Healthcare Compliance Newsletter – Fall 2019 Issue

Healthcare Compliance Newsletter – Fall 2019 Issue 600 444 Drummond Group

As a leader in healthcare compliance and interoperability, Drummond always has its eye on expanding services. Today, Drummond is a constellation of services spanning the ever-changing ecosystem of security, compliance, interoperability, and assurance services. Sign up to stay up to date with the Drummond newsletter. In this October issue, we highlight healthcare updates with a special spotlight on digital theft of data prevention. Here’s what to expect in this issue.

  1. Testing now open for new CMS measures (EC and EH)
  2. Updates to ONC e-prescribing criteria 170.315(b.3)
  3. Q3 Attestation Deadline
  4. Upcoming Webinar: 21st Century Cures Act
  5. Preventing Digital Theft of EHR Data

Registration is now open to test new CMS measures (EC and EH)

Drummond registration is now open for testing and certification of the three new 2019 CMS measures impacting both the EC and EH.

On September 30, 2019, the ONC released updated test procedures for 170.315(g.1/g.2) Automated Measure Calculation for eligible clinicians (ECs).  These include EC CMS measures: Verify Opioid Treatment PlanQuery a Prescription Drug Monitoring Program, and Support Electronic Referral Loops by Receiving and Incorporating. While the first two measures are optional for the 2019 reporting period, the latter measure is required for the Medicare program in 2019. To support the testing of the new measures, Drummond released updated test scripts for 170.315(g.1/g.2) self-testing and reporting.

Register here or submit your request to test these measures via your quarterly attestation response.  Testing and certification are also available for the recently released CMS EH/CAH measures.

Update ONC criteria 170.315(b.3) e-Prescribing

On September 6, 2019, the ONC issued a certification program update announcing flexibility to the 2015 edition criteria 170.315(b.3) e-Prescribing.  Developers are permitted to update their certified product to the NCPDP standard 20170701 to meet the January 1, 2020 CMS Medicare program requirement without the need to re-certify.  Developers can attest to implementing the updated standard when responding to the Q3 quarterly attestation reporting process by simply responding Yes/No.  Another opportunity to notify Drummond regarding this update will be via the Q4 quarterly attestation which will be issued the first week of January 2020.

Q3 Quarterly Attestation Response Deadline:
Friday, October 18

All developers of ONC-certified products are required to attest on a quarterly basis regarding any changes to certified software.  The Q3 quarterly will be sent out to developers by Friday, October 4th
The deadline to respond to this request will be Friday, October 18th.

If there are no changes to report, a response is still required.  Not responding may lead to non-compliance with your ONC certification.  If you need access to your customer portal account in order to submit your response, please email

Upcoming Webinar: 21 Century Cures Act 

Are you up to date on potential regulatory changes from the 21st Century Cures Act Notice of Proposed Rulemaking (NPRM)?  We will be hosting a webinar on Thursday, October 17, 2019 discussing potential certification changes stemming from the proposed regulation, as well as critical updates taking place now for criteria 170.315(b.3) e-prescribing and 170.315(g.1/g.2) Automated Measure Calculations. To join the webinar, sign up below.

Preventing Digital Theft of EHR Data:  A New Drummond Series for Health IT Developers

According to Health IT Security, the 10 largest breaches in 2019 (thus far) have seen more than 200,000 records breached at a time, leaving many experts to speculate that 2019 may be the worst year we’ve ever encountered for healthcare-related breaches. Drummond understands that the protection of electronic health records (EHRs) is of paramount concern to health IT developers, and ONC certification sets forth only minimal privacy and security requirements. 

To help our customers defend against the most prevalent threats facing the healthcare industry, Drummond and our strategic partner, Lares®, are excited to introduce an educational blog series for those responsible for the protection of EHRs, including systems administrators, application developers, and executive leadership.

This multi-part series will explore several EHR areas of concern for health IT developers from the trusted cybersecurity experts at Lares. Series topics will include

  • Digital theft of EHR and dark web profiteering,
  • Ransomware impact,
  • Application development and systems interoperability,
  • Mobile application security,
  • Internet of Things (IoT) security, and
  • Updating organizational cybersecurity programs to better prepare for the aforementioned threats. 

Click the link below to learn more about preventing digital theft of EHR data and make sure to sign up for our newsletter as we dive deeper into this cybersecurity series. 

Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Here you can change your Privacy preferences. It is worth noting that blocking some types of cookies may impact your experience on our website and the services we are able to offer.

Click to enable/disable Google Analytics tracking code.
Click to enable/disable Google Fonts.
Click to enable/disable Google Maps.
Click to enable/disable video embeds.
Our website uses cookies, some from third-party services. Define your Privacy Preferences and/or agree to our use of cookies.