Monthly Archives: October 2017

HIPAA Compliant Cloud Storage

What does HIPAA stand for?

HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed. It was formed in 1996 and, among other things, protects patient health information.

Who has to comply with HIPAA?

HIPAA applies to two groups:

  1. Covered Entities: Covered entities are defined in the HIPAA rules as  
    • Health Plans
    • Health Care Clearinghouses
    • Health Care Providers, who electronically transmit any health information in connection with transactions for which HHS has adopted standards.
  2. Business Associates: A business associate is a person or entity, other than a member of the workforce of a covered entity, who performs functions or activities on behalf of, or provides certain services to, a covered entity that involves access by the business associate to protected health information. It includes CPA, Attorney, Laboratories, IT Providers, Billing and Coding Services.

For detailed information, please visit the Health & Human Services (HHS) website.

HIPAA violations  

HIPAA violations are expensive. Based on the level of negligence, the penalty for non-compliance can range from $100 to $50,000 per violation, with a maximum penalty of $1.5 million per year for violations of an identical provision. Violations can also carry criminal charges that can result in jail time.

Does HIPAA apply to Cloud Storage?

Yes, it does. When PHI is stored on behalf of the healthcare organization the cloud service becomes a business associate and thus must be HIPAA compliant. The law protects privacy, integrity, and accessibility. The Security Rule, which addresses electronic PHI, includes physical and technical safeguards such as audit controls and access controls. It also administrative safeguards such as data backups and security incident procedures.

Healthcare Industry – The Prime Target

The healthcare industry is one of the primary targets for cybercriminals. Stats reveal that a total of 113.2 million healthcare related records were stolen in 2015. Recent studies also say that healthcare has been the industry with the highest number of data breaches. And this stolen data could be  used by the cyber attackers for many fraudulent activities such as stealing identities, procuring drugs, for filing fraudulent claims, pursuing treatment using another identity, etc. and these criminals even sell the patient records for anywhere between 1-5 dollars per record and complete set of medical records for more than $1000 on the darknet. The healthcare industry attracts the security hackers because medical records are lucrative to sell and are easy to hack.

Medical identity theft is increasing at an alarming rate. But the healthcare industry still lags in terms of preparedness when comes to implementing security protocols. So far in 2017, 79 security breaches, each affecting at least 500 patients, have been reported to the U.S. Health & Human Services Department. And this hacking trend is likely to stay or even increase over the coming years. Medical records contain lots of information about the patient like their full name, address, insurance details, social security number, diagnosis details, driver’s license, credit card numbers and a lot more. This information from the medical records can be used for fraudulent billing, prescriptions, etc. By hacking these information cybercriminals make a significant amount of money. According to NBC News, complete health records are going for $60 each.

Steps to be taken by the healthcare industry to prevent data breach:

         Plan sufficient budget for security purposes to curtail or minimize data breach

         Choose the right technology solution to protect patient health data

         Adopt latest technologies to mitigate data breach

         Most of all, ensure the solution you choose is HIPAA compliant

         HIPAA Education for employees – Make sure all employees know what personal health information can and cannot be shared with patients, caregivers and outsiders

         Ensure IT secures the devices it issues employees

         Get rid of the paper records once it is scanned and imported into your EHR

         Encrypt data and also hardware

         Take Identity and Access Management seriously, provide individual specific access to patient health records.

Cyber threats are increasing at an alarming rate. The healthcare industry is the prime pick needs to make smarter decisions to operate their business. The healthcare providers need to have a clear understanding of how industry regulations impact cloud adoption and what has to be looked into while choosing a cloud storage service provider. A cloud storage service becomes a business associate if they store Protected Health Information (PHI) on behalf of any healthcare organization. Also, cloud service providers need to sign a business associate agreement with the healthcare organization that specifies the vendor’s compliance with HIPAA requirements. As a basic step, healthcare providers should ensure that the PHI is encrypted in the cloud. And make certain that the policies, technology, and processes required are in place to eliminate risks.

According to the U.S. Department of Health and Human Services, a HIPAA compliant cloud service provider should have certain administrative, physical and technical safeguards to host your data. Here’s below in detail of what constitutes a HIPAA compliant data center.

