Skip to main content

Military Health System

Utility Navigation Links

TRICARE Operations Manual 6010.59-M, April 1, 2015
Medical Management (MM), Utilization Management (UM), And Quality Management (QM)
Chapter 7
Section 3
Contractor Relationships With The Military Health System (MHS) TRICARE Quality Monitoring Contract (TQMC) Contractor
Revision:  C-26, May 30, 2018
1.0  The TQMC contractor conducts reviews to validate the appropriateness of the contractor’s quality of care and utilization review decisions. The Managed Care Support Contractors (MCSCs), Designated Providers (DPs), the TRICARE Dual Eligible Fiscal Intermediary Contractor (TDEFIC) and TRICARE Overseas Program (TOP) contractor shall transmit paper or electronic copies of the medical record and all case documentation to the TQMC contractor for each case or category of case requested by the TQMC contractor. The estimated number of medical records (including inpatient and outpatient care) to be selected will vary depending upon the health care region involved and the TQMC’s selection criteria. The estimated quantities per region could range from up to 3600 to 7560 records per year for the MCSCs, up to 120 to 360 records per year for the DPs, and up to 1200 to 2400 records per year for TDEFIC. Records will be requested periodically throughout the year.
2.0  The MCSCs, DPs, and TDEFIC contractor shall transmit 95% of the requested records to the TQMC contractor within 45 calendar days and 98% within 60 calendar days from the date the MCSCs, DPs, and TDEFIC contractor receive the request for records from the TQMC contractor. Records to be transmitted shall include the complete medical record, the MCSC’s, DP’s, and TDEFIC’s utilization review decision, rationale for that decision, and quality of care determinations. The MCSC’s, DPs, and TDEFIC contractor shall forward a monthly Contractors Records Accountability Report. Details for reporting are identified by DD Form 1423, Contract Data Requirements List (CDRL), located in Section J of the applicable contract. Both paper and electronic record transfer and storage are acceptable to Defense Health Agency (DHA). Records may be transmitted through secure electronic means and stored with the TQMC contractor for review in adherence with the requirements specified in Chapter 9, Records Management. Adherence to these procedures is essential for compliance with the Privacy Act of 1974 (5 USC 552a), the Department of Defense (DoD) Privacy Program (DoD 5400.11-R), the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules (45 CFR Parts 160 and 164), the DoD Health Information Privacy Regulation (DoD 6025.18-R), the DoD Health Information Security Regulation (DoD 8580.02-R), and other federal laws protecting the privacy and security of Personally Identifiable Information (PII), including health information. Receipt of electronic records shall be acknowledged by return e-mail from the TQMC contractor. If the acknowledgment e-mail is not received within one business day after the electronic records were transmitted, or if it is determined that the records were not transmitted with the required security safeguards, then the contractor (MCSC, DP, TDEFIC) shall immediately follow-up to determine the status and whether a possible breach may have occurred. Unless it is determined that no possible breach occurred, then, within 24 hours, the contractor shall notify the DHA Privacy Office and carry out the other breach response requirements of Chapter 1, Section 5.
2.1  Transfer of paper records shall adhere to procedures specified in paragraphs 2.1.1 through 2.5.
2.1.1  The records shall be packaged in boxes containing a single month of records and a Box Inventory Document (see Figure 7.3-1) stating the number of patient records contained therein and identifying each record by patient name and DHA Internal Control Number (ICN), which should be clearly shown on each patient’s record. Because the Box Inventory Document contains PII, that document (in both its paper and electronic versions) shall be protected from unauthorized use and disclosure in the same manner as the patient records themselves.
2.1.2  The MCSCs, DPs, or TDEFIC shall notify the designated Point Of Contact (POC) at the TQMC contractor, via e-mail, each day that a box or boxes have shipped, stating the number of boxes (with tracking numbers) in that day’s shipment (see Figure 7.3-2). The MCSCs, DPs, or TDEFIC shall track the shipment, including delivery, using the shipping vendor’s tracking method and retain documentation of such.
2.2  Within one business day of receipt of a shipment from a contractor (MCSC, DP, or TDEFIC), the TQMC contractor, using the MCSC, DP, or TDEFIC Box Inventory Document(s), the TQMC shall match the number of boxes received with the corresponding e-mail shipment notification. If any boxes are missing, the contractor and the TQMC shall immediately investigate and, no later than 24 hours after finding that a box is missing, initiate breach response in accordance with Chapter 1, Section 5. If no boxes are missing and for all boxes received, then the TQMC contractor shall confirm the number of records in each box, and a match between each patient record and ICN for the patient names listed on the Box Inventory Document no later than the Close of Business (COB) on the fifth business day after receipt of the shipment. By that date, the TQMC contractor shall send an e-mail back to the MCSC/DP/TDEFIC confirming the number of boxes, number of records in each box and match of all ICNs. Upon receipt of the TQMC contractor’s confirmation e-mail, no further action is required by the MCSC, DP, or TDEFIC.
2.3  Using the Box Inventory Document, if the TQMC contractor identifies:
•  A count discrepancy in either the number of boxes or number of charts in each box;
•  Absence of a record; or
•  A mismatch of the record with the ICN; and
