RSSRecent Articles

AQCC is Live!

Today we launched our new Accreditation and Quality Compliance  (AQCC) website!

Visit www.accreditationqualitycenter.com  for all the latest accreditation updates and news. Free blog posts and fresh content can be found under News & Analysis > Accreditation Insider.

You can continue using AQCC for free to get access to our blog posts. But if you feel like upgrading to Basic or Platinum membership, you’ll gain access to even more content, tools, and resources.

If you have more questions, please feel free to email me at bward@hcpro.com, with the subject line “AQCC Questions.”

 

Multidrug-resistant infections can cost $4,600 per hospital stay

By Christopher Cheney, HealthLeaders Media

Infections linked to multidrug-resistant organisms (MDROs) cause a significant cost burden for U.S. healthcare, recent research shows.

The development of antibiotic-resistant infections is one of the most severe public health problems in the country, according to the Centers for Disease Control and Prevention. About 23,000 Americans die annually from an antibiotic-resistant infection, the CDC says.

The national price tag for treating infections linked to MDROs in the hospital setting is at least $2.39 billion, according to the recent research, which was published in the journal Health Services Research.

The researchers also tallied the treatment cost per inpatient hospital stay for methicillin-resistant Staphylococcus aureus (MRSA)Clostridium difficile (C. difficile), and other MDROs.

  • Treatment of infection with MRSA cost about $1,700
  • Infection with C. difficile cost about $4,600
  • Infection with another MDRO cost about $2,300
  • Infection with multiple MDROs cost about $3,500

“We find the highest incremental and total costs for C. difficile and the lowest incremental costs for MRSA, consistent with estimates from previous reports. The higher costs appear to be driven largely by a higher average length of stay, but may also be due to additional testing and increased risk for ICU admission with C. difficile,” the researchers wrote.

In 2014, the President’s Council of Advisors on Science and Technology made several recommendations to combat antibiotic resistance, including surveillance of MDROs in healthcare settings and the community, anti-microbial stewardship campaigns, precautions to limit exposure, and education of patients and physicians about the dangers of overprescribing antibiotics.

Calculating superbug economics

The lead author of the Health Services Research article, Kenton Johnston, PhD, MPH, told HealthLeaders that determining the cost effectiveness of efforts to reduce MDRO infections is challenging.

“Essentially, you are comparing the costs of MDRO-reduction efforts to the savings generated by those efforts. The costs of MDRO-reduction efforts would be the programmatic costs of interventions. This is tricky because the interventions are wide-ranging throughout society such as hand-washing campaigns. The savings part is also tricky because the savings also accrue throughout society,” said Johnston, an assistant professor at the College for Public Health & Social Justice, St. Louis University.

Johnston’s research team only examined hospital costs of efforts to combat MDRO infections.

“A systematic review of the literature on just the cost side of this equation found that the cost of measures to combat and eradicate MDROs ranges from $331 to $66,772 per MDRO-positive patient. This is obviously an unacceptably huge range for calculating the cost side of the equation alone. As a result, more research needs to be done,” he said.

Patient Handoffs: Stop Errors and Improve Compliance

Presented on: Thursday, June 27, 2019 | 1:00–2:30 p.m. Eastern

Register at: http://hcmarketplace.com/patient-handoffs-062719

Stop medical errors, patient harm, and angry surveyors by fixing your patient handoff process. Handoffs (AKA transitions) are when a patient is transferred from one caregiver to another—they’re also a weak point in the care process overall. Vital information can be forgotten or overlooked when making the handoff, and that means a high potential for harm, from wrong-patient scenarios to medication errors.

Join this 90-minute webinar and learn from international patient handoff expert Emily Patterson, PhD, as she teaches you how to adapt mnemonics, tools, and best practices to your facility.

