Health Care Compliance Brief

Ribbon Health Launches Provider Data Platform

HIT Consultant

MARCH 19, 2024

The cloud-native SaaS platform combines Ribbon’s high-quality provider data directory with advanced data management capabilities – a powerful, first-of-its-kind combination for the industry that allows healthcare enterprises to easily configure custom data workflows to drive operational efficiency and value.

Health Insurance

Health Insurance Governance Compliance

How the No Surprises Act Affects Provider Directories

Provider Trust

JULY 26, 2023

When patients need care, they search through a provider directory to find someone in their healthcare network or plan that can provide them with the medical services they need. Unfortunately, provider directories are often riddled with inaccuracies. of the provider directory locations listed contained at least one inaccuracy.

Medicaid

Medicaid Medicaid Compliance Medicare

Healthcare Organizations Warned About Maximum Severity Vulnerabilities in Illumina Devices

HIPAA Journal

JUNE 3, 2022

A threat actor could exploit the vulnerabilities remotely, take control of the instruments, and perform any action at the operating system level such as modifying the settings, configurations, software, or data on the instrument. MiSeq Instrument: LRM Versions 1.3 iSeq 100 Instrument: LRM Versions 1.3 MiniSeq Instrument: LRM Versions 1.3

HIPAA

State legislative activity

Hanys

JANUARY 26, 2024

201) Doula admittance in operating rooms (A.2087-B/S.5991-A) 5992-A) Community doula directory chapter amendment (A.8529/S.8080) This week the following bills passed both houses: Information for maternity patients (A.5576/S.3610) 3610) Health insurance enrollment for pregnant individuals (A.2656/S.201)

Health Insurance

Health Insurance Hospitals

Akira Ransomware Group Targeting the Healthcare and Public Health Sector

HIPAA Journal

SEPTEMBER 13, 2023

The HHS’ Health Sector Cybersecurity Coordination Center (HC3) has issued a health and public health (HPH) sector alert about a new ransomware group called Akira, which has been in operation since March 2023. The group has claimed at least 60 victims in a little over 5 months of operation, including organizations in the HPH sector.

Ransomware

Ransomware Public Health HIPAA

MRO Is Among Latest to Earn Validated Data Stream Designations in NCQA Data Aggregator Validation Program, For Third Time

MRO Compliance

JANUARY 24, 2024

Within our payer solutions we are enabling core health plan capabilities and improving functional operations through interoperable data connectivity across provider networks. FIGmd, an MRO company, is listed as the entity earning the Validated Data Stream designation on the NCQA directory.

Hospitals

Solving The Challenges of Provider Database Management

Electronic Health Reporter

MARCH 25, 2020

By Priya Sabharwal, practice leader, network operations, HGS. Imagine a scenario: A patient looking for a new doctor searches her insurer’s online network directory to find a provider her plan will cover. This article is copyrighted strictly for Electronic Health Reporter. Illegal copying is prohibited. She selects what […].

Doctors

CorrectCare Integrated Health Data Breach Affects Thousands of Inmates

HIPAA Journal

NOVEMBER 3, 2022

On July 6, 2022, CorrectCare discovered two file directories on its web server had been misconfigured and could be accessed over the Internet without requiring authentication. Around 80,000 individuals incarcerated in facilities operated by the Louisiana Department of Public Safety and Corrections are also known to have been affected.

HIPAA

HIPAA Health Insurance Hospitals

FBI Issues Warning About BlackCat Ransomware Operation

HIPAA Journal

APRIL 21, 2022

The Federal Bureau of Investigation (FBI) has issued a TLP: WHITE flash alert about the BlackCat ransomware-a-s-a-service (RaaS) operation. A member of the operation has claimed they are a former affiliate of BlackMatter/DarkSide that branched out on their own; however, it is more likely that BlackCat is a rebrand of BlackMatter/DarkSide.

Ransomware

Ransomware HIPAA

HiLabs Raises $39M to Expand AI-Powered Solutions for Health Plans

HIT Consultant

MARCH 14, 2024

HiLabs’ cloud-based MCheck platform plays a pivotal role by ingesting, cleansing, and enriching critical healthcare information, leading to substantial reductions in operational costs for healthcare organizations and improvements in patient outcomes.

Electronic Medical Records

Electronic Medical Records Health Insurance

What Information Can Hospitals Give Over the Phone?

HIPAA Journal

AUGUST 30, 2023

What is Directory Information? What is Directory Information? Hospitals can make disclosures of PHI over the phone for treatment, payment, and healthcare operations (TPO). What Information Can Hospitals Give Over the Phone for TPO Purposes?