Physical Protection: It includes limited facility access and control with authorized access in place. All the covered entities or companies that must be HIPAA compliant must have policies about use and access to workstations and electronic media. This includes transferring, sharing, removing and disposing of any electronic protected health information (ePHI).

Technical Protection: This requires access or control to only those who are authorized to access electronic protected health information. It includes unique user ID’s, user-specific access, emergency access procedure, automatic log off, encryption and decryption. Audit reports and tracking logs should be implemented to help track any security violation.

Technical Policies and Procedures: This should cover integrity controls and also ensure the ePHI is not altered or destroyed. It should also ensure any IT disaster recovery and offsite backup are key to ensure any electronic media errors can be resolved and patient health information can be recovered intact.

Network Security: This requires HIPAA compliant host to protect against any unauthorized public access of ePHI.

On February 17, 2009, a supplement act called The Health Information Technology for Economic and Clinical Health (HITECH) Act was passed, an act which the enforcement of HIPAA requirements by raising the penalties of health organizations that violate HIPAA Privacy and Security Rules. The HITECH Act addresses the privacy and security concerns associated with electronic transmission of health information.

Patient health records are full of personal information and are a prized target for cybercriminals. Hence it is essential to protect the patient data. The HealthViewX Solutions keep patient data safe and secure with HIPAA Compliant cloud storage and ensure complete security to protect sensitive data.

Increase Your Revenue up-to 65% With Referral Management

How Can Effective Medical Referral Management Increase Revenue up to 65%?

Referral management solution has come as an asset to the healthcare industry to improve care coordination, increase referral volumes and revenue, reduce readmissions and improve outcomes. Secure messaging is a critical aspect of the healthcare industry. Referral Management Solution allows the providers to seamlessly communicate for exchanging patient related data and for improving patient care through a secure network.   

Technology is ubiquitous. Hence today each and every business is engulfed by technology. Just like any other industry the future of healthcare is also changing dramatically due to the technological advancements. These technological developments have brought in remarkable changes and have transformed the entire healthcare industry for good.

The U.S. healthcare industry has been facing significant challenges in various areas like care coordination, readmissions rates, poor clinical outcomes, patient leakage, revenue leakage, referral leakage, unsatisfied patients, a secured network for sharing patient information, etc. These challenges affect the behavior of both providers’ and patients’ resulting in poor clinical outcomes. Lack of coordination of care is a major challenge across the healthcare system. And the underlying reason is evident that the health care providers do not have a solution they need to link and work together effectively to improve the overall population health. All these are clear indications for the urgent need to transform. This transformation should improve access to the required care at the right time and in the right care setting.                                  

Here’s how you can increase your revenue

#1 Increase the number of referrals:

Increasing the number of referrals will help your practice grow. For this, it is crucial to build a strong referral network and strengthen your practice. Retaining your patients within your referral network will eventually not only grow your practice but also increase your patient base. More patients mean more revenue. It is important to adopt a top-notch solution to ensure you have the best practices at each stage throughout the referral process.

#2 Reduce patient leakage:

Studies say, referral leakage for a health system can range from 55 – 65% [GG1] and approximately 20 to 40 percent of patients who receive referrals never complete them because possibly they were never scheduled or they became no-shows due to bad appointment timings or for even various other reasons.   [GG2] One of the ways to reduce patient leakage is to provide better care and improve patient health outcomes. Patient satisfaction is one of the most important aspects that can reduce leakage. The patients need to be educated about their health condition and should be engaged at regular intervals and if required they should be referred to the right specialists at the right time. And this requires a strong referral base and a right solution that can manage the complete referral network efficiently.

#3 Better and Secure Communication:

It is vital to have a secure communication network for the healthcare industry. Effective and secure communication will improve the patient-provider relationship and overall have a better outcome. Without proper communication the patients can miss out on the care they need while the referrers lose patients and revenue. According to recent statistics, an estimated 25 to 50 percent of referring providers do not know whether their patients have completed their referrals and 50 percent of referring and specialist providers do not communicate with each other.[GG3]  So simplifying the patient-provider communication process will ultimately increase revenue for your practice and keep the referring physicians updated of the referral pipeline/loop.

