In a recent TED Talk on cybercrime, Caleb Barlow remarked that in 2015 alone 100 million people lost their health insurance data to thieves. Despite the growing urgency of ransomware attacks on the healthcare industry, federal funding to prevent cybersecurity threats remains in the thousands, while the cost of these breaches is estimated to be in the millions. Recently, a breach that occurred after a server of the Orleans Medical Clinic was hacked left patient information accessible to thieves for more than 12 days. While the personal information available in health care records remains so lucrative for criminals, it’s up to healthcare providers to stay vigilant in the fight against data loss.
If you've ever been on the billing and coding side of a medical practice, chances are you've heard a version of this question: "what do we call this for billing?" On the other hand, during peer-to-peer conversations, healthcare practitioners seem to explain clinical scenarios very well. What happens in this daily process that converts such a detailed description into something like "unspecified abdominal pain”?
We decided to dig a little deeper into the forces behind the transition to ICD-10. Not surprisingly, one of the largest proponents of the new codes were government organizations. However, non-governmental organizations like insurance companies, patient advocacy groups, and health information technology associations also played a large role in the shift. Let's take a look.
Hospitals produced an estimated 697 million megabytes of data in 2015. That’s more than two megabytes of medical data for every man, woman and child in the United States. And while we may spend billions of dollars and more hours entering data than seeing patients, much of that data remains inaccessible, hidden behind proprietary data architectures, authorizations and patient matching problems.
Imagine you decide to go to the Emergency Department or even an acute care clinic right now. How far would you have to travel, what would you need to bring, what comforts would you leave behind for a harried, hurried trip to a waiting room? And just how much would this trip cost? On the other hand, how long would it take you to set up a FaceTime chat?
Have you been the victim of a breach? Maybe not, but perhaps you know someone who has. Either way, deciding what to do next can be challenging if you're unprepared. First, it's important to determine whether the incident is truly a breach or simply a false alarm, then follow these guidelines to quickly respond.
HIPAA compliance is required in order to avoid large fines from the federal government, but there is another issue you can address when you implement HIPAA compliance – strengthening your practice’s network security.
Thirty billion dollars. Stacked as $100 bills, that would tower well above the weather clouds. Thirty billion dollars grabs plenty of attention. Since 2011, the U.S. Government has spent just that on Electronic Health Record incentives. In 2014, there were over 400 EHR vendors scrambling for a piece of the pie. To put it in perspective, the top five EHR companies only control 48% of the market with scores of companies rounding the majority of market share.
Editor's note: This is the third blog in a series of articles on HIPAA compliance and is produced in partnership with Total HIPAA Compliance. The second blog in this series discussed HIPAA training for your staff and can be viewed here.
Increasingly, electronic health records have the potential to make care mobile. Pulling up PACS images, analyzing labs and vitals, even computerized physician order entry can routinely be done remotely. But this more streamlined, now routine, care is only the beginning. True EHR mobility encompasses both acute and chronic care decisions, inside the hospital and outside the hospital.