In The Know

Health Information Professional (HIP) ‘Fill in the Code’ Challenge

Posted by Julia Foster on March 24, 2017 in Blog, News

HIP Week Fill in the Code Challenge- Blog Banner

Health Information Professionals Week is March 26th – April 1st, 2017! In honor of HIP week, Excite Health Partners will be hosting HIP Week ‘Fill in the Code’ Challenge. Enter each day for your chance to win a $10 gift card or the grand prize, pictured below!
-The Details-Each week day during HIP Week at 3:00 pm (EST), we will post a joke on our Facebook, Twitter and Instagram pages with one word missing.  The missing word will be replaced with an ICD-10 code. You can participate by telling us what the missing word is. Each daily winner will receive a $10 gift card to their choice of Dunkin’ Donuts, Starbucks or Panera Bread. All correct answers will be submitted into a drawing for the daily prize and all daily entries will be combined for the grand prize drawing. The grand prize winner will be selected April 3rd at 3:00 pm EST.

 

 

How to enter & the rules

To enter the contest message us your answer. Answers must be sent before the following day at 3:00 pm EST when the next joke is posted.  You may only answer once a day, but you can receive up to 3 additional daily entries by tagging friends in daily posts (1 entry per tagged friend and the same friend cannot be tagged more than once).  Make sure you like our Facebook page, following us on Twitter and follow us on Instagram. Good Luck! Email info@excitehp.com if you have any questions!

 

 

The Grand Prize

Prize

The grand prize, which is pictured above, includes a Vera Bradley beach tote,  Kate Spade sticky note set, a waterproof Bluetooth speaker, beach towel, Essie spring mini collect, Starbucks tumbler, light blue Rtic tumbler and more!

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

February 2017 Cyber Security Summary

Posted by Julia Foster on March 8, 2017 in Blog, News

Feb Cyber Security

February 2017 Cyber Security Summary

February consisted of a ransom attack, a break-in and a breach from inside the system, all which contributed to 21 total healthcare breaches and nearly 80,000 records compromised.

feb graph

Since the beginning of the year:

There have been 1,288,302 million total records compromised since the beginning of 2017, and over half of them have been healthcare records. Of the 279 total data breaches, 72 of them have occurred in the healthcare field.

February’s most notable healthcare breaches:

The Internal Employees
A pair of patient transporters accessed over 3,000 medical records from a university-based hospital in Tennessee. The two employees looked at 3,247 medical records between May 2015 and December 2016. They were able to see personal information such as demographics, medical record numbers, and social security numbers. As of now, there is no evidence that the information was downloaded or printed. However, the medical center is still taking proper precautions and sending letters to patients notifying them of the breach.

Appointment System
A Georgia-based health system fell victim to a ransomware attack that included almost 80,000 patients’ records. The information was accessed through the system’s appointment software “Waits and Delays.” The hackers were able to remove the appointments database and then demanded a ransom to restore the site. It is not evident if the health system paid it or not. The information stolen included names, dates of birth, contact information and appointment information. Since becoming aware of the breach, the hospital has notified all of the patients who were affected by the breach and encouraged them to keep an eye on their financial statements and credit reports.

Break In
7,000 patient records were stolen during a break-in at a healthcare provider’s office in Kansas. The break-in had occurred at approximately 5:00 am before the facility opened. The intruder gained access by breaking a window and stole a desktop computer and a printer. The computer contained many non-encrypted appointment notes dating back to 2002 and 2003. The information in the notes varied, but some consisted of names, dates of birth and diagnoses and orders.

Feb Infographic

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

Health Information Professionals (HIP) Week 2017 – March 26th-April 1st

Posted by Julia Foster on March 6, 2017 in Blog

Happy Health Information Professionals Week! Header

Health Information Professionals (HIP) Week 2017 – March 26th-April 1st

2017 marks the 27th annual Health Information Professionals (HIP) week. This week, which according to AHIMA.org, “is a showcase for the thousands of health information management (HIM) professionals who perform their duties masterfully throughout the year,” will be held March 26th, 2017- April 1st, 2017.

This week is sponsored by The American Health Information Association (AHIMA).  This year’s theme will be “Leading the way to quality data.”

