Ob-Gyn Coding Alert
Help Your HIPAA Compliance Achieve Perfection
Question: At our practice, we take HIPAA compliance very seriously. In fact, we regularly utilize risk analysis and management as outlined in the Security Rule. However, we’ve noticed the phishing and ransomware spikes in the healthcare industry during COVID, and we’re worried. Is there any way to stay abreast of emerging threats and trends to protect ourselves before accidents happen? Alabama Subscriber Answer: Yes, there are a couple of handy online resources that offer the most up-to-the-minute advice on threats. One helpful site to look at is the National Vulnerability Database (NVD), which is maintained by the National Institute of Standards and Technology (NIST). “The NVD is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP),” NIST explains. The NVD resources offer tips on managing and measuring vulnerabilities while alerting the public to known software flaws, misconfigurations, and cyber impacts. Heads up: As part of their policies and procedures, covered entities (CEs) and their business associates (BAs) must address known and possible vulnerabilities in their risk analyses, reminds the HHS Office for Civil Rights (OCR) in the 2022 Cybersecurity Newsletter for the first quarter. But you might be wondering what OCR considers a vulnerability? “Exploitable vulnerabilities can exist in many parts of a regulated entity’s information technology infrastructure (e.g., server, desktop, and mobile device operating systems; application, database, and web software; router, firewall, and other device firmware),” the Cybersecurity Newsletter says. “Often, known vulnerabilities can be mitigated by applying vendor patches or upgrading to a newer version. If a patch or upgrade is unavailable, vendors often suggest actions to take to mitigate a newly discovered vulnerability,” OCR advises. CISA: The Cybersecurity and Infrastructure Security Agency (CISA) also offers daily updates on a variety of issues — and includes industry-specific guidance. Plus, you can subscribe to CISA’s numerous alerts and bulletins on a plethora of topics. Other tools on the site include a dedicated Stop Ransomware page, cyber hygiene services, and regionally based cyber tools and resources. Resources: Visit the NVD resources at https://nvd.nist.gov and peruse the CISA site and guidance at www.cisa.gov.
Related Articles
Ob-Gyn Coding Alert
- Obstetrics:
Do You Know the Difference Between Reporting 59000 or 59001? Find Out.
Here’s why you should look for the term “polyhydramnios.” You may think you’re an amniocentesis [...] - Gynecology:
Pinpoint the Perfect Pessary Code With This Expert Advice
Refitting plus insertion may mean you can report more than an E/M service. Although you [...] - ICD-10-CM:
“Aftercare,” “Monitoring,” and “Surveillance” Are not Interchangeable
Never, ever report aftercare and monitoring codes together. When you’re applying ICD-10-CM codes for ongoing [...] - You Be the Coder:
Repeat Pap Plus UTI
Question: A high-risk Medicare patient came in for her annual wellness visit. The ob-gyn did a [...] - Reader Questions:
Help Your HIPAA Compliance Achieve Perfection
Question: At our practice, we take HIPAA compliance very seriously. In fact, we regularly utilize risk [...] - Reader Questions:
Determine What Diagnoses Can Be Principal Ones
Question: Our auditors have given us a list of unacceptable principal diagnosis codes. They want us [...] - Reader Questions:
Same-Day Insertion, Removal May Be Subjected to Payer Policies
Question: A patient has an intrauterine device (IUD) place in the morning. She returns to the [...] - Reader Questions:
Confidently Report Counseling Codes in Conjunction with E/M
Question: Can an ob-gyn bill for alcohol abuse and intervention in addition to an E/M visit? [...]
