More than 500 healthcare cybersecurity breaches were reported in the past year and have affected more than 5 million patients, according to the U.S. Department of Health and Human Services Office for Civil Rights.

The effects of the pandemic have created the conditions that lead to many of these breaches as healthcare facilities have adopted new methods of communicating and seeing their patients since COVID-19 guidelines have limited in-person communication. This has meant some facilities have had to handle sensitive information online through servers that were at times unprotected. 

While facilities try to stay within compliance, those tasked with enforcing these regulations face the uncertainty that will continue until 2022. Healthcare compliance officers must deal with these top three challenges in the new year.

1. Conducting Ethical and Compliant Background Screenings

Prospective hires must obtain a background check to ensure that they can work with a healthcare organization. However, there needs to be a better system for executing these checks, especially as the pandemic has caused labor shortages and created new rules.

“Comprehensive background checks should be conducted for those individuals who will have any financial oversight responsibility or high-level leaders within the organization,” says Darrell Contreras, Chief Compliance Officer at Millennium Health, an accredited specialty laboratory in San Diego.

While background checks are necessary, healthcare organizations must have a more strategic and in-depth process to attract and retain talent in a tight labor market. A comprehensive, healthcare-oriented background screening partner can help.

2. Making Telemedicine Secure and Compliant

The use of telemedicine across state lines increases competition, therefore making more resources available to patients. However, these rules, regulations, and licensing limit the physicians’ ability to provide the necessary services in other states.

“At the end of the day, the obligations are still based on an agrarian model,” says Todd Furniss, CEO of private equity firm gTC Group, which specializes in healthcare and author of The 60% Solution: Rethinking Healthcare. “They are state-based as a general rule and, as you know, biology and chemistry don’t change when you go across state lines.” While many health facilities have welcomed in-person appointments across state lines, telehealth is still heavily regulated due to the high risk of data breaches and lax protocol in this method.

Regulating telehealth has been a big concern for compliance officers. Maintaining the increasing data has been another challenge as new regulations have made cybersecurity a significant priority through the HIPAA Security Rule. Cybersecurity is a significant threat to ensuring compliance with a remote workplace. “COVID-19 testing is being very carefully monitored for fraud,” Contreras says. “Providers must ensure that they are only testing what has been requested, ordered, and expected by the patient.”

3. Enhancing Cybersecurity at All Levels of the Organization

The U.S. will spend roughly $125 billion on healthcare cybersecurity alone to help update outdated systems and protect patient information. Compliance officers must ensure that their methods are being enforced to prevent any irregularities. “It is extremely important to ensure there are systems in place to audit claims and monitor for potential billing irregularities,” Contreras says.

Compliance officers also need to establish clear lines of communication with the physicians and staff members, so they understand what is at stake. “Administrators have to hire people with a broader skill set and with the ability to really communicate well,” Furniss says. For example, healthcare organizations should have regular employee cybersecurity training and meetings. Most importantly, the compliance officer should demonstrate through their actions that cybersecurity is a top concern.

The challenges that lie ahead for healthcare compliance professionals resulted from a shock to the system after the pandemic. Compliance officers can adjust to the new regulations through more optimized use of technology and looking at the bigger picture to help their organizations come out of the pandemic strong.