Hospitals

Hospitals HIPAA Compliance

Ensuring Provider Directory Compliance With H.R. 133

Verisys

DECEMBER 22, 2021

If you have a provider directory, you probably know about the Consolidated Appropriations Act of 2021 (aka H.R. Passed last December, the Act requires group health plans and health insurance issuers to improve the verification and refresh process of their provider directory systems. By Donald Potts and Donovan Schwartz.

Compliance

Compliance Regulatory Compliance Healthcare information Technology Health Insurance

Bonus Features – April 21, 2024 – 89% of physicians said generative AI vendors need to be transparent about where info comes from, 73% of consumers expect a 4-star rating before they’ll engage with a provider, plus 21 more stories

Healthcare IT Today

APRIL 21, 2024

Trilliant Health released the entry-level tier of its Provider Directory and the national version of its Demand Forecast on Databricks Marketplace , an open marketplace for AI assets. OSF HealthCare will use Brand Engagement Network AI assistants for simulated training operations at select provider facilities.

Health Analytics

Health Analytics Medicare Medicare

Healthcare Sector Warned About Akira Ransomware Attacks

HIPAA Journal

FEBRUARY 9, 2024

Since the group operates out of Russia, attacks on targets in the Commonwealth of Independent States (CIS) are prohibited. Akira is a ransomware-as-a-service (RaaS) operation that is thought to have ties to the Conti ransomware group.

Ransomware

Ransomware Public Health HIPAA

How Robust Provider Data Helps Avoid Noncompliance and Regulation Penalties | symplr

Symplr

AUGUST 1, 2022

The results have affected all participants in healthcare in that there's increasing scrutiny and specificity regarding federal and state level regulations for provider directories. litigation, operational challenges, and regulatory compliance) is addressed in depth in a white paper that sheds light on the subject.

Regulatory Compliance

Regulatory Compliance Compliance

Russian State-Sponsored Actors are Exploiting MFA and the PrintNightmare Vulnerability

HIPAA Journal

MARCH 17, 2022

The account had been unenrolled from Duo after a long period of inactivity but had not been disabled in Active Directory. The attackers were able to enroll a new device in the NGO’s Duo MFA using compromised credentials, which were obtained in a brute force attack that guessed a simple, predictable password.

HIPAA

Doctors rate telehealth as the most promising technology during COVID-19, survey finds

Healthcare IT News - Telehealth

SEPTEMBER 9, 2020

Jan Kimpen, Philips Chief Medical Officer, has discussed the FHI 2020 findings in two digital dialogue sessions: ' Leveraging digital to protect healthcare workers ' and ' Leveraging digital for chronic care ' , which can both be accessed via the HIMSS Learning Centre on-demand directory. European Digital Event.

COVID-19

COVID-19 Doctors Telemedicine

Médecins Sans Frontières/Doctors Without Borders Deploys Celo Health Secure Messaging Solution to Support its Humanitarian Efforts in 87 Countries

HIPAA Journal

JUNE 20, 2023

In order to comply with these regulations, organizations that operate globally must ensure that medical information is fully protected when it is transmitted electronically and access controls are in place to ensure that only authorized individuals can view that information.

Doctors

Doctors Due Diligence Telemedicine HIPAA

Rise of Retail Healthcare: Challenges and Opportunities for Payers

HIT Consultant

MARCH 17, 2024

Payers have the added complexity of managing accurate directories that include information about retail health centers, fragmented medical histories, and patient engagement. Retail health centers have the potential to change the landscape of healthcare delivery, but there are challenges to overcome.

Patient Satisfaction

Patient Satisfaction Health Outcomes COVID-19 Doctors

Digital Tech Holds Great Promise for Expanding Patient Access, Health System Leaders Say

Health Populi

DECEMBER 5, 2022

KLAS surveyed the views of 61 health system leaders to assess their perspectives on health care access, costs, telehealth, and artificial intelligence looking toward the next year of health care operations. The challenge of patient access is emerging as top-of-mind for CxOs some of whom have identified C-Suite roles to address the issue.

Health Care Access

Health Care Access Hospitals Telemedicine

Bonus Features – September 3, 2023 – 60% of cybersecurity incidents impact patient care, the average medical device has six or more security vulnerabilities, and more

Healthcare IT Today

SEPTEMBER 3, 2023

Two-thirds reported additional market pressure in the form of rising operating budgets. That said, operating margins were 1.1% Veda is integrating OutCare Health’s OutList , a directory of LGBTQ+ affirming providers, into its insurer-facing provider directories.

