Upcoming Hot Topics in Privacy Webinar hosted by WK

Wolters Kluwer will be hosting an educational webinar Tuesday, October 29 at 1:00 PM EST. The webinar, titled Hot Topics in Privacy — Moving Beyond the Buzz Words and into Action, will be presented by legal experts and shareholders Katie Kenney, Elizabeth Harding, and Iliana Peters from Polsinelli PC. The presenters will cover topics related to HIPAA, GDPR, and the California Consumer Protection Act.

Register now for the webinar. If you miss it, please register for the replay.

Kusserow on Compliance: Hospital insurance trust fund will be exhausted by 2026

This year’s Medicare Board of Trustees Annual Report found that the  hospital insurance (HI) Trust Fund will be able to pay full benefits until 2026. The Medicare Program is the second-largest social insurance program in the U.S., with 59.9 million beneficiaries and total expenditures of $741 billion in 2018. By comparison, in terms of size, the Department of Defense entire budget during this period was $686 billion.

The Trustees projected that total Medicare costs (including both HI and SMI expenditures) will grow from approximately 3.7 percent of Gross Domestic Product in 2018 to 5.9 percent of GDP by 2038, and then increase gradually thereafter to about 6.5 percent of GDP by 2093. The SMI Trust Fund, which covers Medicare Part B and D, had $104 billion in assets at the end of 2018. Part B helps pay for physician, outpatient hospital, home health, and other services for the aged and disabled who voluntarily enroll. It is expected to be adequately financed in all years because premium income and general revenue income are reset annually to cover expected costs and ensure a reserve for Part B costs.

However, the aging population and rising health care costs are causing projected costs to grow steadily from 2.1 percent of GDP in 2018 to approximately 3.7 percent of GDP in 2038. Part D provides subsidized access to drug insurance coverage on a voluntary basis for all beneficiaries, as well as premium and cost-sharing subsidies for low-income enrollees.  The President’s Fiscal Year 2020 Budget, if enacted, would continue to strengthen the fiscal integrity of the Medicare program and extend its solvency.

CMS has already introduced several initiatives to strengthen and protect Medicare that includes increasing choice in Medicare Advantage and adding supplemental benefits to the program; and offering more care options for people with diabetes; providing new telehealth services; and lowering prescription drug costs for seniors. CMS is continuing to advance policies to increase price transparency and help beneficiaries compare costs across different providers.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Most data breaches are financially motivated by outside parties

71 percent of breaches last year were financially motivated

C-Suite Executives 12 times more likely to be a target

Ransomware attacks account for one out of four cyber-attacks

Safeguarding Tips from Strategic Management

According to the to the Verizon 2019 Data Breach Investigation Report (DBIR), 71 percent of breaches were financially motivated and 69 percent were perpetrated by outsiders. This 12th edition of the annual report analyzed 41,686 security incidents, which included 2,013 confirmed breaches. This year’s report included new metrics and analysis from the FBI Internet Crime Complaint Center (IC3). Not surprising, the C-Suite was the major target, because they are in the position to transfer money. They were found twelve times more likely to be the targets of breaches.  Also, time-pressed senior executives tend to move quickly in reviewing and clicking on emails, resulting in a greater likelihood that suspicious emails slip through. On a positive note, attacks against HR personnel has rapidly decline in recent years, in large measure as result of W-2 tax form scams almost disappearing as a problem. Some other interesting statistics from the report:

  • 52 percent of breaches involved hacking
  • 33 percent of breaches included social attacks
  • 28 percent of breaches involved malware
  • 32 percent of breaches involved phishing
  • 29 percent of breaches involved the use of stolen credentials
  • 21 percent of breaches were caused by errors
  • 56 percent of breaches took months or longer to discover

 

Safeguarding Tips from Strategic Management

  • Brief executives, as the prime targets, on avoiding cyber-attacks
  • Train employees to not click on email links/attachment, or respond to “phishing” inquiries
  • Provide ongoing employee and contractor training on what to do and not to do
  • Implement policies/procedures for precautions against malware
  • Conduct a risk assessment to understand threats presented by an insider
  • Regular systems tests can also help flag vulnerabilities before a hacker can get in
  • Configure email servers to block zip or other files that are likely to be malicious
  • Continuously monitor employee and vendor networks
  • Conduct regular systems tests to flag vulnerabilities before a hacker can gain access
  • Update and upgrade software
  • Use encryption to guard against information being read by unauthorized parties
  • Establish multi-factor authentication
  • Regularly test users to make sure they are on guard

For more information health care provider cyber-security, contact Dr. Cornelia Dorfschmid at cdorfschmid@strategicm.com or at (703) 535-1419.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2019 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Measuring culture using compliance benchmark surveys

– Evidencing compliance program effectivenes

– Provides quantifiable compliance program effectiveness metrics

– Internally developed and administered surveys lack credibility

The Sentencing Commission in its Federal Sentencing Guidelines states that businesses must “promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law.” The OIG in its Compliance Program Guidance for Hospitals noted that “as part of the review process, the compliance officer or reviewers should consider techniques such as…using questionnaires developed to solicit impressions of a broad cross-section of the hospital’s employees and staff.”  Daniel Peake of the Compliance Resource Center explains that a culture survey can identify gaps between the compliance culture that is intended and the one that employees actually experience. Importantly, it can identify whether the investments in the compliance program and employee attitudes and perception are truly aligned.  Surveys of this type can measure employee perceptions regarding the day-to-day management behavior.  However, to be truly useful, the culture survey should be a professionally developed, tested, validated, and independently administered. It would be best if responses to the individual questions can be evaluated, analyzed, and benchmarked against a large universe of organizations that have used the same questions. This permits comparisons to industry peers and national averages. Using the same survey every couple of year can assist in benchmarking and monitoring progress of a compliance program against its own results (i.e., trending historical company survey data). Results from a survey report should provide enormous value in identifying organization strengths as well as opportunities for improvement. This can help ensure the organization is on a track towards creating an organizational compliance culture of the highest quality. It can provide great insights into how effective the compliance program has been in changing and improving the compliance of an organization and signal not only strengths in the compliance program, but areas of potential weakness warranting attention. Culture surveys can measure:

  • beliefs and values that guide thinking and behavior of the workforce;
  • outcomes or the “impact” of compliance program activities;
  • the extent to which individuals and leaders demonstrate commitment to compliance; and
  • the current state of the compliance climate or culture.

 

For more information, contact Daniel Peake at (dpeake@complianceresource.com) (703-236-9854).

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.