General Surgery Coding Alert

Your MAC can be your guide.

Hacking danger to your general surgery practice is not going away, so you’ll have some new hurdles to face in the coming months to ensure better security.

In fact, hackers continue to target healthcare with more sophisticated schemes and malware, infiltrating systems and even hijacking the feds. CMS aims to thwart these types of cyberattacks with the help of multifactor authentication (MFA).

Plan for This Implementation Schedule

CMS is implementing MFA as a “second layer of security” across its various provider enrollment systems, including the Identity & Access (I&A) System, Provider Enrollment, Chain and Ownership System (PECOS), and National Plan and Provider Enumeration System (NPPES), notes Part B Medicare Administrative Contractor (MAC) NGS Medicare in a news alert on the subject.

“MFA is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction,” reminds NGS Medicare.

Timeline: CMS plans to stagger implementation of MFA over the next several months, beginning with the I&A System, which was changed over on Sept. 9. NPPES is slated for a December 2019 start date while PECOS is supposed to begin MFA for providers in April 2020.

Once MFA is up and running, providers in the Medicare program will need their usernames and passwords as well as an additional one-time passcode to log into one of the systems.

Answers: If you have questions, CMS refers you to its website for external user support (EUS). According to NGS, providers should contact the “EUS Help Desk with any questions related to CMS Provider Enrollment Systems MFA setup,” including implementation issues, MFA login concerns, account resets, and more.

Find the link to EUS support at  https://eus.custhelp.com.