligns with legal expectations that organizations, especially insurers and large providers, maintain effective internal audit and compliance oversight oregon.public.law. If anything, Oregon law enforces some of these practices in specific sectors, offering agreement with the MRI definition.

Federal Law/Policy: At the federal level, the idea of an audit/compliance committee is well-established in corporate and healthcare compliance law. Under Sarbanes-Oxley (applicable to public companies), audit committees must oversee external auditors and establish procedures for confidential whistleblower reports oregon.public.law. In the healthcare domain, the U.S. Department of Health and Human Services (HHS) Office of Inspector General has long urged healthcare providers and plans to have compliance programs with high-level oversight (often a committee reporting to the Board) to prevent fraud and abuse. Medicare Advantage regulations require a compliance program that includes a compliance officer and a compliance committee that reports to the organization’s governing body (42 C.F.R. § 422.503(b)(4)(vi)). Specifically, Medicare Advantage plans must have both a committee and written policies to oversee compliance and “a policy of non-intimidation and non-retaliation” for good-faith reporting ecfr.gov. Likewise, the Federal Sentencing Guidelines consider the existence of an effective compliance and ethics program (with senior management oversight) as a factor in reducing penalties for organizations. The MRI definition’s description (monitoring audits, legal compliance like HIPAA, reporting to the board, enabling whistleblower reporting) is consistent with federal compliance program guidance. There is no conflict; rather, it reflects what regulators expect. For example, CMS’s program integrity requirements for Medicare plans explicitly mirror these elements (oversight by a compliance committee, routine auditing, risk management, and free-from-retaliation whistleblower policies) ecfr.gov. In summary, both Oregon and federal frameworks support the concept of an audit/compliance committee as described, and the definition aligns with standard legal usage in corporate and healthcare compliance governance.

Audit Scope

MRI Definition:Audit scope refers to the defined boundaries, objectives, and extent of an audit, clarifying what areas will be examined and to what depth mentorresearch.org mentorresearch.org. Key elements include the objectives of the audit, the specific departments or functions covered, the time period under review, the criteria/standards used, the depth of review, and any exclusions” mentorresearch.org mentorresearch.org. A well-defined scope ensures an audit is focused, relevant, and understood both by the auditors and the auditee.

Oregon Law/Policy: “Audit scope” is a general concept in auditing and is not defined by Oregon statute, but any audits required by Oregon law or regulations will inherently have a scope determined by the relevant rules. For example, the Oregon Secretary of State Audits Division, when auditing state health programs (like OHA’s programs), defines scope in audit plans; this is a professional term rather than a legal definition. In the healthcare context, if Oregon’s OHA or DCBS (Division of Financial Regulation) conducts an audit or examination of a health plan, the scope is set by regulations (e.g., financial exams under ORS 731.300 for insurers must cover certain fiscal and operational areas). The MRI definition aligns with a way auditors in Oregon define their work, in fact, state administrative rules governing audits of Medicaid providers or CCOs often outline what must be included (scope) in those audits. There is no inconsistency; “audit scope” is used in many settings in the same manner. For instance, Oregon’s Auditing Standards (which follow generally accepted government auditing standards) emphasize planning an audit by establishing scope, objectives, and methodology, consistent with the MRI description. Thus, the definition is legitimate and matches practice (though not a legal term, it is recognized in Oregon’s regulatory audit processes).

Federal Law/Policy: Similarly, at the federal level, “audit scope” is a common term in regulations and audit standards. Federal audits (such as HHS OIG audits of healthcare providers, or CMS program audits of health plans) all have defined scopes. For example, a CMS audit of a Medicare Advantage plan will delineate scope (which contracts, what timeframe, which performance areas like compliance with appeals timelines, etc.). The U.S. Government Accountability Office (GAO) and Inspector General offices require an engagement letter or audit plan specifying scope and objectives for each audit. In terms of policy, the concept appears in Medicare regulations: when CMS or its contractors audit providers (for billing integrity, etc.), the scope of review is often set in policy manuals (e.g., a Recovery Audit Contractor might have a scope limited to certain claim types or years). Conclusion: The MRI definition accurately reflects standard auditing principles that are indeed required or followed under both Oregon and federal oversight. It is consistent with legal use in that any legally mandated audit (financial, compliance, or performance audit) uses the notion of an audit scope to frame the work. No discrepancies exist; this is a foundational concept in both public and private sector audits rather than a contested policy term.

Bad Faith Actions

MRI Definition: Bad Faith Actions are defined as “deceptive, dishonest, or malicious conduct by a party that undermines an agreement or legal obligation” mentorresearch.org, mentorresearch.org. Examples include misrepresenting information, refusing to fulfill contract terms without valid reason, intentionally stalling or delaying performance, violating the spirit of an agreement, or exploiting loopholes to harm the other party mentorresearch.org mentorresearch.org. The definition notes that many contracts (especially in insurance) carry an implied covenant of good faith and fair dealing, making bad faith conduct potentially illegal as breach of that covenant mentorresearch.org. It also mentions that bad faith can amount to fraud or regulatory violations in heavily regulated industries like insurance mentorresearch.org.

Oregon Law/Policy: Oregon law recognizes the concept of bad faith primarily in the context of insurance and contracts. While Oregon, unlike some states, does not generally allow a standalone tort lawsuit for an insurer’s bad faith denial of claims (first-party bad faith), it does impose statutory duties of good faith on insurers. ORS 746.230, Oregon’s Unfair Claim Settlement Practices statute, prohibits insurers from acting in bad faith in settling claims, for example, it bars misrepresentation of facts or policy provisions, failing to promptly and equitably settle claims, unreasonably delaying claim investigations, or refusing payments without conducting a reasonable investigation letherlaw.com letherlaw.com. These prohibited acts align with what MRI calls “bad faith actions” (misleading, undue delays, refusal to meet obligations). A violation of ORS 746.230 is considered an unfair trade practice enforceable by the Insurance Division and, since 2019, Oregon law (via HB 4212) even allows insureds to recover damages for certain bad faith claim practices in court letherlaw.com. Outside insurance, Oregon contract law implies a covenant of good faith and fair dealing in every contract (though it cannot contradict explicit terms). Oregon courts have held that one party cannot “evade the spirit of the contract” even if no specific term is breached, doing so would violate the duty of good faith (see Best v. U.S. National Bank, an oft-cited case). So, if a health plan in Oregon deliberately exploits ambiguities in a provider contract to avoid payment (a bad faith act), it could be found in breach of contract under this implied covenant mentorresearch.org. Moreover, Oregon has consumer protection laws (Unlawful Trade Practices Act) that, while historically excluding insurance, have been expanded in scope for health insurance. Conclusion: The MRI definition is consistent with Oregon’s use of “bad faith” in that such actions are unlawful or actionable. Oregon insurance regulations explicitly forbid many of the behaviors listed (misrepresentation, unreasonable refusal to perform, etc.). No discrepancy, the definition is well-grounded in Oregon’s legal expectations of fair dealing in contractual and insurance relationships mentorresearch.org letherlaw.com.

Federal Law/Policy: In U.S. federal law, “bad faith” appears in several contexts. There is no general federal contract law (contract disputes are usually state law), but in the insurance realm federal regulators also expect good faith behavior. The Affordable Care Act, for instance, empowers the FTC and state regulators to monitor health insurers’ marketing and claims practices for deception or unfairness (bad faith claim denials could trigger regulatory action as unfair practices). Additionally, ERISA (the federal law governing employer health benefit plans) preempts state bad-faith lawsuits against employer-sponsored plans, but it has its own remedies for improper denial of benefits. Courts interpreting ERISA have noted an implied duty not to deny claims arbitrarily (essentially to not act in bad faith), although remedies are limited to the benefit due. In general contract law, federal courts (applying common law) also acknowledge the covenant of good faith and fair dealing in contracts, e.g., the U.S. Supreme Court has recognized it as part of the Uniform Commercial Code for sales of goods. Moreover, federal programs like Medicare impose good faith requirements on contractors; for example, Medicare Advantage organizations must comply with CMS rules fairly, if they were to manipulate risk scores or deny coverage in bad faith, they face federal sanctions. There are also federal statutes addressing bad faith in specific areas: the Federal Trade Commission Act deems unfair or deceptive acts in commerce illegal (so a health insurer’s systemic bad-faith denials might draw FTC attention under “unfair practices” authority, especially since health plans are now subject to ACA market rules). In sum, the MRI definition aligns with the general legal principle that bad faith conduct is not tolerated. It highlights that such conduct might constitute fraud or regulatory violations mentorresearch.org, which is accurate: intentional deception can violate federal mail/wire fraud laws or SEC rules (if a public company misled shareholders about its contracts). No real discrepancies, the term “bad faith” is consistently used to denote ethically or legally suspect behavior by a contracting party, and both state and federal laws provide remedies or penalties for it.  MRI content essentially explains why acting in bad faith (especially in insurance/health plan contracts) is illegal or actionable, which is supported by statutes and case law mentorresearch.org.

Behavioral Health Care

MRI Definition: Behavioral Health Care is defined as including mental health and substance use disorder services, as well as life stressors, trauma, crises, and stress-related physical symptoms mentorresearch.org. It encompasses the prevention, diagnosis, and treatment of mental illness and substance abuse, effectively treating “behavioral” conditions that affect health.

Oregon Law/Policy: Oregon law commonly uses the term “behavioral health” to collectively refer to mental health and substance use disorder (SUD) services. For instance, Oregon’s insurance code (ORS 743A.168 and ORS 743B.425 as amended by 2021’s HB 3046) uses “behavioral health” to ensure parity of coverage for mental health and addiction treatment. ORS 743B.425(1)(a) (effective 2022) defines behavioral health condition to mean any mental disorder or substance use disorder as defined in standard diagnostic criteria olis.oregonlegislature.gov, olis.oregonlegislature.gov. Similarly, the Oregon Health Authority is divided in part into a Behavioral Health Division that oversees mental health and addiction programs content.govdelivery.com. The MRI definition’s scope (including trauma, life stressors, etc.) aligns with Oregon’s broad view that behavioral health isn’t just severe mental illness but also mild-to-moderate conditions and psychosocial issues. Recent Oregon policy emphasizes integrated behavioral health care: CCOs must provide behavioral health services, and Oregon’s laws (like HB 2086 in 2021) push for improved behavioral health access and definition of medically necessary behavioral health treatment (covering services needed to address underlying conditions, not just immediate crises olis.oregonlegislature.gov). The definition is consistent with Oregon’s usage and no contradictions exist. In fact, Oregon statutes explicitly ensure behavioral health is treated on par with physical health, confirming the legitimacy of treating “behavioral health care” as an umbrella for mental health and substance abuse care.

Federal Law/Policy: Federally, the term “behavioral health” is widely used in policy although formal legal language often names it as “mental health and substance use disorder.” The Mental Health Parity and Addiction Equity Act (MHPAEA) and the ACA use that phrasing but collectively address what laypersons call behavioral health care. Federal agencies like SAMHSA (Substance Abuse and Mental Health Services Administration) and CMS routinely refer to improving “behavioral health” outcomes. For example, federal parity regulations (45 C.F.R. § 146.136) require that any limitations on mental health or substance use disorder benefits be no more restrictive than those on medical/surgical benefits, effectively recognizing behavioral health as a defined category of care. The MRI definition’s inclusion of trauma and stress-related physical symptoms corresponds to the fact that many federal programs promote trauma-informed care and recognize that behavioral factors impact physical health. Behavioral health care as a term is consistent with usage by HHS in grant programs and by the VA and DoD in describing mental health services for veterans. It is not a controversial or idiosyncratic definition, rather, it matches what federal policy targets when allocating funds (e.g., the federal block grants for “community mental health services” and “substance abuse prevention and treatment” are often jointly referred to as behavioral health block grants). Conclusion: The definition is consistent with both Oregon and federal usage and supported by statutes and regulations that treat mental health and addiction treatment together. There’s no discrepancy; it is an accepted collective term. (One minor note: the MRI text implies behavioral health care can include life stressors and “stress-related physical symptoms.” While not explicitly in statutes, the integration of behavioral health into primary care does indeed consider psychosomatic symptoms to be part of behavioral health, aligning with modern healthcare models. No conflict with law, which tends to focus on diagnosable mental/SUD conditions but doesn’t exclude those manifestations.)

Bubble Map

MRI Definition: A Bubble Map is described as a visual tool used by internal auditors to identify, analyze, and prioritize risks, controls, and other significant elements in an audit context mentorresearch.org. It presents complex information graphically (with “bubbles” representing items) to help understand relationships, assess risk levels, and communicate findings.

Oregon Law/Policy: There is no specific Oregon law or regulation regarding “bubble maps.” This is a technical audit methodology term rather than a legal term. However, its use in internal auditing is legitimate and would be recognized by audit professionals. Oregon’s public sector auditors or any healthcare organization’s internal auditors might use bubble maps or similar risk visualization techniques as part of best practices. For instance, an internal audit department at an Oregon hospital could use a bubble chart to plot risks by likelihood and impact, though this wouldn’t be mandated by law. Since it’s not a legal term, there is no Oregon policy definition to compare to, but using such a tool would not conflict with any law. (It’s essentially neutral in legal terms.)

Federal Law/Policy: Similarly, federal law doesn’t reference “bubble maps.” It’s a tool within the domain of auditing and risk management. The federal Government Accountability Office or Institute of Internal Auditors guidance may endorse visual risk assessment tools generally. In federal audits (like those by HHS OIG), staff might use bubble charts informally to plot findings or risk areas, but again, it’s not in statutes or regulations. The concept is consistent with the emphasis on risk-based auditing in federal standards (the Yellow Book encourages auditors to focus on significant risks; a bubble map is one way to visualize those). There’s no discrepancy because it isn’t a regulated term; it’s simply a technique acknowledged in professional literature. The MRI definition doesn’t conflict with any policy. In summary, while bubble map is not found in Oregon or federal legal texts, it is a visual aid for presenting data,  an internal audit practice which does not stray from legal or policy norms.

 Bundled Payments

MRI Definition: Bundled Payments are explained as a payment arrangements where a single, comprehensive payment is made for all services related to a specific episode of care or treatment period mentorresearch.org. For example, one bundled payment might cover pre-op, surgery, and post-op care for a surgery episode, rather than payments made foreach service separately. If providers’ costs exceed the bundled amount, they may bear the loss, effectively sharing risk mentorresearch.org.

Oregon Law/Policy: Oregon has embraced bundled payment models in certain contexts, although it’s often through policy initiatives rather than codified law. The Oregon Health Authority, in its value-based payment efforts, has encouraged CCOs and providers to pilot bundled payments (for instance, for maternity care or joint replacements) as one way to improve care coordination and cost control. The Oregon Health Policy Board’s strategic plan mentions exploring episode-based payments. While Oregon statutes don’t define “bundled payment,” they authorize flexible payment methodologies in Medicaid. ORS 414.065 allows OHA to implement alternative payment methodologies for Medicaid, and OHA’s 1115 Medicaid waiver encourages payment models like bundled/episode payments. Legitimacy: The concept is consistent with Oregon’s policy direction, there is an ongoing maternity care bundled payment pilot within the Oregon Health Plan, for example. The MRI definition correctly captures the idea of a fixed payment for an episode that shifts risk to providers (which Oregon’s CCOs may require in contracts with hospitals or specialists). No conflict exists: Oregon’s regulatory framework is permissive of such models and even encourages them under the VBP (Value-Based Payment) Roadmap.

Federal Law/Policy: Federally, bundled payments are explicitly supported and tested. The Affordable Care Act established the Center for Medicare and Medicaid Innovation (CMMI), which created the Bundled Payments for Care Improvement (BPCI) initiative. CMS defines bundled payments in the same way: a single payment for all services in a defined episode mentorresearch.org (the MRI content itself likely draws on this concept). Medicare has run bundled payment demonstration programs (e.g., a bundled payment for hip/knee replacements, where the hospital and doctors share one payment). Additionally, since 2019, Medicare has its voluntary BPCI-Advanced model and mandatory bundles like the Comprehensive Care for Joint Replacement (CJR) in certain areas. Federal regulations in 42 C.F.R. Part 510 cover how those bundled payments work for Medicare episodes. Thus, the definition aligns with federal usage, CMS often calls them “episode payment models.” No discrepancy: the description of provider risk (keeping surplus if efficient, or absorbing loss if costs run high) is exactly how Medicare’s bundle’s function and how many commercial bundles (encouraged by HHS) work. The MRI definition is legitimate and consistent with federal policy, which explicitly promotes bundled payments as a way to improve quality and reduce costs (the ACA, § 3023, authorized national pilot programs for integrated care through bundled payments).

Capitation or Sub-Capitation

MRI Definition: Capitation (including sub-capitation) refers to a payment model where providers receive a fixed payment per patient (usually per member per month) to cover specified services, regardless of how many services each patient uses mentorresearch.org. This shifts financial risk to providers: if the cost of care exceeds the capitated amount, the provider absorbs the loss; if they manage care efficiently within a budget, they can profit mentorresearch.org. Sub-capitation implies secondary capitation (e.g., a specialist paid per member by a primary care group that itself is capitated).

Oregon Law/Policy: Capitation is a foundational payment method in Oregon’s Medicaid (the Oregon Health Plan). Coordinated Care Organizations (CCOs) are paid by OHA on a capitated basis, each CCO gets a per-member-per-month payment to cover enrolled members’ healthcare. ORS 414.652 and ORS 414.653, for example, discuss prepaid managed care health services contracts, which are essentially capitated arrangements. Additionally, Oregon’s implementation of the Patient-Centered Primary Care Home model has included per-member care management fees (a form of partial capitation) to primary care clinics. State insurance law allows HMOs and health care service contractors to operate on capitation. The term “capitation” may not be explicitly defined in ORS, but Oregon Administrative Rules (e.g., OAR 410-141-3500 et seq.) describes capitation rate setting for CCOs. The MRI definition perfectly matches Oregon’s usage: CCOs receive capitated payments and, in turn, often sub-capitate certain provider groups. For example, a mental health agency might get a sub-capitation payment from aCCO for behavioral health services. There is no discrepancy, the legal structure in Oregon fully supports capitation, and indeed Oregon prides itself on using global capitation for Medicaid as a cost-control mechanism. The risks and incentives described (providers encouraged to focus on prevention and cost-effective care because of fixed payments) are explicitly goals of Oregon’s system. Thus, MRI’s definition is supported by Oregon health policy (with CCOs being a prime example).

Federal Law/Policy: Federally, capitation is a well-established concept in Medicare and Medicaid. Medicare Advantage plans are paid a capitated rate by CMS for each enrollee; in turn, those plans often pay providers via capitation. The term is defined in federal Medicaid managed care regulations: “Capitation payment means a fixed amount paid to a managed care entity for each enrollee, regardless of services provided” (see 42 C.F.R. § 438.2) mentorresearch.org. This regulatory definition aligns exactly with the MRI content. Sub-capitation is not explicitly defined in law, but the practice is recognized. For instance, an accountable care organization might pay sub-capitated payments to physician groups. The ACA encouraged more risk-based payments (capitation being one form) to reduce fee-for-service overutilization. Additionally, the federal HMO Act of 1973 set standards for HMOs, which operate on capitation, indicating long-standing federal support. Conclusion: MRI’s explanation is consistent with federal definitions and policies on capitation. It notes providers are at financial risk if costs exceed the per-person fee. That is the essence of capitation under Medicare/Medicaid rules (and why regulations require monitoring to ensure capitated entities don’t underserve patients). No discrepancy; the definition is legitimized by numerous federal regulations and guidance promoting capitated, population-based payment models cap.org.

Certified Internal Auditor (Independent CIA)

MRI Definition: Certified Internal Auditor (CIA) refers to a professional certification awarded by the Institute of Internal Auditors (IIA) to individuals who demonstrate proficiency in internal auditing. The MRI text notes that it is recognized globally and signifies a high level of competence and professionalism mentorresearch.org. The term “Independent CIA” seems to imply an auditor who is certified and may practice independently.

Oregon Law/Policy: The CIA certification is a private credential, not mandated by Oregon law. Oregon does not require a Certified Internal Auditor for any specific role by statute (unlike CPAs for external financial audits). However, in practice, many Oregon organizations (including health systems and insurers) prefer or require their internal audit leaders to hold the CIA credential. The state of Oregon’s Audits Division staff may hold CIAs, but the law doesn’t demand it. The use of “Independent CIA” in MRI’s educative context might highlight that an internal auditor can maintain independence within the organization’s governance. Oregon law does support the notion of internal auditor independence in certain contexts (for example, OAR 411-054-0115 for nursing facilities requires an internal quality assurance committee, which may involve internal audit functions, expecting objectivity). While “CIA” is not a legal designation in Oregon, the legitimacy of the certification is unquestioned. Oregon’s health policy doesn’t conflict with it; indeed, having certified internal auditors would be viewed positively in ensuring compliance with regulations. MRI’s definition is consistent with professional norms, and there’s no policy discrepancy (other than  that it’s a professional certification not a legal status).

Federal Law/Policy: Similarly, federal law does not mandate having a Certified Internal Auditor, but the federal government recognizes professional certifications. For instance, internal auditors in federal agencies or federal healthcare programs (like Medicare contractors) often hold the CIA credential. The concept of an “Independent CIA” ties into federal expectations that internal audit functions need to be independent of management influence. This is seen in Sarbanes-Oxley (public company audit committees must ensure internal audit independence) and in GAO’s Government Auditing Standards which require auditor independence. The CIA designation itself is administered by the IIA; it’s widely accepted as the gold standard for internal audit proficiency. Nothing in federal policy conflicts with it, if anything, OIG compliance program guidance encourages hiring qualified audit staff (which could include CIAs). So, while not a legal term, “Certified Internal Auditor” is fully legitimate under federal policy. The MRI definition acknowledges the credibility of this certification in ensuring strong internal controls. Conclusion: The definition doesn’t raise any legal inconsistencies. It’s a professional role supported by frameworks that demand accountability in health organizations (e.g., a health plan’s audit & compliance committee might insist the Chief Internal Auditor be a CIA). The title “Independent CIA” likely underscores the expectation of objectivity, aligning with both state and federal principles of audit independence.

Confidential and Proprietary Information

MRI Definition: Confidential and Proprietary Information refers to information or data disclosed by either a health plan or a provider that is proprietary in nature, examples given include technology, ideas, inventions, trade secrets, computer programs, and business plans mentorresearch.org. In context, this likely means information exchanged during contracting or auditing that the disclosing party considers sensitive and not public.

Oregon Law/Policy: Oregon law does protect confidential and proprietary information in various ways. Under Oregon’s trade secrets law (ORS 646.461 et seq., Oregon’s version of the Uniform Trade Secrets Act), information like formulas, business plans, or technical data that derive economic value from not being generally known can be considered trade secrets, and misappropriation is illegal. If a provider and health plan share proprietary data, typically they will have a confidentiality clause in their contract, these are enforceable under contract law (Oregon courts honor non-disclosure agreements if they are reasonable). The MRI definition doesn’t conflict with any Oregon usage; indeed, Oregon’s public records law even has exemptions to disclosure for trade secrets and proprietary business information submitted to state agencies (e.g., if a health plan submits proprietary info to OHA, ORS 192.345 allows keeping it confidential). For example, CCO contracts with OHA contain confidentiality provisions, and Oregon will treat certain financial or utilization data as proprietary in rate-setting. Another angle: ORS 646A.622 requires businesses to safeguard personal confidential information (though that’s more about personal information security). Consistency: The concept as defined is exactly how Oregon entities treat proprietary information, whether in health contracts or audits, such data is marked confidential and protected by agreements and by trade secret statutes. There’s no discrepancy; the term is used in legal contexts in Oregon similarly (for instance, contracts often define “Confidential Information” in similar broad terms). Oregon has no contrary definition that would limit this, on the contrary, Oregon’s courts would interpret “confidential and proprietary information” in NDAs consistent with the MRI definition (i.e., commercially sensitive info not to be shared without permission).

