Executive Order to Promote Cyberthreat Info Sharing
Key Takeaway: President Obama, last Friday, signed an executive order to promote more information sharing about cyberthreats – both within the private sector and between the government and private sector.
Why it Matters: This is the latest in a series of steps taken by the Obama administration to focus on cybersecurity, going back to February 2013. When viewed alongside congressional efforts, there appear to be consensus on a number of items – including the need to bolster information sharing organizations and develop information sharing protocols.
Last week, President Obama signed an executive order (EO) promoting private sector cybersecurity information sharing during the first White House summit on Cybersecurity and Consumer Protection at Stanford University. According to the EO, “The purpose of this order is to encourage the voluntary formation of such organizations, to establish mechanisms to continually improve the capabilities and functions of these organizations, and to better allow these organizations to partner with the Federal Government on a voluntary basis.”
The main provisions of the EO include provisions directing the Department of Homeland Security to encourage development and formation of private-sector or non-profit sector Information Sharing and Analysis Organizations (ISAOs) and tasks the National Cybersecurity and Communications Integration Center (NCCIC) with coordinating ISAOs. A second provision of the EO tasks the Secretary of Homeland Security with entering into an agreement with a nongovernmental organization to serve as the ISAO Standards Organization which “shall identify a common set of voluntary standards or guidelines for the creation and functioning of ISAOs under this order.” The Standards Organization is tasked to develop:
- Standards to further robust information sharing related to cybersecurity risks and incidents with ISAOs and among ISAOs and to foster development and adoption of automated mechanisms for information sharing;
- Baseline standards that ISAOs should possess and be able to demonstrate;
- The standards will also touch on contractual agreements, business processes, operating procedures, technical means, and privacy protections, such as minimization, for ISAO operation and ISAO member participation.
For more information, see this fact sheet developed by the White House.
Legislation and Politics
House Subcommittee Considers ICD-10 Readiness, Leadership Signals No Further Delay
Key Takeaway: At the House Energy and Commerce Subcommittee on Health hearing last week, subcommittee leadership emphatically stated they will not support any further delays to the implementation of ICD-10.
Why It Matters: At the Examining ICD-10 Implementation hearing, both Chairman Joe Pitts (R-PA-16) and Ranking Member Gene Green (D-TX-29) voiced their sincere opposition to any delay of ICD-10 implementation beyond October 1, 2015.
Questioning from critics on the subcommittee shifted from past calls for other delays to ensuring CMS and providers were properly prepared for the October 1, 2015 deadline. Instead, these critics, including members of the GOP Doctors Caucus, called on CMS to publically state their contingency plans for provider payments if the implementation of ICD-10 does not go as smoothly as industry stakeholders expect.
The calls for no further delay were only augmented with the GAO report released on February 6, 2014, stating the Office’s confidence in CMS readiness for an October 1, 2015 implementation was high. Senate Finance Committee Chairman Orrin Hatch (R-UT) and Ranking Member Ron Wyden (D-OR) requested the study and were pleased with the results, calling for implementation to move forward as scheduled.
While no legislation has been introduced to mandate another implementation delay, we expect the conversation to continue as Congress pursues the latest iteration of a temporary “doc fix” or preventive measure to avoid provider reimbursement cuts under Medicare’s Sustainable Growth Rate (SGR).
CMS to Penalize Doctors $200M for Meaningful Use Struggles in 2014
Key Takeaway: CMS distributed slightly more than $400 million in incentive payments to providers in the Meaningful Use Program in 2014, while the agency saved more than $200 million in provider penalties.
Why It Matters: Last week, CMS announced that 9 out of 10 hospitals participated in Meaningful Use Program and had 2014 CERT.
According to CMS, the participation rates varied significantly in the meaningful use program by hospital type in 2014. Nearly 90 percent of the 1300 eligible critical access hospitals successfully participated in the Meaningful Use Program in 2014. Notably, only 55 percent of the 100 children's hospitals eligible to participate in the meaningful use program successfully met the program requirements in 2014.
The CMS data shared concerning providers was considerably bleaker. CMS detailed the penalty structures for physicians in 2014 at the Joint Health IT Policy and Standards Committee meeting last Tuesday.
Late last year, CMS estimated that roughly 257,000 professionals would be penalized in 2015 for their failed participation in 2013. According to CMS, penalties for 2014 will vary as follows for providers:
- 34 percent of the penalties this year will amount to $250 or less
- 21 percent of penalized doctors will receive an adjustment of between $250 and $1,000
- 14 percent will be penalized between $1,000 and $2,000
- 31 percent will be hit with reductions of more than $2,000.
CHIME News & Notes
Call for Participation: CHIME Establishes Workgroup on ONC’s Interoperability Roadmap
Key Takeaway: CHIME has established two workgroups to address both the ONC Interoperability Roadmap and the 2015 Interoperability Standards Advisory. For more information and / or to join the workgroups, please contact Leslie Krigstein.
Why it Matters: Through public comment, CHIME reinforces its reputation as a trusted advisor to the federal government. Participation in workgroups can also count towards CHCIO CEUs.
Late last month, ONC released a pair of documents detailing how the government hopes to address the multi-faceted issue of interoperability by publishing the Nationwide Interoperability Roadmap and the 2015 Interoperability Standards Advisory. The documents were released in part due to criticism received from Congress and healthcare providers that Meaningful Use, EHR Certification and other programs have failed to deliver systems that demonstrate functional interoperability. So, CHIME needs your help with two workgroups to develop responses for each of these important documents! Each workgroup will meet once a week from mid-February through mid-March to discuss their respective document, and will converse via email between meetings.
Nationwide Interoperability Roadmap ONC released the Connecting Health and Care for the Nation: A Shared Nationwide Interoperability Roadmap Draft Version 1.0 in late January, proposing critical actions for both public and private stakeholders that will advance our nation towards an interoperable health IT ecosystem, advance research and ultimately achieve a learning health. ONC’s Interoperability Roadmap will be used to guide multiple HHS programs and address congressional criticism over the issue of interoperability.
The comment deadline is Friday, April 3, 2015. If you would like to help CHIME comment on the Interoperability Roadmap, please contact Leslie Krigstein for more information. The workgroup will meet on Tuesdays from mid-February through mid-March (February 17, February 24, March 3, and March 10) and communicate via email between meetings.