#4 Increase patient satisfaction by providing better care:

For any successful healthcare practice, it is essential to maintain a positive relationship with both patients and providers. And trust is one of the most important elements in the patient-physician relationship. It is imperative for physicians to have the required visibility across the care continuum to help their patients continue to receive recommended care. Also, patients expect their physician to have a complete understanding of their health condition.  A solution with a lot of beneficial features can help increase referral completion rates. A satisfied patient can be retained within the network.

#5 Manage referrals efficiently across channels:

Providers need to manage referrals efficiently across channels of communication and integrate these records and data with their existing EMR/EHR systems to have a completely integrated view of the patient data. A unified view will give a better understanding of the referral pipeline and can ensure that referrals don’t become no-shows.   

As patients keeping move between different care settings, many of the ills in the system can be solved by technology. Beneficially a lot of providers are realizing the importance to improve handling referrals and patient transitions.  This move from fee-for-service to value-based-service has the potential to increase the importance of collaboration between providers thus improving the overall operational efficiency and referral volume. It adds value to the patients by decreasing the appointment wait time and receiving care when required.

With the help of the unique HealthViewX Referral Management Solution, the healthcare providers can keep a trail of their patient referrals throughout the care continuum. It streamlines the processes so that the complete information of the patient is under one roof thus making it easy for the physician’s access. It gives physicians a better understanding of the patient’s medical requirements. Improved patient referral process means well-organized care. A streamlined patient referral process ensures to supply the specialists with complete patient information. Additional features like the automated notifications alert the referred providers of new referrals in real-time letting them to quickly follow-up/check with the patient. With all of these, it has become more important than ever for the health systems to improve the patient experience. The solution as a whole focuses on improving communication among providers and patients and minimizes the chance for network leakage and helps increase revenue.

Hence today it is vital for the healthcare industry to adopt new technologies to have a unified view of the patient information, a structured approach to documentation and most of all provide better care for the patients.  

Chronic Care Management (CCM) Medicare Reimbursement Rates – Updated by Region

The Medicare reimbursement for CPT codes 99487, 99489, 99490, 99491, and G2058 can be claimed by care providers who offer chronic care management to their patients suffering from two or more chronic conditions. The care provided under CCM with advanced consent includes:

  • Continuity of Care with Designated Care Team Member
  • Comprehensive Care Management and Care Planning
  • Coordination with Home and Community-Based Clinical Service Providers
  • 24/7 Access to Address Urgent Needs
  • Enhanced Communication (ex. email, app notifications)

CPT 99487:

This code can be used by qualified medical professionals who offer non face-to-face chronic care management for at least 60 minutes per consultation. Medical practitioners can charge roughly $92 per session and this code can be claimed once a month for each patient. The 60 minutes scheduled should cover ongoing oversight, direction, and management of care plans.

CPT 99489:

This code allows medical care to bill up to $45 for every additional 30 minutes of non face-to-face consultation provided to the chronic patient. It must be used along with CPT 99487 to establish a care plan or substantially revise an existing plan. A care plan should include a complete assessment of patient needs taking into account the physical, functional, psychological and environmental conditions of the patient.

CPT 99490:

This code involves at least 20 minutes of non face-to-face consultation that can be used to monitor the vitals, check the compliance to care plan, and assess the effectiveness of the ongoing care treatment. The USA average reimbursement rate for CPT 99490 is $42 per consultation per patient. Each patient may be billed under CPT 99490 once per month.

CPT 99491:

This code can only be used by a physician or other qualified healthcare professional rather than any clinical staff. It charges about $84 per consultation and can be billed once a month. This code was introduced in January 2019 for consultations that exceed 30 minutes. The billing is roughly double that of CPT 99490 as it involves twice the allocated time (30 minutes vs 15 minutes). CPT 99491 and CPT99490 cannot be billed in the same calendar month.


This code was introduced in January 2020 for every additional 20 minutes of nonface to face consultation. The care involves non-complex CCM and can be directed by either clinical staff or physicians/other qualified professionals. This code must be used in tandem with CPT99490 for any care that is 41-60 minutes in length. It is not necessary to use this code for sessions that are 21-40 minutes in length. As this code is being paired with CPT99490, it cannot be paired with any other CPT codes during the same calendar month. 

The following table lists the 2020 Chronic Care Management reimbursement rates for CPT 99490 across various states or regions in the US.

USA Average $42.23
Alabama $39.27
Alaska $54.60
Arizona $41.01
Arkansas $38.18
California, Alameda/ Contra Costa County $49.03
California, Los Angeles County $46.07
California, Marin County $48.40
California, Napa County $46.88
California, Orange County  $46.07
California, San Francisco City $49.03
California, San Mateo County $49.03
California, Santa Clara County $50.04
California Ventura County $45.61
Rest of California $43.29
Colorado $42.69
Connecticut $45,14
DC + MD / VA Suburbs $47.97
Delaware $42.78
Florida Fort Lauderdale $43.62
Florida Miami $45.44
Rest of Florida $41.59
Georgia, Atlanta $42.18
Rest of Georgia $39.82
Hawaii/ Guam $44.43
Idaho $38.68
Illinois, Chicago $44.81
Illinois, East St Louis $42.23
Illinois, Suburban Chicago $44.47
Rest of Illinois $40.71
Indiana $39.06
Iowa $39.10
Kansas $39.27
Kentucky $39.19
Louisiana, New Orleans $41.68
Rest of Louisiana $39.99
Maine, Southern Maine $41.55
Rest of Maine $39.53
Maryland, Baltimore / Surr. Cntys $45.14
Rest of Maryland $43.24
Massachusetts, Metropolitan Boston $46.62
Rest of Massachusetts $43.83
Michigan, Detroit $43.16
Rest of Michigan $40.33
Minnesota $41.30
Mississippi $38.17
Missouri, Metropolitan Kansas City $41.21
Missouri, Metropolitan St Louis $41.43
Rest of Missouri $38.89
Montana $42.23
Nebraska $38.89
Nevada $42.53
New Hampshire $42.99
New Jersey, Northern New Jersey $46.71
Rest of New Jersey $45.27
New Mexico $40.67
New York, Manhattan $48.52
New York, NYC Suburbs / Long Island $49.79
New York, Poughkeepsie/ NYC Suburbs $45.22
New York, Queens $49.96
Rest of New York $40.63
North Carolina $40.20
North Dakota $40.96
Ohio $40.54
Oklahoma $39.40
Oregon, Portland $43.07
Rest of Oregon $40.63
Pennsylvania, Metropolitan Philadelphia $44.72
Rest of Pennsylvania $40.84
Puerto Rico $42.31
Rhode Island $43.67
South Carolina $39.49
South Dakota $40.54
Tennessee $39.06
Texas, Austin $42.35
Texas, Beaumont $40.29
Texas, Brazoria $42.40
Texas, Dallas $42.35
Texas, Fort Worth $41.64
Texas, Galveston $42.57
Texas, Houston $43.03
Rest of Texas $40.58
Utah $40.41
Vermont $41.43
Virginia $41.85
Virgin Islands $42.31
Washington, Seattle ( King County) $45.86
Rest of Washington $42.14
West Virginia $39.57
Wisconsin $39.82
Wyoming $41.64

The tabular data is for estimation only. It is not a legally bound guarantee of results. Please check for revised rates in your area. HealthViewX is not liable for the accuracy of this content. The data is for calculation estimation only.


1) – County Level Multiple Chronic Conditions (MCC) Table: 2012 Prevalence, National Average.

2) Reimbursement amount from the CY 2015 Physician Fee Service Final Rule, October 31, 2014, averaged across 89 localities.


FAQs – Chronic Care Management Medicare Reimbursement Billing

Care providers across the United States of America are monetizing Medicare chronic care management billing reimbursement codes to increase revenue from their practice. Read on to find answers to all the most commonly asked questions about patient eligibility, the scope of services, CPT codes and payment reimbursement for Medicare CCM.

Patient Eligibility

FAQ: Are all Medicare patients eligible for CCM reimbursement?

Answer: According to the Centers for Medicare & Medicaid Services (CMS), CCM is for “patients with two or more chronic conditions. A chronic condition is expected to last at least 12 months or the patient’s entire lifetime. The condition should be diagnosed to place the patient at significant risk of death, or functional decline.

FAQ: How can a care provider decide which condition meets CMS’ definition for CCM eligibility?

Answer: CMS has not specified or listed the eligible chronic conditions that meet this definition. CMS does have a databank regarding chronic conditions ( that care providers can use. However, this list is very narrow. In general practice, CMS  requires a clear communication within the care plan that the chronic conditions being treated post a significant risk of death or functional decline.

FAQ: What about patients who are Medicare beneficiaries but also eligible for Medicaid?

Answer: CMS CPT codes can be used while billing for CCM treatment given to Medicare beneficiaries who are also eligible for Medicaid.

FAQ: How to kickstart the process of bringing a patient under CCM care?

Answer: An initial appointment must be fixed for a comprehensive evaluation of the patient. This is known as a “Welcome to Medicare” visit and includes an initial preventive physical examination. A patient must have received an introduction to Medicare CCM billing in person to be able to bill separately for CCM services. Until the changes made in 2017, a consent form signed by the patient was mandatory during the patient’s initiation into the CCM program. As per the CMS requirement, the consent form is no longer mandatory.

Scope of Services

FAQ: What are the scope of services for CCM reimbursement as defined by CMS?

Answer: CMS defines the scope of CCM services in the following way:

  1. Provide patients with access to care management services at any time of the day. This means patients should be able to contact the care provider during any emergency or urgent chronic care need 24-hours-a-day, 7-days-a-week. This may be through calls, SMS, email, internet applications or other means agreed upon by the patient and care provider.
  2. Established care continuity with a designated provider with whom the patient is able to schedule appointments, discuss care plan compliance, report vital stats and discuss any discomfort that arises.
  3. Creation of a patient-centered care plan document taking into consideration the physical, mental, functional and environmental factors of the patient. This includes an assessment of the support system and resources accessible to the patient.
  4. Care management for chronic conditions including assessment of patient’s medical, functional, and psychosocial needs. Regular follow-ups to ensure timely receipt of all recommended preventive care services, adherence to the suggested care plan and timely medication.
  5. Regular follow-up after a patient visits the emergency department, after discharges from the hospital or other healthcare facilities. Coordination with home/community based clinical service providers to support a patient’s care plan adherence.
  6. Use of certified electronic health record (EHR) and a patient consent form were mandatory until the changes in 2017 which made them optional.

Chronic Care Management CPT Billing Codes and Payment

FAQ: Which CMS Medicare billing codes can be used to bill CCM?

Answer: For the chronic codes that can be billed are below.

CPT Code Billing Amount(approx) per consultation Description
CPT99490 $42 Min 20min non-face to face time monitoring the care plan
CPT99480 $60 Min 60min non-face to face consultation time establishing or monitoring a care plan
CPT99489 $47 To be billed with CPT 99487 for every additional 30 min of non-face to face consultation

FAQ:  Are CCM services subject to Medicare’s co-paying system?

Answer: Yes. After the deductible is met, the 20 percent coinsurance charged to the patient will be about $8 to $9 for a month’s work of CCM with CPT 99490.

FAQ: Can you bill CCM for patients in an assisted living facility?

Answer: According to CMS, CPT code 99490 can be billed only for CCM services provided to a patient who is currently not the inpatient of a hospital. The patient must not be residing in a facility that receives payment from Medicare for that beneficiary.

FAQ: Is billing for CCM services limited to primary care physicians?

Answer: Physicians and Non-Physicians can claim reimbursement by billing for CCM CPT codes. CCM code is most likely to be billed by primary care physicians. However, specialists, nurse practitioners, physician assistants, clinical nurse specialists and certified nurse midwives who meet the requirements may also bill for these services.

FAQ: Can the non-face-to-face time spent creating the care plan count toward the 20 minutes necessary to bill 99490?

Answer: Yes, it can.

Care Plan

FAQ: What does the care plan have to include as required by CMS?