At the conclusion of this program, participants will be able to:

  • Know what content to include for nurses and physicians during verbal handoffs
  • Know what key characteristics to include in printed forms that support nursing handoffs
  • Know what key features to request when implementing electronic support for tracking nurses’ activities during a shift

Agenda

  • How to standardize verbal reports by nurses at shift change in the inpatient setting
  • How to determine what communication competencies are needed for an effective resident physician sign-out in the inpatient setting
  • How to electronically support physicians’ handoffs from the emergency department to the inpatient setting
  • How to design printed handoff forms in the EHR that support shift reports
  • How to electronically help nurses manage their activities during and after report
  • Live Q&A

Tools

  • I-NURSE content definitions and examples for nurse reports
  • IDHW content definitions and examples for physician sign-outs
  • Picture of a recommended layout for a printed handoff form

CDC clarifies opioid prescribing guidelines

In a letter released April 10, the CDC clarified its federal opioid prescribing guidelines were not meant to be unduly restrictive for chronic pain patients. The clarification came in response to repeated concerns that the rules were preventing patients from getting the pain care they needed.

“The Guideline is not intended to deny any patients who suffer with chronic pain from opioid therapy as an option for pain management,” wrote Deborah Dowell, MD, MPH, chief medical officer of the CDC. “Rather, the Guideline is intended to ensure that clinicians and patients consider all safe and effective treatment options for patients.”

In the letter, Dowell explained that physicians are encouraged to use their best clinical judgement when it comes to opioid prescriptions. Nor was it their intention to deny chronic pain patients access to opioids, making special mention of sickle cell and cancer patients.  She also said that they’ll revisit the guidelines as new evidence and prescription recommendations become available.

“Chronic pain is common and multidimensional, and patients deserve safe and effective pain management…CDC will continue to emphasize what the Guidelines and associated materials say about communication, patient engagement in decision making and maintenance of the patient-provider relationship.”

The CDC published its Guideline for Prescribing Opioids for Chronic Pain in 2016. The guidelines consist of 12 recommendations [See sidebar] intended to reduce the use of opioids during an era of addiction and drug abuse. While the guidelines are voluntary,  many worried that they were too restrictive.

In March a group called the Health Professions for Patients in Pain (HP3) wrotethat the guidelines had made it too difficult to prescribe opioids to patients that need them.

“Consequently, patients have endured not only unnecessary suffering, but some have turned to suicide or illicit substance use,” HP3 wrote. “Others have experienced preventable hospitalizations or medical deterioration in part because insurers, regulators and other parties have deployed the 90 MME threshold as a both a professional standard and a threshold for professional suspicion. Under such pressure, care decisions are not always based on the best interests of the patient.”

Joint Commission to publicly report C-sections

Next year, patients and potential parents will have one more metric by which to judge your hospital. Starting July 2020, The Joint Commission (TJC) will publicly report hospitals that have consistently high C-section rates on their Quality Check website.

Hospital’s rankings will be based on The Joint Commission’s perinatal care (PC) Cesarean Birth measure PC-02. Hospitals accredited by TJC are already required to report that data to the accreditor, but this will be the first time it’ll be visible to the public.

TJC will only tracking the number of C-sections done on Nulliparous, Term, Singleton, Vertex (NTSV) births—procedures performed on first-time mothers carrying a single baby that has its head facing down at the onset of labor. The three ranking criteria are:

  • ≥30 cases reported in both years
  • PC-02 rate >30% for the current year
  • Overall two-year average PC-02 rate >30%

Hospitals will be marked with a plus sign (an acceptable rate) or a minus sign (a high rate) next to the PC-02 measure on website. The first round of reporting will come from data gathered in 2018 and 2019. If the numbers remain similar to da-ta collected in 2016-2017, about 20% of facilities will be past the C-section threshold.

In a blog post, Joint Commission Execu-tive Vice President David Baker, MD cited a stagnant C-section rates as the motive behind public reporting. According to TJC, PC-02 rates have remained around 26% since 2010, without improvement. And in 2017, 25% of reporting hospitals had NTSV C-section rates over 30%.