HIPlogoCMYK

5 Topics & Launches from HIMSS17

Posted by Julia Foster on March 3, 2017 in Blog

Blog Header (1)

5 Topics & Launches from HIMSS17

The hustle and bustle of over 40,000 attendees, 1,200 vendors and 300 sessions at HIMSS17 ended just last week.  With everything going on there is a chance you may have missed something, here are five topics and launches from HIMSS17.

1

While there were many topics being discussed at the 4-day event, attendees have had a hard time pinpointing what issues dominated the conference.  Just like the world of HIT, HIMSS17 had a lot going, here is what some of the buzz was all about:

  1. Cybersecurity
    As we know, security breaches in the healthcare industry are in the headlines every day making it a no-brainer this would be a hot topic at the conference. HIMSS felt cybersecurity was so important they dedicated a full-day event, the Cybersecurity Forum, to the topic.  While cybersecurity has been a hot topic for a couple of years, this year the conversations turned to medical devices.  According to Marty Edwards, director of the Industrial Control Systems Cyber Emergency Response Team at the Department of Homeland Security “It is only a matter of time before we see a major event affecting patients involving medical device cybersecurity.”
  1. Interoperability
    Interoperability was a huge focus at last year’s conference, while cybersecurity seemed to be bigger this year, interoperability was still a primary focus for many attendees, vendors, and speakers. While significant progress has been made regarding Interoperability, it may not be happening as quickly as we would all have liked. HIMSS17 left us feeling optimistic; progress is still coming and at a steady rate!
  1. Big Data and Analytics
    According to Paul Black, CEO of Allscripts, “I expected and saw the spotlight on the transformation of Big Data into more meaningful, usable analytics.” The discussion revolved a lot around how to manage patient responsibility, connectivity to communication platforms, and even interventions when necessary.
  1. Value-Based Care
    HIT professionals were looking for tools and solutions to operationalize value-based care and payments. They were also looking for ways to increase patient engagement and enhance the patient experience.
  1. Telehealth
    There is no doubt telehealth is up and coming.  Many forces are driving the expanded use of telehealth services including the reduction of the spread of contagious viruses/sicknesses, access for rural communities, and cost reduction.

2

With so many Health IT professionals under the same roof, there is no better place than HIMSS to launch or demo a new product. There were quite a few product launches and demos throughout the show, here are some of our favorites:

  1. App Orchard- Epic
    The highly-anticipated launch of App Orchard, Epic’s app store, finally happened at HIMSS17.  According to Epic’s website “The App Orchard is where developers can learn about Epic’s APIs and list their apps for Epic community members to explore and access.”
  1. Healthy Hospital- McKesson
    McKesson had lots of new products to demo during the show, one of those being Healthy Hospital.  According to a press release, “Healthy Hospital is a new program that uses advanced analytics to help providers benchmark key revenue cycle metrics, and identify areas where they can accelerate or otherwise improve financial performance.”
  1. Touchstone-Medisolv
    Touchstone, which is a comprehensive benchmarking software tool that can be utilized by hospitals and physicians for the measurement of quality and safety, will be available early summer.  Touchstone, according to medisolv.org, is  “the first benchmarking software of its kind for hospital eCQMs in the cloud,” will be available early summer
  1. DS8100-HC series scanners AND TC51-HC mobile computers- Zebra Technologies
    Zebra Technologies released scanners and mobile computers that according to a press release “can foster clinical collaboration for staffers and drive better operational efficiencies, while also supporting the five rights of medication administration to help increase patient safety.”
  1. ClaimStaker- Alpha II
    Alpha II released ClaimStaker, a claims editing software.  According to their site, “ClaimStaker, is the most comprehensive clinical claim and encounter scrubbing tool available today.”

HIMSS BLog graphic

 

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

Cyber Security Summary – January 2017

Posted by Amanda Harner on February 9, 2017 in Blog, News

CYBER SECURITY (2)

As far as healthcare security is concerned, 2017 is off to a pretty good start. Although there were 24 data breaches that occurred in January, 151,970 records were compromised. Considering the monthly average of records compromised in 2016 was over a million, things are going pretty well! Notable breaches last month included a laptop stolen from a physician’s car, and two system hacks.

