Issue link: https://beckershealthcare.uberflip.com/i/1522996
50 CIO / HEALTH IT The buzz from Epic's Expert Group Meetings By Giles Bruce T housands of health IT leaders gathered at Epic's Wisconsin headquarters recently to discuss how to use technology to meet the demand for patient volume, attract and retain clinicians, and streamline reimbursements. Epic's Expert Group Meetings took place April 29 to May 9 in Verona, Wis., bringing together health system executives who gave peer-to- peer presentations on the EHR vendor's technology. "We work side by side with one another and with Epic to take on the biggest challenges and opportunities facing our industry," said CT Lin, MD, chief medical information officer of Aurora, Colo.-based UCHealth, in a statement. Here are four highlights from the nearly 900 sessions, Epic reported May 16: 1. Atlanta-based Emory Healthcare noted that ambient artificial Hospital groups urge feds to hold Change accountable for breach notifications By Naomi Diaz M ultiple hospital groups are urging the U.S. Department of Health and Human Services to hold UnitedHealthcare's subsidiary Change Healthcare accountable for providing breach notifications regarding its February cyberattack. Groups such as the American Medical Association, CHIME, Texas Medical Association and more wrote a letter May 20 to Xavier Becerra, secretary of the HHS, asking to clarify how it intends to enforce HIPAA-related reporting requirements when it comes to the Change Healthcare incident. "We are writing to request more clarity around reporting responsibilities and assure affected providers that reporting and notification obligations will be handled by Change Healthcare," the letter reads. "OCR should publicly state that its breach investigation and immediate efforts at remediation will be focused on Change Healthcare, and not the providers affected by Change Healthcare's breach." Additionally the groups wrote that clinicians and providers have not received sufficient confirmation from OCR that HIPAA breach reporting and notification requirements related to this incident are the responsibility of UnitedHealthcare and Change Healthcare. In an April 22 news release from UnitedHealth Group, the company said it would provide a breach notification once it learned what kind of information was compromised. e company also said it would handle notifications and associated administrative tasks for any provider or customer that was affected by the breach. n Are healthcare cyber attacks having a credit impact? By Naomi Diaz R ecent cyberattacks on healthcare organizations have raised concerns about potential financial repercussions, particularly regarding their credit ratings. However, according to Fitch Ratings, these cyber incidents are unlikely to impact the credit standings of the affected organizations. Ascension St. Louis-based Ascension, a 140-hospital system, experi- enced a ransomware attack on May 8. Despite this attack, Fitch Ratings maintains a positive outlook on Ascension's financial health. The ratings agency said that Ascension's strong liquidity provides a substantial rating cushion, which Fitch expects to cause only minor disruptions and financial losses. Change Healthcare Another case involves nonprofit hospitals who are man- aged by Change Healthcare, the subsidiary of United- Healthcare that was hit by a ransomware attack in February. Despite the incident, Fitch Ratings confirmed that the in- cident would not adversely affect the credit ratings of the nonprofit hospitals involved as long as hospitals can go back to normal soon and if hospitals keep enough money on hand. Lurie Children's Fitch also said that a January cyberattack on Chica- go-based Lurie Children's Hospital was unlikely to impact its credit rating. According to the ratings agency, it doesn't expect the cy- berattack to lower Lurie Children's credit rating, "provided the hospital is able to return to normal operations in the near term." Fitch says cyberattacks have not resulted in any credit rat- ing downgrades thus far. n