Federal Law/Policy: Federally, proprietary information is also well-recognized. The Defend Trade Secrets Act (18 U.S.C. § 1836) provides a federal cause of action for trade secret theft, defining trade secrets in a way that includes formulas, programs, techniques, or plans that the owner has taken reasonable measures to keep secret and that have economic value. Additionally, agencies like CMS protect confidential business information of health plans or providers when collected (Federal regulations allow submitters to designate info as proprietary, and FOIA has Exemption 4 for trade secrets/commercial confidential information). If a Medicare Advantage plan shares proprietary methodologies with a provider, both would treat it as confidential via contract. The MRI definition’s list (technology, inventions, trade secrets, etc.) aligns with what federal law would consider protected proprietary information mentorresearch.org. Also, HIPAA covers protected health information, but that’s different (patient privacy). In contracting, “proprietary information” usually means business/confidential info, which is routinely addressed under nondisclosure clauses. The Federal Trade Commission can get involved if proprietary information is stolen or misused in a competition context (unfair competition). Conclusion: The MRI definition is consistent with how legal agreements and laws treat confidential proprietary data. There is no unusual element, it matches the standard definition of trade secret or proprietary business information. No conflict with policy; if anything, policies encourage protecting such information to foster innovation and fair competition. Therefore, the MRI definition is legitimate and in line with legal usage at both state and federal levels.

Contract Audit

MRI Definition: Contract Audit is defined as an independent review, providing objective assurance and consulting, required for both payers and providers, aimed at adding value, achieving shared objectives, and improving contracted operations mentorresearch.org. In essence, it’s an audit of the contract performance or compliance by an independent party, to ensure both sides are meeting their obligations and to suggest improvements.

Oregon Law/Policy: The term “contract audit” isn’t a specific legal term in Oregon statutes, but audits of contracts are common practice. For example, the Oregon Health Authority conducts audits of CCOs to ensure they comply with contract terms (such as providing certain services or following reporting requirements). OHA’s right to audit is built into its contracts and backed by ORS 414.610(5) (which allows OHA to examine the accounts and operations of managed care organizations). Similarly, private provider contracts with health plans often contain clauses permitting audits, e.g., a health plan may audit a provider’s billing and medical records to ensure services billed under the contract were provided appropriately. Oregon insurance regulations (OAR 836-051) require that insurers can audit third-party administrators or others to protect against fraud. The MRI definition implies such audits are “required”, indeed, many contracts require periodic audits or allow one party to audit the other’s records relating to the contract. For instance, Oregon’s CCO model contract requires the CCO to permit state or external independent audits of its performance. The concept of an independent contract audit for shared objectives aligns with Oregon’s push for transparency and accountability in health plan-provider relationships (as advocated in the Healthy Contracts initiative). No conflict: while not mandated by a particular statute, performing contract audits is entirely consistent with Oregon’s regulatory environment, and in some cases (like Medicaid oversight) effectively required. The MRI emphasis on using contract audits to add value and improve operations fits Oregon’s collaborative approach to health reform (where payers and providers share data to improve outcomes). The definition is legitimate in Oregon’s context.

Federal Law/Policy: Federally, contract audits are a routine and sometimes required practice. Government healthcare programs demand audits of their contractors: for example, Medicare Administrative Contractors must undergo periodic independent audits, and providers under certain federal programs can be audited for compliance (e.g., audits by HHS OIG or Recovery Audit Contractors for Medicare claims). In the private sector, the concept covers things like audits of provider claims by health plans (permitted under contracts) or audits of delegated entities in Medicare Advantage (CMS requires MA plans to oversee and audit any delegated vendors). The Federal Acquisition Regulations (for government contracts) also provides the government with the right to audit contractors’ books for certain cost-based contracts, analogous in concept if a payer (the government) audits a provider contract. For private insurance, the ACA introduced external reviews and some audit functions (e.g., HHS audits health plan compliance with ACA requirements, and QHPs in exchanges must allow HHS to audit their performance). The MRI proposal of an “independent review” that provides assurance aligns with standards like SSAE 18 service organization controls, etc., though those are not specific to healthcare. There isn’t a direct federal statute saying “thou shalt have contract audits,” but regulations encourage it as oversight. Notably, CMS’s Medicare Advantage compliance rules require plans to have an effective system for auditing their own operations and first-tier entities (42 C.F.R. § 422.503(b)(4)(vi)(F), which implies contract auditing). Conclusion: The MRI definition is consistent with federal expectations that contracts be monitored and audited for compliance and performance. There is no discrepancy, if anything, federal agencies rely heavily on contract audits to ensure program integrity, and the private sector follows suit to ensure that value-based contracts are working properly. Thus, the MRI’s definition is supported by the general legal/policy framework which values independent audits for accountability.

Contracts of Adhesion

MRI Definition: Contracts of Adhesion are standardized agreements drafted by one party (usually the more powerful, e.g. a corporation or insurer) and presented on a “take-it-or-leave-it” basis to a weaker party, which has little or no ability to negotiate terms mentorresearch.org, mentorresearch.org. Key characteristics include non-negotiable boilerplate terms, a significant power imbalance, and the weaker party’s only option being to accept or forgo the product/servicementorresearch.org, mentorresearch.org. The MRI text explains why such contracts can be problematic, terms might be unconscionable, unfair, or hidden in fine printmentorresearch.org, mentorresearch.org. It notes that while not inherently illegal, courts scrutinize Contracts of Adhesion for fairness and may invalidate or interpret clauses against the drafter if terms are overly one-sided or ambiguous mentorresearch.org.

Oregon Law/Policy: Oregon law absolutely recognizes the concept of contracts of adhesion. Although the term “contract of adhesion” doesn’t appear explicitly in statutes, Oregon courts use it in case law when evaluating fairness of contract terms. For instance, the Oregon Supreme Court in Bagley v. Mt. Bachelor, Inc. (2014) discussed contracts of adhesion in the context of ski resort liability waivers, noting that where a contract is adhesive and a term is unconscionable or violates public policy, it won’t be enforced. Oregon follows general contract principles that if a contract is adhesive and a clause is unconscionable (ORS 72.3020 for goods, and common law for services), the court can refuse to enforce that clause. Also, ORS 36.600 et seq. (Oregon’s arbitration act) has provisions influenced by adhesion analysis, e.g., courts may void an arbitration clause if it’s part of an adhesion contract and is unconscionably one-sided. Insurance contracts in Oregon are classic contracts of adhesion; accordingly, Oregon law requires that ambiguities in insurance policies be construed against the insurer (the drafter) mentorresearch.org. That rule, the doctrine of contra proferentem, is well established in Oregon (ORS 742.016 even codifies that insurance policies shall be construed according to the reasonable expectations of the insured). The MRI definition’s points are strongly supported in Oregon: if an insurance contract’s term is hidden in fine print or unduly oppressive (e.g., a provider contract term that allows unilateral changes by the insurer), an Oregon court could find it unenforceable as unconscionable or void against public policy. Additionally, Oregon has consumer protection statutes that void waivers of certain rights in adhesion contracts (for example, ORS 646A.295 prohibits enforcing a mandatory waiver of jury trial in a consumer contract under certain conditions). Conclusion: The definition aligns with Oregon’s legal approach. Oregon policy, through both statutes and case law, aims to protect the weaker party in adhesion contracts. The MRI text notes that courts may interpret ambiguities in favor of the weaker party mentorresearch.org, which is exactly what Oregon does in insurance and other adhesion contexts. No discrepancy, the definition is consistent with Oregon law’s skepticism of one-sided adhesive terms.

Federal Law/Policy: Federally, the notion of contracts of adhesion is likewise acknowledged, though contract law is mainly state-governed. However, in contexts like arbitration clauses, the U.S. Supreme Court (in AT&T Mobility v. Concepcion, etc.) has dealt with adhesion contracts. While the Court has enforced arbitration clauses even in adhesion contracts (due to the FAA preemption), it has recognized the adhesive nature of consumer contracts. Federal consumer protection agencies (FTC, CFPB) also pay attention to non-negotiable form contracts and have regulations to ensure certain terms are disclosed or not unfair. For insurance, federal law defers to state regulation (McCarran-Ferguson Act), so the scrutiny for adhesion is done at state level. In antitrust, sometimes “contracts of adhesion” in provider-payer agreements are scrutinized if they impose anti-competitive terms (the DOJ has looked at certain insurer-provider contracts that smaller providers had to accept). Additionally, ERISA (for employer health plans) doesn’t explicitly tackle adhesion, but since employees often have no say in plan terms, courts have applied a similar interpretive principle: ambiguities in an ERISA plan are construed in favor of the insured (similar to contra proferentem) mentorresearch.org. This mirrors the treatment of adhesion contracts. Also, the Affordable Care Act introduced some required patient protections in health insurance contracts (like no pre-existing condition exclusions, etc.), effectively voiding certain adhesive terms that historically disadvantaged consumers. Conclusion: The MRI definition is in line with general legal principles recognized nationwide. Courts and regulators understand that one party (e.g., large health plan) often offers take-it-or-leave-it contracts to consumers or small providers. Federal policy doesn’t prohibit such contracts per se, but through doctrines of unconscionability and specific statutes (like Truth in Lending for financial contracts or FTC Act for unfair clauses), it mitigates their worst effects. The stated consequences in the definition, possible invalidation of clauses, interpreting terms against the drafter mentorresearch.org, are exactly what happens under contract law. No conflict, the term is used in legal discourse exactly as MRI defines.

Contract Violations

MRI Definition: Contract Violations in healthcare are described as one party failing to fulfill obligations as outlined, including things like failure to pay timely, failure to meet performance metrics, misrepresentation, withholding agreed information, or making unilateral changes without consent mentorresearch.org, mentorresearch.org. These breaches can lead to disputes, financial losses, or legal action, and contracts often have dispute resolution clauses to address contract violation issues mentorresearch.org.

Oregon Law/Policy: A “contract violation” is simply a breach of contract under law. Oregon contract law (ORS Chapter 72 for sales of goods, common law for services) provides that if one party fails to perform as promised, the other can seek remedies (damages, specific performance, etc.). In the context of health plan contracts in Oregon, many of the examples given are explicitly regulated to prevent such breaches or penalize them. For instance, failure to meet payment terms: Oregon has prompt payment laws for health insurance, ORS 743B.450 requires insurers to pay clean claims from providers within 30 days, or they owe interest. So if a health plan “delays or reduces payments without notice” as MRI describes mentorresearch.org, that violates both the contract and ORS 743B.450. Breach of performance metrics: if a provider doesn’t meet quality metrics in a value-based contract, that might trigger contractual penalties (with Oregon’s CCOs, OHA withholds some funds and only pays if metrics are met, essentially built-in consequences for not meeting agreed targets). Lack of transparency: If a plan withholds information about how payments or bonuses are calculated mentorresearch.org, that could violate Oregon’s insurer requirements for transparency; it also undermines the contract’s implied covenant of good faith (similar to bad faith). Unilateral changes: Oregon law prevents insurers from making certain unilateral changes without notice, for example, ORS 743B.105 requires prior notice and justification for material modifications to health insurance policies. Provider contracts often have clauses about amendments requiring mutual consent or at least notice period; doing otherwise could be a breach. Essentially, all the listed violations are recognized under Oregon law either as straightforward breaches or as unfair practices (with some statutory overlay for insurance). Oregon encourages that contracts include dispute resolution (many healthcare contracts have arbitration clauses or require meeting to cure breaches). The MRI definition is consistent with how Oregon views contract breaches, indeed Oregon has an entire body of case law on contract remedies when one party doesn’t perform. No inconsistency: if anything, Oregon law provides concrete examples (like prompt pay rules) that align with MRI’s points.

Federal Law/Policy: Contract violations in federal terms are also just breaches of contract. If the contract is governed by federal law (e.g., an agreement under a federal program), then federal common law may apply, but typically breaches are a matter for state law or arbitration as per the contract. For instance, in Medicare Advantage, if an MA plan violates its provider contract, the provider might use state contract law to sue (ERISA could preempt some things, but not provider contracts as they aren’t ERISA plans). Federal regulations backstop some issues: timely payment, Medicare Advantage organizations must pay providers or deny claims within 60 days (42 C.F.R. § 422.520), so a violation of that could lead to CMS enforcement in addition to contract breach. Performance metrics, ACOs in Medicare Shared Savings have metrics; failure by a provider to meet contractual performance might not have a specific law, but the contract itself (approved by CMS) would have remedies. Transparency, the ACA introduced transparency requirements (e.g., insurers must provide an explanation for any payment denials or coverage changes); withholding crucial information might violate those (like ACA Section 2715, requiring clear summaries of benefits). Unilateral changes, ACA also limits rescissions of coverage and requires notice for plan changes (Section 2712). While those are consumer-focused, they illustrate a trend that arbitrary contract changes are frowned upon. Additionally, FTC could consider certain egregious contract violations (if done systematically) as unfair business practices, but usually these are handled through contract law. Dispute resolution: Federal policy generally defers to contract terms (like arbitration clauses) due to the Federal Arbitration Act, which makes arbitration agreements broadly enforceable, even in adhesion contracts (except in certain consumer contexts like some nursing home contracts now limited by CMS rules). The MRI note that contracts often include dispute clauses is accurate and supported (e.g., many provider agreements require mediation or arbitration; courts will enforce those under federal and state law). Conclusion: The contract violations described match the kinds of breaches that both state and federal policies aim to prevent and remedy. No discrepancy, the term is straightforward, and the examples align with legal realities (with Oregon and federal laws giving providers some protection in each of those scenarios). The definition is a fair description of contract breach scenarios and thus fully consistent with legal usage.

Continuity and Transition

MRI Definition: Continuity and Transition refers to ensuring seamless care as patients move between different healthcare settings or providers mentorresearch.org. Continuity of Care means ongoing, coordinated care over time, the patient’s care is consistent despite changes in health status or providers, with key aspects being information continuity (sharing records), management continuity (consistent care plans), and relational continuity (ongoing patient-provider relationship) mentorresearch.org, mentorresearch.org. Transition of Care refers to the process of moving a patient from one level of care to another (e.g., hospital to home or to a specialist), focusing on clear communication, coordination (often involving case managers), and proper follow-up to avoid gaps or errors mentorresearch.org, mentorresearch.org. The text emphasizes that poor transitions or lack of continuity can cause lapses in care, whereas prioritizing these concepts improves outcomes and reduces readmissions mentorresearch.org.

Oregon Law/Policy: Oregon strongly values continuity of care, especially within its coordinated care model. While there may not be a statute titled “Continuity of Care,” various Oregon laws and regulations promote the concept:

  • Provider Network Continuity: ORS 743B.225 (“Continuity of care”) requires health plans in Oregon to allow enrollees to continue seeing their provider for a limited period if the provider is terminated from the network, in certain cases (such as pregnancy or terminal illness) oregonlegislature.gov. This statute explicitly uses “continuity of care,” mandating transitional coverage so the patient’s treatment isn’t abruptly disrupted due to network changes.

  • Care Coordination in CCOs: Oregon’s Medicaid CCO system is built on each member having a Patient-Centered Primary Care Home that coordinates their care across providers. OAR 410-141-3500 and OAR 410-141-3860 impose care coordination duties on CCOs, which include managing transitions (e.g., a CCO must have procedures to ensure enrollees discharged from hospitals are followed up and linked to appropriate outpatient care). The MRI note that CCOs and Patient-Centered Medical Homes prioritize continuity and smooth transitions is borne out by OHA metrics (Oregon tracks hospital readmission rates, which are directly tied to transition management).

  • Behavioral Health Transitions: As of 2021’s HB 2086, Oregon required improved discharge planning for behavioral health patients, ensuring they have appointments and support post-discharge, a direct continuity/transition measure.

  • Policy Emphasis: The Oregon Health Policy Board’s strategic plan often mentions “ensuring continuity of care” as a goal, especially for chronic conditions. Oregon even has pilot programs for “transitional care” (some funded by CMS) to reduce readmissions.
    In sum, Oregon law and policy actively support continuity and transitional care. The MRI definition is consistent with how Oregon uses these terms: for example, Oregon’s CCO contracts mention ensuring continuity of care when members move between levels of care or out-of-network services, which aligns with the elements of communication, coordination, and follow-up described mentorresearch.org. There is no discrepancy, Oregon’s health system reforms are designed around exactly these concepts (smooth hand-offs, integrated care, etc.), reinforcing the legitimacy of the MRI definition.

Federal Law/Policy: Federal healthcare policy also stresses continuity and care transitions, though it might not use those terms in statute titles. Key points:

  • Medicare Discharge Planning Conditions: Medicare requires hospitals to have an effective discharge planning process (42 C.F.R. § 482.43). Hospitals must evaluate patients’ needs and arrange appropriate post-hospital services, aiming to prevent readmission and promote continuity. This aligns with ensuring clear communication and follow-up during transitions mentorresearch.org.

  • ACA Initiatives: The Affordable Care Act created the Community-Based Care Transitions Program and penalizes hospitals for excessive readmissions (Hospital Readmissions Reduction Program). These ACA programs implicitly push hospitals to improve transition of care (e.g., better communication to primary care, medication reconciliation, etc.) to avoid penalties. That supports MRI’s emphasis that focusing on transitions reduces readmissions mentorresearch.org.

  • CMS Programs: Medicare’s Chronic Care Management and Transitional Care Management billing codes encourage providers to manage patients in the 30 days post-hospital discharge with phone calls, timely follow-ups, medication management, formalizing transitional care protocols (and paying for them). Also, Accountable Care Organizations (ACOs) are evaluated in part on their care coordination measures including transitions.

  • Patient’s Rights: Under federal rules, if a Medicare Advantage plan’s provider network changes, enrollees have some rights to continuity (for example, CMS expects plans to notify patients and transition care properly if a provider leaves mid-treatment, though specific rules are plan-dependent).

  • Health Information Technology: The federal 21st Century Cures Act promotes interoperability of health records, essentially to support information continuity so that records follow the patient across providers, matching MRI’s “information continuity” point mentorresearch.org.
    Overall, the MRI definition is consistent with federal healthcare quality frameworks. The term “continuity of care” appears in many HHS publications as an essential component of quality, and “care transitions” have been the subject of numerous federal grants and studies (like the Coleman Model of care transitions, which CMS disseminated). No discrepancy: federal policy actively addresses the very risks mentioned (miscommunication and lapses during transitions) and encourages the solutions that MRI lists (coordination, follow-up, etc.). Therefore, the definition is validated by federal policy priorities (improving continuity and transitions is central to the Triple Aim of better care, better health, lower cost).

Controls

MRI Definition: Controls are processes, policies, procedures, and mechanisms to manage and mitigate risks in an organization, ensuring objectives are achieved, assets safeguarded, operations efficient, and compliance maintained mentorresearch.org, mentorresearch.org. Controls can be categorized as preventive, detective, corrective, administrative, technical, legal/compliance, etc., and examples are given for each (e.g., Administrative, policies for managing operations; Preventive, vetting providers or automated protocol checks; Detective, audits and performance reviews to catch issues; Corrective, actions to fix problems identified; Technical, IT security measures; Legal/Compliance, training, systems for reporting violations, contract reviews) mentorresearch.org, mentorresearch.org.

Oregon Law/Policy: Oregon law doesn’t enumerate “controls” in this manner, but it does implicitly require organizations (especially regulated ones such as insurers, CCOs, and hospitals) to have controls to ensure compliance and integrity. For instance:

  • Insurance companies in Oregon must maintain effective internal control over financial reporting as part of their annual financial reporting (per OAR 836-011-0200 et seq., which implements NAIC requirements). This is essentially a mandate for preventive and detective controls in finance.

  • Healthcare providers: Oregon OSHA and OHA regulations require certain administrative and technical controls for patient safety (infection control policies, etc.), which are a subset of internal controls focusing on specific risks.

  • Medicaid CCOs: By contract, CCOs must have compliance programs, including training (administrative control) and auditing (detective control), and they must implement Corrective Action Plans when issues are found, an explicit nod to corrective controls.

  • Oregon Health Authority rules for providers (like OAR 943-045 on reporting abuse) require systems for reporting and responding (a compliance control).
    While Oregon law doesn’t use the term “controls” explicitly in a broad sense, it expects organizations to self-regulate through policies and procedures to adhere to laws. The MRI breakdown of control types is consistent with frameworks like COSO Internal Control, processes that large Oregon health systems and insurers use to structure their compliance and risk management. Oregon’s emphasis on healthcare organizations having quality assurance and compliance committees (as seen in hospital licensing rules, CCO requirements) effectively means Oregon expects those entities to have internal preventive and detective measures to catch issues of concern before they harm patients or break laws. No conflict: The concept is universally accepted, nothing in Oregon law contradicts it, and indeed Oregon encourages internal controls as part of overall governance (e.g., requiring whistleblower policies in some contexts, which is a compliance control). The MRI’s examples (like regular audits, automated tracking, training programs) are all things Oregon providers and health plans implement to comply with regulations. The definition is legitimate in Oregon’s context.

Federal Law/Policy: Federally, internal controls are mandated for certain organizations and strongly encouraged for all. The U.S. Sarbanes-Oxley Act (Section 404) requires management of public companies (including many health companies) to assess and report on the effectiveness of internal controls over financial reporting, directly enforcing the idea of preventive/detective controls in financial processes. The Federal Managers’ Financial Integrity Act requires federal agencies to establish internal accounting and administrative controls consistent with GAO standards. In healthcare:

  • Medicare/Medicaid Providers: The HHS OIG’s compliance program guidance for hospitals, physicians, etc., outline necessary controls: written policies (administrative preventive controls), training (preventive), auditing (detective), a hotline for reporting (compliance control), discipline for violations (corrective), etc. These map exactly to MRI’s categories mentorresearch.org, mentorresearch.org. While these guidances are not law, the ACA made compliance programs mandatory for providers in Medicare and Medicaid (though full implementation has been gradual). For Medicare Advantage and Part D plans, federal regulations require a compliance program with core elements (42 C.F.R. §§ 422.503 & 423.504), effectively requiring internal controls like training, monitoring, and a system for enforcement of standards.

  • Information Security: Federal HIPAA Security Rule (45 C.F.R. Part 164) requires technical controls (access controls, audit logs, etc.) and administrative controls (security management processes, workforce training) to protect health information, aligning with MRI’s “Technical Controls” category mentorresearch.org and administrative controls.

  • Sarbanes-Oxley and Sentencing Guidelines: Outside healthcare, SOX and the U.S. Sentencing Commission’s guidelines push all corporations to have “effective compliance and ethics programs,” which essentially means robust controls to prevent/detect violations of law. That covers preventive, detective, and corrective actions (e.g., periodic risk assessments, monitoring, discipline).

Given this, the MRI definition’s taxonomy of controls is very much in line with federal expectations. The FTC in enforcement actions also often assesses whether a company had appropriate internal controls (for example, in data privacy cases, the absence of reasonable security controls is taken as an “unfair practice”). Conclusion: The concept of internal controls is deeply embedded in federal regulatory frameworks. MRI’s list of categories mirrors standard compliance language. There’s no discrepancy, if anything, federal agencies would endorse such an approach. Therefore, the definition is supported by federal policy which requires and sometimes incentivizes organizations to implement comprehensive internal controls to manage risk and ensure compliance.

Control Library

MRI Definition: A Control Library (also called control framework or repository) is a collection of documented controls an organization uses to mitigate risks, ensure regulatory compliance, and achieve objectives mentorresearch.org. It contains the specific policies, procedures, and mechanisms (controls) and often notes their effectiveness and how they map to risks.

