Insurance News http://www.tmgworkcomp.com/blog en Copyright 2021 Texas Medical Group Wed, 08 Dec 2021 16:28:00 GMT Insurance News Prescribing as a Key Area for Safety Improvement http://www.tmgworkcomp.com/blog/2021/12/prescribing-as-a-key-area-for-safety-improvement Wed, 08 Dec 2021 16:28:00 GMT http://www.tmgworkcomp.com/blog/p/63147 <h2 class="text-center">Medication Prescribing as a Key Area for Safety Improvement in Ambulatory Care</h2> <h3 class="text-center">Laura M. Cascella, MA</h3> <p></p> <p>Medications are a cornerstone of patient care and treatment, and the medication process involves various steps from initial patient assessment to ongoing monitoring. One of the first steps in the medication process is prescribing (or ordering), which &mdash; by itself &mdash; is complex, particularly as the number of prescription drugs on the market has increased.</p> <p>Although measuring prescribing errors in ambulatory care is somewhat tricky because of certain variables, research has suggested that these errors are not uncommon and can lead to adverse outcomes. (1) Additionally, a CRICO Strategies analysis of more than 28,500 malpractice cases showed that prescribing errors occurred in about one-third of medication-related claims in the ambulatory setting. (2)</p> <p>Technologies such as electronic health records (EHRs) and computerized provider order entry (CPOE) have shown promise in reducing some prescribing errors, like those linked to illegibility and harmful drug interactions. However, technology does not eliminate all errors, and lapses can still occur &mdash; for example, in relation to clinical judgment and decision-making. A study that examined 3,850 computer-generated prescriptions found that about 1 in 10 included at least one error, of which more than a third had potential for harm. (3)</p> <p>CRICO’s aforementioned malpractice analysis also points to the possibility of technology eroding interpersonal communication and teamwork:<br>Medication safety requires a balance of efficiency in routine processes and teamwork to support each other’s decisions and actions. The tools (e.g., CPOE) employed to reduce ordering errors are effective, but they incorporate features (e.g., forcing functions, alerts) which instill confidence at the cost of peer engagement. (4)</p> <p>With prescribing identified as a key area for safety improvement, this article aims to provide an overview of several aspects of the prescribing process &mdash; including reconciling patient medications, prescribing new medications and refills, and managing patients on high-alert medications &mdash; and offer helpful risk management tips and strategies.&nbsp;</p> <p><br></p> <h3>Medication Reconciliation</h3> <p>In ambulatory care settings &mdash; just as in inpatient care settings &mdash; careful evaluation of patients’ medical histories and health status is an essential element of high-quality care and an important initial step for safe prescribing. Gathering and maintaining detailed and accurate information “is the first priority in medication safety, as it guides physicians to choose the appropriate medication, dose, route, and frequency.” (5)</p> <p>A vital factor in patient evaluation is medication reconciliation. Given that an estimated 8 out of 10 Americans take at least one medication and almost a third take five or more medications, it is reasonable to assume that patients are receiving prescriptions from more than one provider &mdash; such as family physicians, specialists, and dentists &mdash; and taking any number of over-the-counter (OTC) drugs, supplements, or herbal remedies. (6) Further, patients who have been hospitalized might have had additions or adjustments to their medication regimens.</p> <p>Comprehensively reviewing and reconciling all medications and products that patients use, as opposed to only the medications prescribed at a single practice, and keeping up-to-date health records can help practitioners make informed treatment decisions and reduce the risk of dangerous or undesirable medication interactions and suboptimal treatment outcomes.</p> <p><br></p> <p>The following risk management tips offer strategies for managing and improving the medication reconciliation process.&nbsp;</p> <p><br></p> <p><strong>Risk Management Tips for Medication Reconciliation</strong></p> <p>• At each office visit, review all medications that the patient is taking, including prescription drugs, OTC medications, herbal products, dietary supplements, vitamins, and alternative therapies.</p> <p>• To assist with reconciliation, ask the patient to bring his/her medications, a written list of medications, or digital pictures of his/her medication bottles to the appointment. Patients who take multiple medications might have difficulty remembering drug names, dosages, etc., from memory.