Screen Shot 2017-02-09 at 1.12.55 PM

Old Website

A California healthcare system, that includes 6 hospitals, was hacked causing over 10,000 patient’s record to be exposed. In October 2015, an unauthorized user hacked into a website that was no longer in use. The hack was not discovered by authorities until last month when officials were notified. Dates of birth, medical records and phone numbers were among the information stolen. Since the discovery, the health system has taken proper measurements to secure its website and have provided the patients who were affected with free credit monitoring services for a year.

 

Stolen Laptop

A laptop which contained protected health information of over 3,500 patients of a children’s hospital in California, was stolen from a physician’s locked car. The computer, which was stolen in October was password protected but was not “encrypted to current institutional standards”. An investigation was conducted and it is believed that all of the information was erased from device without any patient data being accessed. The hospital is taking extra caution and sending letters to notify the thousands of patients.

 

System Hack

Nearly 5,000 patients were affected when the system of a pain management provider was hacked. The provider has offices in New Jersey, New York, and Pennsylvania that were hurt by the attack. Although the breach was discovered in November, officials are unaware how long hackers had access to information. The investigation revealed that compromised information ranged from social security numbers and Medicare numbers to medical and demographic information. Since the attack, the provider conducted a review of its security processes, which revealed a number of areas that needed improvement. It has since been enhanced to prevent any future attacks.

cyber security recap January 2017 (3)

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

2016 Cyber Security Summary

Posted by Julia Foster on January 13, 2017 in Blog

 

2016 review - cover
2016 Cyber Security Summary

2016 kept everyone in the healthcare industry on their toes having a record high number of data breaches! Luckily, the number of compromised records dropped drastically in comparison to 2015. However, one trend that was widely recognized was the rise of ransomware attacks. Although not a new method, ransomware is quickly gaining popularity and becoming a huge issue in the cybersecurity world. Read below to see a recap of 2016’s most impactful data breaches!

2016 Review - table

Top 5 Most Notable Breaches in 2016:

The Dark Net Sale
The largest and probably most notable data breach was released in June. The hacker, who goes by the name of TheDarkLord, listed 4 different databases for sale on TheRealDeal market (a dark net source). The databases were being sold for $100,000, $200,000 $400,000, and $485,000 and included names, birthdates, social security numbers, addresses, cell phone numbers, and medical history. Ransomware attacks can put providers in a tricky situation because even if the ransom is paid, they are not guaranteed to get their information back.

Held at Ransom
The first ransomware attack of the year occurred in February at a hospital in California. The hackers were able to lock the system cutting off access to hospital employees. During this time they had to resort to handwritten documentation and prescriptions instead of any electronic communication. The hospital was forced to pay the hackers 40 bitcoins (a type of digital currency operating independently of a central bank) or $17,000 to regain access. There is no evidence that any records were actually accessed during the lockout, but the hospital still took proper precautions.

The Food Court
Another large breach in 2016 consisted of 3.7 million records stolen from an Arizona health system in August. The hackers were able to gain access to a payment processing system in some food and beverage areas throughout their facilities. The stolen information included names, birthdates, social security numbers, credit card information, and health insurance information.

Twitter
One of the most unique data breaches of 2016 was linked to a radical right-wing Ukrainian political group. In July, the group posted a screenshot of information that they compromised from a urology group based out of Ohio to Twitter and uploaded half a million records to a Google cloud-based storage area. The information posted included names, addresses, phone numbers, birthdates, insurance ID’s and diagnoses. When asked the group stated that the motive was political, however, this specific urology group did not have anything to do with the issues.

ID Cards
In August, a company based out of New York that provides ID cards for health plans for big names such as Blue Cross Blue Shield and Health Now was involved in a data breach that consisted of almost 3.5 million records compromised. Information accessed consisted of names, dates of birth, ID numbers, dependents’ names and provider names. The hacker was able to gain unauthorized access to a server which held all of the private information.

The Semi-Truck
In December, almost half a million records were subject to exposure not because of a security attack, but rather a semi-truck. In Fort Myers, FL a truck driver, transporting a load of old paper medical records failed to securely lock the door on his truck, causing the medical records to fall from the vehicle and blow around. It took 3 days for officials to find all of the medical records that they could, however, not all were accounted for. There was no evidence that any information had been improperly used so far, but the information exposed consisted of everything from addresses and medical history to social security and financial information.

