On March 4, AHCA/NCAL held a Post-State of the Union call as a response to President Biden’s proposals for nursing homes. Here's the replay link, as well as our summary of what was discussed.

In general, don't panic! 

• Major reforms often fail in Congress
• Rulemaking takes time
• Some of the proposals require Congressional action
• AHCA/NCAL is working on a response plan

Proposed for Nursing Homes

Quality Measures

• Phase-out rooms with 3 or more beds
• Reduce inappropriate use of antipsychotics
• SNF Value-Based Purchasing (VBP) includes more staffing and resident experience measures

Readiness for Pandemics

• Continue to support COVID testing
• Continue to support vaccine efforts
• Review on-site infection control rules and increase the standards
• Review emergency preparedness rules to improve readiness

Proposed for CMS

Transparency

• Create a new database of building owners and operators
• Make Nursing Home Compare easier to understand
• Examine the role of REITS and private equity

 Jobs

• Make nurse aide training cheaper
• Support state training programs
• Work with Dept. of Labor to launch a national campaign for recruiting, training, retaining, and transitioning workers to long-term care.

Proposed Oversight

• Add $500 million for survey inspections
• Change Special Focus Facility Program
• Increase civil fines (CMP) to $1million
• Consider CMPs on a per diem basis
• Congress to develop standards for chain owner participation in Medicare/Medicaid
• Congress to give CMS more authority to validate data and enforce incorrect reporting

AHCA/NCAL Plan of Response

• Determine what AHCA/NCAL can support
• Determine which proposalsAHCA/NCAL might make more acceptable
• Try to kill proposals AHCA/NCAL can’t modify or support
• Question Minimum Staffing Study
  • Where can nursing homes find the workers?
  • What’s their implementation timeline?
  • What are the penalties for non-compliance?

As you may have seen this week, the AHCA/NCAL action plan is already underway. AHCA/NCAL contacted the Secretary of the U.S. Department of Health and Human Services to outline their position and request a meeting.

Each week our security team tracks threats, vulnerabilities, and patches announced by leading IT experts and vendors to ensure we prioritize, address, and communicate them to our managed IT services clients.

Below you'll find our monthly recap of all events. If you're not a client, make sure your team knows about these security events, as well as future ones. Just click below to sign up. 

High Impact

Nothing new in the high category was reported in February. If you missed last month's report, see the January Security Threats Summary.

Medium Impact

Low Impact

No Impact to Our Clients/FYI

As part of our primeCLOUD services suite, we partner with leading IT vendors to offer security services like ransomware protection, phishing training, multi-factor authorization (MFA), data backup/recovery, and more.

If you're not confident your organization is on top of security threats, vulnerabilities, and patches, it may be time to conduct a cyber security audit.

Or better, get in touch and let us walk you through critical items for your security checklist.

It's a new year with new challenges on the horizon. Do you want to know how fellow senior housing and care professionals are feeling?

Senior Housing News (SHN) conducted an online poll among 350 subscribers between Nov. 12, 2021, and Dec. 9, 2021, and these are the top takeaways.

• 87% are somewhat/very positive outlook on the health of the senior housing industry in 2022.
• +78% have strong confidence in restoring pre-COVID occupancy levels between 2H2022 and 2023.
• Majority say staffing is the greatest non-COVID-related challenge and most significant expense for 2022.
• Majority say the staffing challenge will not improve until after 2023.
• 55% (of those applicable) plan to buy assets in 2022, with private equity expected as biggest buyer and second-biggest financer

Summarized below are a few of the survey questions and the results. 

Which of the following areas will have the largest impact on 2022 expenses?

What is your company’s primary growth strategy?

What will be the most attractive category of senior housing in which to invest?

To read the full report, visit seniorhousingnews.com.

Introduction

Maintaining a strong security posture means being vigilant and aware of threats and vulnerabilities across the vast Information Technology spectrum. An important security layer to consider is called multi-factor authentication (MFA), also known as two-factor authentication (2FA).

More insurance carriers now require the implementation of MFA before issuing a cyber insurance policy. Depending on the carrier, they may require MFA for just Microsoft 365 Cloud Mail or Exchange OWA mail, or they may extend it to everyone’s login – as well as their devices. 

So, what is MFA?

MFA protects us from hackers by ensuring that digital users are who they say they are. When MFA is enabled, a user must provide two or more pieces of evidence (or factors) to verify their identity and gain access to an app or digital resource.

There are three main types of MFA authentication methods:

1. Things only you know (knowledge), such as a password or PIN;
2. Things only you have (possession), such as a badge, fob, or smartphone; or
3. Things only you are (inherence), such as a biometric like fingerprints, retina scan, or voice recognition.

Why is MFA important?

MFA makes stealing your information much harder for the average criminal. The less enticing or harder to access your data it is, the more likely threat actors will choose someone else to target.

As the name implies, MFA blends at least two separate factors to verify it's actually you requesting access to your data. So even if a hacker has your user ID and password, MFA will require the entry of one more piece of information before granting access. It is a simple but powerful method to add a layer of extra protection so only authorized users access your data.

How do I obtain MFA?

Various vendors offer MFA. A very common and effective MFA is to use an app loaded on your mobile phone or a key fob. Both receive a random number generated at regular intervals, usually 60 seconds, from the MFA vendor’s random number generator.

When entering your user ID and password to access an application or other digital resource, the last step is to enter the number displayed on the MFA app or key fob. Once you enter the correct number, the authentication process is complete and you have access. 

Wrapping Up

One could look at MFA as peace of mind since it makes hacking into user accounts much more arduous. We partner with best-of-kind MFA vendors if you need our help to get started. 

Each week our security team tracks threats, vulnerabilities, and patches announced by leading IT experts and vendors to ensure we prioritize and address them for our managed IT services clients.

Below you'll find our monthly recap of all events. If you're not a client, make sure your team knows about these security events, as well as future ones. Just click below to sign up. 

High Impact

Medium Impact

Low Impact

No Impact to Our Clients/FYI

If you're not confident your organization is on top of weekly security threats, vulnerabilities, and patches, it's time to conduct a cyber security audit. Or better, get in touch so we can walk you through critical items for your security checklist.