Medicare Compliance & Reimbursement
Augment Your Cybersecurity With These Helpful Resources
Question: At our practice, we take HIPAA compliance very seriously. In fact, we regularly utilize risk analysis and management as outlined in the Security Rule. However, we’ve noticed the phishing and ransomware spikes in the healthcare industry during COVID, and we’re worried. Is there any way to stay abreast of emerging threats and trends to protect ourselves before accidents happen? AAPC Forum Participant Answer: Yes, there are a couple of handy online resources that offer the most up-to-the-minute advice on threats. One helpful site to look at is the National Vulnerability Database (NVD), which is maintained by the National Institute of Standards and Technology (NIST). “The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP),” NIST explains. The NVD resources offer tips on managing and measuring vulnerabilities while alerting the public to known software flaws, misconfigurations, and cyber impacts. As part of their policies and procedures, covered entities (CEs) and their business associates (BAs) must address known and possible vulnerabilities in their risk analysis, reminds the HHS Office for Civil Rights (OCR) in the 2022 Cybersecurity Newsletter for the first quarter. But you might be wondering what OCR considers a vulnerability? “Exploitable vulnerabilities can exist in many parts of a regulated entity’s information technology infrastructure (e.g., server, desktop, and mobile device operating systems; application, database, and web software; router, firewall, and other device firmware),” the Cybersecurity Newsletter says. “Often, known vulnerabilities can be mitigated by applying vendor patches or upgrading to a newer version. If a patch or upgrade is unavailable, vendors often suggest actions to take to mitigate a newly discovered vulnerability,” OCR advises. CISA: The Cybersecurity and Infrastructure Security Agency (CISA) also offers daily updates on a variety of issues — and includes industry-specific guidance. Plus, you can subscribe to CISA’s numerous alerts and bulletins on a plethora of topics. Other tools on the site include a dedicated Stop Ransomware page, cyber hygiene services, and regionally-based cyber tools and resources. Resources: Visit the NVD resources at https://nvd.nist.gov and peruse the CISA site and guidance at www.cisa.gov.
Medicare Compliance & Reimbursement
- Compliance:
Feds Bolster Telehealth With Free Smartphone Program
Warning: Be aware of restrictions and rules to avoid OIG censure. If you need to [...] - Quiz:
Test Your ACP Knowledge With 4 Tough Questions
Hint: Check documentation rules before submitting claims. If you care for Medicare beneficiaries, advance care [...] - E/M Coding:
Boost Nurse Visit Coding With This 99211 Tips
Tip: Documentation is key. When employed properly, 99211 can allow certain qualified professional staff in [...] - Clip And Save:
Supplement Your MIPS Savvy With These 5 Must-Know Terms
Tip: Review QPP updates as terminologies and policies evolve. Whether you’ve been submitting quality data [...] - Quiz Answers:
Measure Your ACP Smarts Against These Answers
Caution: Revisit the incident-to rules before billing ACP services to Medicare. After you’ve answered the [...] - Reader Questions:
Augment Your Cybersecurity With These Helpful Resources
Question: At our practice, we take HIPAA compliance very seriously. In fact, we regularly utilize risk [...] - Reader Questions:
Know the Facts on Listing Beneficiaries’ Conditions
Question: We find the Medicare billing process a bit confusing and aren’t sure what to include [...]