 

2016 review - infographic

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

Cyber Security Summary – December 2016

Posted by Amanda Harner on January 6, 2017 in Blog, News

december-blog-logo

Regarding cybersecurity, December had some good news and some bad news. The good news: December had the lowest amount of data breaches throughout 2016. The bad news: December had the 3rd highest number of records compromised, with a total of almost 1 million. Some of the most notable breaches include phishing emails being sent out, a ransomware attack, and a mobile app that was hacked into.

Since the beginning of December:

In December 2016, there were 16 health breaches and 925,863 records compromised. 61% of healthcare data breaches were due to hacking/IT incident.

graph

Since the beginning of the year:
In 2016 there were over 900 total data breaches and 350 healthcare breaches, consisting of over 35,000,000 records compromised throughout the entire year!

December’s most notable healthcare breaches:

 LA Health Department

The Los Angeles Health Department suffered the largest data breach in December. It is estimated a phishing email sent to employees compromised over 700,000 personal records. Phishing emails contain viruses which allow access to protected information. These emails usually have an open rate around 30%, but in this case, the open rate was only about 10%. However, even with the relatively small number of opens, a significant amount of damage was still caused to the server. The data compromised consisted of names, dates of birth, social security numbers, payment/bank account information, social security numbers, and medical diagnoses.

Ransomware

A health center also based in California was the victim of a ransomware attack. Troldesh, which is the ransomware that was used in this attack works by conducting scans and encrypting files making them inaccessible to authorized users. Toldesh was installed by an unauthorized user who logged into the server. Names, medical diagnoses, medical record numbers, and insurance numbers were among the information stolen. Luckily, no financial information or social security numbers were compromised.

Lab

Earlier this month, a medical laboratory company based out of New Jersey disclosed a data breach that affected more than 34,000 people. Information stolen included personal information such as names, phone numbers, dates of birth and lab results. The information was stolen through MyQuest, which is a mobile app that allows patients to share medical records. The app was improperly secured allowing the hackers to gain access to personal records.

excite-infographic-december

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

7 ICD-10 Codes for the New Year

Posted by Julia Foster on December 29, 2016 in Blog, News

new-years-banner-1

Let the countdown begin. 2017 will be here before we know it! Here are some ICD-10 codes you might be using to bring in the New Year!

 

W25.XXA- Contact with sharp glass, sequela

Be careful when you are clinking glasses, or you will be in need of this code.

 

F10.920- Alcohol use with intoxication, uncomplicated

The best way to bring in the New Year is with a champagne toast.

 

S93.401A- Sprain of unspecified ligament of ankle

NYE is an opportunity to dress your best, but it is also an opportunity for a high heel injury.

 

Z38.00- Single live born infant, born outside hospital

NYE is all about welcoming Baby New Year.

 

E86.0 – Dehydration, R51 – Headache & R11.2 0 Nausea and vomiting

a.k.a- hangover

 

W39- Discharge of firework

Fireworks at midnight are always a fun way to celebrate!

 

Y93.A- Activities involving other cardiorespiratory exercise

Do you know what the most common New Year’s resolution is? Getting in better shape.

ring-in-the-new-year-with-icd10

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

8 ICD-10 Codes for the Holidays

Posted by Julia Foster on December 20, 2016 in Blog

blog-header

8 ICD-10 Codes for the Holidays

It’s the most wonderful time of the year! The holiday season is all about friends, family, celebration and ICD-10 Codes. Okay, maybe not ICD-10 codes, but here are some codes in the holiday spirit.

W00.9XXA – Unspecified fall due to ice and snow, initial encounter
A white Christmas could also be a slippery Christmas

X08.8XXA – Exposure to other specified smoke, fire and flames
When the eight days of Hanukkah are through, there’s a good chance you burnt a finger or two.

 W26.2XXA – Contact with edge of stiff paper
The gifts won’t wrap themselves.

Y93.21 – Activity, ice skating & V00.221 – Fall from Sled
Who doesn’t enjoy these traditional holiday activities?