Answer: The plan of care should include details of the following elements:

  • Problem list detailing the chronic conditions the patient suffers from
  • Expected outcome and the likely course of the disease
  • Measurable treatment goals
  • Symptom management
  • Planned interventions through regular follow-ups and vital data collection from patient
  • Medication management depending on any concerns/reactions/improvement reported by the patient
  • Care coordination plan between care provider and patient’s caregiver such as family/nurse/community housing etc
  • Requirements for periodic review and revision of the care plan as required.

FAQ: Do I have to provide the patient with a copy of the care plan?

Answer: Yes. CMS requires the care provider to share the care plan with the patient in a written or electronic format.

4 ways to choose an effective Referral Management System

The healthcare industry is looking to technology to streamline various administrative and operational processes. As a practice grows and new services are included, manually tracking all the required parameters is not practical, is time-consuming and is not economical. A deficiency in managing operational processes will result in loss of patients and revenue leakage.

Are you among 50% of referring physicians who don’t know if their patients actually visited the specialist? If you are facing this challenge, the use of technology is highly recommended to solve the referral tracking problem. 70% of the specialists rate the patient referral information they receive from other providers as fair or poor. If you are in this segment, patient referral retention is a problem you must be familiar with. With every medical practice challenged to make most of its time, regular status updates on each referral allow for effective care coordination and timely workflows.

Whatever the size of your practice, there are at least four factors you must consider while choosing an effective medical referral management system.

Electronic Health Record ( EHR / EMR) Integration and Report Access

Ensure that the referral management system you choose integrates well with the EMR system used by physicians and specialists. In the initial stage of the referral cycle, access to detailed patient history and medical records helps eliminate duplicate tests and assess previous evaluation more accurately. Quick access to the medical records also helps specialists diagnose the problem faster. With secure access to patient’s medical records, specialists and physicians can coordinate better on an integrated plan addressing all the patient’s existing and previous medical conditions.

Comprehensive Dashboard

While using software for optimal operations, revenue tracking and patient pipeline, data analysis is key to maintain efficiency. A comprehensive dashboard must be able to help the referral coordinator evaluate the number of referrals sent out, referrals received and the status of each referral. A view of the pipeline helps monitor patient leakage and retain patients within the network. It also helps schedule appointments at a mutual convenience to patient and practitioner. Regarding revenue, knowing the patient pipeline and calculating the retention rate will help the practitioner predict the revenue inflow each month and grow the practice with realistic goals. It will also help the practitioner monitor parameters such as average revenue per patient, an average number of referrals in/out per month, quarterly revenue growth, most treated conditions, patients who need referral redirects etc which are vital statistics for the practice. Specifically monitoring completion rates and lead times will help providers monitor if the referrals they send out are accurate, scheduled and treatment completed. This helps improve patient retention rates in the long run.

Integrated cross-device communication platform

Care coordination and referral management should be a closed loop. On an average, a physician refers to 200+ other physicians and specialists. Currently, there are several open loops such as not knowing whether the patient completed the appointment, not knowing what treatment was prescribed after the referral was sent out and not knowing the levels of patient compliance with the care plan.  Such loops can be closed with easy, effective communication channels between the PCP and specialists. A good referral management system should allow quick access to PCP and specialist to each other. This may be through chat, emails or status comments. In the mobile age, cross-device communication sync must be available so that quick discussions between physicians and specialists are made possible and overall care quality can be improved. 

Referral Relevance

While sending a referral, parameters like specialist availability, procedures, protocols and specific business needs must be considered. The list of specialists in a provider’s network may belong to different practices and have specific skills. Sorting your database to find the most accurate patient-specialist match based on the patient’s medical conditions improves chances of better, faster diagnosis and healing. Patients are very involved in the healthcare decisions and would appreciate more information on the parameters considered when a specialist is being referred. By building credibility with accurate referrals, the loop between patient-physician and specialist is closed faster. Awareness of the patient status after referral helps the physician track if the patient actually completed the appointment with the specialist and follow up whether the suggested care plan is being compiled to. Patient retention can be improved with higher referral relevance.

The above-mentioned features are crucial while considering implementing a referral management system for your practice. HealthViewX referral management solution offers all these features and more! To understand more, contact our team to schedule a demo