You can read more about this topic in the May edition of Briefings on Accreditation and Quality

Cost of sepsis readmissions exceeds $16,000 per patient

By Christopher Cheney, HealthLeaders Media 

The annual estimated cost of sepsis readmissions is about half the annual cost of all four of the conditions in Medicare’s Hospital Readmissions Reduction Program, recent research shows.

“In our study, the estimated annual cost of sepsis readmissions amounted to more than $3.5 billion within the United States. When compared to $7.0 billion for the four conditions (AMI, CHF, COPD and pneumonia) targeted by the Hospital Readmissions Reduction Program (HRRP), this accounts for a significant under-recognized burden on the U.S. healthcare system,” the researchers wrote in the journal CHEST.

Sepsis is the body’s extreme reaction to an infection, which can result in life-threatening symptoms such as multiple organ failure. Annually, more than 1.5 million people get sepsis in the United States, with about 250,000 fatalities.

The economic impact of sepsis on a national scale is significant, the CHEST researchers found in their study, which featured more than 1 million index admissions.

  • The annual cost of index admissions for sepsis was estimated at more than $23.3 billion
  • The mean cost per sepsis readmission within 30 days of discharge was $16,852
  • 30-day readmissions after an index admission for sepsis accounted for 13% of all sepsis-related hospitalization costs

The lead author of the CHEST research, Shruti Gadre, MD, told HealthLeadersthat sepsis readmissions are likely expensive because of intensive care unit treatment, antibiotics administration, and invasive procedures.

Sepsis readmissions are expensive relative to the HRRP conditions most likely because of the acuity of sepsis patients, said Gadre, a member of the Department of Pulmonary, Allergy and Critical Care Medicine at Cleveland Clinic’s Respiratory Institute.

“The hypothesis is that sepsis patients are sicker when they get readmitted to the hospital. They require ICU-level care and may have multi-organ involvement compared with patients with AMI, heart failure, COPD, and pneumonia, which may lead to higher costs.”

Anticipating readmissions

For patients who had an index sepsis admission, 17.5% were readmitted within 30 days. Gadre and her research team identified predictors of sepsis readmissions.

  • Infection was the most common cause for 30-day readmissions, accounting for 42.16% readmitted patients.
  • Sepsis accounted for 22.86% of readmissions.

The other most common causes for sepsis readmissions were gastrointestinal (9.60%), cardiovascular (8.73%), pulmonary (7.82%), and renal (4.99%) conditions.

“Our findings serve to create awareness among clinicians, administrators and policy makers alike regarding patient populations that are vulnerable to sepsis readmission and thus increased utilization of resources. Although it may be necessary to readmit some patients, the striking rate of readmission demands efforts to further clarify the determinants of readmission and develop strategies in terms of quality of care and care transitions to prevent this adverse outcome,” the research team wrote.

CMS Warns Detroit Hospital to Improve IC Issues or Lose Funding

The Centers for Medicare and Medicaid Services (CMS) has given Detroit Medical Center’s (DMC) Harper University Hospital until mid-April to correct its infection control problems or lose its federal funding, according to a story in The Detroit News.

The hospital was notified in January of the deadline to pass an inspection. Failure to do so could result in Harper losing the funding that provides 85% of its inpatient revenue, according to the story. The Michigan Department of Licensing and Regulatory Affairs conducted inspections in December on behalf of CMS after three cardiologists and a physician at DMC Heart Hospital claimed that they were terminated from management roles in retaliation for complaints they made about infection control issues. Heart Hospital shares many of Harper’s facilities and services. The inspection found flying insects in an intensive care unit, improperly attired surgical personnel, and problems with sterile processing of surgical instruments, the News reported.

Two of the cardiologists, Dr. Mahir Elder and Dr. Amir Kaki, filed a lawsuit this week in Detroit’s U.S. District Court, saying they were fired after complaining about dirty surgical instruments and other problems at DMC hospitals.

“Any suggestion that these leadership transitions were made for reasons other than violations of our Standards of Conduct is false,” DMC said in a statement released in response to the lawsuit.