X10.0XXA – Contact with hot drinks
There’s nothing quite like a nice cup of hot cocoa after ice skating and sledding.

Z72.820 – Sleep Deprivation
Who can sleep when you are trying to get a glimpse of Santa!

Y92.01 – Single-family non-institutional (private) house as the place of occurrence of the external cause
Because there is no place like home for the holidays.

BONUS CODES: ICD-10 Codes National Lampoon Style
cat
W86.00XA – Exposure to domestic wiring
This code would have come in handy when the cat chews the electrical cord to the tree.

W53.29XA – Other contact with a squirrel

Remember the scene when the squirrel gets in?

 

tis-the-season-for-icd-10-codes-4

 

 

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

Levels of Professional Dress

Posted by Julia Foster on December 5, 2016 in Blog

     

levels-of-professional                                                                 

Most companies have a particular dress code policy outlining exactly what you can and cannot wear in the office. In some cases, especially when going in for an interview, you might not be aware of the exact dress codes rules. For those times you do not have a detail dress code, use the guide below when choosing what to wear.

 

Casual

Casual dress codes have become more popular in recent years. While casual is the least dressy level of dress, there are still some guidelines you need to follow.

 What is okay to wear:
Women:

  • Nice-looking tops
  • Casual pants and skirts
  • Dark colored jeans
  • Any shoes, as long as they have a back
  • Casual accessories such as scarves, and statement jewelry

Men:

  • Casual pants
  • Dark colored jeans
  • Polos, sweaters, pullovers, and casual button downs
  • Sneakers and loafers

What to Avoid:

  • Anything too revealing
  • Skirts that are not an appropriate length
  • Anything that looks messy
  • Backless shoes
  • Unnatural hair color and facial piercings
  • Light colored and/or distressed jeans
  • Any clothing with stains or holes

 

Business Casual

Business casual typically the most popular dress code in offices. It allows you to have personality in your outfit, but remain professional looking.

What is okay to wear:
Women:

  • Dress pants, skirts or khakis.
  • Tops such as blouses, collared shirts, nice sweaters, or cardigans. Colors and patterns are acceptable.
  • Statement jewelry and accessories.
  • Flats or heels
  • Everything you would avoid when dressing casual

Men:

  • Button-down and collared shirts. Colors and patterns are acceptable.
  • Sweaters, sweater vests, and sport
  • Conservative colored dress pants or khakis.
  • Dress shoes are acceptable.

What to avoid:

  • Sleeveless shirts
  • Open-toe shoes
  • Sneakers
  • Jeans

 

Business Professional

Business Professional is a step above business casual. It is a more conservative type of dress, while still allowing colors.

Women:

  • Pant or Skirt Suit
  • Skirts no shorter than two inches above the knee.
  • If not wearing a suit, a blazer is recommended
  • A button up shirt in any color.
  • Non-distracting
  • Dark or nude colored tights.
  • Closed toed heels

 

Men:

  • A conservative colored suit, although it may have a light pattern.
  • Dress pants can be worn with a sport
  • Tie, colors and patterns are acceptable.
  • Collared button up shirts. Colors are acceptable.
  • Neutral colored oxfords or loafers.

Things to avoid:

  • Skirts shorter than 2 inches above the knee
  • Distracting jewelry
  • Open-toe shoes
  • Novelty
  • Anything that could be considered
  • Jeans
  • Everything you would avoid while dressing casual and business casual

Business Formal

Also known as Boardroom Attire, this is the highest and most conservative level of professional dress.

 Women:

  • A pantsuit or skirt suit in a neutral color (black, navy, gray or brown)
  • White collared button up.
  • Closed toed heels
  • Dark colored tights if wearing a skirt
  • Conservative jewelry –Studded earrings are best, or a simple chain necklace.

Men:

  • A suit in a solid neutral color (black, gray, or navy).
  • A white collared shirt
  • Neutral ties
  • Closed toe oxford shoes

 

What to avoid:

  • Non-neutral colored clothing
  • Heels taller than 2 inches
  • Flashy/Gaudy jewelry and accessories
  • Messy hair and facial hair
  • Open-toe shoes
  • Novelty Ties
  • Everything you would avoid when dressing casual, business casual and business professional.

 

 

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram