Both physical and digital hospice care are continuing to intertwine and become increasingly important. Predictions have put market growth as a whole on track for at least nine percent growth for the next five years, while Hospice News points to the rising tide of telehealthcare as a “cornerstone” for healthcare policy moving forward.1,2
Hospices are creating, storing, and handling more data than ever. This includes everything from operational data to protected health information (PHI) and claims documentation. The challenge? As data volumes rise, so does the need for improved hospice patient privacy processes. Let’s break down why proactive protection matters — and what hospices can do to reduce potential risk.
Improved Patient Confidence
Healthcare organizations can sometimes be in the crosshairs of malicious actors. The most common attack vector is ransomware — hackers gain access to IT infrastructure, encrypt critical data, and then demand payment for its release. And as noted by HealthITSecurity, the problem is getting worse; attackers are now leveraging “triple extortion” techniques that first see data stolen from healthcare organizations, followed by payment demands of both providers and their patients.3
This triple threat highlights the need for robust hospice data protection. If patients and their families are getting calls and emails from attackers demanding ransom payments, their confidence in hospice care quickly falls. To help mitigate the risk of ransomware and boost patient confidence, it’s now critical for companies to deploy a hospice management suite that includes robust attack detection and identification systems capable of frustrating hackers before they compromise key systems.
Reduced Fraud Risk
As noted by recent data from Bass, Berry & Sims, healthcare fraud accounts for the vast majority of False Claims Act (FCA) recoveries in 2020. While all other industries combined saw $400 million in fraudulent claims recovered after investigation, healthcare recoveries topped $1.8 billion.4
While some of this fraud is the result of deliberate data misuse, most hospice billing issues are tied to incomplete or inaccurate documentation — staff dealing with increased patient loads and evolving compliance demands may accidentally misclassify or misreport key data, in turn leading to questions around data security and accuracy. Integrated digital reporting systems can help reduce fraud risk and boost security by providing real-time notifications and alerts if patient or claims data is incomplete or potentially problematic.
Enhanced Due Diligence
Healthcare data protection is assessed under the standard of “due diligence.” Providers must take all reasonable steps to ensure patient and operational data is protected. The concept is more clearly defined by the HIPAA Security Rule, which includes requirements for technical, physical, and administrative safeguards of health data.5
When it comes to technical safeguards, for example, hospices are required to implement a means of access control and activity logs for potential audits of any hospice data sets. Physical controls must include policies for the use of workstations and mobile devices, while administrative expectations require both regular risk assessments and the creation of a risk management policy that includes sanctions for staff who fail to follow the rules. For hospice providers, delivering on due diligence offers dual benefits: Their overall reputation in the healthcare marketplace improves, while the risk of federal fines and sanctions decreases.
Protecting hospice patient info isn’t just good practice, it helps ensure providers reduce total risk, deliver due diligence and boost patient confidence.
5 Ways to Support Family Caregivers of Hospice Patients
1 Hospice News, “Top Hospice Trends to Watch in 2021,” January 1, 2021.
2 Market Data Forecast, “Global Hospice Market Size, Share, Trends, Growth & COVID-19 Impact Analysis Report,” April 2021
3 Health IT Security, “Ransomware Keeps Healthcare in Crosshairs, Triple Extortion Emerges,” May 14, 2021.
4 Bass, Berry and Sims, “Healthcare Fraud & Abuse Review 2020,” February 2021.
5 HIPAA Journal, “HIPPA Compliance Checklist,” 2021.