Electronic Visit Verification Opens Home Health Care Providers to More Cyber Risks

Electronic Visit Verification Opens Home Health Care Providers to More Cyber Risks

Under the federal 21st Century Cures Act, all Medicaid-reimbursed home care providers across the United States will be required to utilize electronic visit verification (EVV) in home care visits as of January 1st, 2019. EVV is a specific type of technology that a caregiver can use during a home visit, such as a mobile app, that can capture information about the visit, including the times that the visit began and ended. The federal government believes that by issuing a mandatory EVV, they can reduce fraud and abuse rates with home health care providers.

This new regulation will push home health care providers, hospice and others organizations to use more mobile devices as part of their services. With this increased use of mobile devices comes concerns over the security of the devices and applications. One the greatest concerns, of course, is regarding end-to-end HIPAA (Health Insurance Portability and Accountability Act) compliance. These security concerns are indeed valid, according to the Department of Health and Human Services’ Office for Civil Rights (OCR). Data from the OCR suggests that mobile devices are commonly involved in data breaches, and between January 2015 and the end of October 2017, a total of 71 data breaches involving mobile devices had been reported to the OCR.

Managing Mobile Data Risks

Home health care providers will need to carefully examine how their use of an EVV will open them up to increased cyber risk and focus some of their attention on mitigating those risks. Here are some strategies that home health care providers should consider:

  • Reduce financial risk through a cybersecurity insurance policy which would cover legal fees, privacy regulatory fines & penalties, data recovery and more – even in the event of internal negligence and mistakes on the part of employees.
  • Log any and all mobile devices that are used for services as well as the type of information being accessed, stored and/or sent using the devices.
  • Implement policies and procedures regarding the use of mobile devices in the workplace such as not using their personal devices for work-related purposes and prohibiting the downloading of third-party apps on work devices.
  • Ensure that staff receive basic cybersecurity training.
  • Review passwords and permissions, ensuring that all patient information is password protected and that any mobile apps have the minimum permissions required.
  • Implement two-factor or multi-factor authentication whenever possible.
  • Regularly update security programs and software on all devices.

About Connected Risk Solutions

At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. To learn more, contact us at (877) 890-9301.

About Connected Risk Solutions

At Connected Risk Solutions, we provide our agent partners with bold solutions for comprehensive insurance and risk management that are unmatched in the industry. We have market connections and collective decades of industry experience, including deep specialization in healthcare liability and managed care E&O, cyber and tech liability, management and professional liability, as well as captive management and risk management. We strive to develop creative solutions no other wholesaler can match and to help our agent partners give their clients the ability to achieve continued growth while simultaneously protecting against loss.

Our specialists, located in offices throughout the country, are responsive and engaged. To learn more, connect with us.

Table of Contents

Related Posts:
cyber insurance
Exploring the Intersection of Cybersecurity and Managed Care: Challenges and Opportunities
The healthcare industry is undergoing a unique transformation where data and technology take the spotlight....
professional liability insurance
The Growing Need for Professional Liability Insurance in Healthcare
The increasing demand for professional liability insurance within the healthcare sector cannot be emphasized...
cyber insurance
Emerging Technologies in Managed Care: Enhancing Efficiency and Patient Outcomes
By incorporating technology into a managed care practice, there is an opportunity to improve patient...