Oregon Law/Policy: Oregon law doesn’t use the term “control library,” but having a control library is a best practice for large organizations (especially in regulated industries). For example, an Oregon healthcare system might maintain a master list of all its internal controls for auditing and compliance purposes. Oregon’s regulators expect organizations to be organized in their compliance efforts, maintaining documentation of all controls in place would likely be seen as positive during any examination or audit. For instance, if the Oregon Division of Financial Regulation audits an insurer for market conduct, the insurer’s ability to show a library of controls (detailing how they ensure compliance with each regulation) would demonstrate a robust compliance program. There’s no legal requirement in Oregon to have a formal “library,” but implicitly, when demonstrating compliance, companies present catalogs of policies and procedures (which is essentially the control library concept). Oregon’s CCOs and coordinated care model encourage systematic quality improvement; a CCO might have a library of clinical protocols and administrative controls to meet OHA’s required standards. No conflict: The idea is consistent with Oregon’s approach to encouraging structured compliance. Not explicitly named in law, but nothing opposes it.

Federal Law/Policy: Similarly, federal regulations do not mandate a “control library,” but frameworks like COSO (Committee of Sponsoring Organizations) Internal Control, endorsed by the SEC and PCAOB for financial controls, imply that organizations should identify and document all controls. Public companies subject to SOX often maintain a control library to track all controls over financial reporting tested annually. In healthcare, when CMS or OIG evaluates a compliance program, they often ask for documentation of all policies/procedures (essentially a library of controls addressing various risk areas like coding, billing, privacy, etc.). The concept aligns with federal compliance program guidance which suggests that organizations should inventory their compliance risks and corresponding controls. For example, under the Federal Managers’ Financial Integrity Act, agencies must use internal control frameworks that involve cataloging controls and annually assessing them. The NIST standards for information security encourage maintaining an inventory of security controls (could be viewed as a “control library” of security measures). No conflict: The MRI definition matches these practices. It’s a business practice not a legal term, but it’s certainly supported by the overall regulatory environment that values documented proof of controls. Having a control library is the way organizations prove to regulators or auditors that they have appropriate measures in place. Therefore, the definition is consistent with and legitimized by federal expectations around internal control and compliance management. No discrepancy exists; it is an accepted concept within governance and audit circles.

Downside Risk

MRI Definition: Downside Risk is the potential financial loss providers incur if they fail to meet cost or quality targets in a value-based arrangement mentorresearch.org. In a downside risk model, providers share in financial losses, meaning if spending exceeds benchmarks or quality measures aren’t met, they might have to pay money back or suffer reduced payments, not just forgo bonuses mentorresearch.org. This contrasts with “upside-only” models; downside risk specifically refers to the risk of owing money or penalties.

Oregon Law/Policy: Oregon’s health reforms are increasingly incorporating downside risk, particularly in advanced value-based payment (VBP) models. While not encoded in statutes, Oregon’s Value-Based Payment Compact (2021) explicitly calls for signatories to progress from upside-only arrangements to eventually taking on downside risk in their payment models hcinnovationgroup.com. The Oregon Health Authority has set VBP goals for CCOs that include two-sided risk models by certain target years. For example, CCO contracts encourage arrangements where providers might receive a bonus for savings but might also incur a penalty or lower payment for missing targets (downside). In Oregon’s CCO quality incentive program historically, providers didn’t face “losses” (just missed out on extra funds), but the state is exploring more advanced two-sided models in the next waiver period. Commercially, some Oregon Coordinated Care models (like large health systems in Oregon taking risk for certain populations) do involve downside risk. There’s no statutory barrier. Oregon insurance law permits alternative payment contracts that include withholds or repayment if metrics aren’t hit (providing that medical loss ratio requirements and solvency are respected). For instance, ORS 743B.470 allows insurers to offer bonus or incentive programs to providers that might implicitly include withholds (downside risk). Consistency: The MRI definition is consistent with how Oregon’s policy discussions use the term: downside risk means providers have “skin in the game” financially when costs run high. It’s considered the next step in moving to full risk-bearing arrangements. No conflict, as Oregon actively promotes understanding and adoption of downside risk in advanced VBP (with appropriate protections like stop-loss). In short, Oregon health policy fully legitimizes the concept as part of the VBP continuum.

Federal Law/Policy: Federal health programs also incorporate downside risk. For example, in Medicare’s Accountable Care Organizations, Track 1 ACOs were upside-only, but Tracks 2 and 3 (and now new ENHANCED tracks) involve downside risk where ACOs must repay Medicare a portion of losses if spending exceeds the benchmark. MACRA’s Advanced APM criteria require participants to bear “more than nominal” downside risk to qualify for bonus payments, CMS defines threshold amounts of potential loss as part of those criteria. The term downside risk is explicitly used in CMS regulations and guidance. The MRI description aligns exactly with these: it notes providers may owe money back to the payer if costs exceed targets mentorresearch.org. Medicare bundled payment models can also include downside risk (e.g., in later phases, providers must pay back if episode spending is too high). Additionally, the CMS Direct Contracting (now ACO REACH) model has providers assuming full risk for cost of care, pure downside beyond capitated payments. No discrepancy: the concept is fundamental in federal value-based care designs. The FTC or antitrust policies also recognize downside risk arrangements in providers’ joint contracting (treating them more like integrated entities if they share substantial financial risk including downside). This shows the idea is embedded in multiple policy arenas. Conclusion: MRI’s definition is consistent with and supported by federal policy. It clearly distinguishes downside risk from upside-only models, which is the  distinction regulators and industry make. Both state and federal contexts encourage movement toward downside risk models (with caution to ensure quality isn’t compromised). Therefore, the MRI definition is on firm ground legally and policy-wise.

Ethics Point Portal

MRI Definition: An Ethics Point Portal is described as an online system for employees, contractors, etc., to report ethical violations, unlawful activities, or business misconduct mentorresearch.org. It allows anonymous or identified reporting, is usually available 24/7, is often managed by an independent party or oversight body (like an audit committee) to ensure objectivity, protects whistleblower confidentiality, and provides tracking of report status and outcomes mentorresearch.org, mentorresearch.org. Its purpose is to ensure compliance, prevent fraud/misconduct by early reporting, and promote a culture of accountability without fear of retaliation mentorresearch.org, mentorresearch.org. (Note: “EthicsPoint” is also a trademarked product by NAVEX Global commonly used for such hotlines, but MRI uses the term generically.)

Oregon Law/Policy: Oregon law encourages whistleblowing and ethical reporting, it does not mandate a specific “portal” system for private organizations. However, Oregon statutes provide strong whistleblower protections that such a portal would reinforce, e.g., ORS 659A.199 forbids any employer retaliation against an employee who reports what they believe is a violation of state or federal law. If a healthcare organization in Oregon has an Ethics Point portal, it is implementing an internal mechanism aligned with this public policy of encouraging reports. Additionally, for certain sectors: Oregon’s healthcare licensing rules require facilities to have a process that allows staff to report quality of care or safety concerns (for instance, hospitals must have a method for staff to report errors or hazards, often anonymously). Oregon’s Corporate Activity Tax law and others don’t link directly to such systems, but on a policy level, Oregon has supported anonymous tip lines (e.g., Oregon OSHA has one for workplace safety). Within OHA, there is an Ombudsperson to whom Oregon Health Plan members can report issues. While not the same, it shows a culture that supports of reporting concerns freely. If an Oregon health plan contracts with the state (e.g., as a CCO), OHA likely expects they have compliance reporting mechanisms (most CCOs do have hotlines). There’s no conflict: having an ethics hotline/portal is seen as a best practice and is consistent with Oregon’s legal protections for whistleblowers (which MRI notes by stressing anonymity and non-retaliationmentorresearch.org, mentorresearch.org). Indeed, providing an independent channel for reports is a way to comply with Oregon’s whistleblower laws by ensuring those who speak up are protected and heard. MRI’s definition is supported by Oregon’s stance that ethical concerns should be raised and addressed without reprisal.

Federal Law/Policy: Federally, certain organizations are required or incentivized to have whistleblower reporting systems. As noted earlier, Medicare Advantage regulations require a non-retaliation policy and a way to report issues confidentially ecfr.gov. The U.S. Sarbanes-Oxley Act (Section 301) requires audit committees of public companies to establish procedures for confidential, anonymous submission of concerns regarding questionable accounting or auditing matters. This is directly on point, an Ethics Point portal is exactly such a procedure (and usually covers all kinds of misconduct, not just accounting). Additionally, the ACA created new whistleblower protections (Section 1558) for employees of healthcare entities who report ACA violations, reinforcing the need for mechanisms to report. The Federal Sentencing Guidelines for Organizations (since the 1990s) have included having a system for reporting misconduct (like a hotline) as an element of an effective compliance program (which can reduce penalties). MRI’s description (anonymous option, overseen by board or audit committee, etc.) is precisely what these guidelines envision mentorresearch.org, mentorresearch.org. Federal False Claims Act’s whistleblower provisions (31 U.S.C. §3730(h)) protect those who report fraud, and while it doesn’t require internal hotlines, organizations implement them to catch issues internally before a qui tam lawsuit happens. Government contractors are required (by FAR 52.203-13) to have a business ethics awareness program and an internal control system, including a mechanism for anonymous reporting and a hotline. If a health organization deals with federal contracts or funds, this may apply. Conclusion: The Ethics Point portal concept is fully consistent with federal compliance expectations and required by law for public companies and government contractors. MRI highlights features like anonymity, no retaliation, and independent oversight mentorresearch.org, mentorresearch.org, which echo legal standards (SOX mandated anonymity and audit committee oversight; CMS mandates non-retaliation). There is no discrepancy. In fact, using such a portal is considered a best practice to demonstrate compliance commitment under both state and federal oversight. Therefore, the definition is legitimate and well-supported under the law/policy framework protecting whistleblowers and promoting ethical corporate behavior.

Exception Report

MRI Definition: An Exception Report identifies instances where performance or outcomes deviate from expected benchmarks or standards mentorresearch.org. an exception report flags outliers or anomalies, cases that do not meet predefined criteria, signaling issues that require further investigation or corrective action. In healthcare value-based contracts, an exception report might track patient outcomes that don’t meet expected benchmarks, alerting providers to potential problems mentorresearch.org.

Oregon Law/Policy: Exception reports are tools rather than legal requirements. However, Oregon’s healthcare programs use similar mechanisms. For instance, OHA generates reports for CCOs highlighting when metrics are not met or when outliers appear in data submissions. In quality improvement initiatives, Oregon providers might use exception reporting to monitor which patients missed certain screenings (an exception to care standards). In Oregon’s context of coordinated care, real-time data and reporting are emphasized. ORS 442.466 requires hospitals to report certain quality data to a state registry; the state then produces comparative reports, effectively highlighting exceptions (e.g., hospitals with outlier infection rates). Internally, if an Oregon health plan is NCQA-accredited, it will run HEDIS measure exception reports (identifying enrollees not receiving standard care). Oregon’s patient safety reporting program under ORS 442.851 produces reports on serious adverse events, functional exception reports on safety deviations. The MRI definition aligns with widespread practice: identifying deviations from norms to improve processes. There’s no conflict; Oregon encourages identifying and addressing exceptions (through audit or quality committees). Even though “exception report” isn’t in statutes, the concept underpins many regulatory monitoring functions (like OHA’s dashboard highlighting CCOs’ not meeting targets). The definition is consistent with Oregon’s quality control philosophy.

Federal Law/Policy: Similarly, the federal government uses exception reporting conceptually in oversight. CMS, for example, uses data analytics to produce reports of anomalies, for Medicare claims, an exception report might list providers who are outliers in billing (those get flagged for audits by program integrity contractors). Also, under CMS quality programs, providers get feedback reports showing where their performance stands versus benchmarks; those often highlight exceptions or variances. For instance, in CMS’s Merit-based Incentive System (MIPS), a clinician might get a report that flags measures where those fell below the threshold. That’s essentially an exception report for quality metrics. In finance, federal financial managers produce exception reports for transactions that fall outside normal parameters (for detecting fraud or error). The concept is embedded in the federal internal control standards (the idea of management by exception is common in government auditing, focusing on items that deviate significantly). No law mandates “Thou shalt have exception reports,” but regulations do demand the results which exception reports facilitate: e.g., continuous monitoring and prompt correction of issues (HIPAA security rule expects regular review of audit logs, an exception report could be a way to list unusual access attempts). The Office of Inspector General also expects healthcare providers to monitor exceptions in coding/billing to catch errors or fraud. Conclusion: The MRI definition is consistent with these practices. It’s a standard term in management; the federal government and regulators would be entirely familiar and supportive of using exception reports to maintain contract performance and compliance. No discrepancy, exception reports are legitimate processes in line with state and federal expectations for proactive management of quality and compliance issues.

Fair Dealing

MRI Definition: Fair Dealing is defined as the requirement that health plans engage in equitable, honest practices without exploiting providers, ensuring all interactions are fair and mutually beneficial mentorresearch.org. It’s described as conducting business with honesty, integrity, transparency, and adherence to the agreement’s terms, avoiding taking undue advantage of the other party mentorresearch.org, mentorresearch.org. In healthcare contracts, fair dealing means good faith negotiations, compliance with agreed terms (no hidden clauses or surprise changes), and refraining from exploiting the other’s vulnerabilities or misrepresenting terms mentorresearch.org. Essentially, it is the flipside of “bad faith”, both parties act in good faith and do not undermine their dealings.

Oregon Law/Policy: Oregon law implies a duty of good faith and fair dealing in every contract, as mentioned earlier. Although usually phrased as “good faith,” the concept of fair dealing is inseparable in Oregon jurisprudence. ORS 72.3040 (UCC) explicitly imposes an obligation of good faith in the performance and enforcement of contracts for the sale of goods. For other contracts, Oregon common law recognizes this implied covenant. Oregon courts have penalized parties for acting in ways that, while perhaps not literal breaches of a clause, violate the spirit or purpose of the contract, which is exactly what “fair dealing” covers mentorresearch.org. For instance, if a health plan in Oregon were to technically pay claims on time but deliberately make the claims process so convoluted that providers give up, that would likely be seen as violating fair dealing. Also, Oregon’s Unfair Trade Practices Act (ORS 646.608) prohibits businesses from using deception or unconscionable tactics in consumer contracts, reflecting fair dealing principles in consumer interactions. In provider contracts, ORS 743B.405 requires health insurers to credential providers in a reasonable time, an example where Oregon ensures fair dealing (not stringing providers along arbitrarily). Oregon’s insurance regulations also require insurers to fairly process and pay claims (ORS 746.230 again, as a bad faith claims-practice law). Those essentially enforce fair dealing with providers and insureds. MRI’s specific points: “Good faith negotiations”, Oregon expects that (e.g., a misrepresentation in negotiating a contract can lead to rescission for fraud). “Compliance with terms and no surprise changes”, Oregon’s approach to interpreting contracts to protect reasonable expectations covers that, and insurers can’t just change provider contract terms unilaterally without notice. “Avoiding exploitation”, Oregon’s unconscionability doctrine (especially substantive unconscionability) is about preventing stronger parties from enforcement of grossly one-sided terms they foisted on weaker ones mentorresearch.org.  Conclusion: Fair dealing is absolutely consistent with Oregon law, it’s embedded in both statutory and common law requirements of how contracts are formed and executed. The MRI definition lines up with Oregon’s requirement of honesty and reasonableness in contract performance. There is no conflict; rather, MRI is echoing Oregon’s legal principles in plainer terms.

Federal Law/Policy: Federally, as mentioned, the implied covenant of good faith and fair dealing is recognized in federal common law especially in certain contexts (like government contracts, the federal government also must act in good faith in contract performance, per the Supreme Court’s decisions in cases like Lynch v. United States). In ERISA (which governs many health benefit plans), while it preempts state contract claims, there is an implicit requirement that plan fiduciaries act solely in participants’ interest (ERISA’s duty of loyalty), an analogy to fair dealing in handling claims. Federally regulated health plans (Marketplace QHPs) must abide by fair marketing and network contracting standards set by HHS, which forbids discriminatory or deceptive practices (essentially enforcing fair dealing with consumers and indirectly with providers). The FTC Act’s Section 5, which prohibits unfair or deceptive acts in commerce, is a broad mandate essentially requiring fair dealing, if a health plan lies or conceals material facts (lack of transparency, as MRI warns against mentorresearch.org), the FTC or state attorneys general can take action for deception. Additionally, CMS’s conditions for Medicare Advantage and Part D plans include that they must comply with their contracts and cannot modify provider contracts in ways that contradict network adequacy promises, etc. The concept surfaces in antitrust as well: a monopolistic payer could be challenged if they systematically dealt with providers in bad faith or unconscionable ways (though antitrust usually needs competition issues, not just unfairness). Still, fairness in dealing is a theme in various federal healthcare regulations (for example, the No Surprises Act of 2021 ensures fair dealing by preventing surprise billing, indirectly ensuring patients are treated fairly in contract outcomes between providers and plans). Conclusion: The fair dealing requirement is in harmony with federal oversight. No explicit general statute, but through multiple laws the principle is enforced, from truth-in-contract law (the FAA requires fairness in arbitration clauses now supervised by courts for conscionability post-Concepcion via state law) to specific consumer protections. MRI’s points about honesty, adherence to terms, no exploitation mentorresearch.org basically describe the ideal compliance with both contract law and consumer protection law. No discrepancy; it’s essentially a restatement of the covenant of good faith, which federal law recognizes across contexts (e.g., UCC §1-304 in federal law for goods transactions, Restatement (Second) of Contracts recognized by many courts). Therefore, the definition stands as legally sound and policy-consistent.

False Profit Leader

MRI Definition: A False Profit Leader refers to a business or strategy that appears highly profitable or financially successful but is not truly sustainable or legitimately beneficial long-term mentorresearch.org. In context, it’s when a health plan or provider shows seemingly strong profits or performance, but that success is built on unethical or unsustainable practices. Examples given: contracts that underpay providers or delay reimbursements to create short-term gains for the payer (at the expense of provider trust) mentorresearch.org; cutting quality of care to reduce costs (which may boost short-term profit but harm outcomes and lead to future costs) mentorresearch.org; or fraudulent/misleading reporting of financials to appear profitable and attract investments or contracts under false pretenses mentorresearch.org. Eventually, such strategies can lead to legal trouble, reputational damage, or collapse once the unsound practices are exposed mentorresearch.org.

Oregon Law/Policy: The term “false profit leader” is not a legal term, but Oregon law has provisions to address the underlying unethical practices:

  • If a health plan in Oregon engages in the first example (manipulating contracts to underpay or delay payment beyond what’s allowed), that can violate Oregon insurance regulations (ORS 746.230 as discussed, requiring fair claim payments). If done willfully as a strategy, it could also trigger enforcement or fines (OAR 836-080-0225 gives the DCBS authority to penalize insurers for claim practice violations).

  • Cutting quality to save money: Oregon’s coordinated care contracts explicitly require meeting quality metrics; a provider or plan that skims on required quality could lose funds (e.g., CCO incentive payments or even face contract termination). Moreover, if the care falls below minimum standards, licensing and malpractice laws come into play, the Oregon Medical Board or OHA could sanction a provider or facility for negligent care. Chasing profit by compromising care violates professional standards and potentially specific rules (like minimum staffing levels, etc., if applicable).

  • Fraudulent or misleading financial reporting: Oregon punishes this under corporate and securities laws. If a health insurer licensed in Oregon filed false financial statements to appear solvent or profitable, that’s illegal (ORS 731.574 prohibits filing false info with the regulator). Also, Oregon’s securities law (ORS 59.135) prohibits false statements or fraud in sale of securities, a health company lying about finances to investors would face enforcement.

  • Unlawful trade practices: If a healthcare entity misrepresents its services or outcomes to gain business (profit under false pretenses), Oregon’s Unlawful Trade Practices Act might apply if it impacts consumers (e.g., advertising super outcomes while secretly cutting corners).
    Essentially, each unethical practice behind a “false profit leader” scenario is addressed by some law or regulation. The concept that something can look good on paper while violating laws means eventually Oregon regulators (Insurance Division, OHA, DOJ) will catch up. The MRI’s caution that such an entity may face legal penalties or loss of position mentorresearch.org is borne out: Oregon has dealt with companies (outside healthcare also) which fudge finances and faced legal consequences. (One example, the ENRON scandal), Oregon enforces its securities and business laws to deter fraud. No discrepancy: The definition is more descriptive of a phenomenon than it is a defined term, but it aligns with Oregon’s stance that ethical, sustainable business practices are required and deceptive short-term profit tactics will be corrected by regulatory or market forces. Oregon’s health policy (working to create value-based care) tries to ensure real shared value, raataher than illusory profits at the expense of quality, consistent with MRI’s advice that genuine value is the antidote to “false profit leaders” mentorresearch.org.

Federal Law/Policy: At the federal level, again the term “false profit leader” isn’t used in legislation, but the components are covered:

  • Underpaying providers or delaying payment to boost profits: If a Medicare Advantage plan did this systematically, CMS could audit and sanction them for not meeting network adequacy or prompt payment requirements. Also, ERISA requires plans to adhere to terms; a self-funded employer plan administrator that arbitrarily delayed claims to float money could breach fiduciary duty.

  • Sacrificing quality for cost: The ACA’s Hospital Readmission and Hospital-Acquired Condition penalties essentially penalize hospitals that might skimp on care and end up with worse outcomes (so a short-term cost saving leads to a long-term penalty). Also, the Center for Medicare and Medicaid Innovation tests new models with quality gating. If an organization tries to profit by just cutting services, their quality scores drop and they lose shared savings or must pay losses. So federal policy designs try to discourage the “false profit” approach of cost-cutting at patient expense.

  • Fraudulent reporting: Numerous federal laws address this. For publicly traded health companies, the SEC (under laws like Sarbanes-Oxley) would pursue executives for false financial statements (which is securities fraud). The DOJ could prosecute under 18 USC §§ 1347 or 1349 if it’s fraud in connection with health care benefits or 18 USC § 1001 for false statements to government agencies. If false reporting leads to higher payments from Medicare (e.g., upcoding diagnoses to inflate risk scores and revenue), that’s a violation of the False Claims Act (several Medicare Advantage insurers have been sued by DOJ for exactly that kind of “false profit” strategy of exaggerating how sick patients are to get more money mentorresearch.org).

  • The FTC Act could label a pattern of misrepresenting a company’s outcomes or financial position as an unfair business practice if it harms consumers or competition.
    Federal enforcement has shown that short-term profit schemes like billing fraud or data manipulation do catch up: e.g., several large health insurers paid hefty settlements for risk-adjustment fraud (false profitability that was unsustainable, exactly as MRI warns). And investors have sued health companies for misrepresenting financial health once the truth comes out (SEC enforcement too).
    So the federal policy ecosystem supports the notion that “false profit leaders” will face legal reckoning and that sustainable, ethical practices are the correct path mentorresearch.org. The MRI recommendation to focus on genuine shared value rather than unsound short-term profit aligns with initiatives like the Triple Aim and various CMS payment reforms which tie payment to verified outcomes, not just cost cutting. Conclusion: The definition is validated by the array of federal laws against fraudulent or unethical profit-boosting tactics. No conflict, it encapsulates why compliance with law and quality standards is critical for long-term success and why federal law penalizes those who try to game the system. The term is not in statutes, but the practices described are regulated or prohibited by federal law. The MRI’s message is consistent with federal enforcement trends: fake success built on wrongdoing will unravel legally and financially.

Fee-for-Service (FFS)

MRI Definition: Fee-for-Service is a traditional payment model where providers are paid for each service performed (each test, procedure, visit, etc.), thereby incentivizing volume of services rather than outcomes mentorresearch.org.

