Information security officers often have their hands full with HIPAA. But as high-deductible health plans have patients paying more out of pocket, it’s time organizations took a closer look at another set of cybersecurity guidance: the Payment Card Industry Data Security Standard (PCI DSS).
Each year, CMS reviews procedures on the inpatient-only list, which consists of services typically provided on inpatients and not payable under the OPPS, to consider whether they are being performed safely and consistently in outpatient departments.
It’s been a challenging year for HIPAA compliance. OCR levied more than $20 million in breach settlement fines. Ransomware rocked the healthcare industry.
Most healthcare systems already have a proven process in place to monitor revenue integrity and ensure correct reimbursement. Beyond the day-to-day revenue cycle staff involved in revenue integrity, more than 60% of hospital executives believe revenue integrity is essential to their organization’s financial stability and sustainability, according to a survey by Craneware, Inc.
Almost a year after the world of coding was transformed by the implementation of ICD-10-CM/PCS, CMS released the 2017 ICD-10-CM Official Guidelines for Coding and Reporting along with more than 5,000 diagnosis and procedure code changes. The new codes and guidelines went into effect October 1, but not without some controversy. Many of the changes were praised for the increased clarity and level of detail they allow providers to capture. Other changes, though, raised questions and eyebrows and left some wondering what the Cooperating Parties may have intended.
CMS made certain concessions from its proposed site-neutral payment policies required by Section 603 of the Bipartisan Budget Act, but it is still moving forward with implementation January 1, 2017, according to the 2017 OPPS final rule.
