February 25, 2022
Maverick's Update
Only What Matters In Health Information Policy
So, about Russia. It is impossible to ignore the famous Russian fraudster who fooled very high-level people with outrageous lies... of course, we mean Anna “Delvey” Sorokin. The subject of a new Netflix series, Anna is a Russian-born, fake German heiress who scammed New York’s elite, hotels, and banks out of lots of money, was sentenced to jail time a couple of years ago and now is in ICE custody, fighting her deportation to Germany. In the One Thoughtful Paragraph below, we explain how another famous Russian is interfering with America and its health data.
Other news that is not about Russia but still a big deal:
A federal court vacated part of the No Surprises Act this week. The court decision, which applies nationwide but will be (undoubtedly) appealed by the federal government, held that the amount that health plans pay to contracted, in-network providers should NOT be the default amount that non-contracted, out-of-network providers are paid for medical services -- a main tenet of the dispute resolution process in the No Surprises Act. A Health Affairs blog post discusses all six lawsuits challenging the No Surprises Act’s independent dispute resolution process -- this saga will continue.
The HHS Office of Inspector General is expected to announce, very soon, the serious financial penalties associated with the 21st Century Cures Act prohibition against information blocking. Everyone knows that healthcare information is supposed to be shared, when necessary, by electronic medical record systems run by companies like Epic and Cerner (Oracle-Cerner?) -- but this will be the first time that refusals (for no good reason) will be seriously punished.
The pressure is on to collect data about non-medical issues that have an impact on health, commonly referred to as social determinants of health. Regulators and standard-setters of the industry are demanding that collection and incorporation of these data be the new normal (e.g., ONC’s USCDI v.2, CMMI’s “ACO REACH” -- the re-worked Direct Contracting model, NCQA’s revised HEDIS measures, and HL7’s Gravity Project).
One Thoughtful Paragraph
With Vladimir Putin’s frightening attack on Ukraine, the American healthcare system is on high alert for a cyberattack in retaliation for economic sanctions. Last week, the Cybersecurity and Infrastructure Security Agency (CISA) issued a cyber “Shields Up” warning to the U.S. private sector, including health care, based upon the increased cyberthreat posed by the Russian government. CISA’s warning led to HHS’s Health Sector Cybersecurity Coordination Center, or HC3, issuing an alert for the healthcare sector. The American Hospital Association also issued a warning, the Harvard Business Review offered instructions on what companies can do to protect themselves, Becker’s listed the latest cyberthreats, and leaders (U.S. Senate Intelligence Committee Chairman Mark Warner (D-VA) and Chris Inglis, the nation’s first cyber director), sounded the alarm for everyone to take a more proactive approach to cybersecurity. Even before Putin’s attack, HHS explained why an increasing share of cybercriminals are targeting EHRs and recommended in a “threat brief” that healthcare leaders shift from a prevention focus to a proactive preparedness plan. So, we knew before this week that cybersecurity was a top-line concern for the healthcare industry -- and there is no lack of action to be on top of it (e.g., multiple health systems are actively seeking cybersecurity experts). But warnings and cybersecurity protections didn’t stop Anna “Delvey” Sorokin from engaging in (successfully, at least at first) real-life wire fraud. Let’s hope that we are not in the midst of another Netflix drama series based on real-life events.