testpage

Healthcare data breaches are nothing new, but their size and frequency are increasing: CVS Health lost over a billion search records when a third party accidentally made an online database publicly accessible in March 2021. A ransomware data breach at prescription management vendor CaptureRx affected over a million patients at 17 healthcare providers in February 2021. More than 3.47 million individuals and at least 10 healthcare organizations were affected by a massive data breach at file transfer company Accellion, which spanned multiple global industries in December 2020.   Further illustrating the risks to healthcare organizations, Scripps Health in San Diego was hit with two class-action lawsuits that assert that the organization should have done more to protect patient data. If upheld, it will set a precedent for healthcare organizations to be held legally responsible for failing to protect data – to the tune of $1000 per patient. The direct monetary cost of fines and lawsuits, however, may ultimately be a secondary concern as damaged reputation is often a more difficult setback to overcome. Patients increasingly approach healthcare as “consumers” and a breach – or a poorly managed breach situation – might prompt them to look elsewhere for care. “Incidents happen every day. However, the real threat lies in how quickly and efficiently an organization can respond. This is what customers will remember. You need to be able to make prompt updates to your website, scale up call center capacity, and have answers ready when consumers need them.” The growing frequency and scale of health information breaches means it’s no longer sufficient to say, “we’re careful with our health data – this won’t happen to us.” Medical identities are extremely valuable, which makes them an attractive target to cybercriminals. In addition, the sudden increase in virtual care and remote working during the pandemic has created new vulnerabilities in data security.   A recent FBI alert that a major ransomware group is targeting the healthcare sector with phishing attacks is a cl reminder that healthcare organizations can’t relax when it comes to cybersecurity. It’s a case of “when, not if” a healthcare organization will have to deal with a breach. Prevention is the goal, but preparation is the smart strategy.   Shifting from data breach prevention to preparedness   During the pandemic, the volume of data being shared within and between healthcare organizations sky-rocketed, as providers offered more virtual care services and workforces became more distributed. While these innovations meant access to healthcare and work could continue safely, the shift to cloud-based data sharing and storage, means the data perimeter is much broader and tougher to secure – if there remains a perimeter at all. Data must be secured at the device- and employee-level now.   While prevention is better than cure, the hard truth for healthcare cybersecurity teams is that they’re increasingly likely to have to deal with a breach. Unfortunately, many organizations don’t have the technology, resources, or time to prevent breaches all the time, at every access point.   Chris Wild, vice president at Experian Health, says:   “We’re seeing an increased frequency of cyber threats across the whole industry. Hardly a week goes by that we don’t hear of a health system under attack from hackers or ransomware. The statistics show us there’s a health data breach nearly every single day, so it’s just a matter of time before it impacts any one provider, pharmacy, payer or physician group.”   Instead of focusing solely on prevention, healthcare organizations need a strategy to prepare for what happens when a breach occurs. If they don’t, they risk a long, public struggle to contain the breach, resulting in brand damage, patient loss, and financial consequences in the form of fines and lost revenue.   Building a data breach response plan   Recovering from a data breach requires a speedy and thorough response. With a plan in place, action can be taken as soon as the dreaded call comes in. Knowing exactly what needs to be done to meet HIPAA notification requirements, helps reassure consumers and regulators alike that every effort is being made to contain the breach. Not only will this help minimize fines, but it will also mitigate against the reputational damage caused by the security breach.   A breach is bad enough but compounding the negative impact of exposed data by failing to provide sufficient support to worried consumers is even worse. Wild says: “Incidents happen every day. However, the real threat lies in how quickly and efficiently an organization can respond. This is what customers will remember. You need to be able to make prompt updates to your website, scale up call center capacity, and have answers ready when consumers need them.”   A robust response plan calls for C-suite engagement, clear success metrics, and regular pressure-testing. Above all, it must be flexible to adapt to whatever size and type of breach occurs.   The best support for the worst-case scenario A data breach response plan isn’t going to prevent the breach itself, but it can help a healthcare organization take the right steps in the aftermath. Having serviced thousands of data breaches over the last 17 years, Experian Health’s Reserved Response™ program is based on real world experience and has evolved as the threats and consequences have increased. In a recent survey, clients using Reserved Response reported 15% fewer data security incidents than those who did not. Furthermore, any incidents that did occur tended to be smaller in scale.   Because the risk and impact of data breaches is trending upwards, this year Experian Health has introduced a new Reserved Response Hub. This digital, self-service tool helps to prepare and test a data breach plan, including: the new and improved 2021 Data Breach Response Guide downloadable readiness reading materials tried and tested notification templates a pre-breach incident checklist access to Experian’s full Reserved Response service, which provides support before or after a breach to ensure regulatory compliance and support for those impacted.   Reserved Response can help healthcare organizations put together a data breach preparedness plan in as little as three days.  