Other DMC hospitals have come under recent scrutiny. Inspectors found that staff cuts at Detroit Receiving Hospital led to the discontinuation of surveillance of most surgical site infections. Meanwhile, Sinai-Grace Hospital, which also faces Medicare termination on August 31 if it doesn’t pass an inspection, was under threat of termination in 2018 because of building and nursing quality problems. Sinai-Grace recovered its deemed status in September but was inspected again in January after a November power outage left the hospital unable to treat a heart attack patient, who later died after being transferred to another hospital.

Once Again, Safety Issues Top List of Most-Cited TJC Standards

Hospitals continued to struggle with safety issues in 2018, according to The Joint Commission’s latest list of most challenging standards. Released in the April issue of Perspectives, the list covers the top Joint Commission requirements that surveyors found to be noncompliant most often during 2018.

For accredited hospitals, the most-cited standards were as follows:

  • 02.01.35—The hospital provides and maintains systems for extinguishing fires (88.9% noncompliance percentage).
  • 02.05.01—The hospital manages risks associated with its utility systems (78.7%).
  • 02.06.01—The hospital establishes and maintains a safe, functional environment (73.9%).
  • 02.01.30—The hospital provides and maintains building features to protect individuals from the hazards of fire and smoke (72.9%).
  • 02.02.01—The hospital reduces the risk of infections associated with medical equipment, devices, and supplies (70,9%)
  • 02.01.10—Building and fire protection features are designed and maintained to minimize the effects of fire, smoke, and heat (70.7%).
  • 02.01.20—The hospital maintains the integrity of the means of egress (67.4%).
  • 02.05.05—The hospital inspects, tests, and maintains utility systems (64.7%).
  • 02.02.01—The hospital manages risks related to hazardous materials and waste (62.3%).
  • 02.05.09—The hospital inspects, tests, and maintains medical gas and vacuum systems (62.1%).

The March 27 issue of Joint Commission Online also includes highlights of the accreditor’s findings for its various accreditation settings.

Access the new AQCC portal in May

Good news! We will be launching the new Accreditation and Quality Compliance  (AQCC) portal this May . Be on the lookout for emails with information about how to set up your login and password info as well as the URL for this new one-stop-shop accreditation solution center.

Please be sure that we have your email address on file so that you don’t miss any of these important announcements. To double check the email we have on file call customer care at: 1-800-650-6787.

Along with free content, the new AQCC portal contains two membership levels—Basic and Platinum.

If you currently subscribe to a single newsletter, Briefings on Accreditation and Quality, Patient Safety Monitor Journal, or Insider the Joint Commission be added as a Basic Member, which includes:

  • Newsletter archives for BOAQ, PSMJ, and IJC
  • The Accreditation Encyclopedia
  • Sample Forms
  • Customizable Survey Tools
  • Online Forums

If you currently subscribe to two or more of these newsletters you’ll receive Platinum Member benefits. This includes all the benefits of a Basic Member, plus:

  • The CMS Compliance Crosswalk
  • The Patient Safety Standards Crosswalk
  • The Mock Tracer Toolkit
  • The Survey Training Essentials Toolkit
  • E-library of best-selling books on accreditation, safety and quality
  • And More!

If you have more questions, please feel free to email me at bward@hcpro.com, with the subject line “AQCC Questions.”

 

Learning from a ransomware attack on your hospital

By Philip Betbeze

It’s breach season.

That’s what Ron Pelletier, founding partner of Pondurance, a cybersecurity company based in Indianapolis, calls February through April. Partly, that’s because it’s also tax season, when a lot of financial information is being sent and received via the internet. Bad actors often spend the latter part of the previous year “weaponizing” their tools and doing reconnaissance. Then they look for vulnerabilities.

For Hancock Health in Greenfield, Indiana, just outside Indianapolis, breach season started a little early. About 9:30 p.m. on the night of January 11, 2018, Steve Long, its president and CEO, got a call from the health system’s IT staff, telling him a computer in the lab was infected with ransomware. In an abundance of caution, the IT staff had turned everything off that was connected to the internet.