FDA

FDA Telemedicine Health Insurance Hospitals

CMS Requests Information about Medicare Advantage Data

Hall Render

MARCH 8, 2024

Moreover, CMS specifically invited health care providers to “provide recommendations related to operational considerations” and to share their “common challenges and experiences in the MA program for which limited data are currently available.” All interested parties can submit comments until May 29, 2024.

Medicare

Medicare Medicare Medicaid Medicaid

The Answer to Provider Data Management May Already be in Your Tech Stack

Healthcare IT Today

NOVEMBER 14, 2023

As healthcare organizations look for new ways to modernize their operations (and reduce costs), provider data is a good place to focus. When teams aren’t accessing the same provider information, or provider directories are inaccurate, the systems to prevent these consequences can fail. How is provider data shared in your organization?

US Department of Health and Human Services

US Department of Health and Human Services Licensing Nurses Compliance

President Biden Urges Private Sector to Take Immediate Action to Harden Cybersecurity Defenses

HIPAA Journal

MARCH 23, 2022

In the United States, a large percentage of the country’s critical infrastructure is operated by the private sector. But the Federal Government can’t defend against this threat alone.”. Security software should be deployed that is capable of continuously scanning computers and devices to identify and mitigate threats.

Governance

Governance HIPAA Hospitals

Bonus Features – April 9, 2023 – 63% of RCM departments face staffing shortages, small Stanford study shows 90% of GPT answers in clinical setting are “generally safe,” and more

Healthcare IT Today

APRIL 9, 2023

operating margin for hospitals in February. Kyruus subsidiary HealthSparq unveiled Validated Provider Profiles to help health plans maintain compliant, up-to-date member-facing directories. Intermountain Health is expanding its use of Kyruus ProviderMatch to rebuild the health system’s 15,000-provider directory.

FDA

FDA Hospitals

FBI Shares Intel on Emerging Initial Access Techniques Used by Ransomware Gangs

HIPAA Journal

NOVEMBER 9, 2023

Domain controllers, servers, workstations, and active directories should be reviewed for unrecognized accounts, user accounts should be audited, and time-based access should be set for accounts at the admin level and higher.

Ransomware

Ransomware HIPAA

Warning Issued About Access:7 Vulnerabilities Affecting IoT and Medical Devices

HIPAA Journal

MARCH 9, 2022

A group of vulnerabilities dubbed Access:7 have been identified in the web-based technologies PTC Axeda and Axeda Desktop Server which are used to allow one or more people to securely view and operate the same remote desktop via the Internet. When running the Windows operating system, configure Localhost communications (127.0.0.1)

HIPAA

Healthcare and Financial Services Remain Top Targets for Cyber Threat Actors

HIPAA Journal

AUGUST 4, 2023

APT28 is a highly skilled cyber espionage group thought to operate on behalf of the Russian government and Lazarus Group is thought to be a North Korean state-sponsored threat actor.

Ransomware

Ransomware Governance HIPAA

Weekly Roundup – August 27, 2022

Healthcare IT Today

AUGUST 27, 2022

Read more… How DirectTrust Is Improving Its Directory. Writing from The Civitas Networks for Health 2022 Annual Conference, a Collaboration with the DirectTrust Summit, John shared updates on ongoing work DirectTrust is doing to improve the directory of Direct addresses.

Nurses

Nurses Hospitals

Beyond Credentialing: How PDM Drives Quality Care & Revenue

HIT Consultant

FEBRUARY 12, 2024

Supporting the healthcare workforce through better operations An end-to-end PDM solution should also be at the forefront of health systems’ game plans to alleviate labor shortages and burnout. health systems, an average of 20% more time could be redirected to patient care if healthcare operations software were consolidated.

Regulatory Compliance

Regulatory Compliance Hospitals Patient Satisfaction Compliance

CertifyOS Secures $14.5M for Frictionless Provider Intelligence

HIT Consultant

SEPTEMBER 7, 2022

The platform is UI-agnostic, and can integrate with any third-party platform, enabling payors to seamlessly continue provider operations without changing technical architecture, systems, or procedures. Now, CertifyOS will be able to retain additional insurance providers as customers, many of which require accreditation as a prerequisite.

Licensing

Licensing Hospitals

NYS DFS Revisits PBM Regulation with Scaled-Back Draft Rules

Health Care Law Brief

FEBRUARY 16, 2024

On February 6, 2024, the New York State Department of Financial Services (“DFS”) released “pre-proposed” consolidated rulemaking related to the business practices of Pharmacy Benefit Managers (“PBMs”) licensed to operate in New York.