The pandemic dominated healthcare in 2020, but it won’t be recognized as a reason to delay complying with CMS’ price transparency mandate, which went into effect on Jan. 1, 2021. A recent study conducted by HealthAffairs indicated that 65 of the 100 largest hospitals in America had not complied as of February 2021. And new reports from CMS suggest $300 daily fines will follow if CMS warning letters have no impact, in addition to the possible public exposure of facilities failing to be compliant. There are a number of reasons why price transparency has generated so much attention – both before and during the COVID pandemic. Consumer advocates point to other transactional experiences, such as auto and home purchases, where understanding the price is complicated, but achieved. There’s been a lot of research on price transparency’s impact on patients, as well; helping consumers understand healthcare billing reduces the stress of their financial experiences. Transparent pricing makes sense in many cases for providers, too. They may benefit from patients being able to plan for the costs of care, which can result in fewer missed payments and write-offs. For these reasons and others, price transparency has been a hot topic for the last few years. The Centers for Medicare and Medicaid Services (CMS) final rule on price transparency became effective on January 1, 2021, requiring hospitals to give patients clear information about their medical costs, including a list of charges for the hospital’s 300 most shoppable services, so patients can make informed decisions. Payers are expected to provide similar pricing information beginning January 1, 2022. The spotlight on healthcare pricing seems unlikely to dim any time soon. What does this mean for providers and payers? Price transparency is here to stay There were legal challenges made against the price transparency final rule, questioning federal authority and invoking constitutional rights violations, but the DC Circuit Court dismissed the claims in December 2020. Arguments against the current mandate are not limited to disputing legal authority, suggesting that government should not interfere with private sector pricing – and that complex pricing information could create the opposite effect of confusing consumers. In fact, many providers and payers voice support for price transparency, but not as put forward by the final rule. Despite this, consumer demand for pricing clarity before delivery of services continues to grow and current government regulation is the most far-reaching attempt so far to remedy this. A few state legislatures are moving forward with their own regulations, which could prompt more local collaborations between providers and payers to clarify out-of-pocket cost estimates. Achieving the level of transparency that CMS and consumer groups hope for will be challenging, but attempts to find common ground are growing. What will price transparency look like under the Biden Administration? Since President Biden entered the White House, the trend towards transparent pricing has continued. Provider compliance has been slow – many pointing to 12 months of battling COVID as the primary reason – prompting legislative pressure to step up audits and penalties. CMS has already started issuing noncompliance warning letters and, while it may modify the ruling under a new administration, there’s no sign of any plans to reverse the policy. Consumer action groups have voiced concerns that the regulation falls short, citing the difficulty a consumer may have trying to find pricing at provider web sites. Other consumers are limited to payer-negotiated rates and have little choice but to stick with their current providers. Making information available is likely an early step toward what price transparency will ultimately look like, but making that information easy to find, understand and act on is what consumers value – and what many providers and payers say they want to provide in a more customized, less one-size-fits-all application. A marketing strategy for price transparency As patients bear more responsibility for healthcare costs, they’ve come to expect a consumer experience that affords them greater control and choice. A Pioneer Institute study found that 70% of healthcare consumers want to see pricing information before undergoing a medical procedure. Actively communicating a commitment to price transparency can be a powerful marketing strategy to attract and retain loyal consumers. Not surprisingly, this messaging resonates more with user-friendly tools to guide patients through their financial journey and make sense of charges. Many providers believe they’re complying with the final rule but may actually be vulnerable to penalties because their pricing files are in user-unfriendly formats. A web-based pricing tool can help solve for this by offering patients accurate estimates and recommended payment plans before or at the point of service. Similarly, a text-to-mobile tool, such as Patient Financial Advisor, can send automated text messages to patients with personalized estimates and bills. Keeping an eye on healthcare price transparency More tools are now available to help patients make sense of their billing and it’s becoming easier for providers and payers to create a patient financial experience that’s supportive from the start. Not only will this help patients understand their cost of care (and with that understanding likely comes better collections performance), it’ll help reduce the risk of uncompensated care ¬– and avoid penalties as the final rule takes root. The Biden Administration’s focus on consumer-friendly healthcare services will likely keep price transparency at the forefront. What that looks like over the next few years depends on regulatory and market forces, but providers and payers alike will benefit from offering solutions that make sense for their organizations and patient populations. Find out how Experian Health’s price transparency tools could help your organization with the transition.