They were too late.

The attack from a criminal syndicate in Eastern Europe was initiated through the emergency backup facility used by the 71-staffed-bed hospital many miles away, and it had infected many, if not all its servers. The SamSam ransomware did not affect patient life-support systems.

Unlike ransomware programs that depend on phishing tactics to trick employees to open an infected email, the SamSam attack is more sophisticated. The criminals found a vulnerable port set up by one of the hospital’s vendors, then located a password to gain entry into the system, Long says. They infected data files associated with the hospitals’ most critical information systems.

“It was a port you had to log into but it was exposed to the internet,” Long says.

Long hopes by sharing his story that other healthcare organizations will avoid the disruptions that Hancock Regional experienced. He’s even written a publicly accessible blog about it.

From a forensics investigation done later, it appears the criminals made attempts at a “brute force” attack, in which they ran through tens of thousands of potential password combinations to gain entry.

“That did not work, but at some point, they found a login and password from a vendor who was working with our IT systems,” says Long. “We probably will never know exactly how they got a login and password. We’re told all the time we should be prepared for such things. We had hired a company that was supposed to track this, and had anti-malware and antivirus software we thought was good.”

In short, Long says, Hancock Health probably had a false sense of security about its network.

Long decided to pay the ransom price of four bitcoin, about $50,000 at the time, to begin the recovery process. After about 70 hours offline, and little sleep for the IT staff, communication systems were restored, network file servers were brought back online, and the electronic medical record system was restored.

Long and his staff emerged scarred, but smarter. He says other CEOs should learn at least four lessons from his headaches:

1. Remote Desktop Protocol ports need multifactor authentication

The vulnerability the criminals took advantage of at Hancock is a common port associated with Windows that has plenty of legitimate uses, says Pelletier, such as remote system maintenance, but ports like that are often exploited.

“With this particular port, if clients have a business case that it needs to be open we advise multifactor authentication, including a password, a biometric, and a PIN, randomly generated,” he says.

2. You’re more vulnerable than you think

“In terms of readiness, we had systems in place, had a company that was supposedly monitoring us, and we had cyberinsurance,” says Long.

Hancock didn’t use the cheapest vendors, but not the most expensive, either.

“When you’re the [CEO], IT is the thing you always feel like you put so much money into,” he says. “What we’ve also learned is you could have the best of everything, and you’re not 100% safe. There is a balance.”

3. It takes humans to counter humans

Software can’t fully do the job. It takes humans to offer a dynamic defense to the ingenuity of a hardworking criminal enterprise.

“A lot of organizations buy into what vendors say about their tool but there are vulnerabilities we don’t know about and someone might be harvesting that,” says Pelletier. “Bad actors leave evidence of their attempts that can show something is going on, but it takes a human to do the analysis.”

“In cyber terms, if you are targeted, then with enough time, effort, and resources, they will likely be successful, but It takes time and resources and money,” says Pelletier. “If you make yourself a hard target, they’ll move to someone else who is more vulnerable.”

4. Don’t underestimate the criminals

Cybercriminals carefully calibrate the ransom they ask for based on your organization’s ability to pay, Pelletier says.

“They want to get paid and that’s why the [ransom] dollar amounts, relatively speaking, are low,” Pelletier says.

He says you can restore from a backup rather than pay the ransom, but the likelihood of being able to recover completely may be questionable.

Adds Long: “They force you down a path. We needed to get up quickly, and we had some question about whether our backups were viable,” he says. “I agree with every reason not to pay, but until you are faced with the decision, it’s easy to say lots of things. For us it made the most sense to get the decryption keys.”

Long says such things can happen to anyone. You have to plan for the worst.

“I never imagined I would be sitting there on a Thursday night having shut down all our computers,” Long says. “We want others to learn from this and we believe we can be, for lack of a better word, a beacon.”