Licensing

Licensing Medicare Medicare Regulatory Compliance

Expanding Operations to India

Verisys

JUNE 22, 2022

announced the expansion of operations in India through a wholly-owned subsidiary, Verisys Global Private Limited, located in Hyderabad. . Verisys operates with a total global workforce of more than 600 working remotely as well as out of four U.S. The post Expanding Operations to India appeared first on Verisys.

Medicaid

Medicaid Medicaid

Five Ways Payers Can Improve Provider Responsiveness

Verisys

JANUARY 4, 2022

As many as 50% of entries in provider directories are inaccurate , according to Availity. And that’s just directories. Payers should either clean that up themselves or outsource the job to directory and data quality experts. Be clear about the requirements for each to speed up applications. 3) Clean up the data.

Nursing Homes

Nursing Homes Nurses

Bonus Features – July 31, 2022 – House passes bill to extend telehealth flexibility to 2024, only 60% of practices hit their 2021 revenue goal, and more

Healthcare IT Today

JULY 31, 2022

Health information network Availity will be the provider data management partner for Symphony Provider Directory , California’s provider directory utility and a part of the Integrated Healthcare Association. Preventive care delivery platform Fullscript has joined the athenahealth Marketplace app store.

COVID-19

COVID-19 Telemedicine Nurses FDA

Ransomware Groups are Accelerating Their Attacks with Dwell Time Falling to Just 5 Days

HIPAA Journal

AUGUST 28, 2023

On average, it took 16 hours from initial access for attackers to gain access to Microsoft Active Directory and escalate privileges to allow broad access to internal systems. They do not expect the median dwell time to fall below 5 days due to the time it typically takes for the hackers to achieve their objectives.

Ransomware

Ransomware HIPAA

Bonus Features – November 12, 2023 – 93% of clinicians use RPM in cardiac care rehab, telehealth flexibilities remain in place until the end of 2024, plus 25 more stories

Healthcare IT Today

NOVEMBER 12, 2023

Health Payment Systems selected Madaket Health to manage its provider directory and roster requirements for No Surprises Act compliance. Clinical NLP software vendor emtelligent named Andrew Walker as Executive Vice President of Customer Strategy and Operations.

Payment Systems

Payment Systems Public Health Medicare Medicare

6 Ways Health Payors Can Leverage Intelligent Document Processing for Cost Savings

HIT Consultant

APRIL 24, 2023

By automating what was once a tedious, time-intensive process, intelligent document processing shortens the appeals cycle, which reduces operational costs and facilitates better payor/provider relationships. Prior Authorizations Some insurers require preauthorization for specific types of care. Today, the process can be automated.

Health Insurance

Health Insurance COVID-19 Medicare Medicare

What Is Provider Enrollment?

Verisys

DECEMBER 23, 2021

The following items are required for enrollment in Medicare: A primary place of service must be in operation. User-friendly, up-to-the-minute provider directories available online, on a mobile app, and with printable features. Extensive enrollment information can be found on the CMS website. Application Review Is Critical .

Medicare

Medicare Medicare Medicaid Medicaid

Healthcare Industry Warned About Risk Posed by APT41 Threat Group

HIPAA Journal

SEPTEMBER 28, 2022

In one of the more recent campaigns targeting healthcare organizations between January 2020 and March 2020, the group targeted Citrix, Cisco, and Zoho endpoints, exploiting the CVE-2019-19781 Citrix directory traversal vulnerability, and the CVE-2020-10189 Zoho remote code execution vulnerability.

Pharmaceutical Industry

Pharmaceutical Industry HIPAA Governance

Featured Health IT Jobs – Information Services Support Specialist

Healthcare IT Today

AUGUST 23, 2023

Support Specialist and play a crucial role in ensuring the seamless operation of our computer software application programs. Here’s a description of the position: Location Administration South City Toppenish Join our team as an I.S. What We Offer $25.00-$30.00/hour What We Offer $25.00-$30.00/hour

Telemedicine

Telemedicine Licensing Health Insurance

Recent Digital Health Strategic Partnerships Roundup: Unite Us, careMESH, CareCloud, Others

HIT Consultant

MAY 4, 2023

Joseph’s Health Enhances Provider Communications with careMESH’s Healthcare Directory and User-Friendly Messaging Services New Jersey-based St. Joseph’s Health partners with careMESH to significantly expand the health system’s clinical communications reach to all community physicians, including digital access to electronic medical records.