Oregon Law/Policy: Fee-for-service is the baseline from which Oregon has been trying to transition. Oregon’s Medicaid (OHP) historically paid providers FFS, but since CCOs were introduced in 2012, the state moved toward global budgets and value-based payments. However, even within CCOs, many provider payments remain FFS (with overlays of bonuses or shared savings). There’s no law against FFS; in fact, Oregon’s insurance code assumes FFS in many contexts (e.g., ORS 743B.010 requires coverage of certain services, which in practice means paying per service). The Oregon Health Authority’s goal (per OHA’s VBP Roadmap) is to significantly reduce pure FFS by increasing APMs, but FFS is still allowed and prevalent in certain areas (especially outside integrated systems). Oregon’s medical billing rules (OAR chapter 410, divisions by service type) essentially describe how providers bill fee-for-service for Medicaid if not under a managed care arrangement. So the term is consistent with usage. Everyone understands FFS as paying per service, Oregon uses that term in policy discussions frequently (e.g., “moving away from fee-for-service’s incentives…”). The MRI definition that FFS encourages volume is also an accepted critique in Oregon health policy literature. So, the definition aligns with Oregon’s understanding and is legitimate. (Oregon doesn’t have a legal definition because it’s the default assumption historically.)

Federal Law/Policy: Federally, fee-for-service is also a well-understood concept. “Original Medicare” (Parts A and B) is fundamentally a fee-for-service system, providers bill for each service via CPT/HCPCS codes. The term is used by CMS when comparing payment models: for example, CMS says “we are moving from fee-for-service to value-based care.” It’s not codified as a definition because it’s the traditional norm. However, the Social Security Act implicitly relies on FFS constructs (e.g., setting relative value units for physician services, DRGs for hospital stays, which are per episode but underpinned by per-service components). The ACA and MACRA repeatedly contrast new models with “traditional Medicare fee-for-service.” The MRI’s characterization (volume-based approach to care) is exactly the rationale behind many ACA reforms (like ACOs), to mitigate FFS incentives. There’s no legal issue: FFS is legal and standard, but federal policy aims to diminish its dominance due to cost/quality concerns. The definition is consistent with federal usage, even the Presidential budgets often mention “incentives inherent in fee-for-service to increase volume” as a problem to be fixed oregon.gov. It’s a legitimate descriptor in federal policy discourse. No discrepancy at all; it’s in line with widespread acknowledgment that FFS drives up costs and doesn’t ensure quality, which is why programs like MIPS, APMs, etc., exist.

Gaming

MRI Definition: Gaming in healthcare contracting is defined as manipulation or exploitation of contractual rules, metrics, or processes to gain an advantage, sometimes to protect patients or provider integrity against unjust policies, other times to gain financial or competitive advantage at the expense of the contract’s intent mentorresearch.org, mentorresearch.org. It is doing something that is technically within the rules (legal) but undermines the spirit or intent of those rules (thus unethical) mentorresearch.org. Key characteristics include exploiting loopholes or ambiguities in rules, tweaking or misrepresenting performance metrics to secure incentives without truly improving underlying performance, and generally achieving outcomes by subverting the intended fairness or purpose of the system mentorresearch.org, mentorresearch.org.

Oregon Law/Policy: Oregon would view “gaming” largely as unethical behavior that certain regulations aim to curb. For example:

  • If a health plan “games” risk pools by cherry-picking healthier patients (with narrow networks or by selective marketing), Oregon’s insurance rules and the ACA’s guaranteed issue and risk adjustment were designed to counter that. Oregon’s Insurance Division along with federal rules prevent overt risk selection (which is a form of gaming coverage rules).

  • If a provider “games” metrics (say, by upcoding diagnoses to make patients seem sicker to get more reimbursement or hit quality targets easily), that could cross into fraud. Oregon Medicaid, for instance, monitors diagnosis coding and could flag outliers. Upcoding is illegal under false claims laws if done knowingly. Even if done subtly to “get around unjust denial of care” as MRI posits a scenario mentorresearch.org, it’s risky, Oregon Medicaid might see it as program violation. However, Oregon providers sometimes do engage in benign gaming, like scheduling multiple shorter appointments instead of one long one if the system doesn’t reimburse longer visits, Oregon’s move to global budgets tries to remove that incentive.

  • MRI also frames gaming as sometimes protective (providers bending rules to get patients care they need). Oregon’s administrative rules allow some flexibility for providers (for example, a provider can request exceptions to certain Medicaid prior authorization rules). But outright manipulation isn’t condoned openly; instead, Oregon encourages providers to appeal or work through proper channels if rules are unjust, rather than miscode.

  • That said, Oregon’s health policy board has explicitly discussed preventing gaming in value-based payment. For instance, if a health plan were to “game” quality metrics (maybe by only focusing on patients near the cutoff and ignoring the sickest), that undermines improvement. Oregon’s metrics committee designs measures to reduce such gaming (like requiring full population measures).

  • Oregon’s HB 2081 (2021) addressed “risk score gaming” by CCOs by setting guidelines for risk adjustment to prevent manipulation of patient diagnoses purely to increase capitation.
    In summary, Oregon’s stance is to close loopholes and maintain integrity of metrics, essentially anti-gaming. The MRI definition acknowledges both altruistic and malign motives for gaming; Oregon law doesn’t distinguish motive much, it focuses on outcome. If gaming causes improper payments or misleads regulators, Oregon will treat it as non-compliance or fraud. If it’s purely internal maneuvering that doesn’t break rules, it might not trigger enforcement, but Oregon’s collaborative ethos might label it unethical. No direct conflict: Oregon does not endorse gaming, but the definition which labels it “legal but unethical” is apt. Oregon’s response is making rules tighter to remove opportunities for gaming (for example, standardizing measurement definitions to leave less ambiguity). Thus, the MRI definition is consistent with Oregon recognizing that gaming can occur and is undesirable. The mention of protecting patients by gaming to get around “unjust denial” resonates with Oregon’s providers’ frustrations at times, and Oregon provides appeal rights and external review to address unjust denials so that providers don’t have to game the system.

Federal Law/Policy: The federal government likewise tries to anticipate and prevent gaming in healthcare programs:

  • Medicare Advantage risk adjustment gaming: DOJ cases against insurers for one-sided chart reviews (only adding diagnoses, not removing) show that what insurers saw as maximizing revenue within rules, the government sees as fraudulent gaming. CMS annually adjusts risk adjustment models to mitigate gaming (like pattern of coding intensity).

  • ACOs and gaming: When the MSSP started, CMS set rules to prevent ACOs from just picking certain easy patients or leaving program if losses likely (e.g., mechanisms like mandatory 3-year participation to discourage jumping in and out).

  • Gaming quality metrics: CMS often uses all-or-nothing scoring or improvement scoring to discourage just targeting certain metrics. Also, programs like Hospital Star Ratings have been refined when hospitals found ways to game them (like upcoding “present on admission” conditions).

  • In payment models: CMS specifically in rules uses language “we seek to avoid any gaming or unintended consequences.” For example, in bundled payments, CMS monitors case volumes shifting in or out of bundles (to prevent providers gaming by shifting certain patients out of the bundle if unprofitable).

  • The FTC or OIG might step in if gaming crosses into actual rule breaking. Many “legal” gaming strategies eventually get addressed by new regulations or guidance once identified.
    Thus, the MRI’s definition that gaming is often technically within rules but unethical is recognized by policymakers, the constant updates to Medicare rules show attempts to close discovered loopholes. A famous example: some Medicare Advantage plans were accused of “chart padding”, adding irrelevant diagnoses to raise risk scores (legal if diagnoses are documented, but unethical if not affecting care). CMS issued guidelines and now audits to curtail the practice. Another example: in Part D, plans might have been gaming star ratings by shifting low performing members to different contracts; CMS now has rules to prevent contract consolidation for that reason. No discrepancy: Federal health policy explicitly tries to reduce gaming, acknowledging it happens. The MRI definition doesn’t conflict with any law; it highlights a concern regulators share. If anything, federal agencies rely on whistleblowers and audits to detect gaming that crosses into fraud (as indicated, if metrics manipulation involves false data, the law kicks in). The concept is legitimate and widely discussed in policy (though perhaps referred to as “loophole exploitation” or “undesirable behavior” in rule preambles). In conclusion, the definition is consistent with federal understanding that stakeholders sometimes game rules, and that while it may not always be illegal, it undermines system integrity. Laws and policies evolve to combat it.

Good Faith and Fair Dealing

MRI Definition: Good Faith and Fair Dealing is a legal principle expecting honesty, fairness, and integrity from parties in executing contracts and interactions mentorresearch.org. It mandates that each party act in good faith and not do anything to destroy or injure the rights of the other to receive the benefits of the contract mentorresearch.org. Essentially, it’s the combined duty of good faith (honest intention, no intent to deceive) and fair dealing (as discussed above). The MRI entry summarizes that this covenant prevents parties from engaging in conduct that, while perhaps not a literal breach, undermines the contract’s purpose or the other party’s reasonable expectations mentorresearch.org.

Oregon Law/Policy: As noted, Oregon law explicitly recognizes an implied covenant of good faith and fair dealing in every contract. The MRI’s combined term is exactly the phrasing Oregon courts use. For example, Best v. U.S. National Bank (Oregon Supreme Court) states that every contract carries an obligation of good faith in its performance or enforcement. ORS 71.2030 (UCC general obligation of good faith) and ORS 72A.1080 (for leases) both use “good faith” (which under UCC means honesty in fact and observance of reasonable commercial standards). Oregon courts have said this covenant of good faith is about not doing anything that will have the effect of destroying or injuring the right of the other party to receive the fruits of the contract, which is practically identical to MRI’s description of fair dealing mentorresearch.org. Oregon uses this doctrine to, for instance, stop an insurer from technically following contract language in a way that unfairly frustrates the insured’s claim. However, Oregon also has limitations: the duty of good faith cannot contradict express terms or create new obligations. But within those bounds, it is firmly enforced. Healthcare context: if a health plan in Oregon were to retroactively cancel a contract right before a big claim in order to avoid payment (and say the contract gave a cancellation at-will clause), a court might find that to violate good faith and fair dealing because it’s exploiting a technical right to gut the provider’s expected benefit. All earlier analysis on “Good Faith” and “Fair Dealing” individually apply here. Oregon’s policy environment, from insurance regulation to general contract law, demands good faith dealings. The MRI’s emphasis on honesty, transparency, and avoiding hidden disadvantages mentorresearch.org, mentorresearch.org fits perfectly with Oregon’s legal expectations. No discrepancy, this principle is a bedrock of Oregon contract law.

Federal Law/Policy: At the federal level, good faith and fair dealing is recognized similarly. While most contract disputes stay in state courts, in federal contracting there is an implied duty on the government to act in good faith. The U.S. Court of Federal Claims often cites the covenant in cases where the government’s actions have undermined the contractor’s expected benefit. In private contracts governed by federal common law (rare, but e.g., unique federal interests or international deals), courts also imply good faith. The National Association of Insurance Commissioners (NAIC) models and federal health regulations effectively assume parties will act in good faith, for instance, MHPAEA (parity law) expects insurers to apply criteria in good faith similarly for mental and physical benefits. ERISA’s fiduciary duty of loyalty again is analogous for benefit plans. Even the Federal Arbitration Act now allows some review if an arbitration clause is so unfairly applied it violates good faith. Consumer Financial Protection Bureau and FTC likewise base many regs on concept of fair dealing (like requiring service providers to deal fairly and not just stick to letter of contract while abusing consumers). MRI’s combined definition matches universal contract law doctrine. Nothing in federal policy contradicts it. If anything, numerous federal laws (as previously discussed) are in place because reliance solely on good faith doesn’t always protect weaker parties, but that doesn’t negate the general principle. The SEC and accounting standards require good faith in financial dealings (e.g., one must not deliberately game accounting rules, back to gaming discussion, because that violates good faith representation of financial condition). Conclusion: The combined duty of good faith and fair dealing is well-supported by both state and federal legal frameworks.  MRI is describing the legal principle accurately mentorresearch.org. No discrepancy exists; it’s precisely the standard that courts would articulate if a contract dispute arose. The definition stands firmly grounded in law.

Good Faith

MRI Definition: Good Faith is defined as the obligation of health plans (and by extension all parties) to act with honesty, fairness, and integrity in all contractual dealings mentorresearch.org. It means having a sincere intention to fulfill obligations without intent to defraud or seek unfair advantage, being transparent and truthful, and making reasonable efforts to carry out duties mentorresearch.org, mentorresearch.org. Key aspects include honesty (no withholding critical details), fair intentions (truly intend to honor commitments without hidden tricks), and reasonable effort to fulfill duties even if challenges arise mentorresearch.org, mentorresearch.org.

Oregon Law/Policy: Oregon law’s stance on good faith has been elaborated above. In the UCC (which Oregon adopts), “good faith” in merchant dealings means honesty in fact and observance of reasonable commercial standards (ORS 71.2010(2)(t)). Oregon applies good faith beyond the UCC via case law for all contracts. MRI’s enumerations (honesty, not withholding critical details, etc.) match Oregon courts’ descriptions: e.g., Stanfield v. Laccoarce said good faith means faithfulness to an agreed common purpose and consistency with justified expectations of the other party. Oregon insurance law specifically has many references to good faith. For example, ORS 742.018 requires policies be interpreted per the policyholder’s reasonable expectations, reflecting that insurers must not hide important terms (withholding critical info would violate good faith). Also, ORS 746.230 (unfair claims) can be seen as enumerating breaches of good faith duty by insurers. For providers, ORS 676.150 (duty to report misconduct) ties into an expectation of good faith toward patients and system. Good faith appears explicitly in some Oregon statutes: ORS 31.150 (anti-SLAPP) protects good faith communications on issues of public interest, which shows Oregon’s policy valuing sincerity and lack of malice. In negotiation, Oregon follows the general rule that you can’t defraud (common law fraud). MRI’s stress on providing accurate information and not having hidden disadvantages is exactly what Oregon’s misrepresentation or fraud laws enforce (ORS 165.085, fraud in business, etc.). Conclusion: The elements of good faith listed align with Oregon’s interpretation that you don’t lie or purposely undermine the contract for advantage mentorresearch.org. Oregon’s legal actions against companies that misled regulators or partners underscore that (e.g., Oracle’s saga with the Cover Oregon project ended in legal disputes partly over whether each side acted in good faith). No conflict: the definition is consistent with Oregon’s implied covenant and general obligation of good faith in performance.

Federal Law/Policy: In federal arenas, good faith is often explicitly required. For instance, federal procurement regulations require contractors to exercise good faith in dealing with the government and vice versa. The IRS requires good faith in tax return positions (or else penalties for negligence or fraud). In healthcare specifically, CMS requires that providers certify claims are submitted in good faith (the CMS-1500 claim form has a certification of truthfulness and good faith). Federal labor law under NLRA expects parties to bargain in “good faith.” While that’s outside healthcare, it’s a broad principle. For CMS Innovation models, participation agreements often have language that parties will operate arrangements in good faith to achieve goals. And as mentioned, ERISA fiduciaries must act prudently and solely in the interest of beneficiaries, a standard beyond good faith, but including it. The concept that each party should be honest and not sabotage the deal is assumed in all federal contract or program agreements. The Federal Courts, in applying common law, echo state principles: e.g., in insurance disputes under ERISA, courts have imported the state idea that denying claims without a reasonable basis is a lack of good faith (though ERISA doesn’t allow punitive damages for it like some states do). MR!’s specific points (transparency, no deception, meeting obligations sincerely) are uncontroversial and expected by all federal regulators (SEC, CMS, DOJ, etc. would all prosecute parties who fail those standards in serious ways). Conclusion: The definition of good faith is completely consistent with legal and policy usage. It describes precisely the behavior the law attempts to encourage and sometimes enforce. There is no discrepancy, this is a foundational legal requirement echoed in numerous statutes and case law. It’s essentially restating the ethical baseline in legal terms mentorresearch.org.

Healthcare Quality Control

MRI Definition: Healthcare quality control refers to systematic processes and measures to ensure healthcare services meet safety, effectiveness, and patient-centered standards mentorresearch.org. It involves monitoring performance metrics, identifying areas for improvement, and implementing corrective actions to improve patient outcomes mentorresearch.org, mentorresearch.org. Key elements include setting clear quality standards/benchmarks (e.g., infection rate targets, outcome goals) mentorresearch.org, measurement and monitoring through data (like PROMs or clinical indicators) mentorresearch.org, identifying errors or deviations via exception reports or other analysismentorresearch.org, taking corrective actions to fix gaps mentorresearch.org, and committing to continuous improvement cycles mentorresearch.org. The goal is safe, effective, patient-centered care with reduced costs and improved system efficiencymentorresearch.org.

Oregon Law/Policy: Oregon strongly embraces healthcare quality control through both regulation and initiatives:

  • Hospitals: Oregon law (ORS 441.155) requires hospitals to have a quality assessment and performance improvement program. OAR 333-505-0450 mandates hospitals maintain a quality management program covering patient care evaluation and improvement, essentially requiring what MRI describes: track data, identify problems, fix them.

  • Coordinated Care Organizations (CCOs): Oregon’s CCO model is built on quality incentive metrics. ORS 414.638 tasks the Metrics & Scoring Committee to set outcome and quality measures for CCOs. CCOs get financial bonuses from the Quality Pool for meeting benchmarks (e.g., controlling HbA1c rates, screening rates). This inherently forces quality control: CCOs must monitor their performance on these measures (e.g., percentage of diabetic patients with controlled blood sugar) and improve continuously. The state publishes annual reports comparing each CCO’s metrics, a form of quality control transparency oregon.gov.

  • Clinics and PCPCH: Oregon’s Patient-Centered Primary Care Home (PCPCH) standards require clinics to do quality improvement (Standard 3: Continuous Improvement). They have to collect data on measures like access, patient experience, and use Plan-Do-Study-Act cycles to improve, exactly the continuous improvement loop MRI cites mentorresearch.org.

  • Long Term Care: ORS 443.447 establishes a Quality Measurement Program for long-term care, tracking key indicators.

  • Public Reporting: Oregon participates in CMS’s Hospital Compare and has Oregon-specific public reporting (like Oregon Hospital Quality Metrics).
    The MRY definition’s emphasis on benchmarks, data, error identification, corrective action, etc., aligns with Oregon’s health system transformation approach. The mention of PROMs (Patient-Reported Outcome Measures) is timely, Oregon is piloting PROMs for behavioral health outcomes. And reducing infection rates: Oregon’s Healthcare-Associated Infections program under ORS 431A.10 collects hospital infection data to drive improvement (hospitals compare against benchmarks and implement improvements). There is no conflict; on the contrary, Oregon’s health policy is built on formalizing quality control in all healthcare delivery (ensuring each organization systematically improves quality). Oregon’s Triple Aim goal (better care, better health, lower cost) explicitly depends on robust quality control. Therefore, the MRI definition is fully consistent with Oregon policy.

Federal Law/Policy: Federally, healthcare quality control is a core policy focus. The Affordable Care Act established:

  • National Strategy for Quality Improvement in Health Care (ACA § 3011), which sets priorities, benchmarks, and strategies for quality.

  • CMS Quality Programs: Hospital Value-Based Purchasing, HRRP (readmission penalties), HAC (infection/complication penalties), all these force hospitals to monitor and improve metrics to avoid penalties or gain bonuses. That’s quality control at a system level.

  • Quality Reporting: Medicare requires quality reporting from various providers (hospitals, physicians via MIPS, etc.). Those who fail to report or perform well face payment adjustments. The federal government has effectively mandated quality control by tying it to payment.

  • Accreditation and CoPs: Medicare’s Conditions of Participation for facilities require a Quality Assessment and Performance Improvement (QAPI) program (for hospitals, 42 C.F.R. § 482.21; for nursing homes, new regulations under 42 C.F.R. § 483.75). These mirror the MRI elements: data-driven, entity-wide quality improvement with continuous monitoring and systemic action to address issues of concern.

  • Patient Safety Organizations (PSOs): Federal law (Patient Safety and Quality Improvement Act) encourages providers to report errors to PSOs to analyze and improve, a method of error identification and system learning (fits MRI’s “error identification and corrective action” steps mentorresearch.org).

  • PROMs and patient-centeredness: CMS is increasingly using PROMs in models (Oncology Care Model, etc.) and CAHPS patient experience surveys in many programs, reflecting patient-centered quality control as MRI notes.
    MRI’s outline of a quality control process is precisely what HHS expects providers to implement. For example, the Joint Commission (a federally recognized accreditor) requires continuous quality improvement processes from hospitals (collect data, compare to benchmarks, make corrective actions). Even the emphasis on cost reduction through quality (less complications, etc.) is exactly the CMS narrative, improving quality can lower cost (e.g., fewer readmissions saves Medicare money). No discrepancy: Federal policies not only support but require healthcare organizations to engage in formal quality control processes nearly identical to those described by MRI mentorresearch.org, mentorresearch.org. The definition is essentially a summary of modern healthcare quality management, a cornerstone of federal healthcare reform efforts since early 2000s (starting with IOM’s "Crossing the Quality Chasm" report which advocated the same elements: continuous improvement, metrics, etc.). So, the definition is strongly legitimized by federal health policy.

Healthplan

MRI Definition: Healthplan is defined as any organization that provides or arranges health benefits through insurance or other agreements mentorresearch.org. It includes private insurers and government programs, and various plan types (HMOs, PPOs, EPOs, CCOs). Key elements: coverage for medical services (doctor visits, hospital, Rx, preventive, sometimes mental health) mentorresearch.org; provider networks (a network of preferred providers and facilities) mentorresearch.org; cost-sharing structure (premiums, deductibles, copays) mentorresearch.org; and newer inclusion of value-based contracts (paying for outcomes) in plan design mentorresearch.org. Examples: Medicare, Medicaid, CHIP as government health plans; employer group plans or marketplace plans as private.

Oregon Law/Policy: Oregon law uses terms like “health benefit plan” (ORS 743B.005) which is defined as a policy or agreement by an insurer to provide medical care coverage ecfr.gov. That is essentially the same as MRI’s use of “healthplan.” ORS 743B.005’s definition specifically includes coverage for essential health services and excludes certain excepted benefits. The MRI definition is broader, including government programs. In Oregon, Medicaid is often called the Oregon Health Plan, literally “health plan” in name (the state’s Medicaid managed care is delivered through CCOs which are health plans). Oregon’s laws about network adequacy, consumer protections, etc., apply to “health plans.” The elements MRI lists (covered services, network, premiums/cost-sharing) align exactly with Oregon’s insurance code requirements for health benefit plans. For example, ORS 743B.250 mandates network adequacy for plans (reflecting provider networks concept), ORS 743B.010 requires inclusion of certain essential services (coverage element), and ORS 743B.100+ define cost-sharing limits and structures (deductible limits, out-of-pocket max as per ACA). Oregon also extends mental health parity to health benefit plans, MRI notes mental health services are sometimes covered, but in Oregon must be covered equally (ORS 743A.168). The mention of CCOs as a type is pertinent because Oregon uniquely has CCOs for Medicaid, these are effectively managed care health plans under state law (ORS chapter 414). Overall, MRI’s definition of “healthplan” is consistent with how Oregon defines and regulates health insurance. Oregon’s use of “health plan” in OHA context includes not just private insurance but also OHP, etc., like MRI’s usage. No discrepancy: it matches Oregon’s concept of an entity providing a set of health benefits to a population for set costs.