Will handshakes become a thing of the past? Will face masks become a regular feature of flu season? Will home-working remain popular, even after workplaces re-open? COVID-19 forced some abrupt behavior changes that challenged existing cultural norms, but as the pandemic subsides, how many of these adaptations will survive?   For healthcare executives, the return to on-site medical visits raises similar questions. Healthcare consumers were already expressing an appetite for more convenience and control, and the pandemic accelerated the use of digital solutions for everything from patient access to telehealth. Being able to book appointments, complete pre-registration forms and make payments online is the new baseline.   As patient volumes start to increase, hospitals and physician groups shouldn’t take their foot off the gas with digitalization, particularly in patient intake, which doesn’t have to involve in-person contact. There’s an opportunity now to learn from what’s worked well over the last year and cement the pandemic’s digital legacy.   What does the new normal look like in patient intake? Getting back to basics with convenience and compassion Once crisis mode has passed, providers can refocus their efforts on the building blocks of an optimal health service: high quality care and a convenient and compassionate patient experience. After the uncertainty and loss of control over the last year, patients want autonomy and choice. Initiating a smooth patient journey through online pre-registration, patient portals, virtual waiting rooms and digital scheduling can contribute to this.   Many will be happy to say goodbye to piles of paper forms and long waits in the waiting room. But any digital strategy must also support those with limited access to devices and broadband or limited digital literacy. Liz Serie, Director of Product Management at Experian Health, says:   “The goal is to give patients the same exceptional experience and care, regardless of when or how they complete patient intake. Using the same tools that we know our patients are already comfortable with will help to ensure an inclusive approach.”   Digital technology can support a multichannel approach, for example, using automated dialers to make phone calls where mobile apps aren’t an option, or using patient data to segment individuals according to contact preferences. Re-engaging hesitant patients The CDC reported in September 2020 that around 40% of adults delayed care due to the pandemic. While more recent data suggests fewer patients are deferring care, some experts worry that patient volumes won’t return to normal until 2022. How can providers ease the return to care?   Online health portals were helpful in keeping people out of facilities during the pandemic – can they now serve a different purpose in reminding patients to come in for check-ups?   Patients will need clear information about what protocols to follow during patient intake and what to expect from virtual waiting rooms, as well as reassurance that the experience will be safe. Streamlining patient access with accurate data Unlocking the digital front door made logistical sense during the pandemic. It’s even more critical as patient volumes drive back up. Providers will want to review their protocols to be sure that speedy implementation has not left that door open to costly data errors. Is the right information being collected at the right time?   Consumers are looking for flexible and accurate appointment slots for self-scheduling, and they want their financial ducks in a row as soon as possible with quick authorizations and coverage checks. Getting data right first time makes for a smoother patient experience, more efficient staff workflows and fewer claim denials down the line. Preparing for an uncertain future Looking ahead, patient intake protocols will need to be flexible enough to adapt to changing patient needs, particularly if there are further waves of the pandemic. Digital solutions can help providers prepare for the unexpected and shift from a reactive response in a crisis to a proactive step towards the future.   For many providers, future-proofing the patient intake experience is also an important remedy to the financial losses suffered during the pandemic. Digital solutions built on accurate data, consumer needs, accessible information can protect against further revenue loss by giving patients reliable ways to access and pay for care, no matter what the future holds.   Medicine is built on in-person care, but we don’t need to be face-to-face to fill out forms. Patient intake is one area where “the old way” doesn’t have to return. Find out more about how your organization can build on the pandemic’s digital legacy and create a leading patient intake experience.