On March 20, 2015, the Department of Health and Human Services’ (HHS) Centers for Medicare & Medicaid Services (CMS) issued a proposed rule for Stage 3 of the Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs. Stage 3 raises the bar for all providers, increasing some existing threshold measures from Stage 2 and proposing aggressive timelines for attestation. The new rules require providers to meet rigorous qualifications, and all eligible Medicare and Medicaid providers (EPs) must attest to meaningful use Stage 3 by 2018. While financial incentives are tapering off for meaningful use, the implication is clear. The penalty phase is about to begin in earnest. Starting in January 2015, nearly 257,000 eligible professionals (EPs) – or half of all EPs - will face a one percent cut to their Medicare reimbursements for not meeting meaningful use standards, according to CMS.

The protection and security of electronic medical records is a topic of growing concern. While the public may be focusing on the issue of breaches due to recent data hacks, the Office of Inspector General is turning its attention to EHR fraud. The OIG is calling for the Centers for Medicare & Medicaid Services to address the issue of EHR fraud vulnerabilities. In a March 2015 report, the OIG claimed that the agency has not adequately implemented fraud safeguards. "HHS must do more to ensure that all hospitals' EHRs contain safeguards and that hospitals use them to protect against electronically enabled healthcare fraud," OIG officials wrote in the report.

Part 1: Interoperability & EHR Function Measures On March 20 2015, The Centers for Medicare & Medicaid Services (CMS) released Stage 3 of their Electronic Health Record Incentive Program. At the same time, the Office of the National Coordinator for Health Information Technology (ONC) released the 2015 Editions of the Health Information Technology Certification Criteria, Base Electronic Health Record Definition, and ONC Health IT Certification Program. This news has resulted in some rather extreme reactions among some in the healthcare industry—for example, absolute panic and unbridled rage. This seems rather odd. Come on… it’s not like we weren’t aware that this was coming. As a matter of fact, I’m pretty sure that I gave everyone a heads up about this back in January. Based on how certain people are behaving, though, you’d think the CMS & ONC just surprised all of us with this stuff like it’s some kind of weird fire drill. Then again, trying to make sense out of so much complicated (and, let’s face it, very boring) text is probably enough to make anyone a little irritable.

Providers as well as health care organizations have eagerly waited for the Centers for Medicare & Medicaid Services to reveal the stage 3 requirements for meaningful use under the Health Information Technology for Economic and Clinical Health Act. On March 20, the organization finally released the proposed rule for stage 3.

Regardless of how prepared your practice is for the coming implementation of ICD-10, you may be somewhat overwhelmed with the number of tasks you've completed to get ready. The October 1, 2015 deadline seems as though it is going to stick this year, so if you are not in the process of preparing your practice for the big switch, you should start immediately. No matter your stage of preparation, at times like these, it's often good to take a second, step back and reflect on the fruits of your labors. With that in mind, check out some of the surprising side effects of ICD-10 implementation:

Even with the most effective medical billing software, all medical practices experience some level of claim denials (when insurance companies refuse to honor requests for health care coverage). According to the American Academy of Family Physicians, the average denial rate for providers is between 5 and 10 percent. However, the general goal is to keep that number below 5 percent, as a lower denial rate means a more abundant cash flow.

Yet Most Support the October 1, 2015 Deadline and Urge Not to Delay Many health care professionals have been rushing to get prepared for the ICD-10 deadline, which is set for Oct. 1, 2015. The Centers for Medicare and Medicare Services set this deadline in May 2014, giving providers about a year and a half to make their systems compliant with ICD-10 software in time for the big switch.

Welcome to the final installment of this blog series—creating a healthcare BYOD policy. You need one of these for a number of reasons. First and foremost, it’s a HIPAA/PHI issue. All the security tools in the world are powerless in the face of human error, and mistakes happen. If and when you have a lost/stolen device, one of the first things HHS is probably going to ask for is a copy of your office’s BYOD policy. Trust me, “What policy?” is not an acceptable answer.