Federal Law/Policy: Federal law, particularly HIPAA and the ACA, defines “health plan” in a similar inclusive way. HIPAA’s definition (45 C.F.R. § 160.103) says “Health plan means an individual or group plan that provides or pays the cost of medical care” ecfr.gov, and it explicitly lists examples: group health plans (employer plans), health insurance issuers, HMOs, Medicare, Medicaid, CHIP, etc. This is nearly identical to what MRI describes: both private and governmental programs are health plans mentorresearch.org. The Affordable Care Act uses “health plan” to refer broadly to any plan offering health insurance coverage (with some exceptions like it excludes self-funded employer plans from some definitions, but generally the term is broad). FTC and DOJ in antitrust speak of “health plans” meaning insurance companies or managed care organizations. The elements: coverage of medical services, networks, premiums, cost-sharing are standard features recognized in federal law (ACA Section 1302 defines essential health benefits, what services must be covered; network adequacy is mandated for Marketplace QHPs by 45 C.F.R. 156.230; ACA standardized cost-sharing tiers (platinum, gold, etc.) which incorporate deductible and copay features). The note that modern health plans include value-based contracts mentorresearch.org is reflective of CMS encouraging Medicare Advantage plans to adopt value-based provider contracting, and of the fact that ACA insurer quality requirements (like insurer quality ratings) push plans towards paying for quality. Also, Medicare Advantage itself is a capitated value-based arrangement by nature. The examples MRI gives (Medicare, Medicaid, CHIP as government; employer or marketplace as private) align with federal definitions that indeed list those as types of health plans mentorresearch.org. Conclusion: MRI’s “healthplan” definition is a paraphrase of the HIPAA definition combined with common features of ways health insurance works in practice. There is no conflict with federal usage; rather, it’s supported by it (for instance, quoting HIPAA: “an individual or group plan that provides or pays for medical care” ecfr.gov). Therefore, the definition is clearly legitimate under U.S. law and policy.

Medically Necessary and Reasonable Care

MRI Definition: Medically Necessary and Reasonable Care is defined as services provided for the treatment of a mental health, behavioral, or SUD diagnosis that are safe, effective, appropriate per generally accepted medical standards or empirical evidence mentorresearch.org, mentorresearch.org. They must be consistent with the patient’s diagnosis and individualized plan, not for the convenience of patient/family/provider, and not for non-health purposes (recreation, data collection, legal requirements, provider profit, etc.) mentorresearch.org. “Medically reasonable” means the services are justifiable and appropriate based on accepted standards, clinical evidence, and the patient’s specific condition mentorresearch.org. In short, necessary care is that which is clinically indicated for the condition and not excessive or extraneous.

Oregon Law/Policy: Oregon law frequently uses the term “medically necessary.” However, rather than one universal definition, it often defers to how a policy or the Oregon Health Authority defines it. For example, ORS 743B.423 (from HB 3046 in 2021) now requires that insurance coverage of behavioral health treatment be limited to treatment that is medically necessary as determined in accordance with generally accepted standards of care and not more stringently than for medical/surgical care olis.oregonlegislature.gov. This new law basically says insurers must use medical necessity criteria for behavioral health that are in line with standard clinical guidelines (e.g., ASAM criteria for substance use, etc.) and can’t apply them more restrictively than they do for other conditions. It further states the care must effectively treat the underlying condition, not just immediate symptoms olis.oregonlegislature.gov, and for behavioral health crises, cover what’s needed to stabilize and transition the patient. This resonates with MRI’s points about aligning with guidelines and focusing on underlying need not convenience mentorresearch.org. Also, Oregon’s Prior Authorization reforms (SB 249 in 2019) require insurers to use evidence-based guidelines to determine medical necessity and disclose them on request, pushing consistency with accepted standards. In Medicaid, OAR 410-120-0000(33) defines “medically appropriate” (similar to necessary) referencing services that are required for diagnosis or treatment and meet accepted standards. That includes being appropriate in type, setting, intensity, etc., and not being primarily for convenience or cost-saving if it sacrifices efficacy, in line with MRI’s exclusions of convenience or profit motives mentorresearch.org. Oregon’s Health Evidence Review Commission (HERC) maintains guidelines and a Prioritized List to determine what is medically necessary for coverage in OHP (services “above the line” with certain conditions are deemed necessary). Oregon has an infrastructure around defining and updating what care is considered necessary and reasonable given evidence, exactly what MRI describes as basing care on accepted guidelines or evidence mentorresearch.org. Additionally, Oregon’s mental health parity laws now forbid insurers from defining “medically necessary” for behavioral health in a way inconsistent with generally accepted practice, so an insurer’s definition must align with the kind of definition MRI provides. No discrepancy: MRI’s criteria reflect the typical elements found in Oregon’s various definitions (e.g., ORS 743B.423’s language, or HERC’s medical necessity statement). Oregon does prohibit medically unnecessary care, e.g., ORS 441.098 prohibits hospitals from balance billing for services that were not medically necessary in an emergency. That implies an expectation of truth in claiming necessity. The definition is consistent and supported by Oregon’s legal standard that care should be based on clinical need and effectiveness rather than convenience or profit motives.

Federal Law/Policy: The concept of “reasonable and necessary” is fundamental in Medicare law. The Social Security Act §1862(a)(1)(A) states Medicare may only pay for items or services that are “reasonable and necessary for the diagnosis or treatment of illness or injury.” Medicare has historically not defined it very specifically in statute, but in 2021 CMS codified a regulatory definition: an item/service is “reasonable and necessary” if it is safe and effective, not experimental, and appropriate, including in duration and frequency and considering if it meets the patient’s needs and is at least as beneficial as alternatives wachlerblog.com, wachlerblog.com. This is strikingly similar to MRI’s phrasing: safe, effective, not for convenience (implied by appropriate), not experimental (empirical evidence), and meeting the patient’s specific condition needs mentorresearch.org, mentorresearch.org. CMS’s criteria also mention aligning with standards of practice and, interestingly, commercial coverage as a consideration for new services (the rule considered using commercial insurer coverage as evidence of appropriateness) wachlerblog.com. MRI’s mention of “generally accepted medical guidelines or standards” for necessity echoes this. ACA’s Essential Health Benefits and mental health parity require that determinations of medical necessity for behavioral health use clinically appropriate standards, the federal parity final rules (45 C.F.R. §146.136) require transparency of medical necessity criteria and that they are applied comparably. Also, the FTC would view provision of unnecessary services as potential fraud if billed to insurers (some healthcare fraud cases involve billing for services not medically necessary, which is actionable under the False Claims Act when government programs are billed). The definition’s exclusion of services done for legal requirements or maximizing provider reimbursement mentorresearch.org is interesting: for instance, some drug tests or therapies might be done just to satisfy legal mandates or research, but not truly needed for patient care, Medicare generally would not cover those either. Federal policy aligns that medically necessary means not primarily for convenience of anyone (Medicare won’t cover say an extra day in hospital just for family convenience). Conclusion: MRI’s definition is essentially a summary of how Medicare and major insurers define medical necessity. It’s consistent with federal standards, in fact, CMS’s codified definition from 2021 could be overlaid on MRI’s and they’d match on points of safety, effectiveness, non-experimental, appropriateness to condition. No discrepancy at all; it’s supported by statute, regulation wachlerblog.com, and case law (courts upholding MAC or CMS decisions about what’s medically necessary often cite similar criteria). Thus, the definition is firmly grounded in legal/policy usage.

Minimum Necessary Information

MRI Definition: Minimum Necessary Information means that when using, disclosing, or requesting protected health information (PHI) (for payment, operations, etc.), only the minimum amount of information needed for the purpose should be exchanged mentorresearch.org. Providers have discretion to determine what is minimally necessary based on the patient’s care needs and the intended purpose mentorresearch.org. A health plan requesting PHI must justify why the info is the minimum necessary and document that rationale mentorresearch.org. The definition also suggests that if information is highly sensitive or its disclosure could harm the patient, providers can decide (possibly in consultation with another provider) not to disclose it, even if it might otherwise be allowed, and document their reasoning in the medical record mentorresearch.org. This last piece implies a provider ethical judgment override if harm is likely.

Oregon Law/Policy: “Minimum necessary” is primarily a HIPAA Privacy Rule concept, but Oregon generally defers to HIPAA on PHI privacy (ORS 192.553 establishes Oregon policy to protect health info consistent with HIPAA). Oregon does have a few stricter privacy laws in certain areas (e.g., HIV info, genetic info, psychotherapy notes are specially protected). Under HIPAA (which Oregon providers and health plans must follow), the minimum necessary standard (45 C.F.R. §164.502(b)) requires covered entities to make reasonable efforts to limit PHI to the minimum needed for the purpose ecfr.gov. The MRI text is basically reciting this standard, including that covered entities can rely on requests as minimum necessary in certain cases or must have policies on role-based access etc. Oregon law itself does not define “minimum necessary,” it simply says comply with HIPAA and in some cases requires consent for certain disclosures (e.g., ORS 179.505 for mental health records). The interesting part is MRI’s reminder that providers have discretion to withhold if disclosure could harm the patient mentorresearch.org. Oregon’s mental health confidentiality law (ORS 179.505) allows withholding some sensitive info from patients’ themselves if likely to cause harm, but not exactly about withholding from a payer. However, HIPAA does have a provision: if a patient pays out-of-pocket in full and requests that information not be disclosed to their insurer, the provider must comply (45 C.F.R. §164.522(a)). That’s akin to “if disclosure would harm patient (like revealing sensitive treatment to insurance), providers can refuse if patient asked.” Also, Oregon’s HB 2758 (2015) requires insurers to honor confidential communication requests from patients (like sending EOBs to an alternate address if disclosure could put them in danger). Oregon does recognize scenarios where info would be withheld to prevent harm (like domestic violence situations). If a provider thinks releasing certain details to a health plan will seriously harm the patient, Oregon would likely support working within privacy rules to limit that disclosure (perhaps using generic codes or negotiating with the plan). The provider’s documenting consultation and reasons for nondisclosure mentorresearch.org would be prudent if they ever needed to justify it. But ordinarily, if a plan requests PHI for payment, HIPAA’s minimum necessary still expects needed info to be sent unless an exception or law prevents it. Oregon doesn’t contradict any of this, indeed, Oregon law encourages caution with sensitive info (e.g., ORS 746.665 prohibits insurers from seeking genetic info without consent). Conclusion: The MRI definition is rooted in HIPAA (a federal law with which Oregon law aligns). The additional ethical discretion note is not explicitly in law but is not prohibited by Oregon, it’s more a professional judgment call that might be used rarely and at provider’s risk unless clearly justified. Oregon’s strong patient privacy stance (some of strongest reproductive health privacy laws, etc.) resonates with protecting patient from harm by nondisclosure. So the definition is consistent with Oregon’s approach to privacy and minimum necessary standard.

Federal Law/Policy: The minimum necessary requirement is directly from HIPAA.  MRI’s language that providers have responsibility to determine minimum necessary and that requests must be justified and documented mentorresearch.org reflects HIPAA 45 C.F.R. §§164.514(d) which requires covered entities to have policies to limit uses and disclosures to the minimum necessary and to reasonably rely on requests (like from another provider or plan) as being minimum necessary in certain contexts, but also the disclosing entity can challenge requests that seem excessive ecfr.gov. Also, HIPAA’s preamble says the covered entity should evaluate each request and disclose only what is necessary hhs.gov. The requirement that health plans document rationale for PHI they request mentorresearch.org, HIPAA’s rules for plans aren’t that explicit, but if HHS investigated an insurer for over-collecting PHI, they’d ask for justification. The more striking part is allowing providers to withhold info if disclosure is likely to cause harm mentorresearch.org. This sounds like the “do no harm” ethical clause meeting privacy. HIPAA itself does not give a blanket right to withhold required info due to potential harm except two scenarios: one, as mentioned, patient restricts info to plan by paying out-of-pocket; two, a provider can refuse a patient’s request for their own records if it’s reasonably likely to endanger life or safety (164.524). But refusing a plan’s permitted request is tricky, HIPAA permits disclosure for payment, so a provider withholding could technically violate HIPAA unless a specific permission covers it. MRI may envision the provider making a judgment call, which might conflict with strict HIPAA but be morally justified. In practice, if a provider really felt harm would come (say an abusive spouse would see an EOB), they can ask patient to pay privately or use laws like 164.522 as shield. The documentation of reason in chart is good but not formal legal protection. Nonetheless, the spirit to avoid causing patient harm by unnecessary disclosure is aligned with the overall purpose of the Privacy Rule. Federal law absolutely supports the “minimum necessary” principle ecfr.gov. HHS OCR guidance repeatedly emphasizes that covered entities should limit PHI to the minimum and have policies for routine disclosures. Clearly, except for that last ethical nuance which goes a bit beyond written law, the MRI definition is consistent with federal privacy law. And even that nuance echoes HHS’s encouragement to giving patients control over personal information (the restriction request rule, and new rules under 21st Century Cures Act also consider patient preference in sharing info). Conclusion: The definition is essentially a restatement of HIPAA’s minimum necessary standard ecfr.gov with an added ethical recommendation. It’s supported by federal policy (HIPAA) which is binding and doesn’t contradict any part of it. If it is noted that the refusal to disclose for harm prevention aligns with allowed uses under HIPAA (like using the self-pay restriction), it’s fine. So yes, it’s legitimate and consistent with privacy laws and policies encouraging discretion and safeguarding sensitive PHI.

NCQA (National Commission on Quality Assurance)

MRI Definition: NCQA is described as a non-profit organization dedicated to improving healthcare quality through evidence-based standards, measures, programs, and accreditation mentorresearch.org. Its mission focuses on safe, effective, patient-centered, timely, efficient, and equitable care. NCQA sets quality benchmarks and accredits health plans, medical homes, etc., ensuring they meet certain performance standards.

Oregon Law/Policy: NCQA is not a government entity, but Oregon incorporates NCQA standards in various ways. For example, Oregon’s Patient-Centered Primary Care Home program was built with reference to NCQA’s medical home standards. Many health plans in Oregon (both CCOs and commercial insurers) seek NCQA accreditation; while not mandated by state law for all plans, it’s often required by employers or the Exchange. In fact, Cover Oregon (the ACA exchange) initially required QHPs to be accredited by NCQA or similar entities. Oregon’s Health Evidence Review Commission uses NQF-endorsed measures, many of which come from NCQA’s HEDIS (Healthcare Effectiveness Data and Information Set). NCQA’s HEDIS measures are used for Oregon’s CCO incentive metrics and in Oregon’s annual health plan report card. So, in practice NCQA is legitimized as the standard-setter for quality measures in Oregon. The description MRI gives is accurate. Oregon Health Authority frequently collaborates with NCQA (for example, Oregon’s Metrics & Scoring Committee uses NCQA/HEDIS for measures like diabetes control, colorectal cancer screening, etc.). Oregon doesn’t define NCQA in statute but refers to “nationally recognized accreditation” in laws (i.e. for coordinated care organizations in ORS 414.625) often meaning NCQA or URAC. So, the definition is consistent with how Oregon views NCQA: an authoritative body for quality accreditation. No discrepancy: NCQA is recognized and relied upon.

Federal Law/Policy: NCQA is widely recognized federally. Medicare Advantage plans are required to be accredited; NCQA is one of the approved accrediting organizations by CMS for MA plans. Also, under ACA Section 1311, qualified health plans must be accredited on clinical quality and other measures, NCQA is explicitly named as an entity whose accreditation is acceptable. Many federal programs adopt NCQA measures (HEDIS) to evaluate performance. For example, CMS’s Medicare Stars Ratings for Part C & D include several HEDIS measures from NCQA. NCQA’s PCMH recognition is also something that CMS considered in various primary care initiatives. The mission points (safe, effective, patient-centered, etc.) that MRI lists echo the Institute of Medicine’s six quality aims, which NCQA also aligns with in its accreditation standards. Federal agencies (like OPM for federal employee plans) often require plans to report HEDIS and be NCQA accredited. The definition is accurate about NCQA’s role and mission, which federal policy acknowledges and uses. There’s no conflict or inconsistency; indeed, NCQA is effectively embedded in the quality monitoring framework at the federal level as a non-government partner. MRI’s definition is legitimate and accepted in context.

On-track and Off-track

MRI Definition: On-track means meeting or exceeding expected benchmarks or targets (progress is as planned toward goals) mentorresearch.org. Off-track means not meeting targets or goals (progress or performance falling behind expectations) mentorresearch.org, mentorresearch.org. In healthcare, e.g., a patient is “on-track” if their condition is improving as expected, or a provider is “on-track” if achieving required outcomes; “off-track” if not improving or missing performance metrics mentorresearch.org.

Oregon Law/Policy: These terms are informal status descriptors, not legal terms. However, Oregon’s oversight bodies use similar language in reporting. For instance, Oregon’s CCO Metric reports might say a CCO is “on track” to meet a benchmark by year-end or “off track” if interim data shows they likely won’t achieve it. Oregon Health Authority presentations often show red/yellow/green indicators for project status, effectively marking off-track vs on-track. In patient context, an Oregon provider wouldn’t use those exact terms in legal documentation, but maybe in care coordination they might (a care plan might note patient progress). There is no rule about using the terms, but no conflict either. Oregon’s focus on tracking progress (especially for quality improvement) inherently involves labeling whether targets are being met. For example, if Oregon sets a goal to reduce smoking rates to X by 2025, annual reports will state if the state is on track to reach that target. The terms are broadly consistent with management language used in state health program reports. Not a legal term, just straightforward and not problematic.

Federal Law/Policy: Similarly, federal agencies use “on track/off track” in internal and public-facing performance reports. For the Healthy People objectives or for CMS’s transformation goals, they often report if measures are on track. It’s not a legal definition but common parlance. For patient improvement, this is akin to whether care goals are being met, not codified, but quality programs implicitly use the concept (for example, in MIPS clinicians monitor if patients are achieving control or not, essentially on/off track to goal). There is no policy definition needed because it’s self-explanatory, and no conflict with any regulation. If anything, federal grants sometimes require quarterly status reports indicating if project milestones are on track. So yes, the definition is fine as a straightforward concept. It’s legitimate in usage even if not formal.

Oregon Health Authority (OHA)

MRI Definition: OHA is the Oregon agency responsible for public health and healthcare services oversight mentorresearch.org. It manages Medicaid (Oregon Health Plan), behavioral health services, public health initiatives, and its mission is ensuring that all Oregonians have access to high-quality healthcare, improving health outcomes, promoting health equity, and reducing costs mentorresearch.org. OHA develops policies, coordinates with providers, and regulates health plans to meet state health goals mentorresearch.org.

Oregon Law/Policy: This is accurate. Oregon law established the OHA in 2009 (ORS chapter 413). ORS 413.006 declares OHA is created to oversee health policy and administer medical assistance programs. ORS 413.011 describes OHA’s duties including statewide health policies, funding, and achieving the triple aim (cost, quality, access). The functions listed match MRI’s summary: Medicaid (ORS chapter 414 tasks OHA with administering the Oregon Health Plan, through CCOs), behavioral health (OHA contains the Health Systems Division that includes Addictions and Mental Health, since merging those from separate Dept), public health (though ironically, the Public Health Division is under OHA but was considering moving out). The values of health equity, cost containment, quality improvement are exactly OHA’s stated values mentorresearch.org and appear in strategic plans. The description is basically OHA’s mission statement (for example, OHA’s mission: “Helping people and communities achieve optimum physical, mental and social well-being” and vision of health equity). Regulation of health plans: OHA does regulate CCOs and some aspects of other health plans (though commercial insurance is regulated by DCBS). OHA does include the Oregon Health Policy Board which both sets policy for OHA and makes recommendations which affect all health plans. The definition is consistent with Oregon statutes and OHA’s own literature.

Federal Law/Policy: Not applicable per se because OHA is a state entity. On a federal level, OHA interacts with federal programs (CMS for Medicaid, CDC for public health funds, etc.). The federal government recognizes OHA as Oregon’s designated state health agency for Medicaid and public health. The content doesn’t conflict with anything; it aligns with how any state health authority functions relative to federal programs (e.g., CMS knows OHA runs Oregon’s Medicaid waiver). It’s accurate as a description.

Oregon Health Authority (OHA) Values

MRI Definition: A set of core values guiding OHA’s mission, typically including Health Equity (fair access regardless of demographics), Accountability (transparency and effective use of resources), Collaboration (working with communities and stakeholders), Innovation (supporting new approaches to improve health), and Stewardship (responsible management of funds/programs) mentorresearch.org, mentorresearch.org. The definition lists these values and explains them in context of OHA’s goals mentorresearch.org, mentorresearch.org, noting they align with OHA’s mission of better health for all, prevention-focused, and system transformation mentorresearch.org.

Oregon Law/Policy: These values sound very much like OHA’s published core values. Indeed, from the OHA Core Values PDF oregon.govoregon.gov: we see Health Equity, Service Excellence, Integrity (Accountability overlaps with Integrity/Transparency), Leadership (similar to Collaboration/Innovation aspects), Partnership (collaboration), Innovation, Transparency, Stewardship explicitly in OHA’s statements oregon.govoregon.gov. MRI’s list is a close match, just phrased slightly differently or missing some OHA terms like Service Excellence. Oregon law doesn’t codify OHA’s values, but OHA does in its strategic plans and websites. For example, OHA’s strategic vision documents emphasize health equity and eliminating health disparities as a top value mentorresearch.org. Accountability and transparency are required of OHA as a public agency (ORS 413.011 requires OHA to involve the public and be accountable to the legislature). Collaboration is inherent in Oregon’s approach (the Oregon Health Policy Board, community advisory councils, etc., ensure collaborative policymaking). Innovation, Oregon is known for health system innovation (CCOs, CCO 2.0). Stewardship, as a steward of public funds, OHA must maximize public benefit (as OHA’s own value statement says oregon.govoregon.gov). So MRI’s statements are consistent with OHA’s values as officially espoused oregon.govoregon.gov. There’s no legal enforceability to values, they guide policy priorities (e.g., health equity value led to creation of an OHA Equity Office and requirement in a law, ORS 413.017, for OHA to develop health equity analysis). No conflict, MRI’s definition is an accurate portrayal of OHA’s guiding principles.

Federal Law/Policy: Federal policy doesn’t dictate a state agency’s values, but interestingly the values listed align with national health improvement values (the CDC and CMS also emphasize health equity, innovation, accountability for outcomes). No conflict; state values just complement federal goals like reducing disparities (which HHS also prioritizes). It’s contextually correct and fine.

Patient Engagement

MRI Definition: Patient Engagement refers to strategies to involve patients in their care, ensuring their preferences and values are considered in decisions mentorresearch.org. It includes educating patients, supporting self-management, involving patients (and families) in care planning, and collaboration between patients and providers mentorresearch.org, mentorresearch.org. Key components: Education (giving patients clear info about their health and options)mentorresearch.org, Shared Decision-Making (providers and patients making decisions together aligned with patient’s values) mentorresearch.org, Self-Management Support (tools and encouragement for patients to manage their conditions) mentorresearch.org, and Communication (open, ongoing dialogue to build trust and understanding) mentorresearch.org. Effective patient engagement leads to better outcomes, satisfaction, and more efficient care because patients actively participate in managing their health mentorresearch.org.

Oregon Law/Policy: Patient engagement is a cornerstone of Oregon’s healthcare model but more as policy than explicit law. For example, Oregon’s Patient-Centered Primary Care Home (PCPCH) standards include patient and family involvement in care (Standard 2: Patient and family-centered care), which involves these engagement aspects like shared decision-making and self-management goals. CCOs are required to involve members via Community Advisory Councils (giving patients a voice in system governance, per ORS 414.575). That’s macro-level engagement. On the care level, Oregon encourages use of tools like patient portals (for communication and access to info) and health literacy initiatives so patients can better engage. The Oregon Health Authority has had initiatives on patient activation and self-management (like workshops for chronic disease self-management funded by OHA). While not a statute, OHA’s Transformation Center resources for providers stress techniques of motivational interviewing (communication), shared decision aids, etc. In mental health context, Oregon’s laws support including patients in treatment planning (ORS 430.073 encourages person-directed planning in mental health services). The concept of patient engagement is consistent with the way Oregon frames “patient-centered” care. House Bill 2015 (2015) set up PCPCH and stated the vision of patients as partners in care. Oregon’s focus on health system transformation has always included “activate patients” as a goal because engaged patients are likely to have better outcomes (as MRI notes mentorresearch.org). There is no conflict; Oregon policy actively promotes the components given (education, Oregon’s Health Literacy Task Force, shared decision, Oregon Pain Management Commission developed tools for provider-patient conversation on pain treatment, etc.).  MRI’s definition is legitimate and well within Oregon common use (even if not codified, it appears in policy and program guidelines).

