Avoiding The WannaCry Ransomware Attack
In order to protect yourself from these ransomware attacks, you should make sure:
- You keep all of your computers, including your servers up to date on the latest updates and patches from Microsoft.
To check if your system has all the patches on a Windows PC open the Start Menu and click on Settings > Update & Security settings > Windows Update. Here, press on the Check for updates button. If any updates are available, they will be offered to you.
- Make sure you are using a virus scanner that has the ability to detect ransomware. Also, you need to make sure that you are keeping the virus definitions up to date.
As there are so many excellent antivirus solutions available we can’t specifically recommend one however it’s important that you check the features and what’s covered by the one you use. To assist you, here are links to the top 5 antivirus solution features lists or sections of ransomware coverage:
– Bit Defender
- Use common sense. Make sure you train your staff to not open any emails or attachments that they are unsure of. The best policy is that if they are unsure of what it is, do not open it.
Ransomware is a type of malware which is a broad term that refers to a variety of malicious programs. Several of the most common types of malware include adware, bots, bugs, rootkits, spyware, Trojan horses, viruses, and worms. There are well over 50 different file extensions that can be used to distribute malware so a simple warning to avoid specific extensions is difficult if not impossible given that many are the extensions for commonly used programs. Rather than keeping your eyes out for specific extensions people are advised to think before they act. Cybercriminals are notorious for including malicious attachments and links in emails that appear to come from friends, reputable organizations, or other trusted sources however the content of the email is usually very limited if not absent and generic in it’s context. If there’s nothing in the email to specific you know the sender apart of the reply email address you should check with that person before opening a link or file. Also, check the domain that the email is coming from. Cybercriminals will create fake web pages that look real but the domain is not.
- Backup. Make sure you are keeping a backup of all of your data and make sure this is stored off site and not on a local or network drive.
We offer an online backup service but there are many that are available. You can also backup to a removable drive to take offsite.
The biggest obstacle to security is generally your staff and yourself. Being aware of how malware is spreads and taking the appropriate action to avoid it is the biggest action any medical practice can take to avoid being held ransom.
MIPS Participation Status Letter
The Centers for Medicare & Medicaid Services is reviewing claims and letting practices know which clinicians need to take part in MIPS, the Merit-based Incentive Payment System. MIPS is an important part of the new Quality Payment Program. In late April through May, practices will get a letter from the Medicare Administrative Contractor that processes Medicare Part B claims. This letter will tell the participation status of each MIPS clinician associated with the Taxpayer Identification Number or TIN in a practice.
Clinicians should participate in MIPS for the 2017 transition year if they bill more than $30,000 in Medicare Part B allowed charges a year AND provide care for more than 100 Part B-enrolled Medicare beneficiaries a year.
The Quality Payment Program intends to shift reimbursement from the volume of services provided toward a payment system that rewards clinicians for their overall work in delivering the best care for patients. It replaces the Sustainable Growth Rate formula and streamlines the “Legacy Programs” Physician Quality Reporting System (PQRS), the Value-based Payment Modifier (VM), and the Medicare Electronic Health Records (EHR) Incentive Program. During this first year of the program CMS is committed to diligently working with you to streamline the process as much as possible. Our goal is to further reduce burdensome requirements so that you can deliver the best possible care to patients. Learn more about the Quality Payment Program
SOURCE: CMS Quality Payment Program | circulated on 4/25/17
Springtime in February?
Hello everyone! It has certainly been a bit since we’ve posted on our Blog. It could be the remnants of a mild winter has affected our circadian rhythms? Regardless of spring-like weather in February, our team has been busy at the MediPro office handling an influx of interest in the medical software products and add-on services we offer. Two things we’ve been speaking a lot about lately are MediPro’s Billing and Cloud services. Since ICD-10 went into effect, medical practices want more assistance with their revenue cycle management process—we welcome you to Med-Ops. For those who no longer want to be attached to their brick and mortar—ultimately desire world-wide mobility to access patient information, ePrescribe, Chart, Bill and view provider schedules while on the go—we welcome you to the Cloud.
One of our long-term goals has always been to look for affordable, effective solutions to help your practice become more efficient through automation. Our trusted patient statements and pay services partner, BillFlash has recently announced new services to add to the mix. These are perfect for practices who are challenged by Accounts Receivable as well as those who want to make the check-in/check-out process relatively seamless.
new year 2018 WhatsApp status
StoredPay allows your office to securely store a patient’s preferred payment method that can be used to process monies for future dates of service and or retail products.
