DEPARTMENT OF HEALTH AND HUMAN SERVICES
CENTERS FOR MEDICARE & MEDICAID SERVICES
MEDICARE SUPPLIER ENROLLMENT APPLICATION PRIVACY ACT STATEMENT
The Centers for Medicare & Medicaid Services (CMS) is authorized to collect the information requested on this form
by sections 1124(a)(1), 1124A(a)(3), 1128, 1814, 1815, 1833(e), and 1842(r) of the Social Security Act [42 U.S.C.
§§ 1320a-3(a)(1), 1320a-7, 1395f, 1395g, 1395(l)(e), and 1395u(r)] and section 31001(1) of the Debt Collection
Improvement Act [31 U.S.C. § 7701(c)].
The purpose of collecting this information is to determine or verify the eligibility of individuals and organizations
to enroll in the Medicare program as suppliers of goods and services to Medicare beneficiaries and to assist in the
administration of the Medicare program. This information will also be used to ensure that no payments will be made
to providers who are excluded from participation in the Medicare program. All information on this form is required,
with the exception of those sections marked as “optional” on the form. Without this information, the ability to make
payments will be delayed or denied.
The information collected will be entered into the Provider Enrollment, Chain and Ownership System (PECOS).
The information in this application will be disclosed according to the routine uses described below.
Information from these systems may be disclosed under specific circumstances to:
1. CMS contractors to carry out Medicare functions, collating or analyzing data, or to detect fraud or abuse;
2. A congressional office from the record of an individual health care provider in response to an inquiry from the
congressional office at the written request of that individual health care practitioner;
3. The Railroad Retirement Board to administer provisions of the Railroad Retirement or Social Security Acts;
4. Peer Review Organizations in connection with the review of claims, or in connection with studies or other review
activities, conducted pursuant to Part B of Title XVIII of the Social Security Act;
5. To the Department of Justice or an adjudicative body when the agency, an agency employee, or the United States
Government is a party to litigation and the use of the information is compatible with the purpose for which the
agency collected the information;
6. To the Department of Justice for investigating and prosecuting violations of the Social Security Act, to which
criminal penalties are attached;
7. To the American Medical Association (AMA), for the purpose of attempting to identify medical doctors when
the National Plan and Provider Enumeration System is unable to establish identity after matching contractor
submitted data to the data extract provided by the AMA;
8. An individual or organization for a research, evaluation, or epidemiological project related to the prevention of
disease or disability, or to the restoration or maintenance of health;
9. Other Federal agencies that administer a Federal health care benefit program to enumerate/enroll providers of
medical services or to detect fraud or abuse;
10. State Licensing Boards for review of unethical practices or non-professional conduct;
11. States for the purpose of administration of health care programs; and/or
12. Insurance companies, self insurers, health maintenance organizations, multiple employer trusts, and other health
care groups providing health care claims processing, when a link to Medicare or Medicaid claims is established,
and data are used solely to process supplier’s health care claims.
The supplier should be aware that the Computer Matching and Privacy Protection Act of 1988 (P.L. 100-503)
amended the Privacy Act, 5 U.S.C. § 552a, to permit the government to verify information through
computer matching.
Protection of Proprietary Information
Privileged or confidential commercial or financial information collected in this form is protected from public
disclosure by Federal law 5 U.S.C. § 552(b)(4) and Executive Order 12600.
Protection of Confidential Commercial and/or Sensitive Personal Information
If any information within this application (or attachments thereto) constitutes a trade secret or privileged or
confidential information (as such terms are interpreted under the Freedom of Information Act and applicable case
law), or is of a highly sensitive personal nature such that disclosure would constitute a clearly unwarranted invasion
of the personal privacy of one or more persons, then such information will be protected from release by CMS under
5 U.S.C. §§ 552(b)(4) and/or (b)(6), respectively.
CMS-855B (07/11) 48