Medicare Compliance Report, Volume 30, Number 32. News in brief: September 2021 | Healthcare Compliance Association (HCCA)
Medicare Compliance Report 30, no. 32 (September 13, 2021)
?? Saint Francis Medical Center in Missouri has agreed to pay $ 1.625 million as part of a civil settlement of allegations it violated the Controlled Substance Act, the U.S. Attorney’s Office said on September 1 for the eastern district of Missouri.. According to the US Attorney’s Office, Saint Francis employed Farmington physician Brett Dickinson, who allegedly “wrote prescriptions for controlled substances without legitimate medical purposes and outside the ordinary course of professional practice.” The hospital, thanks to Dickinson’s actions, “issued invalid prescriptions for opioids such as morphine, hydromorphone and oxycodone,” the US attorney’s office said. “Dickinson prescribed these opioids to patients along with muscle relaxants and benzodiazepines.” These drugs enhance “the addictive and euphoric effects of opioids and, therefore, are commonly sought in combination with opioids by people with substance abuse disorders and those seeking to use opioids recreationally.” Dickinson allegedly prescribed them “while ignoring warning signs of drug diversion or abuse, including aberrant urine drug test results and previous hospital treatments of patients for related medical problems. drug abuse “. The hospital cooperated with the government’s investigation.
?? CMS is recovering 2019 payments it made to hospitals as part of the site neutrality payment policy for off-campus outpatient clinic visits in provider-based services, according to the MLN connects posted on September 9. CMS will begin reprocessing claims on November 1 after its position on site neutrality was upheld by the United States Court of Appeals for the DC Circuit in July 2020. CMS has implemented the Site Neutrality Policy in the 2019 outpatient prospective payment system regulation, but when it was overturned by a federal district court, CMS reimbursed the payments to hospitals. Now that CMS has won its appeal, it is taking the money back.
?? The Biden-Harris administration said on July 9 that it “will require COVID-19 vaccination of staff at all Medicare and Medicaid certified facilities to protect them, and patients, from the virus and its more contagious Delta variant.” . An emergency regulation that mandates vaccines for nursing home workers will be extended to hospitals and other facilities as a condition of participation.
?? FBI warns organizations that Hive ransomware, which uses mechanisms such as phishing emails with malicious attachments and a remote desktop protocol to access and roam victims’ networks, exfiltrate and encrypt files , is increasing. This variant of ransomware creates significant challenges for defense and mitigation, according to the FBI. Hive ransomware scans for processes related to backups, anti-virus / anti-spyware, and file copying and stops them to facilitate file encryption. Encrypted files usually end with a “.hive” extension. After compromising a victim’s network, exfiltrating data, and encrypting files, actors leave a ransom note in each affected directory within a victim’s system, which provides instructions on how to purchase the decryption software. The ransom note also threatens to disclose data of victims exfiltrated on the Tor site “HiveLeaks”. The memo contains a “commercial service” link, accessible through a Tor browser, which allows victims to contact the actors via live chat. Some victims said they received phone calls from Hive actors asking for payment for their files, the FBI said. The initial payment deadline ranges from two to six days, but the FBI has reported that actors have extended the deadline in response to contacting the victim company.
1 Department of Justice, United States Attorney’s Office for the Eastern District of Missouri, “Southeast Missouri Health System Agrees to Pay $ 1,624,957.67 to Resolve Allegations That Doctor Wrote Invalid Prescriptions ”, press release, September 1, 2021, https://bit.ly/38Zj0Zj.
2 CMS, “Outpatient Visiting Services in Excluded Departments Based on Off-Campus Providers: Updating Payments,” MLN connects, September 9, 2021, https://go.cms.gov/3zTOhc2.
3 CMS, “Biden-Harris Administration to Expand Vaccination Requirements for Health Care Settings,” press release, September 9, 2021, https://go.cms.gov/3CbVViX.
4 “FBI Alerts Organizations of New Ransomware Threat,” American Hospital Association, August 25, 2021, https://bit.ly/3DE6ahb.