Electronic Medical Records

Electronic Medical Records Health Insurance Hospitals Health Outcomes

How Bluetooth Technology Is Bolstering the New Era of Hearing Accessibility

HIT Consultant

DECEMBER 20, 2022

The introduction of LE Audio means Bluetooth audio now has two modes of operation: Classic Audio and LE Audio. These discussions resulted in the release of LE Audio, a new architecture for Bluetooth audio. . The nation is on the cusp of a new reality for those living with hearing loss.

FDA

Quick Guide to the National Practitioner Data Bank (NPDB)

Provider Trust

JULY 8, 2022

The National Practitioner Data Bank (NPDB) is a confidential information clearinghouse operated by the U.S. Below are the significant laws and regulations that govern NPDB operations: NPDB Regulations. ProviderTrust is registered as an “authorized agent” and can be found on the NPDB’s directory of Authorized Agents.

Licensing

Licensing Malpractice Fraud Compliance

Ribbon Health Launches Provider Data Platform

How the No Surprises Act Affects Provider Directories

Trending Sources

Healthcare Organizations Warned About Maximum Severity Vulnerabilities in Illumina Devices

State legislative activity

Akira Ransomware Group Targeting the Healthcare and Public Health Sector

MRO Is Among Latest to Earn Validated Data Stream Designations in NCQA Data Aggregator Validation Program, For Third Time

Solving The Challenges of Provider Database Management

CorrectCare Integrated Health Data Breach Affects Thousands of Inmates

FBI Issues Warning About BlackCat Ransomware Operation

HiLabs Raises $39M to Expand AI-Powered Solutions for Health Plans

What Information Can Hospitals Give Over the Phone?

Ensuring Provider Directory Compliance With H.R. 133

Bonus Features – April 21, 2024 – 89% of physicians said generative AI vendors need to be transparent about where info comes from, 73% of consumers expect a 4-star rating before they’ll engage with a provider, plus 21 more stories

Healthcare Sector Warned About Akira Ransomware Attacks

How Robust Provider Data Helps Avoid Noncompliance and Regulation Penalties | symplr

Russian State-Sponsored Actors are Exploiting MFA and the PrintNightmare Vulnerability

Doctors rate telehealth as the most promising technology during COVID-19, survey finds

Médecins Sans Frontières/Doctors Without Borders Deploys Celo Health Secure Messaging Solution to Support its Humanitarian Efforts in 87 Countries

Rise of Retail Healthcare: Challenges and Opportunities for Payers

Digital Tech Holds Great Promise for Expanding Patient Access, Health System Leaders Say

Bonus Features – September 3, 2023 – 60% of cybersecurity incidents impact patient care, the average medical device has six or more security vulnerabilities, and more

CMS Requests Information about Medicare Advantage Data

The Answer to Provider Data Management May Already be in Your Tech Stack

President Biden Urges Private Sector to Take Immediate Action to Harden Cybersecurity Defenses

Bonus Features – April 9, 2023 – 63% of RCM departments face staffing shortages, small Stanford study shows 90% of GPT answers in clinical setting are “generally safe,” and more

FBI Shares Intel on Emerging Initial Access Techniques Used by Ransomware Gangs

Warning Issued About Access:7 Vulnerabilities Affecting IoT and Medical Devices

Healthcare and Financial Services Remain Top Targets for Cyber Threat Actors

Weekly Roundup – August 27, 2022

Beyond Credentialing: How PDM Drives Quality Care & Revenue

CertifyOS Secures $14.5M for Frictionless Provider Intelligence

NYS DFS Revisits PBM Regulation with Scaled-Back Draft Rules

Expanding Operations to India

Five Ways Payers Can Improve Provider Responsiveness

Bonus Features – July 31, 2022 – House passes bill to extend telehealth flexibility to 2024, only 60% of practices hit their 2021 revenue goal, and more

Ransomware Groups are Accelerating Their Attacks with Dwell Time Falling to Just 5 Days

Bonus Features – November 12, 2023 – 93% of clinicians use RPM in cardiac care rehab, telehealth flexibilities remain in place until the end of 2024, plus 25 more stories

6 Ways Health Payors Can Leverage Intelligent Document Processing for Cost Savings

What Is Provider Enrollment?

Healthcare Industry Warned About Risk Posed by APT41 Threat Group

Featured Health IT Jobs – Information Services Support Specialist

Recent Digital Health Strategic Partnerships Roundup: Unite Us, careMESH, CareCloud, Others

How Bluetooth Technology Is Bolstering the New Era of Hearing Accessibility

Quick Guide to the National Practitioner Data Bank (NPDB)

Stay Connected