</p> <p>• Document all information related to drug, material, or food allergies in a prominent and consistent location in the patient’s health record. List the name of the allergen, the date the allergy was identified, and the patient’s reaction.</p> <p>• Consider recommending medication management tools to help patients keep track of their medications. Examples of these tools include apps, wallet cards, or forms, which can ultimately assist with the reconciliation process. Various organizations offer these types of resources, including the Agency for Healthcare Research and Quality (AHRQ) and the Institute for Safe Medication Practices (ISMP).</p> <p>• Do not rely solely on health information technology to facilitate medication reconciliation. AHRQ explains that research has found that “electronic tools often lacked the functionality to accurately reconcile medications, perhaps explaining why medication discrepancies persist even in organizations with fully integrated electronic medical records.” (7)</p> <p>• Use a medication flow sheet to document all medication orders, including refills, in the patient’s health record. Ensure this information is located in a prominent place. Flow sheets should include ample information, such as drug name, dose, administration route, frequency, and purpose.</p> <p>• When transferring or “handing off” patient care to another provider outside of the practice, send a thorough and detailed list of the patient’s medications to the new provider.&nbsp;</p> <p><br></p> <h3>New Prescriptions, Refills, and Samples</h3> <p>Writing prescriptions, handling requests for medication refills, and providing sample medications are routine aspects of patient care in healthcare practices. Yet, even routine activities can be vulnerable to errors and oversights in busy clinical settings. Implementing standardized protocols and thorough prescribing guidelines can help address these vulnerabilities, improve patient safety, and potentially minimize liability risks.&nbsp;</p> <p>Prescribing guidelines should clearly establish which staff members in the practice are authorized to prescribe medications, order refills, and dispense samples. Prescribing privileges vary by state and might also vary by drug classification (e.g., controlled substances), so knowing whether your state limits or restricts prescribing by certain professions is important.</p> <p>Prescribing guidelines also should establish policies for handling requests for new prescriptions, managing medication refills, standardizing prescription writing through accepted and agreed-upon terminology and abbreviations, and educating staff about potential errors and adverse drug events (ADEs) that can occur during the prescription process, such as problems with “look-alike/sound-alike” drug names and variations in dose designations.&nbsp;</p> <p><br></p> <p>The following risk management tips offer strategies for developing effective prescribing guidelines and managing processes associated with new prescriptions, refills, and samples.</p> <p><br></p> <p><strong>Risk Management Tips for New Prescriptions, Refills, and Samples</strong></p> <p>• Stay within your scope/expertise and follow evidence-based guidelines and accepted treatment principles when prescribing medications.</p> <p>• Ensure that accountability for writing prescriptions, handling refill requests, dispensing sample medications, and administering medications is designated to healthcare professionals who are (a) legally permitted by state law to perform these activities and (b) are properly trained and credentialed.</p> <p>• Consider a patient’s lifestyle, frequency of use, and cost when prescribing new medications. These factors might affect patient adherence to treatment plans.</p> <p>• Maintain adequate and current drug references and resources, and ensure staff members have easy access to these resources.</p> <p>• Consider how health technology, such as clinical decision support, can assist in the prescribing process. Also, be aware of the limitations of such technology when devising guidelines and protocols.</p> <p>• Make sure prescribing guidelines clearly establish when patients must have medical evaluations, testing, or follow-up before healthcare providers will prescribe new medications or refill existing prescriptions.</p> <p>• Set clear parameters for when prescribing in the absence of a medical evaluation is appropriate and define limitations and restrictions, such as only providing a limited quantity of medication until the patient can come in for evaluation.</p> <p>• Establish a list of potentially problematic abbreviations, symbols, and dose designations for your practice. Consider using ISMP’s List of Error-Prone Abbreviations, Symbols, and Dose Designations.</p> <p>• Ask staff to reference the list of error-prone abbreviations, symbols, and dose designations when communicating medical information to patients, pharmacists, and other providers.</p> <p>• Establish policies that target potential problems with drug names and dosages. For example, require staff to always include the indication for use on prescriptions, use leading zeros as the standard format for writing out dosages, and use commas for dosing units at or higher than 1,000. Consider how technology in your practice can support these safety processes.</p> <p>• Ensure processes are in place to guide storage, labeling, dispensing, and documentation related to sample medications. For example, expiration dates on medication samples should be routinely audited, and a careful review of patient allergies should take place prior to providing sample medications.</p> <p><br></p> <h3>High-Alert Medications</h3> <p></p> <p>High-alert medications pose special risks and challenges for healthcare practices striving to implement medication safety measures. “High-alert” refers to medications that “have a propensity to cause serious harm when used in error” and that “require extra precautions when administered, prescribed, dispensed, or refilled.” (8)</p> <p>Although medication errors are not necessarily more common with high-alert drugs, they are more likely to lead to severe outcomes. ISMP has compiled a list of high-alert medications used in community/ambulatory settings that includes classes of medications (e.g., opioids) and specific medications (e.g., warfarin).&nbsp;</p> <p>To minimize the risks associated with high-alert medications, healthcare practices can incorporate specific safeguards into their prescribing processes. An initial step in establishing safeguards involves determining which high-alert medications are prescribed, stored, and/or administered in the practice. Once a list has been generated, specific strategies can be developed and implemented to ensure patient safety.&nbsp;</p> <p><br></p> <p>The following risk management tips offer strategies for developing effective policies and protocols to manage patients on high-alert medications.</p> <p><br></p> <p><strong>Risk Management Tips for High-Alert Medications</strong></p> <p>• Identify which high-alert medications are prescribed, stored, and/or administered in your organization, and share the list with staff members.</p> <p>• Ensure your organization has a standard written procedure and reliable system for tracking test/lab results. The procedure should include guidance for timely review of test/lab results and patient follow-up.</p> <p>• Develop standard protocols for monitoring patients receiving high-alert medications. At a minimum, standard protocols should include frequency of assessment and blood monitoring, guidance for adjusting medications, and standards for patient/family education. Consider using a medication monitoring service or implementing one of your own (e.g., a warfarin clinic).</p> <p>• Define and communicate each healthcare team member’s role relative to medication management, especially when high-alert medications are involved. Provide staff with medication management education.</p> <p>• If you have an EHR system, enable pertinent medication alerts and track pending test results, patient notifications, and other elements of your standard medication safety protocols.</p> <p>• For patients who take high-alert medications, thoroughly document in their health records complete information about prescriptions and refills, any necessary medical follow-up, lab work and results, informed consent conversations, special instructions, and the provision of patient education.</p> <p>• Use data obtained from prescription drug monitoring programs when prescribing narcotics, or refer patients to pain specialists as appropriate.</p> <p>• Consider using medication contracts for patients who take high-alert medications. Contracts should indicate appropriate medication use and expectations. Have the patient sign the contract and keep a copy in the patient’s record.</p> <p>• Establish a policy that requires patients to have a medical evaluation before refills of high-alert drugs are authorized.</p> <p>• Include full and detailed instructions on prescriptions for high-alert medications, as well as the indication for use. Avoid using “as directed” in place of specific instructions.</p> <p>• Allow ample time to discuss high-alert medications with patients and answer questions. Explain how and when the patient should take the medication, and discuss any monitoring or follow-up.</p> <p>• Consider patients’ health literacy when providing educational materials. Ask patients to “repeat back” the purpose of their medications and how they should take each drug to ensure they have a firm understanding of appropriate use.</p> <p>• Design a process for tracking ADEs. Debrief “near misses” and actual events with your team to learn from each occurrence and to prevent future ADEs from happening.</p> <p><br></p> <h3>Conclusion</h3> <p></p> <p>Although errors can occur at various stages in the medication process, the complex nature of prescribing opens the door to a number of potential safety issues. The risk of errors and oversights can increase in the absence of clearly defined processes and protocols for safe prescribing.&nbsp;</p> <p>To avoid possibly harmful ADEs that result from prescribing errors, ambulatory care organizations should develop strategies and implement safeguards that target key areas of the prescribing process for safety improvement. When staff members who are authorized to write prescriptions are aware of these safeguards and in compliance with organizational policies, the risk of serious, but preventable errors is minimized.</p> <p><a href="/news/63147/17233/Prescribing_as_a_Key_Area_for_Safety_Improvement.pdf" data-file="17233">Prescribing_as_a_Key_Area_for_Safety_Improvement.pdf</a></p> <p><br></p> <h3>Endnotes</h3> <hr> <p></p> <p>1 Gandhi, T. K., Weingart, S. N., Seger, A. C., Borus, J., Burdick, E., Poon, E. G., Leape, L. L., &hellip; Bates, D. W. (2005). Outpatient prescribing errors and the impact of computerized prescribing. Journal of General Internal Medicine, 20(9), 837-41; Abramson, E. L., Barron, Y., Quaresimo, J., & Kaushal, R. (2011). Electronic prescribing within an electronic health record reduces ambulatory prescribing errors. Joint Commission Journal on Quality and Patient Safety, 37(10), 470–478.<br>2 CRICO Strategies. (2017). Medication-related malpractice risks: CRICO 2016 CBS benchmarking report. Retrieved from <a href="http://www.rmf.harvard.edu/Malpractice-Data/Annual-Benchmark-Reports/Risks-in-Medication">www.rmf.harvard.edu/Malpractic...</a><br>3 Nanji, K. C., Rothschild, J. M., Salzberg, C., Keohane, C. A., Zigmont, K., Devita, J., . . . Poon, E. G. (2011). Errors associated with outpatient computerized prescribing systems. Journal of the American Medical Informatics Association, 18, 767–773. doi:10.1136/amiajnl-2011-000205<br>4 CRICO Strategies, Medication-related malpractice risks: CRICO 2016 CBS benchmarking report, p.9.<br>5 Jenkins, R. H., & Vaida, A. J. (2007). Simple strategies to avoid medication errors. American Academy of Family Physicians. Retrieved from <a href="http://www.aafp.org/fpm/2007/0200/p41.html">http://www.aafp.org/fpm/2007/0...</a><br>6 The Centers for Disease Control and Prevention. (2018, June 29). Medication safety basics. Retrieved from&nbsp;<a href="http://www.cdc.gov/medicationsafety/basics.html">www.cdc.gov/medicationsafety/b...</a><br>7 Agency for Healthcare Research and Quality. (2018, August). Patient safety primer: Medication reconciliation. AHRQ PSNet. Retrieved from <a href="https://psnet.ahrq.gov/primers/primer/1/Medication-Reconciliation">https://psnet.ahrq.gov/primers...</a><br>8 Jenkins, et al., Simple strategies.</p> <p></p> <hr> <p>&nbsp;This document should not be construed as medical or legal advice. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.</p><p>MedPro Group is the marketing name used to refer to the insurance operations of The Medical Protective Company, Princeton Insurance Company, PLICO, Inc. and MedPro RRG Risk Retention Group. All insurance products are underwritten and administered by these and other Berkshire Hathaway affiliates, including National Fire & Marine Insurance Company. Product availability is based upon business and regulatory approval and may differ among companies.<br></p> <p><br>&copy; 2019 MedPro Group Inc. All rights reserved.</p> <p></p> <figure><img src="/images/news/63147/17234/large/Cyber_update_3_.png" data-image="17234" width="930" height="383" style="width: 930px; height: 383px;"></figure> <p> <a href="http://www.tmgworkcomp.com/blog/2021/12/prescribing-as-a-key-area-for-safety-improvement">Read the full article at www.tmgworkcomp.com</a> </p> Risk Management Review: Medical Malpractice http://www.tmgworkcomp.com/blog/2021/11/risk-management-review Mon, 29 Nov 2021 19:03:00 GMT http://www.tmgworkcomp.com/blog/p/62749 Medical Malpractice <h2 class="text-center"><span style="color: rgb(0, 0, 0);"><strong></strong></span><strong>Patient Disregards Physician's Recommendations for Immediate Treatment; Complications Result, Leading to Malpractice Lawsuit</strong></h2> <h3 class="text-center"><span style="color: rgb(0, 0, 0);">Theodore Passineau, JD, HRM, RPLU, CPHRM, FASHRM</span></h3> <p><br></p> <h3><span style="color: rgb(0, 0, 0);">Introduction</span></h3> <p>Doctors have dealt with patient nonadherence to care and treatment for many decades. All too often, when patients disregard their doctor’s advice and it doesn’t go well, they try to blame the doctor. This challenge is frequently complicated when the doctor is part of a large, often multispecialty network rather than a solo or small group practice (where he/she might more easily develop personal relationships with patients). This case from the Northwest illustrates how easily a case can “go sideways.”