•  If the TQMC contractor concludes that records are or may be missing, the TQMC contractor shall notify by e-mail the MCSC, DP, or TDEFIC of the discrepancy including details of the discrepancy by COB of the fifth business day from receipt of shipment. Upon notification of the count discrepancy, the MCSC, DP, or TDEFIC shall investigate the discrepancy, take appropriate steps and notifications, and be in telephone, fax and e-mail communication to resolve the potential violations of applicable law as soon as possible. If the missing records are not promptly located, then, within 24 hours of receiving the notice from the TQMC, the contractor shall initiate breach response in accordance with Chapter 1, Section 5.
2.4  The TQMC contractor shall send a “non-receipt” e-mail to the MCSC, Uniformed Services Family Health Plan (USFHP) Designated Providers (DP) and Program Office (PO), or TDEFIC POC by COB of the fifth business day if no shipment was received from the MCSC, USFHP DP and PO, or TDEFIC following notification that a shipment was sent. Upon receipt of a “non-receipt of a shipment” e-mail from the TQMC contractor POC, the MCSC, USFHP PO, or TDEFIC shall immediately track the shipment and notify the TQMC contractor POC, by e-mail, of the status of the shipment. The MCSC, USFHP DP and PO, or TDEFIC shall be in telephone, fax or e-mail communication with the TQMC contractor POC to determine the appropriate steps and notifications, based upon the investigation to resolve the potential HIPAA violation.
2.5  If the MCSC, USFHP DP and PO, or TDEFIC do not receive an e-mail from the TQMC contractor indicating either confirmation of receipt, confirmation of receipt with discrepancy, or a non-receipt of shipment, by the morning of the sixth business day after shipment, the MCSC, USFHP DP and PO, or TDEFIC shall notify, by COB on the same day, all parties required to receive notice under the breach notification provisions of Chapter 1, Section 5 and applicable law. These parties include the DHA Clinical Operations Division (COD), USFHP PO, and the DHA Privacy Office. The notifications shall provide available details about the shipment and the circumstances. The TQMC contractor shall verify that these notifications are sent, and shall provide the notifications itself if the sender of the records fails to do so. Thereafter, the MCSC, USFHP DP, or TDEFIC shall comply with breach response requirements of Chapter 1, Section 5 and applicable law.
3.0  The MCSCs, USFHP, and TDEFIC shall provide the appropriate COD/USFHP and TDEFIC Contracting Officer’s Representative (COR) written responses to all TQMC contractor findings. The MCSC’s, USFHP’s, and TDEFIC contractor’s responses shall state agreement, partial agreement, or nonconcurrence with each discrepancy found by the TQMC contractor, and include supporting rationale, and proposed follow-up actions to address the issues (see Section J of the contract). Details for reporting the TQMC Quarterly Findings are identified by DD Form 1423, CDRL located in Section J of the applicable contract.
4.0  At the direction of the DHA Clinical Support Division (CSD), the MCSCs, USFHP, TDEFIC and TOP contractors shall attend two face-to-face meetings annually, of one to two days duration, at a location chosen by CSD. Additionally, contractors shall participate in two teleconference meetings not to exceed one day per meeting.
Figure 7.3-1  Box Inventory Document (Sample)
(Logo or Letterhead of Company)
Inside mailing address identifying Organization and Person Shipping POC
Privacy/HIPAA Warning Notice:
The information in the enclosed documents may be subject to the Privacy Act of 1974, the Health Insurance Portability and Accountability Act (HIPAA) and other Federal Laws protecting the privacy and security of Personally Identifiable Information (PII), including health information. Personal information contained in this inventory and in the enclosed documents may be used and disclosed only by authorized persons in the conduct of official business and only in accordance with the Privacy Act, HIPAA and other applicable Federal law. Any unauthorized use or disclosure of personal information may result in criminal and/or civil penalties. If you are not the intended recipient of this correspondence, you must notify the sender upon receipt and transfer the documents in accordance with the sender’s instructions. If you inspect, copy or transfer the enclosed documents other than as instructed, a violation of applicable law may occur.
This is Box X of Y mailed on MM/DD/YEAR
Record Request Received by Contractor: Month & Year
Recommended Per Box Inventory Letter Example (to be included in each box)
Name of Contractor:
Date Mailed: M/D/YR
Month of Chart Request: M/YR
Number of records in box =
Patient Name
Patient Year of Birth
Admission Date
Discharge Date
Figure 7.3-2  Routine E-Mail (Sample)
Information to include:
Date Shipment to be “picked up”
Number of boxes in shipment
For Each Box in Shipment
Tracking number for box: 1ZV300Y4019919XXX
Audit Month (05/2009)
Number of records in box (XY)
1.  OASD/HA Memorandum, Use of Digital Signature on Official TMA Electronic Mail (e-mail), June 13, 2007.
2.  OASD/HA Memorandum, Protection of Sensitive Information in Electronic Mail, August 13, 2007.
3.  OASD/HA Memorandum, Guidelines on Protection of Sensitive Information in Electronic E-mail, June 25, 2008.
4.  OASD/HA Memorandum, Updated Guidelines on Protection of Sensitive Information in Electronic Mail, September 19, 2008.
5.  DoD Memorandum, “DoD Guidance on Protecting Personally Identifiable Information (PII),” August 18, 2006.
6.  DoD Regulation 6025.18-R, “DoD Health Information Privacy Regulation,” January 24, 2003, and
7.  DoD Regulation 8580.02-R, “DoD Health Information Security Regulation,” July 12, 2007.
- END -
Follow us on Instagram Follow us on LinkedIn Follow us on Facebook Follow us on Twitter Follow us on YouTube Sign up on GovDelivery