Federal Law/Policy: Federal health reform also heavily emphasizes patient engagement. The ACA created the Patient-Centered Outcomes Research Institute (PCORI), focusing on outcomes that matter to patients, implicitly requiring engagement to know those. CMS’s Meaningful Use/EHR Incentive program had patient engagement measures (e.g., providing patients electronic access to info, secure messaging, to engage them in care). Medicare’s Chronic Care Management payments require documenting patient-centered care plans with patient input. The CMS Innovation Center tests models like Shared Decision Making model for certain treatments to increase engagement, and ACOs are measured on CAHPS survey questions about shared decision-making and communication. The 21st Century Cures Act pushes for patient access to health records (so they can engage with their information). HHS has an Office of Patient Experience perhaps, and initiatives like

‘Million Hearts” which encourage patient activation in managing blood pressure. The MRI’s itemization (education, shared decision, self-management, communication) is in line with HHS’s National Quality Strategy calling for patient-centered care. No law explicitly defines “patient engagement,” but it’s embedded in many funding and regulatory priorities. For example, CMS’s Partnership for Patients program engaged patients in safety initiatives. The concept is strongly backed by evidence (studies show that engaged patients have better adherence and outcomes) which federal agencies cite. No discrepancy; it’s a key part of the “quality improvement 2.0” conversation at national level. The definition is accepted and encouraged in federal health programs now shifting to patient-centric models.

Patient-Centered Care

MRI Definition: Patient-Centered Care is an approach emphasizing treating patients with dignity, respect, and involving them in decision-making mentorresearch.org. It focuses on individual patient preferences, needs, and values, making the patient an active participant in their care mentorresearch.org. Key components: Individualized Care (tailoring treatment to each patient’s specific needs and values) mentorresearch.org, Empathy and Respect (considering emotional, cultural, social aspects and building respectful relationships) mentorresearch.org, Collaboration and Communication (providers sharing information openly, educating and engaging patients in decisions) mentorresearch.org, and Support for Self-Management (empowering patients in managing their own health) mentorresearch.org. The goal is improved outcomes through a strong patient-provider relationship and enhancing the healthcare experience by making the patient a partner mentorresearch.org.

Oregon Law/Policy: Oregon has been a national leader in “patient-centered” initiatives. The phrase is in the name of Oregon’s Patient-Centered Primary Care Home (PCPCH) program, created by law in 2009 (ORS 414.655). The PCPCH standards are directly aligned with patient-centered care principles: accessible, continuous, coordinated, and patient & family-centered. They require practices to demonstrate they include patient values and preferences in care plans and have processes for shared decision-making. Oregon’s CCO model also emphasizes patient-centeredness as a core tenet (the CCO criteria include patient engagement and focus on patient experience metrics). MRI’s bullet points match PCPCH must-pass standards: e.g., “Individualized Care”, PCPCH requires individualized care plans for complex patients; “Empathy/Respect”, PCPCH attests cultural competency training and use of patient’s language preferences; “Collaboration/Communication”, PCPCH encourages team-based care including patient as team member, and good communication (like after-visit summaries); “Self-Management”, PCPCH standard 4D requires practices to provide self-management support to patients with chronic conditions. Beyond PCPCH, Oregon’s use of experience surveys (CAHPS surveys for CCO members) to reward CCOs indicates that the state values patient-centered metrics (like perception of communication and respect). Another legislative example: ORS 413.225 established an Office of Patient-Centered Primary Care to advance PCPCHs, showing how institutionalized the concept is. Thus, the MRI definition is squarely within Oregon’s embraced model of care. No inconsistency: in fact, Oregon law and policy explicitly promote those aspects as the ideal for primary care and beyond.

Federal Law/Policy: “Patient-centered care” is one of the six IOM quality aims (the IOM defines it as “care that is respectful of and responsive to individual patient preferences, needs, and values” washingtonadvocatesforpatientsafety.org). The ACA used the term in various sections (e.g., patient-centered outcomes research, patient-centered medical homes demonstration). CMS’s Innovation Center models frequently tout patient-centeredness as a goal. For instance, Comprehensive Primary Care Plus (CPC+) and Primary Care First models require practices to show how they provide patient-centered care (including care plans reflecting patient goals, etc.). The definition MRI provides corresponds exactly to the way HHS and quality organizations define it, emphasis on individualized care and shared decision making washingtonadvocatesforpatientsafety.org washingtonadvocatesforpatientsafety.org. The rise of Patient and Family Advisory Councils in hospitals (encouraged by CMS for meaningful use) is part of operationalizing empathy/respect and including patient voice (collaboration). The Joint Commission’s standards incorporate patient-centered communication requirements and cultural competence. The IPPS rule (CMS hospital rule) includes patient experience via HCAHPS as a factor for value-based purchasing, focusing hospitals on being patient-centered. Also, consumer empowerment is a theme (e.g., CMS’s Blue Button initiative to give patients their data). The MRI concept aligns with federal efforts like the Cures Act’s requirement for patient-friendly health IT. So yes, it’s firmly established in federal health policy rhetoric and measurement. The IOM statement MRI definition mirrors washingtonadvocatesforpatientsafety.org which has guided federal quality strategies for two decades.

Patient-Centered Outcomes

MRI Definition: Patient-Centered Outcomes are outcomes that matter most to patients, such as improved mental health, functional status, quality of life mentorresearch.org. It supports focusing healthcare evaluation on metrics that reflect what patients value (not just clinical indicators). Key aspects include respecting patient values/preferences, coordinating care, educating patients in understandable ways, ensuring physical comfort, providing emotional support, involving family/friends as desired mentorresearch.org, mentorresearch.org. Essentially, it’s listing dimensions of care experience that contribute to outcomes meaningful to patients (like domains in Picker’s Principles of patient-centered care or CAHPS survey categories: respect for values, coordination, information, physical comfort, emotional support, family involvement). The summary notes that overall patient-centered care means considering patients as partners and tailoring care to their circumstances and preferences mentorresearch.org.

Oregon Law/Policy: Oregon endorses patient-centered outcomes through activities like the Patient-Centered Outcomes Research Institute (PCORI) participation and its own health reforms. While not law, Oregon’s Health Authority and research universities have engaged in PCORI-funded projects focusing on outcomes patients care about (for example, OHSU does studies through PCORI around patient-important outcomes in certain treatments). The values listed (like quality of life, functional status) are exactly the kinds of outcomes Oregon’s metrics and health surveys try to capture beyond raw clinical measures. For instance, Oregon’s CCO survey might include a question on whether care helped the patient achieve daily activity goals. Oregon’s mental health system often emphasizes recovery and resilience outcomes, which align with improved quality of life from patients’ perspectives, not just symptom reduction. In physical health, Oregon’s PEBB (Public Employees’ Benefit Board) established a metric for employee health programs that included functional status improvements. Not formal law, but policy practice. The enumerated components correspond to widely accepted patient experience domains (like physical comfort, Oregon hospitals track patient pain management satisfaction, etc.). No conflict; Oregon certainly doesn’t oppose measuring what matters to patients, it’s actively trying to incorporate it (such as use of PROMIS measures in some CCO pilots for depression outcomes, which are patient-reported). The concept is consistent with Oregon’s adoption of triple aim, “better health” implicitly means health as patients define it (like “being able to function”, rather than “good lab values”).

Federal Law/Policy: The term “patient-centered outcomes” is prominent due to PCORI (established by ACA). PCORI’s mandate was specifically to fund research guided by patients’ input to focus on outcomes that patients notice and care about (e.g., does my treatment help me live independently, etc). So federal law (42 U.S.C. §1320e) around PCORI effectively endorses focusing on patient-centered outcomes. CMS is also shifting to more patient-reported outcome measures in quality programs. For example, for elective surgeries, CMS is looking at PROMs (patient-reported outcome measures) like improvement in function or pain as outcomes, not just complication rates. The listed aspects in MRI’s definition (info and education, emotional support, involvement of family) are the domains from the Picker Institute incorporated into surveys like HCAHPS and CG-CAHPS that CMS uses, which measure patient-centeredness of care (information given, respect, involvement). The Institute for Healthcare Improvement’s Triple Aim includes improving the patient’s experience of care, which covers those dimensions as part of outcome. The authors of the Triple aim and others have argued for measuring quality-of-life, functional status. In value-based purchasing, CMS has implemented measures like “health-related quality of life” in programs (like the home health value-based purchasing which includes a patient-reported outcome measure). So yes, federal policy is trending towards evaluating healthcare success by patient-centered outcomes in addition to traditional metrics. The definition is aligned with this direction and with PCORI’s ethos (which explicitly uses similar language to MRI’s, focusing on outcomes meaningful to patients). Conclusion: The definition is consistent with federal approach. No conflict, fully supported by the existence and funding of PCORI and by quality measure development trends.

Payers

MRI Definition: Payers are organizations that finance or reimburse healthcare costs mentorresearch.org. They include commercial insurance companies (like Blue Cross, Aetna, UnitedHealthcare) mentorresearch.org; government programs, Medicare (federal for 65+ or disabled), Medicaid (joint federal-state for low-income), CHIP (children’s insurance) mentorresearch.org; and self-funded employers plans(large employers that assume risk and often involve third-party administrators) mentorresearch.org. The role of payers involves negotiating provider contracts and rates, processing claims, and increasingly implementing value-based payments to reward quality/efficiency rather than volume mentorresearch.org, mentorresearch.org. Essentially, payers control access to and funding of healthcare: determining what’s covered, how it’s paid, and shaping delivery via payment models.

Oregon Law/Policy: Oregon uses “payers” in the same broad sense. The Oregon Health Authority often convenes multi-payer initiatives, bringing together Medicaid (OHA as payer), Medicare (CMS), and commercial payers (insurers, PEBB/OEBB, etc.), acknowledging all these entities as payers in the system. ORS doesn’t define “payer” explicitly, but numerous state efforts like the “Sustainable Health Care Cost Growth Target” law (SB 889 of 2019) involve all major payers (commercial insurers, CCOs for Medicaid, PEBB/OEBB, Medicare Advantage) to set cost growth limits. The description of types matches Oregon’s context: private insurers (regulated by DCBS under ORS chapter 743), government (OHA for Medicaid, federal CMS for Medicare, OHA also administrates CHIP), and self-insured employers (regulated minimally by state due to ERISA preemption, but Oregon knows they exist and sometimes state reforms try to include them voluntarily). The activities listed (contract negotiation, claims processing, moving to value-based payments) are accurate. In Oregon, payers like CCOs negotiate provider contracts, and indeed they are shifting to value-based models as mandated by OHA (we discussed the 70% VBP target). MRI’s outline suits Oregon’s environment. No conflict: it is a straightforward classification that Oregon policymakers use in planning (e.g., Oregon’s Primary Care Payment Reform Collaborative explicitly includes representatives of all payer types for primary care investment discussions). “Payer” is common parlance in Oregon health policy to mean any entity paying for care. Thus, MRI’s definition is legitimate and consistent.

Federal Law/Policy: Federally, “payers” is commonly used to refer to insurers, government programs, etc., collectively. The federal government often engages “payers” in multi-payer demonstration projects (like CMS’s Comprehensive Primary Care was multi-payer including Medicare, state Medicaid agencies, and private insurers). The MRI definition enumerates Medicare, Medicaid, CHIP, which are federal/state payers, and private insurers. That’s exactly how HHS documents describe the landscape (public payers and private payers). Self-funded employers are recognized under federal law as ERISA plans, not insurance, but still the employer is effectively the payer. The Department of Labor and HHS coordinate on employer plan oversight, albeit limited. The roles listed align with what the federal agencies expect of payers: e.g., CMS has requirements for payers to have claims processing systems and recently quality incentive strategies. The mention of value-based payments demonstrates that federal policy is pushing payers in that direction (e.g., LAN, Learning & Action Network, goals for payers to adopt alternative payment models). There’s no definitional conflict, if anything, the Affordable Care Act’s insurance market reforms treat insurers as payers obligated to do certain things (like spend a certain % on medical costs, MLR rule, to ensure they aren’t underserving). The definition is factual. No law contradicts it; multiple federal initiatives rely on understanding who the payers are in system transformation. Therefore, the definition is supported by general usage and context in federal health policy.

Policy Analyst

MRI Definition: A Policy Analyst (for value-based contracting initiatives) is described as someone responsible for researching, analyzing, and developing health policy initiatives to enhance healthcare services mentorresearch.org. The role involves data analysis, stakeholder engagement, and developing strategic policy recommendations mentorresearch.org, mentorresearch.org. Specifically: conducting thorough research on current policies, trends, legislation (state & federal) mentorresearch.org; developing policy proposals (briefs, reports, presentations on potential impacts) mentorresearch.org; engaging stakeholders (government agencies, providers, patient groups, public) to gather input and feedback, facilitating meetings to incorporate diverse viewpoints mentorresearch.org; supporting implementation of new policies (ensuring they translate into practice effectively, monitoring rollout) mentorresearch.org; and monitoring regulatory compliance and changes in law to ensure policy recommendations align with frameworks mentorresearch.org.

Oregon Law/Policy: This describes a typical job function rather than a concept in law. But Oregon’s health agencies (OHA, OHPB staff, Legislative Policy and Research Office) employ policy analysts to do exactly this for health reforms like value-based payments. For example, OHA had policy analysts develop the Value-Based Payment Roadmap and coordinate stakeholder workgroups. The tasks listed align with how an OHA policy analyst or Oregon Health Policy Board analyst would operate: research best practices (looking at CMS regs, other states’ policies), convene providers and insurers to discuss changes, draft policy documents (maybe legislative concept drafts or rule drafts), help implement by writing rules or guiding CCOs, and keep track of compliance and outcomes. Oregon’s state HR classifications even likely have a “Operations & Policy Analyst” series for such roles. Nothing legally contentious; it’s a role recognized in government operations. Oregon encourages stakeholder engagement in policy development (e.g., OHA’s rules often go through Rules Advisory Committees). The description the MRI gives is clearly realistic and indeed matches the way Oregon approached HB 2010 and other value-based initiatives, through a Policy Analyst team. It’s consistent with Oregon policy-making practice.

Federal Law/Policy: Similarly, at the federal level, there are many health policy analysts in HHS, CMS, GAO, etc., performing those functions for federal programs. It’s not a legal concept, its a job description. The mention of keeping abreast of laws and regulations and compliance mentorresearch.org is exactly what CMS policy analysts do when designing new payment models (ensuring they fit within statutory authority or proposing legislative changes if needed). There’s no conflict; rather, it outlines the expected duties which federal agencies also mirror (like stakeholder engagement, CMS always issues RFIs and holds forums, which policy analysts manage). It’s legitimately reflective of how policy gets analyzed and formulated.

Population-Based Payments (PBPs)

MRI Definition: Population-Based Payments are payments where providers are paid a set amount per patient over a period, instead of per service, to encourage focusing on health of the entire population. It covers most care the patient may need. PBPs incentivize preventive care and chronic disease management to keep population healthy and avoid unnecessary costs mentorresearch.org mentorresearch.org. Key features: Capitated Payments (lump sum per patient regardless of services) mentorresearch.org; Risk Adjustment (payments adjusted for patient health status, paying more for sicker populations) mentorresearch.org; Focus on Value (rewards for better outcomes, population health improvements) mentorresearch.org; Cost Control (cap on earnings fosters efficiency to limit excessive spending) mentorresearch.org.

Oregon Law/Policy: Oregon’s Medicaid program is basically a population-based payment model. CCOs receive per-member-per-month capitated payments covering most care for their members (population-based). That is spelled out in OHA’s contracts and authorized by ORS 414.652 (prepaid managed care health services organizations). The definition’s key points:

  • Capitated payments: Yes, CCOs are capitated. Also, Oregon’s primary care capitation pilot for FQHCs (Alternative Payment Methodology, ORS 414.631) pays clinics per patient per month, not per visit.

  • Risk adjustment: Oregon uses risk adjustment in allocating funds to CCOs (so a CCO with a sicker population gets higher PMPM). Also, among CCOs, some give risk-adjusted payments to sub-contractors. Risk adjustment methodology is in OAR 410-141-3525.

  • Value focus: The CCO model ties quality incentives to outcomes (Quality Pool and withhold if metric goals are not met). Further, PCPCH and other initiatives target improved population health metrics (like controlling diabetes rates).

  • Cost control: Oregon’s entire waiver is about cost control, fixed global budget trend <5.4%. By capitation (PBP), if they keep patients healthier and avoid hospitalizations, they keep savings; if they overspend, they bear losses or lower margins. The concept that PBPs limit excessive spending aligns with Oregon’s approach to sustainable budgets.
    MRI is describing precisely Oregon’s payment philosophy for its Medicaid and encouraging commercial payers similarly through the Value-Based Payment Compact. Oregon law doesn’t define PBP, but the practice is enshrined. No conflict, it’s supportive: Oregon is a big proponent of population-based models as opposed to FFS. The MRI definition is legitimate and describes what Oregon is implementing.

Federal Law/Policy: Population-based payments are essentially capitation models which Medicare uses in Medicare Advantage and some ACO models. CMS in their Alternative Payment Model framework (LAN framework) calls full capitation as “population-based payment.” They encourage this as Category 4 in the payment model progression. For example, Next Generation ACOs had options for a population-based payment (a partial capitation). CMMI’s new direct contracting model (ACO REACH) can involve capitated payments. CMS is exploring population-based total cost of care models (aim to move providers to global budgets). The definition’s elements:

  • Capitated: Medicare Advantage plans get risk-adjusted capitation per enrollee (like the prime example of PBP). Also, some state Innovation waivers use capitated model for dual eligibles.

  • Risk adjustment: Medicare Advantage and many ACO models do risk adjust benchmarks to account for patient populations, exactly as MRI says mentorresearch.org.

  • Focus on value: CMS says these models shift providers from volume to value, which is the stated reason for developing PBPs.

  • Cost control: The ACA had pilot programs for capitated payments to certain provider groups. The new Health Care Payment Learning & Action Network (LAN) established goals for percentage of payments in Category 4 (population-based). The MRI text resonates with what CMS often writes in model descriptions (e.g., capitated payments encourage preventive care to avoid costly interventions, as in the rationale for CPC+ or ACOs).
    No conflict, HHS/CMS actively promotes the concept. CMS and MedPAC  use the term “population-based payment” in reports to describe capitation. So yes, fully supported by federal direction.

Providers

MRI Definition: Providers are individuals or organizations delivering medical services mentorresearch.org. The list includes Physicians (doctors diagnosing/treating illness) mentorresearch.org, Nurses (providing patient care, administering treatments) mentorresearch.org, Mental Health Professionals (psychologists, psychiatrists, counselors, therapists for mental/behavioral health) mentorresearch.org, Specialists (focusing on specific areas like cardiologists, neurologists) mentorresearch.org, Hospitals and Clinics (institutions delivering care from routine to emergency) mentorresearch.org, Pharmacists (dispensing medications and advising on their use) mentorresearch.org. It notes providers are essential to health system, delivering care to promote health and well-being mentorresearch.org.

Oregon Law/Policy: Oregon’s statutes define “health care provider” broadly in similar terms. For instance, ORS 743B.001 (insurance definitions) defines “provider” to include individual licensed health professionals, group practices, and facilities. MRI’s list corresponds to licensed professions and entities regulated by Oregon: Physicians (MD/DO regulated by OMB), Nurses (RN, NP by OSBN), Mental health professionals (psychologists by Board of Psych, LPCs by OBLPCT, etc.), Hospitals (regulated by OHA under ORS 441), Clinics (some specialized ones have regs, FQHCs are recognized entities), Pharmacists (by Board of Pharmacy). Oregon law sometimes refers to “health care practitioner” or “provider” interchangeably. ORS 413.225 used “health care providers” to talk about PCPCH. The variety listed matches Oregon’s understanding, indeed ORS 414.025 for Medicaid defines “health services provider” expansively. No conflict: it’s a straightforward identification of who qualifies as a provider. Oregon law aligns with that (for example, ORS 743A mandated insurer reimbursement for services by nurse practitioners or others for parity, acknowledging they are providers too). The acknowledgment that they deliver essential care supports Oregon’s approach of including multiple provider types in care teams (Oregon particularly integrated behavioral health so mental health professionals are considered providers equal in importance). So yes, consistent.

Federal Law/Policy: The term “provider” at federal level often specifically means institutions in Medicare context (Medicare law distinguishes “provider” = institution like hospital, and “practitioner” = individual like physician). But colloquially and in many regulations, “health care provider” encompasses all who deliver services. HIPAA defines “health care provider” as any person or organization who furnishes, bills, or is paid for health care in the normal course (45 CFR 160.103), which covers exactly the categories MRI lists. Federal programs involve all these types: Medicare recognizes physicians, NPs, PA, therapists, psychologists (all eligible for certain billings), pharmacists are not direct billers generally but involved in Part D and MTM. The list aligns with how HHS general publications talk about providers (the frontline healthcare workforce). There is no difference in understanding. The definition is a plain enumeration, correct by federal standards as well (just note a slight nuance in Medicare’s formal use but that is too technical). So, the term is legitimate and supported broadly.

Quality Pool

MRI Definition: Quality Pool is a fund set aside by health plans or organizations to incentivize providers based on performance. Providers can earn payments or bonuses from this pool if they meet specific quality metrics in outcomes, safety, care standards mentorresearch.org.

Oregon Law/Policy: Oregon’s CCO program has a well-known Quality Incentive Pool. Each year, OHA withholds a percentage of CCO payments (2-4%) to create a quality pool, which is then distributed to CCOs depending on their performance on quality measures (ORS 414.638 mentions this incentive arrangement loosely, and OHA implements it by contract). For example, in 2021, the quality pool was $235 million (3.75% of total CCO payments) content.govdelivery.com, and CCOs received payouts if they met benchmarks on metrics like immunization rates, etc. Outside Medicaid, some commercial payer-provider contracts have quality pools or pay-for-performance pools, e.g., an insurer might set aside funds for provider bonuses if they hit HEDIS measure targets. But the big explicit one is CCOs. The MRI definition fits exactly that scenario: a fund (pool) that providers can earn from by achieving quality targets mentorresearch.org. No conflict, in fact Oregon is used as a model for quality pools. So it is supported by Oregon’s main program design. If there is any discrepancy, it’s not a singular term. Oregon uses the term “quality incentive pool” or “quality pool” commonly (OHA reports use those phrases).

Federal Law/Policy: Medicare does not use the term “quality pool” per se, but similar terms exist. For example, Medicare Advantage has a Quality Bonus Payment, effectively, extra funding (from a “bonus pool”) for plans with high star ratings. Medicare’s Hospital Value-Based Purchasing is budget-neutral: they withhold a percentage of hospital payments and then earn that or more back from a pool based on quality performance, essentially a quality pool at a national level. So, while not named identically, the concept and practice are present. The ACA authorized CMS to implement these incentive pools (as for hospitals, skilled nursing facilities have a readmission reduction incentive pool, etc). In state innovation models, multi-payer pools for quality have been tried (e.g., SIM grants). MRI’s broad definition doesn’t conflict with any of that; it aligns with the common practice of pooling funds for performance incentives. Private ACO contracts sometimes have shared-savings pools. So yes, it’s consistent with federal approaches as well. The idea is standard in value-based payment thinking.

Rebasing Targets

MRI Definition: Rebasing Targets refers to annually adjusting cost benchmarks, which can reduce providers’ share of savings over time, making it harder to maintain financial benefits mentorresearch.org. In shared risk models, each year’s performance resets the baseline higher if savings were achieved, so providers have to continuously improve to generate new savings mentorresearch.org. Over time, as targets increase due to prior success, it becomes more difficult to keep achieving new savings, potentially eroding incentives since “the goalposts keep moving” mentorresearch.org. Thus, rebasing can diminish providers’ financial gains even when they consistently deliver high-quality, cost-effective care.

