Versaform Systems Corporation is part of the VSS Medical Group

EHR Incentive Program Adoption Rates Continue to Drop

The CMS has released a report detailing the active registrations for the Medicare and Medicaid incentive programs, from inception in 2011 right up to April 2014. The numbers have dropped steadily year over year, with roughly 25% of active registrants in 2013, compared to those of 2011.

The report is potentially misleading, due solely to the layout of the report, which uses a standard tabular format to display the information. The first three rows of the table give registrations for Medicare / Medicaid Eligible Professionals and Eligible Hospitals as totals for the year 2011, 2012 and 2013. The next four rows give the same info, but by month of 2014, January through April.

A casual glance down the columns would indicate a much larger drop in registrations in 2014, whereas this is not actually the case.

CMS April Report shows mixed message about Meaningful Use registration rates

It is all in the presentation. As we see here, mixing disparate date ranges on the same graph axis is a really bad idea if clarity is your goal. For a more accurate picture, add the last four rows of each column to get the totals so far for 2014, and realise that this represents only the first third of the year. That takes total registrations across the various programs from a disheartening 1,372 in April alone to a more robust 73,366, year to date. With 8 months of the year still to go.

For the number crunchers among us, in 2013 the CMS quoted registrations of 54,062 Medicare EP's, 34,778 Medicaid EP's and 469 Eligible Hospital/CAH's. Totalling the 2014 registrations to date, there are 24,935 Medicare EP's, 11,714 Medicaid EP's and 34 Eligible Hospitals/CAH/s.

Or more simply, totals of 89,309 and 36,683 respectively. In that light, the number of 2014 registrations is just below 50% of the 2013 figure, and we are not yet half way through the year. The numbers are indeed still down, but by many factors less than it may be perceived from the way the report is laid out, and again, there are still 8 months of the year remaining during which we expect to see registrations.

On the 'Incentive Payments Made' side of the equation, the trend reverses, as participants reap the benefits of long-term investments and enrolments in the various programs.

In 2011 a total of $5,379,952,402 was paid out in incentives. In 2013 that amount rose to $8,600,608,727. As of April 2014, only $17,342,604 has been distributed as incentive payments, though this will clearly increase as the year progresses.

I'll save you the math. Since inception, the incentive programs have to date given a total of $23,725,293,656 in incentive payments to eligible professionals and CAH's. And 8 months still to go…

Mobile Health Grows alongside App Development


The growth of healthcare applications in the mobile arena has grown exponentially in recent months and is showing no sign of slowing.

Android, iOS and Blackberry are the three most common mobile platforms on tablets and smartphones, and as at the time of writing the Amazon Fire phone has recently launched it could be fairly argued that a fourth platform, the Amazon Store, has just entered the fray.

Zoning in to one specific player (only because I happen to already have the stats at my fingertips for this one), Apple has 31,597 apps in the Apple Store in the category they title Health and Fitness. Separately, the Medical category (devoted to apps with practical medical functionality) lists 24,797 apps. Between the two, that's 4.93% of the total number of apps in their whole store. Almost one in every twenty. Together, that makes 56,394 apps available for immediate download. And again, that's just one of four platforms.

Apple themselves are preparing to take their fabled Healthbook app to market sometime this summer under the shortened name Health. We are eagerly waiting to see which of the many touted features will make the final cut. Given their track record we can be sure that whatever form it takes, this app will be something special which may corner the market as Apple has done so many times before.

The rumor-mill suggests the Healthkit, another app, will link with additional data gathering devices including wristbands and watches, to gather real-time medical data which can be stored, analyzed, reviewed and even uploaded directly into your personal medical record. If this comes to pass, it is only a short step to imagine this functionality combining with Health Insurance Exchange interoperability features to let you jog right into a mobile clinic and receive treatment on the spot, or pick up a prescription, or collect your test results. How's that for mobile health?

Mobile platforms are the new frontier, with mHealth being the buzzword of the Summer. The face of healthcare is changing almost daily. We do indeed live in exciting times.

