Please read an update from OCR:

Alert: Postcard Disguised as Official OCR Communication

August 6, 2020

OCR has been made aware of postcards being sent to health care organizations disguised as official OCR communications, claiming to be notices of a mandatory HIPAA compliance risk assessment. The postcards have a Washington, D.C. return address, and the sender uses the title “Secretary of Compliance, HIPAA Compliance Division.” The postcard is addressed to the health care organization’s HIPAA compliance officer and prompts recipients to visit a URL, call, or email to take immediate action on a HIPAA Risk Assessment. The link directs individuals to a non-governmental website marketing consulting services.

The postcard below is not from HHS/OCR.

HIPAA covered entities and business associates should alert their workforce members to this misleading communication. This communication is from a private entity – it is NOT an HHS/OCR communication. Covered entities and business associates can verify that a communication is from OCR by looking for the OCR address or email address on any communication that purports to be from OCR. The addresses for OCR’s HQ and Regional Offices are available on the OCR website at https://www.hhs.gov/ocr/about-us/contact-us/index.html, and all OCR email addresses will end in @hhs.gov. If organizations have additional questions or concerns, please send an email to: OCRMail@hhs.gov.

Suspected incidents of individuals posing as federal law enforcement should be reported to the Federal Bureau of Investigation.

Just wanted to reach out to fellow providers to see if your agency has begun looking at what therapeutic services will look like once we are back in the office. Are you making changes to the office? Have state agencies released any "requirements" of what we will need to do in our offices post COVID 19? 

Thanks!

Hi! Related to being a mental health worker in the midst of the COVID-19 situation...does anyone know if we can get letters from our Board to be considered essential to be able to travel to work to meet with our patients for mental health if they cannot be seen over telehealth?

Procentive will be hosting 2 upcoming Webinars on Monday, March 23rd.

The first will be a demonstration on our Client Portal from 12:00 - 1:00 pm CST

The second will be a Collaborative Knowledge Share Open Forum from 6:00 - 7:00 pm CST

For more information, please go to our Live Updates page on how to join these Webinars.

We hope to see you there!

As Coronavirus continues to impact businesses across the country, mental and behavioral health practices are at risk of safely continuing needed services in their communities which can affect cash flow.

You can take actions to ensure business continuity.

The speed and efficiency of your business operations can help ensure that you are continuing to serve the needs of your patients while bringing in the revenue you need to thrive. The following can help you continue to provide your necessary and valuable services while protecting your cash flow from interruptions:

Telehealth - allows your clients to keep their sessions with your practice without having to leave the comfort of their home. thera-LINK is partnering with Procentive to provide an industry-leading telehealth video platform that is easy to use and HIPAA-compliant. Take your practice online with telehealth provided by thera-LINK.

If the need arises, we do offer credit card processing services as well as both interim and long-term billing services.

Our primary goal is to help you support your clients as we adjust to our changing environment. As always, please feel free to reach out.

Get Started Here

Your Partners,

Procentive & BillCare

Hello All,

We are looking to gather information from you regarding SSO.  Procentive is looking to verify requirements for implementation in our system.  Please click here to fill out a quick survey

Thank you for your time!

Procentive Staff

Is anyone else having difficulty getting staff credentialed through the DHS MHCP Portal? We have been having difficulty with the last three staff we have entered through the new DHS MHCP Portal. Two were credentialed as individual providers, not providers billing under our agency, and one other staff had to complete the portal application process three different times before getting DHS to even review the application. Just wondering if anyone else is having these issues?

Thanks! 

Health Care is always a highest target, please highly consider this message from the Federal HHS Office of Civil Rights. Patches will be required as it is currently a big vulnerability and we want you all to be protected.  Here is the information we are passing on to you:

January 15, 2020

Cyber Notice: Emergency Directive to Mitigate Windows Vulnerabilities

OCR is sharing the following update from the HHS Critical Infrastructure Protection Public-Private Partnership

Healthcare and Public Health Sector

Emergency Directive to Mitigate Windows Vulnerabilities

Update #1

January 14, 2020

This email has been prepared by the HHS ASPR Division of Critical Infrastructure Protection (CIP).

If you observe or experience any impacts to critical infrastructure due to the incident, or have a request for information, please email us at CIP@hhs.gov

The purpose of this bulletin is to notify you of a number vulnerabilities identified in Microsoft Windows operating systems which if not addressed, pose significant threat to the environment. On January 14, 2020, Microsoft released a software patch to mitigate these vulnerabilities in supported Windows operating systems. Subsequently, The Cybersecurity and Infrastructure Security Agency (CISA) released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Windows CryptoAPI and Windows Remote Desktop Protocol (RDP) server and client. Some of the vulnerabilities could enable a remote attacker to decrypt, modify, or inject data on user connections DHS has determined that these vulnerabilities pose an unacceptable risk to the Federal enterprise and as a result has issued an emergency directives to all Federal agencies to patch their environment immediately. Due to the seriousness of these vulnerabilities, ASPR CIP strongly recommends that all HPH entities also consider patching their environment as soon as possible. This recommendation is based on the likelihood of the vulnerabilities being weaponized, combined with the widespread use of the affected software across the sector and high potential for a compromise of integrity and confidentiality of information.

Upcoming CISA Call and Additional Resources

The Cybersecurity and Infrastructure Security Agency (CISA) has scheduled a call for Wednesday 1/15 at 2:15 PM ET. This call is targeted at Chief Information Officers/Chief Information Security Officers. Sector Coordinating Councils/Information Sharing Analysis Centers etc.

Additionally, the following resources can be used for more information:

• Activity Alert AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems
• Emergency Directive 20-02: Mitigate Windows Vulnerabilities from January 2020 Patch Tuesday
• CISA Blog: Windows Vulnerabilities That Require Immediate Attention
• National Security Agency Cybersecurity Advisory

Looking for some recommendations on Dragon Software.  Wondering what version you are using for clinical staff?  Wondering if Professional is sufficient. Where did you purchase through?  We hope to implement the Medical version for our Physicians...but do not think all staff need that version...?

Hi

I have not run into this before.  One of our therapists will soon be fully licensed.  He works for our company and also for another mental health company.  Is there any reason why he cannot credential to all insurance companies with two separate applications?  One application listing our company and our billing NPI # and sending in another application listing the other company and their billing NPI#?

Thoughts?

Paula