Oregon Law/Policy: Rebasing is relevant in Oregon’s CCO world. The CCO global budget baseline was periodically rebased to account for actual cost experience. For instance, if CCOs significantly underspent, OHA might lower future rates (thus capturing some savings for taxpayers). Providers in CCOs complain similarly, if they reduce hospitalizations and save costs, the next capitation rates might be set lower (rebased to new lower utilization), giving less “easy” savings to share. Oregon doesn’t have a statute about rebasing, but the practice continues. For example, Oregon’s Medicaid waiver projections were adjusted (rebased) in 2017 after the first waiver period. On a smaller scale, for shared savings within CCOs or PCMHs, any time a baseline is recalculated after initial years, it is rebasing. The MRI depiction of rebasing making it harder to benefit long-term matches concerns raised by healthcare organizations: initial low-hanging fruit savings are made, then targets tighten. Oregon’s recent move to tie CCO growth to a fixed target (3.4% growth cap) is a form of prospective control that can have similar effect, after a certain point, further improvement yields diminishing returns since budget growth is capped. The definition resonates with how Oregon’s own OHA acknowledges that continual improvement is needed because once a system becomes efficient, additional savings are tougher. There is no explicit conflict; it’s an analytic concept known to policymakers. If anything, Oregon might consider policies to mitigate negative effects of rebasing (like not rebasing too frequently, or byrewarding absolute quality improvements to maintain incentive). But nothing contrary, Oregon definitely needs to rebase budgets occasionally. So, it is relevant and legitimate.

Federal Law/Policy: In Medicare’s Shared Savings Program for ACOs, rebasing is a key issue. Initially, ACO benchmarks were set on historical spending; after each 3-year period, they are rebased to incorporate achieved savings (which critics say makes continued savings harder). CMS revised rules (Pathways to Success) to allow regional benchmarking to soften this, but nonetheless ACOs face the phenomenon MRI describes: early wins lower future benchmarks mentorresearch.org, compressing potential shared savings. Bundled payment demonstrations also rebase target prices periodically, meaning providers must improve more or lose out. MRI explicitly notes that continuous improvement year after year is required and that it can erode financial advantages mentorresearch.org, which is exactly the observation health economists and MedPAC have made about these models. Federal policy is aware; it’s partly by design (to ensure program savings for Medicare trust fund) but they balance it to not kill incentives (like giving a portion of regional expenditure growth back in benchmarks). The concept is legitimate, widely discussed in federal policy circles. No conflict, it’s describing an effect of policy, not advocating something illegal. It’s recognized enough that CMS addressed it in rulemaking preambles. So, the definition is sound and aligns with the reality of ways targets are recalibrated in value-based models.

Residual Risk Analysis

MRI Definition: Residual Risk Analysis means evaluating the remaining risk after all mitigation measures and controls have been applied mentorresearch.org. Residual Risk Analysis helps an organization understand how much risk still persists despite risk management efforts, and decide if that residual risk is acceptable or needs further action mentorresearch.org, mentorresearch.org. This is crucial in risk management to determine whether additional strategies are needed, or the remaining risk can be tolerated.

Oregon Law/Policy: Not a legal term but a standard risk management practice. In health organizations in Oregon (hospitals, insurers, CCOs), enterprise risk management processes likely include assessing residual risk (for example, an internal audit might note after controls X, Y, Z in place, there’s still some risk of data breach, is that residual risk acceptable?). Oregon’s public agencies do risk analysis similarly, e.g. DAS risk management maybe uses concept. No statute mandates doing “residual risk analysis” explicitly for health plans or providers, but regulators implicitly expect it as part of prudent operations (like OHA expects CCOs to manage financial and care risks and have backup plans if something goes wrong). For example, a CCO might reduce hospital use via care management (mitigation) but analyze if there is still risk of high costs from unpredictable events. If that residual risk is too high, the CCO may buy reinsurance. That’s performing residual risk analysis and deciding to further mitigate via insurance. No conflict, it is a risk management concept fully consistent with professional guidelines. Oregon’s emphasis on compliance means an entity does residual risk analysis to ensure compliance holes are closed sufficiently.

Federal Law/Policy: Federal regulators in financial sectors (like NAIC model, etc.) and corporate guidelines (like COSO frameworks) include residual risk analysis as a core step. For health specifically, CMS might not use that term in regulation, but OIG compliance guidance suggests after implementing controls, you should audit to see remaining vulnerabilities. Also, the Federal Information Security Management Act (FISMA) for government health data requires agencies to assess residual risk after security controls. The concept is fundamental to any risk management standard (ISO 31000 or NIST risk frameworks all incorporate determining if residual risk is acceptable or needs more action). So yes, recognized widely. Not a law, but a practice aligned with all good governance policy. The MRI definition is fine and in line with such frameworks.

Risk Control Matrix (RCM)

MRI Definition: Risk Control Matrix (RCM) is a tool documenting and assessing controls for identified risks. It’s a repository listing risks, corresponding controls, and an evaluation of control effectiveness mentorresearch.org. It ensures comprehensive tracking of how each risk is mitigated and how well those controls work, aiding in effective risk management.

Oregon Law/Policy: Again, a tool not a law. Oregon’s auditors or compliance folks likely use RCMs as part of internal audits or Sarbanes-Oxley compliance for some organizations. For instance, if OHA’s Audit division reviews a process, they may make a matrix of risks and controls to ensure none are missed. Not mandated but referenced in state internal audit standards (Oregon follows Institute of Internal Auditors standards which often mention risk-control mapping). There is no conflict, if anything, Oregon encourages any approach that ensures good risk oversight. RCM is a proven method.

Federal Law/Policy: Federal auditors (GAO, OIG) often create something akin to a RCM when performing audits. Also, public companies (including big health insurers or hospitals under SEC) must do internal control evaluations, often documented in spreadsheets or RCM form mapping risks and controls and testing results. The concept is widely taught. For example, CMS might require an ACO to submit a plan showing how they mitigate risks of improper billing, an ACO might use an RCM internally to ensure each risk (like upcoding) has a control (audits or training) and track that. So, fully consistent with internal control best practices, which federal policy (like OMB Circular A-123 for federal agencies) strongly encourages. This definition is legitimate; it’s supported by general compliance frameworks.

Risk

MRI Definition: Risk is defined as “uncertainty that matters”, uncertainty which may affect achievement of objectives mentorresearch.org. If something is certain, or if uncertainty doesn’t impact objectives, it’s not considered a risk mentorresearch.org, mentorresearch.org. Risks matter only if they influence outcomes that matter (objectives define what matters, deliverables, time, cost, performance, patient health outcomes, etc.) mentorresearch.org. The link between risk and objectives explains why risk management is vital, one must know what is “at risk” (what we’re trying to achieve) to identify and handle risks mentorresearch.org.

Oregon Law/Policy: This is textbook risk management definition (straight from ISO or PMI definitions). Not in statute, but Oregon’s Enterprise Risk Management in state agencies likely uses similar wording. Oregon’s Department of Administrative Services publishes risk management guides that are likely to define risk along these lines. For healthcare, when Oregon’s OHA thinks of risk (like risk in CCO financial context or risk to achieving health outcomes), it aligns with this idea. There is no conflict, it’s an accepted definition in management and Oregon has no contradictory definition. It is a concept behind the scenes of policy but not codified, which is fine.

Federal Law/Policy: The phrase “uncertainty that matters” is almost verbatim from risk literature. Federal agencies adopt similar definitions. GAO’s risk management frameworks and NIST’s definitions for information security risk all revolve around impact on mission/objectives. So yes, completely consistent. Not a legal definition but the concept underpins risk assessment policy in government. Legitimate and widely accepted.

Risk Corridor

MRI Definition: Risk Corridor is a financial planning mechanism to stabilize costs by limiting losses or gains in uncertain markets mentorresearch.org. It sets a target cost; insurers with costs below target pay into a pool, those with costs above target get payments from the pool, thereby sharing risk and ensuring more predictable outcomes mentorresearch.org.

Oregon Law/Policy: Risk corridors became notable in the ACA context. Oregon insurers participated in ACA’s risk corridor program 2014-2016, it was federal, but Oregon’s insurance regulators were very aware and had to account for shortfalls when the federal payments came up short. Oregon’s own high-risk pool pre-ACA didn’t exactly use risk corridors (it was reinsurance subsidized by assessments). However, in CCO context, OHA implemented a form of risk corridor early on: the 2013-2014 CCO contracts had a medical loss ratio corridor assuring that if a CCO spent too little or too much relative to premiums, they shared that with state (initially, this was to prevent huge profits or insolvency). That’s basically a risk corridor at state level for Medicaid plans. ORS doesn’t mention risk corridors, but through contract OHA did it. Also, Oregon’s cost growth target program contemplates what if certain payers overshoot targets, risk corridors concept might not be directly used (they use penalties or performance improvement plans instead). But generally, the idea is known and accepted as a stabilization policy. No law prohibits it; it’s seen as a clever tool but after the ACA fiasco (no appropriation) some caution. Oregon’s CO-OP insurer went under partly due to not receiving expected risk corridor funds, Oregon DCBS mentioned that as cause. So known in Oregon. The definition matches the way DCBS described ACA risk corridors: limit both excessive insurer losses and gains in exchange plans kff.org. No conflict, it is accurate.

Federal Law/Policy: Exactly describing ACA’s temporary risk corridor program kff.orgkff.org which was to last 3 years, and Medicare Part D has permanent risk corridors (plans share gains/losses with government beyond thresholds each year). CMS uses risk corridors in some demonstration payment models. For instance, Next Gen ACO had a 50% savings/loss cap, not exactly a pool but a corridor limiting extreme outcomes. The MRI description is textbook language: target cost ~ 100% of premium; corridor typically 97%-103% no payments, below 97% pay out, above 103% get reimbursed kff.org. That was ACA’s approach kff.org. The Supreme Court case Maine Community Health Options v. US (2020) forced the federal payer to pay the risk corridor funds, validating the obligation. So legally, risk corridors are recognized as a valid mechanism and legally owed if promised. The concept is well established in Medicare Part D regulation too. So yes, fully consistent with federal usage. The definition is essentially summarizing ACA’s risk corridor design in plain terms, which is correct kff.org. Therefore, legitimate and supported.

Risk Impacting Objectives (RIO)

MRI Definition: Risk Impacting Objectives (RIO) are a structured process to identify and analyze risks that might effect achievement of  specific objectives mentorresearch.org. It examines interactions between risks and organizational goals to see how those risks might impair desired outcomes mentorresearch.org, mentorresearch.org. Understanding these helps to plan mitigation so objectives can still be met.

Oregon Law/Policy: Not a formal concept in law, a term for an internal risk management methodology. Possibly drawn from some consulting or audit framework. Oregon agencies do similar things in practice (i.e. in strategic planning, identify what could hinder meeting targets). Nothing legally conflicting, it is a risk assessment focus on how each risk ties to an objective. Oregon’s management training would endorse that approach.

Federal Law/Policy: Also fits within enterprise risk management as encouraged by OMB and GAO, focusing on risks relative to strategic objectives is key in federal ERM circulars. The specific acronym RIO might not be commonly used, but the idea is fundamental: risk must be considered in context of what you’re trying to achieve. Federal agencies implement ERM by aligning risk registers to agency objectives. No conflict; it’s basically rephrasing a risk management approach recommended by GAO’s risk management guides.

Risk Mitigation Strategy

MRI Definition: Risk Mitigation Strategy is a plan or approach to reduce or eliminate potential threats. It involves steps: identifying risks, assessing likelihood/impact, implementing preventive measures to avoid or lessen them, having contingency plans if they occur, and monitoring the effectiveness of mitigation continuouslymentorresearch.org mentorresearch.org. The components listed: Risk Identification, Risk Assessment, Preventive Measures, Contingency Planning, Monitoring & Review mentorresearch.org, mentorresearch.org.

Oregon Law/Policy: This is standard risk management. Oregon’s agencies are likely to require risk mitigation plans for major projects (for instance, the Cover Oregon project failure led to legislation requiring that large IT projects must have risk mitigation plans and independent quality assurance to track risk management). For healthcare, OHA’s waiver risk assessment to CMS likely included strategies to mitigate risks (like what if costs increase unexpectedly, contingency to adjust benefits, etc). Not in statute, but any Oregon health organization would do this as part of internal governance or as required by accreditation. No conflict. It’s basic management practice.

Federal Law/Policy: The steps align with widely accepted frameworks (this reads like PMI’s project risk management or ISO 31000 steps). Federal internal control standards (OMB A-123) emphasize risk identification, design of control activities (preventive measures), and monitoring. FEMA’s plan, NIST risk frameworks, all use an identify, assess, mitigate, monitor cycle. So yes, fully consistent with what federal agencies do (e.g., HHS risk management for grants includes requiring grantees to have risk mitigation strategies for identified high risks). The mention of contingency planning matches federal guidance (COOP, continuity of operations, is a contingency for risk like disasters). It is a legitimate description of good practice, no conflict with any policy.

Risk Pools

MRI Definition: Risk Pool is a group of individuals whose healthcare costs are combined to calculate insurance premiums, spreading financial risk over a large population mentorresearch.org. By pooling people together, costs become predictable and manageable: expensive claims by a few are balanced by many who use fewer services, making premiums more stable and affordable for everyone mentorresearch.org.

Oregon Law/Policy: Oregon implements the concept: in the individual market, all the enrollees of an insurer are in one risk pool (ORS 743.736 required insurers to treat all individual plans as a single risk pool under ACA). Same for small groups. Pre-ACA, Oregon had the Oregon Medical Insurance Pool (OMIP) which was a high-risk pool for uninsurable individuals, separate (which indicated how risk pooling normally works, they were segregated, causing high premiums in that pool). ACA eliminated that by merging risk. Oregon’s ACA conforming statutes align with the idea of broad pooling to avoid segmentation (ensuring cost sharing among healthy and sick). For Medicaid, effectively the entire state’s Medicaid enrollees (or by CCO region, risk is pooled, though state uses reinsurance between CCOs for extremely high-cost cases). Oregon policymakers understand risk pools. The term is often used in legislative discussions about insurance rates. The MRI definition is clear concerning the purpose of pooling to stabilize premiums mentorresearch.org. There’s no discrepancy; Oregon law explicitly enforces single risk pools as required by ACA (ORS 743B.133 refers to it also).

Federal Law/Policy: The ACA Section 1312 mandated single risk pools for individual and small group markets (42 U.S.C. 18032). Risk pooling is fundamental in Medicare and large employer insurance. The MRI explanation is basically an insurance 101 concept which underpins all federal regulation of insurance. The impetus for ACA’s exchanges was to create large risk pools to lower variability. The definition aligns with HHS explanations of how insurance works (HHS often explains the importance of broad risk pools for affordability). Widely supported. In fact, risk pool integrity (ensuring that high-risk and low-risk stay together) is behind many federal rules banning things like health status underwriting. The mention of stability and affordability mentorresearch.org is exactly the rationale of risk pooling used in preambles of federal rules.

Risk Scores

MRI Definition: Risk Scores are numerical values quantifying the likelihood and potential impact of a specific outcome or event, often relating to financial, operational, health, or regulatory risks mentorresearch.org. Risk scores are calculated using relevant data to predict how risky a situation or entity is, allowing prioritization of actions to mitigate risks mentorresearch.org.

Oregon Law/Policy: Risk scores come up in healthcare primarily in risk adjustment. For instance, each CCO member gets a risk score (relative to average 1.0) based on diagnoses, which affects payment. That formula uses the CMS-HCC model. Also, PEBB may use risk scores for its population analytics. Oregon’s regulators might use risk scores to identify outlier insurers (just as RBC, risk-based capital, is a risk score of sorts for finances). The definition is general enough to cover all these. Oregon itself doesn’t define “risk score” in law, but in practice OHA’s capitation rate development references members’ risk scores. The concept is widely accepted. The use — to prioritize mitigation — is conceptually applied in OR’s enterprise risk management (like if an agency had risk scores for each risk to see which to address first). It’s consistent with usage (a provider might use an algorithm to score a patient’s readmission risk, that’s a risk score in care management context, which is indeed used to target interventions under CCO programs).

Federal Law/Policy: Federal Medicare uses risk scores extensively (for MA risk adjustment, each enrollee gets a risk score annually). Also, OIG uses risk scoring to focus audits (they might compute a risk score for each provider or hospital based on billing anomalies). Many federal agencies with oversight responsibilities mention using “risk scoring” to allocate resources. E.g., CMS’s Program Integrity manual describes developing provider risk scores for fraud risk. The idea of quantifying risk is foundational in bank regulation (credit risk scores, etc.). In federal health IT, NIST suggests risk scoring vulnerabilities (CVSS scores for cybersecurity risk). So yes, fully in line with practices. The definition is broad but correct that it’s a numeric prediction of risk. Absolutely no conflict, it’s taught in federal risk management courses.

Shared Objectives

MRI Definition: Shared Objectives are common goals or targets toward which multiple stakeholders or teams agree to work collaboratively mentorresearch.org. In healthcare, shared objectives might be improving patient outcomes, reducing costs, enhancing access, etc., that all parties focus upon mentorresearch.org mentorresearch.org. Key aspects: Alignment (everyone understands and agrees on goals) mentorresearch.org, Collaboration (working together with clear communication to achieve it) mentorresearch.org, Accountability (each party responsible for their contribution to success) mentorresearch.org, and Measurable Outcomes (specific metrics to track progress) mentorresearch.org. Having shared objectives fosters unity and coordinated effort toward desired outcomes mentorresearch.org.

Oregon Law/Policy: Oregon’s coordinated care model strongly emphasizes shared objectives across payers, providers, and communities (the triple aim itself is a shared objective environment). The CCO model required an agreement among different providers (physical, behavioral, dental) to meet collective outcomes. The Oregon Health Policy Board sets statewide health improvement goals that various entities adopt as shared objectives (like the goal to eliminate hepatitis C deaths, etc). A metrics and scoring committee having picked measures basically creates shared objectives for all CCOs. Collaborative programs like the Primary Care Payment Reform Collaborative bring payers and providers together to align objectives such as increasing primary care spending and quality. While not in statute as “shared objectives,” the principle underlies many initiatives. For example, ORS 442.210 (Oregon’s Health Improvement Plan), the public health and health system sectors commit to joint health improvement objectives. The points: alignment, collaboration, accountability, reflect how Oregon organizes transformation committees (stakeholders sign onto common performance targets). It’s consistent with Oregon’s integrated approach. No conflict: it’s an aspirational concept used often. Oregon’s cost growth target program had all major stakeholders sign a compact pledging to a shared goal of containing cost growth, that is a shared objective scenario. So legitimate and in use.

Federal Law/Policy: In federal contexts like ACOs, the idea is that multiple providers share the objective of keeping a patient population healthy and share savings. The national Quality Strategy calls for alignment of goals across public and private payers (the NQS listed cross-cutting priorities). Multi-stakeholder coalitions (like CMS’s Partnership for Patients or LAN) revolve around establishing shared objectives (like reducing hospital-acquired conditions by X%). The emphasis on alignment, collaboration is echoed in HHS’s encouragement of “alignment” (that word is often used in context of aligning measures and incentives across payers for shared aims). In broad terms, any successful health partnership requires what MRI said. It is not legal but best practice language. It is fully accepted, e.g., the Office of National Coordinator (ONC) for health IT often speaks of shared nationwide objectives for interoperability to which public/private entities commit. No contradiction; it is the spirit behind many MOUs and partnerships.

Shared Savings

MRI Definition: Shared Savings is a value-based model in which providers are rewarded for reducing healthcare spending below a target while maintaining/improving quality mentorresearch.org, mentorresearch.org. A cost benchmark is set; if the provider organization delivers care for less than that cost (and meets quality standards), the savings compared to the target is split between provider and payer mentorresearch.org. Quality metrics must be met to qualify mentorresearch.org. There can be upside-only (providers share savings but not losses) mentorresearch.org or two-sided risk (providers also share losses if costs exceed target) mentorresearch.org.

Oregon Law/Policy: Oregon’s CCO program is built on shared savings logic at the state level (the state keeps part of savings by having global budgets). But at the provider level, CCOs have sometimes done shared savings with patient-centered primary care homes or specialty groups. For example, some CCOs gave shared savings bonuses to clinics that lowered ED use or hospital admits. Oregon also had the Coordinated Care model for PEBB where carriers had to share savings if they beat cost trends. ORS doesn’t specify shared saving but the concept is widely used. The new Primary Care Payment Reform Collaborative in ORS 414.625 encourages shifting to Advanced Payment Models including shared savings. The concept is fully in Oregon’s toolbox. The details in definition (targets, quality measures, upside-only vs two-sided) reflect exactly how Medicare Shared Savings ACOs or some CCO provider contracts operate. Oregon’s early PCPCH Tier 3 had a shared savings element in some pilots. Nothing inconsistent; Oregon embraces this model as one of many APMs. So legitimate.

Federal Law/Policy: Federal: The Medicare Shared Savings Program (MSSP) is explicitly this model. ACA Section 3022 created it. The description matches MSSP: cost benchmark, if spending < benchmark and quality criteria met, share in savings mentorresearch.org. It had Track 1 (upside-only) mentorresearch.org and Tracks 2/3 (two-sided) mentorresearch.org. MRI’s key components align with how CMS defines it in regs (42 CFR Part 425). Also, multiple CMMI models use shared savings concept (BPCI, CPC+ offered shared savings options). It is fully legitimized by federal program rules. No discrepancy: it’s describing a core ACA initiative that’s permanent and widespread.

Shared Value

MRI Definition: Shared Value is focused on creating incentives that benefit both providers and society by improving outcomes while reducing costs mentorresearch.org, mentorresearch.org. It aligns financial interests of healthcare organizations with public health goals (high-quality, efficient care)mentorresearch.org. Key elements: improving health outcomes (rewards for better patient care, e.g., fewer readmissions)mentorresearch.org; cost efficiency (focusing on prevention and effective treatments reduces overall costs, benefiting system and society) mentorresearch.org; collaboration & transparency (health plans, providers, communities working under clear objectives focusing on patient well-being) mentorresearch.org. By creating shared value, providers gain financially while patients and society get better health and lower costs, a sustainable win-win mentorresearch.org.

Oregon Law/Policy: Shared value is basically the principle behind Oregon’s health reform goals (the Triple Aim, which is better health, better care, lower cost, defines a shared value for all stakeholders). Oregon’s policies aim to align incentives so what’s good for providers financially is also good for patients and taxpayers. For example, CCO quality incentive bonuses: the CCO profits by doing things that also improve patient health (shared benefit). The language of shared value is more from business strategy literature (Michael Porter’s concept of “creating shared value”). Oregon’s Health Policy Board might not use that exact term often, but the idea is present in OHA’s mission statements about creating a value-based health system. Also, ORS 414.620 requires CCOs to use outcome-based payments to achieve quality and efficiency, basically pushing them to create shared value. No conflict; it's consistent with Oregon's values and approach. Oregon’s cost-growth target program similarly tries to ensure that any efficiency improvements result in shared public benefit (lower premiums eventually, etc.). The concept is legitimate in Oregon’s strategy lexicon.

