Optum360 coding books logo
    Contact Us   (7 a.m.–7 p.m. CST)
  Home > Coding Central Articles > Coding Central Articles  
Coding Central
Coding Central Home
Inside Track to ICD-10
Coding Central Articles
Code This!
Case Studies
Chargemaster Corner

Articles for:
March 27, 2018

Spring OPPS Update Released

The Centers for Medicare and Medicaid Services (CMS) summarized the spring update to the outpatie... Learn More

Therapy Caps Repealed and Payment for Therapy Assistant Services Lowered

Medicare payment caps on outpatient therapy were permanently repealed effective January 1, 2018. ... Learn More

OIG Update Work Plan, Studies Cardiac Device Credits

In March, the Office of Inspector General (OIG) posted several updates to its existing Work Plan,... Learn More

View Article Archive

To subscribe, paste this link into your preferred feedreader, or click on one of the buttons below:

Medical Coding News Archives

CMS Puts Practices on the Alert After Hacking Report

August 24, 2016:

Prompted by an alarming hacking report from June, the Centers for Medicare and Medicaid Services (CMS) issued a reminder in July to physicians to guard patient personal health information closely. The agency also reminded practices of their obligation to report breaches in a timely manner once they are detected.

The agency’s alert was prompted by a report by the Cyber Health Working Group under InfraGard, a partnership between the FBI and the private sector. Apparently, someone called “thedarkoverlord” claims online to have hacked into more than 650,000 health care records and is offering them for sale for hundreds of thousands of dollars’ worth of Bitcoins. The records contain Social Security and insurance policy numbers of patients from a few states, with most coming from Georgia (close to 400,000), and the Mid and Central United States.

In MLN Matters SE 1616, dated July 20, CMS indicates that the records are part of six databases, three of which seem to have come from orthopaedic practices.

Judging by the breach notification database maintained by the Office for Civil Rights, not all of the entities from which the records were taken are aware of the hack. All of the hacking incidents reported since mid-June in the states affected total approximately 300,000 records. The largest breach noted in the database was from an orthopaedic practice in Georgia, which reported in July that about 200,000 records had been accessed via a cyber attack.

Of great concern, however, is that in just the first few weeks of August, more than 6,000,000 records have been hacked into or compromised by an IT incident, though they were not in the states affected by the “darkoverlord’s” attack.

Covered entities must report its detection of breaches affecting more than 500 individuals to the secretary of the Department of Health and Human Services within 60 days of the discovery of the breach ( http://www.hhs.gov/hipaa/for-professionals/breach-notification/breach-reporting/index.html). For breaches involving fewer than 500 individuals, entities must fill out a separate form for each breach but can submit all the forms on the same date.


Sign in to
Your Account
Forgot your username?
Forgot your password?
Don't have an account?
It's easy to create one.

Promo code

Have a promotional source code? Enter it here:

What is this?

Code This!

Test your coding knowledge!