Medical identity theft is a rising threat

In case you missed it, “Fortune” had a story this week about the flip side of security breaches — medical identity theft. It’s estimated to range from $80 to $230 billion each year and an estimated 90 percent of healthcare organizations surveyed said they’d had a data breach in the last two years.

Tara Courtland

Communications Director Tara Courtland

While some of those breaches are due to lost or stolen laptops or employee errors, it’s intentional criminal identify theft that presents the big problems.

Security experts say that criminal rings use stolen identities to order medical goods and services that are never delivered and then bill Medicare and Medicaid. It’s an extremely lucrative field – more so than other criminal activities traditionally pursued by crime rings.

So how do you keep tabs on your identity in healthcare? The same as you do in finance – order credit reports but also check up on your medical records when you visit your doctor to make sure there’s nothing you don’t recognize.

For healthcare companies, preventing medical identity theft goes along with preventing other types of security breaches. But it’s more than that. A new coalition, called the Medical Identity Fraud Alliance, is helping develop guidelines to preventing medical identity theft. One of the key ideas is that security isn’t just the job of the IT Department or the HIPAA compliance officer — it needs to be ingrained in the culture of the organization, the job of every person in the company.

Click here to check out the full article in “Fortune” and see if your organization is ready to get on board.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in HIPAA, News and stories | Tagged , | Leave a comment

The new ICD-10 date: Just another line in the sand?

The Department of Health and Human Services has officially given the new deadline for ICD-10 implementation as Oct. 1, 2015. Once upon a time we would not have questioned a delay of this type but after two delays and two years, it’s anyone’s guess if the deadline will hold this time. And with Meaningful Use II attestation so far behind what everyone expected, the impact from that could yet again affect ICD-10.

NEMT CEO Linda Sullivan

Given the magnitude of what is happening inside of healthcare administration today, if you think about it, the delays were almost inevitable. We’re trying to make massive, expensive and time-consuming changes on many fronts in a very tough economic environment — the recovery that doesn’t feel like a recovery to anybody.

I wonder though if it would have been wiser to have chosen October 2016 as the new date. While there are hospitals still struggling to prepare, those that are ready have now lost momentum ($$$$).

Compare the delay of ICD-10 to the loss of momentum children experience when taking off three months between school years — called by academics “the summer slide” or “summer learning loss.” What we have here is “hospital readiness loss.”

It’s tough enough inside of hospitals now juggling multiple projects to have them derailed by the very folks who imposed the deadlines to begin with.

It’s important to have goals and dates for completion or nothing gets done but more realism about all the interwoven and competing processes from the 30,000-foot view would have made this difficult road more manageable.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in ICD-10, Meaningful Use | Tagged , , | Leave a comment

Stolen laptops yield big fines (again)

Recently there was a story in the news that revealed two different hospital associations had to pay OCR fines of $1,975,220. The fines were due to two unencrypted laptops being stolen.

NEMT President Linda Allard

I’m not sure what else we need to read to get the seriousness of encrypting laptops. Although encryption is not required, it is our best defense against breaches due to the loss or theft of a laptop. Studies have shown that a laptop disappears every 43 seconds in the United States. That equals about 12,000 laptops per week. Remember 46 percent of the breaches analyzed are from physical theft or lack of encryption.

What I really found interesting when I dug into this story was that part of the fine was due to the fact that the facility didn’t encrypt and didn’t have a policy concerning why it didn’t encrypt. The security rule allows for flexibility under 45 CFR 164.312. However, you must explain why you are not going to encrypt and also have alternative measures in place. And yes, you need policies.

The other facility was fined for having a lack of security policies. They were not fined as much for the lack of encryption as the lack of these security policies. We also need to remember that both of these facilities will have years of compliance reporting that they will need to provide OCR. If you add that to the almost $2 million in fines, these are serious penalties.

If you are still confused about security, OCR has educational programs about compliance on various aspects of the HIPAA Privacy and Security Rules. They also work for CECs for those who need them.

Learn more at http://www.hhs.gov/ocr/privacy/hipaa/understanding/training.

More information about the above story can be found at http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/stolenlaptops-agreements.html

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in HIPAA, IT, News and stories | Tagged , , | Leave a comment

Lights, cameras, action!

I love watching movies on my iPad, but I don’t buy movies online to do it. Why should I when I already own the DVD? This blog article will discuss a ways you can use your tablet to watch movies you already own. While I am certain there are free ways to convert your existing videos, I’m going to talk about two products that I have used for years that do an excellent job. Both are low cost.

Andrew Clarke

 

• Cucusoft [www.cucusoft.com]

Cucusoft has been around since 2005. They offer a variety of conversion programs. I own the DVD Ripper + Video Converter Ultimate Suite, which converts not only DVDs but other video types as well, but there are other products available that only do the DVD conversion.

The Ultimate Suite sells for $59.95 right now (on sale from $79.95). The iPad Suite is on sale for $39.95.

 

• AVS4You [www.avs4you.com]

AVS4You is like owning a Swiss Army Knife of conversion tools.

When you buy one tool, you automatically get a license to use them all. That means you can convert audio, video, produce DVD’s, produce other video types, mix your own music and much much more.

Even though the website shows a special price, it hasn’t changed in years. That doesn’t mean it won’t though.

A one-year subscription is $39, but an unlimited subscription is only $59. Hmmm … which to get … : )

Both of these products offer a trial version so you can try it before you buy it. If you love to watch movies on the go, but you don’t want to pay to download them, give one or both a try. And let me know how you like them.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in IT, News and stories | Tagged , | Leave a comment

Meaningful Use – are you ready?

While the second delay of ICD-10 adoption has given healthcare institutions some breathing space, Meaningful Use 1 and 2 continue to relentlessly march forward. In fact, as anyone working in healthcare IT knows, the pressure is on this year.

NEMT CEO Linda Sullivan

Meaningful Use Stage 2 is described by David Blumenthal, M.D. as “Where the Rubber Meets The Road” in healthcarenews.com. Blumenthal is the national coordinator for health information technology and he is often credited as the architect of Meaningful Use.

Going back to where this all began with the American Recovery and Reinvestment Ace of 2009, it’s been a long, costly, and painful road. Clearly much progress has been made and making an informal survey of the NEMT client base, most have already adopted an EHR while just a few are in the process now.

Depending on when facilities began the process, everyone must complete a 90 attestation period for either Stage 1, if the process was begun in 2013 or 2014; or for Stage 2 if it was begun in 2011 or 2012. At issue is that penalties will begin to accrue in 2015.

The jury is still out on whether it was a good thing that ICD-10 was delayed yet again but given the current timetable for facilities to meet Meaningful Use criteria, it doesn’t seem such a bad thing today.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS
Posted in ICD-10, Meaningful Use | Tagged , , | Leave a comment