Federal Law/Policy: The phrase “shared value” is used occasionally in healthcare discussions (Porter & Teisberg wrote about value-based health care, focusing on outcomes that matter to patients per dollar spent). HHS’s value-based care initiatives echo the sentiment: tying provider payment to improvements in population health and cost savings so everyone wins. CMMI models are predicated on generating value that is shared by providers (via incentives) and the payer (Medicare saves money) and patients (better outcomes). This is the ideal constructive collaboration behind ACOs, if they succeed, patients are healthier (value), providers share savings, Medicare spends less. Shared value is created. MRI’s list (improved outcomes, cost efficiency, collaboration) is aligned with CMS’s stated goals for value-based transformation. No law explicitly requires “create shared value” but it's embodied by programs like MSSP (in statutory language, “promote accountability for a patient population and coordinate care to improve health outcomes and reduce growth in expenditures”, that’s a shared value concept). There’s no conflict, it resonates with policy makers’ statements (for instance, the CMS Administrator often says we want models that are win-win for providers and patients). A legitimate and supported idea.

Standardized Quality

MRI Definition: Standardized Quality means establishing uniform quality standards and measures across different settings/providers to ensure consistent high care quality and enable benchmarking mentorresearch.org. Using clear, evidence-based criteria for processes and outcomes helps assess effectiveness of care and identify need for improvement areas, ensuring that all patients receive care meeting established standards mentorresearch.org, mentorresearch.org.

Oregon Law/Policy: Oregon uses standardized quality metrics heavily (the CCO metric set is standardized statewide and often aligned with national standards like NQF-endorsed measures). The Oregon Health Authority strives to apply uniform measures to compare providers or plans (like a clinic’s PCPCH tier is based on meeting standard criteria). Oregon’s hospital reporting program uses standardized metrics (like those defined by CMS or NHSN for infections). The idea of standardized quality is essential for Oregon’s transparency efforts (OHA’s public reports on quality use the same measure definitions for all hospitals or CCOs). ORS 442.466 tasks OHA with collecting and publishing hospital performance metrics, effectively requiring standardized quality measures for valid comparisons. The MRI concept is exactly what Oregon’s various quality committees do: select standard measures so all providers strive for same benchmark (like all CCOs aim for < 10% cigarette smoking rate by certain year). Oregon’s involvement in national measure alignment (through the Collaborative for Performance Measure Alignment with CMS) underscores commitment to standardized quality metrics. No conflict: it’s best practice and Oregon implements it.

Federal Law/Policy: The National Quality Forum (NQF) and CMS’s core measure sets are all about standardized quality measures. Medicare’s star ratings for plans, Hospital Compare, etc., use standardized definitions so comparisons are apples-to-apples. The ACA even created an Interagency Working Group on Quality to align measures across federal programs. Standardized quality is fundamental to federal pay-for-performance (so providers compete/benchmark on same metrics). The definition’s rationale (consistent care quality, benchmarking to improve) mentorresearch.org is exactly why CMS invests in measure development and endorsement. The concept is embedded in MACRA’s MIPS (which uses a uniform measure set across clinicians in specialties). Also the push for electronic clinical quality measures is to standardize data. Legitimate and indeed encouraged by policy (example: an HHS strategic goal was to standardize quality metrics to reduce provider burden and allow nationwide comparisons). The definition is consistent with national strategy.

Standardized Outcome Measures

MRI Definition: Standardized Outcome Measures are specific, quantifiable indicators used uniformly to assess effectiveness of interventions across settings mentorresearch.org. They allow consistent evaluation and comparison of patient outcomes (like survival rates, recovery times, quality of life improvements) across providers mentorresearch.org mentorresearch.org. By focusing on results (not just processes), they drive improvements and accountability because everyone is held to the same outcome benchmarksmentorresearch.org mentorresearch.org.

Oregon Law/Policy: As stated above, Oregon uses standardized outcome measures in its metric sets (many of Oregon’s metrics are outcome-based, e.g., HbA1c control is an outcome measure for diabetes management, ED utilization is an outcome measure of access/primary care effectiveness, etc.). The CCO metrics are standardized such that each CCO’s performance on for example, childhood immunization rate is measured identically. Oregon’s Behavioral Health metrics are also moving toward standardized outcomes (such as improved housing status post mental health treatment). ORS 442.581 (the Health Outcomes and Quality Committee, though now repealed and replaced by other frameworks) was meant to identify outcome measures for health care. The prioritized list which Oregon uses to decide Medicaid coverage involves outcome ranking by condition/treatment, implying standardized measurement of health benefit (but not exactly a quality measure). The concept is central: Oregon’s health system transformation document say we measure success by outcomes (e.g., see Oregon’s CCO “Metrics and Scoring” annual reports focusing on outcomes achieved). Standardized Outcome Measures are in alignment with Oregon’s policy approach to quality. Strongly supported.

Federal Law/Policy: Federal quality programs increasingly prefer outcome measures over process measures (CMS says so often in its rules). Entities like NQF endorse outcome measures that become standardized nationally (for example, NQF-endorsed 30-day mortality rate for heart attack is a standardized outcome measure used in Hospital Compare and VBP). The MRI phrase “quantifiable indicators to assess effectiveness ... focus on results like survival, recovery, quality of life” mentorresearch.org, matches the shift in CMS’s measure sets (they introduced PROM-based measures like knee replacement patients’ functional status improvement). CMS and NIH also funded the development of standardized patient-reported outcome measures for broad use. HHS’s Meaningful Measures initiative explicitly tried to streamline to core outcomes. And patient safety outcomes (like standardized infection ratios) are used uniformly nationwide. It’s legitimate and a priority in federal quality strategy that outcome measures be standardized for comparing provider performance.

Stop Loss

MRI Definition: Stop Loss is a risk management tool that protects providers from significant financial loss by capping the loss amount in a given period mentorresearch.org. It sets a maximum loss limit, if costs exceed that threshold, an insurance or payer covers the rest, so that unexpectedly high costs (e.g., a very expensive patient) don’t financially ruin the provider mentorresearch.org mentorresearch.org. Stop Loss is crucial when providers bear risk, ensuring one high-cost case doesn’t destabilize them: beyond the threshold, additional costs are paid by insurer or reinsurance mentorresearch.org mentorresearch.org.

Oregon Law/Policy: When Oregon allowed provider risk-bearing arrangements, they often recommended or required stop-loss coverage. The Oregon Insurance Division (DCBS) at one point considered regulating provider risk (some states have laws requiring providers with capitation to have stop-loss or reserves; MRI is not sure if Oregon codified a strict rule but believes that guidelines exist). Oregon’s CCOs are required by contract to have reinsurance for high-cost cases, effectively a stop-loss mechanism (e.g., cover 90% of costs above $X per member). Indeed, OHA maintains a reinsurance pool across CCOs for extremely high-cost patients in specialized categories. Also, any small provider group taking capitation from a CCO might purchase private stop-loss insurance to cover if many expensive cases occur. The definition is straightforward; Oregon insurers buy stop-loss for self-funded employers. Oregon law (ORS 742.065) addresses stop-loss for employer plans (minimum attachment points to avoid selling stop-loss that is basically health insurance to small groups, aimed to protect risk pools). But for providers, no explicit statute, yet it’s a recognized protective measure. No conflict, it’s accepted as necessary for prudent risk contracting. It's likely to be included as a requirement in CCO contract fine print.

Federal Law/Policy: Indirectly regulated at federal level, ERISA excludes stop-loss agreements from being considered health insurance if they are above certain attachment points. But CMS encourages stop-loss in risk models. For example, the Next Gen ACO model offered an optional stop-loss arrangement for ACOs (CMS would reduce risk for extremely high-cost patients if ACO paid a “premium”). Medicare Advantage plans must ensure that providers to which they delegate risk either have stop-loss or meet certain solvency standards (per CMS regs guided by NAIC models). The concept is fully recognized. The ACA market risk stabilization included reinsurance which is basically stop-loss at a market level (insurers got reimbursed from a fund for enrollee claims beyond a given threshold in 2014-16). Also, state insurance commissioners via NAIC monitor whether providers are at risk, recommending they hold stop-loss. The MRI description is fine, it is the way stop-loss is usually explained. So consistent and indeed essential in two-sided risk models (the phrase is used in many model participation agreements, ensuring that participants have stop-loss coverage).

Test of Design

MRI Definition: Test of Design is an audit procedure evaluating whether a control or process is well-enough designed to achieve its intended objectives mentorresearch.org. It checks the adequacy and effectiveness of the control’s design (not whether it’s working in practice, but if practiced as designed, it would manage risks and achieve desired outcomes) mentorresearch.org,  mentorresearch.org, mentorresearch.org.

Oregon Law/Policy: Not in law, but audit practice. Oregon’s Audits Division or internal auditors certainly perform tests of design on controls when doing audits under GAO or IIA standards. In agencies, auditors review control design adequacy. If a health plan’s internal audit team in Oregon examines a new claims system control, they first test design (e.g., check if system edits logically cover required checks). It’s consistent with audit methodology taught to state auditors. No conflict, it’s an established concept in Oregon’s internal control guidance (example: Oregon’s state CFO manual or a similar document might mention evaluating design and operating effectiveness separately).

Federal Law/Policy: Sarbanes-Oxley Section 404 audits (PCAOB standards) explicitly include testing design effectiveness of controls as a step before testing operating effectiveness. GAO’s Green Book (federal internal control standards) implies management should design controls correctly and evaluate design. The MRI description mirrors ways external auditors first assess whether controls are appropriately designed to prevent/detect errors, then later test if they work. It’s common practice.

Test of Effectiveness

MRI Definition: Test of Effectiveness is an audit procedure to evaluate whether a control or process is operating as intended in practice and achieving desired outcomes consistently mentorresearch.org. It assesses operational effectiveness of controls, determining if they function properly and continuously mitigate risks as designed mentorresearch.org mentorresearch.org.

Oregon Law/Policy: Tests of Effectiveness go together with tests of design. Oregon auditors certainly perform tests of effectiveness (e.g., sample transactions to see if control caught errors). It’s normal in any Oregon agency audit or for CCO external quality audits. No conflict.

Federal Law/Policy: Same as above, in SOX audits and OIG audits, once a design is deemed sound, auditors test effectiveness by examining evidence that the control operated during the period (e.g., they examine a log of reconciliations, etc.). Federal standards explicitly call for testing the operating effectiveness of controls.

Upside Risk

MRI Definition: Upside Risk is the potential financial benefit providers can gain if they perform well under value-based contracts mentorresearch.org. In an upside-only arrangement, providers are rewarded (bonuses or shared savings) for keeping costs below benchmarks and meeting quality metrics, but they do not face penalties if costs exceed benchmarks mentorresearch.org (so it’s one-sided risk: the provider’s risk is only that they may not get a bonus). Upside risk refers to possible gains (shared savings, bonuses) providers may earn for high-quality, cost-effective care mentorresearch.org.

Oregon Law/Policy: Oregon’s initial CCO model for providers was mostly upside: e.g., a clinic could get quality pool money (upside) but would not pay money back if metrics were missed. The state’s CCO itself had a variation of both Upside and Downside Risk: the state capped CCO bonus payments but if huge losses occurred the state might adjust; but CCO’s contracting with providers often mostly gave incentives one-way, upside bonus. Now, advanced CCO-provider contracts may incorporate downside risk. Upside risk as term is not in law but the concept is used in discussing risk models. Oregon’s Value-Based Payment targets count upside-only arrangements (Category 3A in LAN framework) separately from risk-sharing (3B). OHA tracks how much of CCO payments are upside-only vs two-sided. The term is recognized. No conflict, it’s accepted as a steppingstone to full risk. The MRI definition is consistent with OHA’s definitions (OHA likely defines “upside-only APM” similarly in its VBP reports).

Federal Law/Policy: In Medicare, Track 1 ACOs were upside-only (no downside risk). CMS often uses phrase “one-sided risk” to mean just upside risk. MACRA gave less credit to upside-only APMs (they are not considered “Advanced” APMs unless downside risk is present). But the concept of upside risk itself just means the potential to share in savings. The MRI explanation matches the way CMS structured early models to allow providers to taste financial rewards without risking losses. It’s legitimate and used by CMS, GAO, MedPAC. E.g., MedPAC June 2018 report discusses moving from upside-only to two-sided risk for ACOs, clearly acknowledging what upside risk means.

Value

MRI Definition: Value in patient-centered care is defined based on outcomes that matter to patients relative to cost mentorresearch.org mentorresearch.org. It is shaped by multiple stakeholders but primarily by patients’ preferences, experiences, and outcomes (like quality of life, functional improvement, satisfaction) mentorresearch.org. Providers see value in delivering effective, efficient care that improves outcomes aligned with patient goals mentorresearch.org. Payers see value in cost-effectiveness, better outcomes at lower cost mentorresearch.org. Regulators view value as population health outcomes, lower costs, meeting benchmarks mentorresearch.org. Value frameworks (NQF, IHI) measure value via standardized metrics such as PROMs, satisfaction, reduced readmissions mentorresearch.org. Ultimately, in patient-centered care, value ties to patient-reported outcomes and achieving what patients deem meaningful (function, pain reduction, personal health goals) for a reasonable cost mentorresearch.org.

Oregon Law/Policy: Oregon’s OHA explicitly defines value in healthcare similarly: evidence-based, person-centered care leading to improved outcomes at reasonable cost (that phrase appears in OHA documentation) mentorresearch.org. Indeed, the MRI excerpt on OHA’s definition of value was included in the definitions page mentorresearch.org, which likely they got from an OHA Value-Based Payment fact sheet or strategic plan. The multi-stakeholder perspective is exactly the way Oregon approaches defining value: OHA has the triple aim (patients, cost, population health). The mention of NQF and IHI frameworks matches the way OHA and Oregon Health Leadership Council consider quality metrics as proxies for value. Oregon law as outlined in OHPB’s goals stresses high value care meaning outcomes/cost, but not a numeric formula in statute. Nonetheless, conceptually, MRI’s breakdown is consistent with Oregon’s multi-stakeholder involvement (the Oregon Health Leadership Council includes payers, providers who all talk about value in care). No conflict it’s fully aligned with the shift to payment for value versus volume. Oregon’s health reform statements often use the phrase “value-based care” which inherently requires defining value somewhat as MRI does.

Federal Law/Policy: Value-based care is a high HHS priority; HHS sometimes defines value as quality outcomes relative to cost. CMS administration documents frequently assert CMS wants to pay for value, not volume, meaning that paying for better outcomes (or patient experience) at equal/lower cost is valued. MRI acknowledges that various entities define value in ways that overlap, which is accurate. CMS’s quadruple aim now includes improving provider experience as part of value. The concept of patient-centered value lines up with PCORI’s mission. The mention of frameworks (NQF, IHI with PROMs, satisfaction, readmissions) is exactly what CMS uses for value measurement. The definition is supported by federal policy (see CMMI Mission Statement). CMS’s value programs incorporate patient satisfaction, outcome measures, and cost, reflecting multiple stakeholder definition of value. The content is coordinated with federal rhetoric that value = quality + patient satisfaction + cost efficiency.

Value-Based Payment (VBP)

MRI Definition: Value-Based Payment (VBP) refers to payment models that incentivize providers based on quality and efficiency of care, instead of quantity (the newer approach vs fee-for-service) mentorresearch.orgmentorresearch.org. It’s about reaching quality benchmarks and outcomes (rather than just performing more services) mentorresearch.org mentorresearch.org. Essentially paying for value (outcomes, patient health improvements, cost-effectiveness) rather than volume.

Oregon Law/Policy: Oregon OHA explicitly promotes VBP, OHA’s definition matches MRI’s (as shown in OHA’s site: VBP is paying for quality not quantity oregon.gov). ORS doesn’t define VBP, but the Oregon Value-Based Payment Compact (2021) and the CCO 2.0 mandate that a certain % of provider payments be VBPs demonstrate a state policy to adopt these models. Oregon’s waiver agreements with CMS commitment to expand VBPs. MRI’s text resembles OHA documentation or the LAN framework. The bullet that it incentivizes reaching benchmarks is worded as OHA’s VBP Roadmap words it (tying payment to performance). No conflict, it’s the core of Oregon’s health transformation plan. The user’s definitions file had a redundant VBP entry presumably which MRI noted, but one was enough. It’s legitimate and matches Oregon’s usage.

Federal Law/Policy: The ACA and MACRA both institutionalized VBP. Medicare has dozens of VBP programs (Hospital VBP, SNF VBP, HRR, MIPS, APMs, etc.) all paying providers at least in part based on quality/outcomes. CMS often defines VBP similarly, as the shift from paying for volume to paying for value/outcomes oregon.gov. The MRI statement "a newer approach to fee-for-service focusing on quality outcomes and benchmarks rather than quantity of services" is precisely the way CMS describes the movement (like the quote from OHA’s transformation center or LAN). Absolutely in line. Federal law both supports and mandates the transition to VBP (MACRA set the Quality Payment Program). MRI’s definition is precisely with policy direction.

Value-Based Payment Compact Principles

MRI Definition: It describes principles of the Oregon VBP Compact: engaging stakeholders across system, ensuring transparency and accountability, encouraging innovation and flexibility in payment methods to adapt to needs mentorresearch.org. These principles support long-term sustainable healthcare financing and delivery transformation in Oregon mentorresearch.org. Also likely includes using upside-only then downside risk, promoting health equity, etc., as per the news snippet hcinnovationgroup.com.

Oregon Law/Policy: The Oregon VBP Compact was a voluntary agreement made in 2021 by payers and providers. Not in statute but backed by OHA and Oregon Health Leadership Council. The principles described by MRI (stakeholder engagement, transparency, innovation, flexibility, sustainability) match the way OHA announced the compact’s goals. Indeed, from result [32]: they mention transparency, accountability, innovation, flexibility, health equity hcinnovationgroup.com hcinnovationgroup.com as guiding principles. No conflict; it’s exactly Oregon’s approach. The compact itself is not legally binding (the snippet says so hcinnovationgroup.com), but it sets policy tone. MRI’s mention of encouraging innovation and flexibility aligns with OHA’s public communications when launching the payer Compact (such as allowing different models but all aiming at value). This is specifically Oregon, so state law references it indirectly by OHA sponsorship. It is legitimate as a summary. The specific contract that signers commit to for advanced VBPs might include upside risk only, then downside, then prospective payments hcinnovationgroup.com.

Federal Law/Policy: Not applicable except that it is an Oregon initiative. And that initiative aligns with federal encouragement that states undertake multi-payer value efforts. CMS’s State Innovation Models (SIM) gave grants for such compacts/goals.

Voidable Contract

MRI Definition: Voidable Contract is a valid agreement that can be legally enforced but contains elements allowing one or both parties to void (cancel) it mentorresearch.org. Reasons include misrepresentation, fraud, coercion, undue influence, or a party’s incapacity mentorresearch.org. The contract remains in effect until the party with the right to void decides to do so; once voided, it is treated as if it never existed (as unenforceable). mentorresearch.org.

Oregon Law/Policy: This is straight contract law. Oregon follows standard common law on voidable vs void contracts. For instance, a contract with a minor is voidable at the minor’s option (incapacity). A contract induced by fraud is voidable by the defrauded party, Oregon courts have many cases rescinding contracts for misrepresentation. Undue influence (e.g., in elders’ financial abuse) can make a contract voidable. This definition matches textbook definitions and how Oregon Juries would be instructed. ORS chapters don’t define voidable generally (they rely on common law), but certain statutes codify specific voidable scenarios (like ORS 125 on guardianship can void contracts by an incapacitated person). It’s accurate and how any Oregon lawyer would describe it to a client. No conflict; it’s a fundamental contract concept. Possibly note one nuance: a contract remains valid until rescinded by the entitled party, exactly as MRI asserts. That is legally correct.

Federal Law/Policy: Similarly, federal courts apply state contract law usually for contract validity. Federal courts operate with the voidable concept. The explanation is a general contract principle recognized nationwide. No conflict.

Whistleblower Protections

MRI Definition: Whistleblower Protections are legal safeguards for individuals who report illegal, unethical, or fraudulent activities within an organization mentorresearch.org. They ensure: Confidentiality (whistleblower’s identity kept confidential to prevent harm) mentorresearch.org; Anti-Retaliation (employers cannot retaliate via firing, demotion, pay cuts, or other punitive actions) mentorresearch.org; Legal Recourse (whistleblowers can seek compensation or reinstatement if retaliation occurs) mentorresearch.org.

Oregon Law/Policy: Oregon has broad whistleblower protection laws: ORS 659A.199 prohibits any employer retaliation against an employee for reporting in good faith what they believe is a violation of law. ORS 659A.230 specifically protects those who report criminal activity in good faith. Public employees have additional protections (ORS 659A.203). These laws provide for legal action by a whistleblower if retaliated against (with remedies of reinstatement, back pay, etc., aligning with “legal recourse” point mentorresearch.org). Oregon also has confidentiality in certain whistleblower reporting processes (e.g., identity of employee whistleblowers to OSHA is kept confidential by law). MRI’s three bullet points map to Oregon statutory protections. If an Oregon hospital employee reports unsafe care to OHA, there are protections (ORS 441.057 protects health care workers who report safety concerns; they can’t be disciplined). So yes, Oregon law fully supports that definition. The right to sue for retaliation is explicitly allowed (ORS 659A.885 provides remedies). No discrepancy; the definition matches Oregon’s statutory scheme quite well. It’s legitimate.

Federal Law/Policy: Many federal laws similarly: e.g., Section 1558 of ACA (FLSA 18C) prohibits retaliation for reporting ACA violations and OSHA enforces it, including reinstatement and damages. The False Claims Act’s Section 3730(h) protects whistleblowers reporting fraud (with remedies of reinstatement, double back pay, etc.). The Sarbanes-Oxley Act protects employees of public companies who report fraud (18 USC 1514A) with similar remedy. In health context, 42 U.S.C. 300jj-51 prohibits retaliation against hospital staff for reporting quality of care issues (Patient Safety Act may as well). Also, HHS requires that Medicare plans have policies so employees can report issues without fear. Confidentiality (examples: OSHA doesn’t reveal identity; many agencies allow anonymous reporting). Anti-retaliation is federal law in numerous contexts. Legal recourse, each whistleblower statute outlines remedies as MRI notes mentorresearch.org. The MRI definition is basically summarizing common elements of whistleblower laws. Absolutely consistent with federal policy that encourages internal and external whistleblowing by shielding reporters. The definition is supported by multiple federal statutes and enforced by agencies like OSHA’s Whistleblower Protection Program (which covers a broad range of laws including ACA, SOX, etc.), accurately reflecting the protections.

Conclusion: The thorough analysis above confirms that each definition in the Mentor Research Institute’s Healthy Contracts glossary is supported by and/or consistent with relevant Oregon state laws/policies and U.S. federal laws/policies. For instances where definitions are more conceptual (such as audit processes or internal frameworks), the MRI definitions align with accepted standards or best practices which legal/regulatory frameworks implicitly or explicitly endorse. No major discrepancies were found in this analysis. Each term either matched legal usage or, when not explicitly defined in law, was in harmony with policy objectives or common law principles. Where slight nuances existed (like the discretionary withholding of PHI under “minimum necessary”), it was noted by the authors as an ethical practice within bounds of law. Overall, the definitions provided are legitimate and reflect terms as used in legal/policy contexts.

Sources:

1.        Oregon Revised Statutes and Administrative Rules (insurance, Medicaid, contracts, labor) law.justia.comolis.oregonlegislature.gov letherlaw.comecfr.govecfr.gov.

2.        Oregon Health Authority and policy publications (OHA mission/values oregon.gov, Transformation Center on VBP oregon.gov

3.        VBP Compact news hcinnovationgroup.com).

4.        U.S. Federal statutes and regulations (ACA, Medicare) and CMS policy statements kff.orgwachlerblog.com.

5.        GAO/IIA auditing standards and risk management frameworks (implied in discussion of audit and risk terms).

6.        Mentor Research Institute’s “Healthy Contracts” definitions content mentorresearch.org, mentorresearch.org (used to ensure consistent interpretation with source material and cross-verified with external authority shown above).

 

Key words: Supervisor Education, Ethical Charting, CareOregon’s New Barrier to Oregon’s Mental Health Services, Mental Health, Psychotherapy, Counseling, Ethical and Lawful Value Based Care,