Cyberattacks and ransomware have been an ongoing story throughout the entire year, with hospitals and healthcare systems being one of the most popular targets for hackers attempting to shut down services and access personal information in hopes of a payout.
Take, for example, an attack on patient records that happened just last week at Ardent Health Services hospitals in New Jersey, Texas, Oklahoma, and New Mexico: one of, if not the largest operator to be hit so far. The attack shut down a significant number of the health system’s computerized services, causing a temporary shutdown of affected hospitals’ emergency rooms and rescheduling of surgeries, all while nurses rushed to print out paper patient records.
While the first time health systems and hospitals were specifically targeted on record in this fashion was in 2016, the U.S. Department of Health and Human Services (HHS) estimated recently that more than 61 million people’s medical data has been exposed just since January – and the Biden Administration has been very keen to address this.
Back in March, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) launched a program to warn American companies that their systems are vulnerable to ransomware attacks in the brief but vital time period between a hacker gaining access to a network and when they lock up the network and demand payment. Indeed, in the Ardent Health incident, CISA officials reached out to the company to alert them about suspicious activity in their system.
Now CISA has released a new mitigation guide for healthcare and public health organizations that identifies common vulnerabilities and how the sector can shore up their systems to prevent these attacks in the first place. The agency previously released a Cyber Risk Summary document back in July, and this new release is being called a “supplemental companion” to that.
The guidelines are, of course, optional, but are intended to help health system IT teams and others in the industry looking for best practices and recommendations.
The new guide looks at three main areas where healthcare is vulnerable: asset management and security, identity management and device security, and vulnerability and configuration management. Now, I won’t go into explicit detail about each of these – I’ll leave you something to look forward to reading – but some highlighted recommendations include having employees use phishing-resistant multifactor authentication, allowing encrypted connections and watermarked emails, and restricting access to sensitive data to only those who need it.
CISA also goes on to note that they’ve additionally published guidelines for software design that direct technology manufacturers to develop programs with cybersecurity in mind. The agency makes clear that this is not solely the responsibility of healthcare and public health organizations; it is a joint effort.
This effort is vitally important; a CISA study found that cyberattacks in hospitals resulted in reduced capacity and worsened health outcomes, both immediately and long after the attack. Aside from the rescheduled surgeries and necessity for paper records, the study found downstream effects of delayed cancer treatments, loss of communication between hospitals in the network, inability to submit radiology imaging, and delayed communication of test results.
As we close out 2023, cyberattacks unfortunately add another layer to the healthcare industry’s struggles. Amid staffing and budget concerns, organizations are going to need to consider CISA’s and other recommendations to ensure their networks’ safety. But as studies show, it’s worth it. And like FBI Director Christopher Wray stated when discussing the issue: “The best time to patch the roof is before there’s a leak.”
There has been a noticeable increase in payer actions regarding readmission denials, often justified as efforts to enhance quality of care and align with Medicare’s
Obesity has become a major public health crisis in the United States, with rates rising dramatically over the past several decades. In 1960, fewer than
Please log in to your account to comment on this article.
Join Beth Wolf, MD, CPC, CCDS, for an in-depth webcast on the FY2025 spinal fusion MS-DRG updates. Discover key changes in DRG classification, understand impacts on documentation and CMI, and learn strategies to ensure compliance.
Join Angela Comfort, DBA, MBA, RHIA, CDIP, CCS, CCS-P, as she presents effective strategies to strengthen collaboration between CDI, coding, and quality departments in acute care hospitals. Angela will also share guidance on implementing cross-departmental meetings, using shared KPIs, and engaging leadership to foster a culture of collaboration. Attendees will gain actionable tools to optimize documentation accuracy, elevate quality metrics, and drive a unified approach to healthcare goals, ultimately enhancing both patient outcomes and organizational performance.
Optimize your outpatient clinical documentation and gain comprehensive knowledge from foundational practices to advanced technologies, ensuring improved patient care and organizational and financial success. This webcast bundle provides a holistic approach to outpatient CDI, empowering you to implement best practices from the ground up and leverage advanced strategies for superior results. You will gain actionable insights to improve documentation quality, patient care, compliance, and financial outcomes.
Enhancing outpatient clinical documentation is crucial for maintaining accuracy, compliance, and proper reimbursement in today’s complex healthcare environment. This webcast, presented by industry expert Angela Comfort, DBA, RHIA, CDIP, CCS, CCS-P, will provide you with actionable strategies to tackle complex challenges in outpatient documentation. You’ll learn how to craft detailed clinical narratives, utilize advanced EHR features, and implement accurate risk adjustment and HCC coding. The session also covers essential regulatory updates to keep your documentation practices compliant. Join us to gain the tools you need to improve documentation quality, support better patient care, and ensure financial integrity.
Dr. Ronald Hirsch provides critical details on the new Medicare Appeal Process for Status Changes for patients whose status changes during their hospital stay. He also delves into other scenarios of hospital patients receiving custodial care or medically unnecessary services where patient notifications may be needed along with the processes necessary to ensure compliance with state and federal guidance.
Healthcare organizations face complex regulatory requirements under the No Surprises Act and Price Transparency rules. These policies mandate extensive fee disclosures across settings, and confusion is widespread—many hospitals remain unaware they must post every contracted rate. Non-compliance could lead to costly penalties, financial loss, and legal risks. Join David M. Glaser Esq. as he shows you how to navigate these regulations effectively.
Protect your facility from unwanted audits! Join Becky Jacobsen, BSN, RN, MBS, CCS-P, CPC, CPEDC, CBCS, CEMC, and take a deep dive into both the CMS and AMA guidelines for reporting post operative pain blocks. You’ll learn how to determine if the nerve block is separately codable with real life examples for better understanding. Becky will also cover how to evaluate whether documentation supports medical necessity, offer recommendations for stronger documentation practices, and provide guidance on educating providers about documentation requirements. She’ll include a discussion of appropriate modifier and diagnosis coding assignment so that you can be confident that your billing of post operative pain blocks is fully supported and compliant.
During this RACmonitor webcast Dr. Ronald Hirsch spotlights the areas of the OIG’s Work Plan and the findings of their most recent audits that impact utilization review, case management, and audit staff. He also provides his common-sense interpretation of the prevailing regulations related to those target issues. You’ll walk away better equipped with strategies to put in place immediately to reduce your risk of paybacks, increased scrutiny, and criminal penalties.
Copyright © 2024 ICD10monitor. Powered by MedLearn Media.
Prepare for the 2025 CMS IPPS Final Rule with ICD10monitor’s IPPSPalooza! Click HERE to learn more
Get 15% OFF on all educational webcasts at ICD10monitor with code JULYFOURTH24 until July 4, 2024—start learning today!