PlanPay payments are not associated with any single bill/statement but are simply part of a plan to pay off an established liability like a car loan payment would do. Create and automate payments for patient payment plans/agreements that are made (ex: payoff $2,400 liability by making a $100/mo. payment on the 15th of each month for 24 months).
Since a new spring season is officially right around the calendar, we had to share some of the new services that are available. It’s easy to get started, enrolled and begin enjoying additional automation—just like the perennials in your yard.
CMS News Update: Attest to 2016 Program Requirements by February 28
As circulated by CMS on 1/17/17
The Centers for Medicare & Medicaid Services Registration and Attestation System is now open. Providers participating in the Medicare EHR Incentive Program must attest to the 2016 program requirements by February 28, 2017 at 11:59 p.m. ET in order to avoid a 2018 payment adjustment. The EHR reporting period was any continuous 90 days between January 1 and December 31, 2016.
If you are participating in the Medicaid EHR Incentive Program, please refer to your state’s deadlines for attestation information.
If you are eligible to participate in both the Medicare and Medicaid EHR Incentive Programs, you MUST demonstrate meaningful use to avoid the Medicare payment adjustment. You may demonstrate meaningful use under either Medicare or Medicaid.
Reminder: Remember to visit the registration tab in the Registration and Attestation system to ensure your personal information is accurate. For more information on registration, visit the Registration & Attestation page of the EHR Incentive Programs website.
Payment Adjustments and Hardship Exceptions
In January 2018, CMS will begin to apply payment adjustments for providers that did not successfully demonstrate meaningful use of EHR technology or apply for and receive a hardship exception for the 2016 program year. CMS will send a separate announcement with more information on the hardship exception application process, once available.
- Eligible Professional (EP) and Eligible Hospital and Critical Access Hospital (CAH) Attestation Worksheets
- EP and Eligible Hospital and CAH Attestation User Guides
- EP and Eligible Hospital and CAH Registration User Guides
- Attestation Batch Upload Webpage
For More Information
For questions about the Registration and Attestation System, contact the EHR Information Center at 1-888-734-6433 (press option 1). The EHR Information Center is open Monday through Friday from 6:30 a.m. to 5:30 p.m. ET, except federal holidays.
ICD-10 glitch leads CMS to relax physician quality penalties
The CMS issued something of a get-out-of-Medicare-penalties-free-card for two years to physicians and group practices due to a glitch with quality reporting measures based on a recent update to the ICD-10 diagnosis and procedure codes.
The CMS pointed its finger at updates that went into use Oct. 1, 2016, to the ICD-CM (Clinical Modification) and ICD-PCS (Procedural Coding System) and their impact on the Physician Quality Reporting System.
The updates “will impact CMS’s ability to process data reported on certain quality measures for the 4th quarter of CY 2016,” the agency said in a statement posted on its website.
The CMS said it will not apply the 2017 or 2018 PQRS payment adjustments to any “eligible professional” or “group practice that fails to satisfactorily report for (calendar year) 2016 solely as a result of the impact of ICD-10 code updates on quality data reported for the 4th quarter of (CY) 2016.”
“What they’re basically saying is that new coding updates apparently had some impact on their quality measures and they will not be able to process data on those,” said Stanley Nachimson, a health IT consultant expert on the ICD-10 codes. “It sounds like the first three quarters were fine, but in the fourth quarter it had some impact on their quality measures. They’re not going to penalize providers if they couldn’t come up with PQRS quality measures.”
Normally under the PQRS program, penalties are 2% of the Medicare fee schedule.
According to a page of frequently asked questions, problem areas concentrated in certain medical specialties, notes Sue Bowman, senior director of coding policy and compliance at the American Health Information Management Association.
“It says the majority of the codes are for diabetes, pregnancy, cardiovascular, oncology, mental health and eye diseases,” Bowman said.
So, when will the ICD-10 code update itself be updated?
Bowman said that’s not specified. But at least the CMS acknowledged the problem and is taking steps to correct it and mitigate its impact, she said.
“The CMS is pretty good about working with providers,” she said. “They recognized this is a problem and the providers shouldn’t be penalized for it.”