Webinar from Medicare Learning Network

Webinar: More ICD-10 Coding Basics
Wednesday, June 4, 2014
1:30 PM - 3:00 PM Eastern Time


HHS expects to release an interim final rule in the near future that will include a new compliance date that would require the use of ICD-10 beginning October 1, 2015. Providers would have an extra year to prepare.

During this MLN Connects™ National Provider Call, join us for a keynote presentation on more ICD-10 coding basics by Sue Bowman from the American Health Information Management Association (AHIMA), along with updates from CMS. A question and answer session will follow the presentation.



CMS updates, including the partial code freeze and 2015 code updates

Why ICD-9-CM is being replaced with ICD-10-CM

Benefits of ICD-10-CM

Similarities and differences from ICD-9-CM

Coding: Process of assigning a diagnosis code, 7th character, placeholder "x,” excludes notes, unspecified codes, external cause of injury codes, type of encounter

Documentation tips

How to obtain answers to coding questions

How to request modifications to ICD-10-CM

Target Audience

Medical coders, physicians, physician office staff, nurses and other non-physician practitioners, provider billing staff, health records staff, vendors, educators, system maintainers, laboratories, and all Medicare providers


The presentation for this call will be posted at least one day in advance of the call on the MLN Connects™ National Provider Calls and Events web page. Select the call date and scroll to the "Call Materials" section to locate the slide presentation. A link to the audio recording and written transcript of this call will be posted under the "Calls Materials" section in approximately 2 weeks following the call.

To register for this webinar, CLICK HERE

Avoidable HIPAA Breaches Prove Expensive

May 2014 saw the largest HIPAA penalty to date falling on two large healthcare providers. Totalling $4,800,000, the penalty fees are the result of a lack of preparedness, rather than poor implementation, according to the Office of Civil Rights (OCR).

Risk-AnalysisThe bottom line seems to have been that the situation resulted from a combination of factors, primarily the lack of an adequate risk analysis, an effective risk management plan, and failure to implement sufficient security safeguards, procedures and policies. This last would have precluded the data breach and avoided the issue entirely. The breach was not insignificant, resulting as it did in the personally identifiable health information of 6,800 individuals turning up in public search engines on the Internet.

The OCR has mandated that in addition to payment of the penalty fees, the providers must prepare a risk analysis and risk management strategy, as well as updating their procedures and policies. OCR will continue to work with both entities in an ongoing process to achieve these goals.

Nobody is safe from a data breach, as we can see from this incident. However, with forethought and some strategic planning the threat can be minimized significantly. Providers are encouraged to take appropriate steps to safeguard their own positions as well as the ePHI of their patients, by implementing their own risk analysis and management plans prior to experiencing such a breach as that above.

ONC Overhaul Will Keep Focus on Data Security

In January, Karen DeSalvo, M.D., was brought in to head up the Office of the National Coordinator (ONC.) Fast forward six months, and the ONC is downsizing. A lot.

Going from 17 departments to only 10, DeSalvo explains the adjustments as ‘pivoting for the future’. ONC is also reducing by one half their advisory workgroups, those which make recommendations on health IT policies and standards. Spearheading the HITECH act, the ONC, as part of the Department of Health and Human Services, is tasked with setting policies and standards for electronic health record and health information exchange security at a national level. HITECH act funding is already being phased out for many programs, and much of the early implementation work and heavy-lifting has been completed. With all the broad-strokes policies and standards now in place, it makes a lot of sense to redirect the ONC resources in preparation for new challenges.

Health-Care-ReformIn an e-mail to ONC staff DeSalvo wrote "This realignment will support our focus on developing and implementing an interoperability roadmap, supporting care transformation and establishing a framework to support appropriate use of health data to further meaningful consumer engagement, system-level quality and safety of care, improvements in the public's health, and advancements in science."

Of the ten departments which will remain after the shake-up, a key component will be the Office of the Chief Privacy Officer, which will continue to be led by Joy Pritts. The HIT Standards Committee Privacy and Security Workgroup will transition, and be reborn as the Security and Transport Workgroup. This team will focus heavily on standards and policies within the emerging arena of secure interoperability, as the adoption of health plans continues to grow and data increasingly flows between Health Information Exchanges.

The future appears to be well planned and prepared for as we move into the next phase of Healthcare. The only cloud on the horizon is that a small number of legislators fear that the ONC may be exceeding their authority with some of the new measures they plan to introduce.

The House Committee on Energy and Commerce wrote to the ONC on May 3 seeking clarification on ONC plans for a Health IT Safety Center. Of more pressing concern is the proposed introduction of a new ‘user fee’ for health IT software vendors. The fee is meant to offset the cost of ONC certification and standards activities. Any such fee will be borne by the vendors and software developers, but as is the way with such things, will ultimately pass down the line to facilities and practices, and from there along to patients.

"It's not clear to us under what regulatory authority ONC is now pursuing these enhanced regulatory activities." the letter diplomatically said, and went on to seek clarification on several other issues. At the time of writing the ONC is still considering their response.

Security must remain the overriding priority for health data, even more so as health information exchanges become integrated and data travels across the Internet. The changes being made within the ONC are logical next steps in the right direction, which will help to protect patients and facilities alike from the twin threats of identity theft and medical fraud. Cybersecurity begins here.


Webinar: Risk Analysis and Risk Management DO’s and DON’TS

Put Thursday May 29, 2014 into your calendars. At 3:30PM CDT a group of healthcare industry experts will convene on-line to discuss lessons learned from actual OCR audits and enforcement actions. Post-analysis always provides valuable insights and we think this free webinar could really be worth the investment of your time.

Offering guidance on the big risk analysis and risk management do’s and don’ts, attendees can ask and have questions answered, and leave more informed than they arrived.

Questions already on the agenda include (but are not limited to):

  1. What do the regulations require (HIPAA Security Final Rule and Meaningful Use)?
  2. Is a Risk Analysis (45 CFR 164.308 (a)(1)(ii)(A)) the same as a Security Evaluation (45 CFR 164.308 (a)(8))?
  3. Must organizations do both a Risk Analysis and a Security Evaluation?
  4. What should be included “in scope” of the risk analysis?
  5. What are the nine (9) essential elements of a risk analysis?
  6. Upon what guidance or frameworks can one rely to meet the HIPAA Security Final Rule requirements?

Business Associates and Covered Entities are also encouraged to attend, we think you too will benefit.

The discussion panel is led by Bob Chaput, CISSP, HCISPP, CIPP/US, and CEO of Clearwater Compliance, hosts of this event.

To register on-line, please visit THIS LINK and complete the brief registration form.

Stage 2 attestations low, says CMS

At the May 6 Health IT Policy Committee meeting, Beth Myers of the Centers for Medicare and Medicaid Services (CMS) reported that as of January 1, 2014 only fifty (50) physicians had attested to Stage 2.

Myers went on to say "We are encouraged by having people who have attested to Stage 2, given the anecdotal evidence that has said that no one will be ready. We have also received a number of hardship applications. I know that's been a big question."

This is something of an understatement. Six hundred (600) hardship exemptions have been filed. Without taking off my shoes to do the math, that's a factor of 1200% more exemption requests than attestations. And providers still have time to file, until July 1, 2014. Which may mean that many have simply not yet got around to filing their exemption request. So the final number could and probably will be higher still.

low-interest-ratesSome sources are suggesting that poor filing rates can be attributed to EHR vendor implementation, as some EHR software is simply not yet compatible with the 2014 Certification and attestation criteria. This concern, though valid, will diminish as those vendors that remain unprepared will either rush to upgrade, or drop by the way side as they are replaced by other vendor products, as the providers themselves switch to an EHR which will let them file. After all, any vendor shortcomings could actually cost providers money.

The pressure is on both service providers and vendors to match the pace of Meaningful Use change, with the burden on the vendors and the penalty squarely on the provider. This untenable situation means that this year is likely to see a significant change in the EHR marketplace as those vendors that cannot match the pace of change fall away.