&nbsp;<br></p> <p><br></p> <h3><span style="color: rgb(0, 0, 0);">Facts</span></h3> <p>The patient was a 52-year-old male who had seen Dr. T, a MedPro-insured internist, on an as-needed basis through the large multispecialty clinic with which Dr. T was associated. Dr. T had treated him 8 years earlier following a motor vehicle accident resulting in injury to his cervical spine. The patient had fully recovered from that injury.<br></p> <p>On November 2, the patient became sick at home. He was vomiting and had a headache, general body aches, and nausea. He had no prodromal illness and believed he had the flu.</p> <p>On November 3, he presented to Dr. R (another MedPro-insured internist) at the clinic’s urgent care facility complaining of fever, nausea, vomiting, headache, and abdominal pain. His temperature was 103.3 degrees. Appropriate lab tests were ordered, but the results were not available that day. A chest X-ray also showed possible pneumonia. The doctor prescribed levofloxacin and instructed the patient to contact the clinic if his symptoms worsened. Two days later, the lab results were available and indicated elevated liver enzymes; the patient was called and asked to return to the office, which he did that day. Dr. R saw the patient again and informed the patient that elevated liver enzymes and bilirubin appeared on his test results. A CT of the abdomen and pelvis was performed, which showed a cyst on the kidney and possibly the liver. An ultrasound of the right upper abdominal quadrant also was performed; it was positive for gallstones. Repeat liver enzymes showed some improvement and lipase was within normal limits.</p> <p>Dr. R explained to the patient that he had gallstones and would need to be monitored to see if his liver enzymes continued to normalize. Dr. R also explained to the patient that he would need surgery because a serious complication could result from this condition in the absence of surgical treatment.<br></p> <p>On November 7, the patient and his wife saw Dr. R for follow-up care. His bilirubin, alkaline phosphatase, and lipase were all within normal limits; the alanine aminotransferase and aspartate aminotransferase were elevated but were lowering. The patient explained that he was aware that Dr. R preferred for him to see a surgeon regarding his gallbladder, but that he was feeling fine, so he and his wife were going on a long-planned vacation the following day. Dr. R was hesitant to approve the patient’s plans, but he ultimately acquiesced. He explained that he would have the surgery department contact the patient to arrange an appointment for after their return. Dr. R’s documentation of this conversation was as follows: “Discussed surgery if desired and if symptoms return again.”</p> <p>Unfortunately, there was no indication in the health record that Dr. R requested follow-up by the surgery department, and the patient contended that no call took place. Because he felt good, the patient did not re-contact the practice.</p> <p>On December 16, the patient presented to the emergency department (ED) with a sudden onset of crampy abdominal pain “after eating cereal.” He was nauseated and had vomited three times. Lab tests showed elevated liver and pancreatic enzymes. The patient was admitted to the hospital with a diagnosis of pancreatitis. Dr. T and a member of the clinic’s surgery department saw the patient every day during this hospitalization. The plan at that time was watchful waiting to allow the pancreas to improve/heal and then proceed to surgery if needed.&nbsp;</p> <p>On December 20, the patient had continued pain in the abdomen with the introduction of clear liquids. The surgeon noted that a CT showed that the pancreatic head remained inflamed. The plan of care included continued rest of the abdomen.&nbsp;</p> <p>On December 21, because of continued pain and the inability to tolerate liquids, a nasogastric (NG) tube was placed for decompression. The patient removed the tube himself, complaining that it made him feel worse and made him gag. The tube was then reinserted and the patient obtained relief from his discomfort.<br></p> <p>On December 24, the NG tube was clamped and the patient appeared to be improving. He ate ice chips without difficulty. His pain was controlled, and the plan was to discharge him the following day. On December 25, the patient pulled out his NG tube on his own. He was up and laughing with his family. The surgeon approved discharge home on clear liquids. However, the patient interpreted “clear liquids” to include pudding, broth, sports drinks, other liquids, and crackers.<br></p> <p>On December 28, the patient returned to the ED, and he was diagnosed with abdominal pain and ileus. He was treated with ondansetron and hydromorphone. His amylase was 76, lipase was 427, and his white blood cell count was 14 K/uL, with 83 percent neutrophils. The on-call physician approved discharge, recommending that the patient see Dr. T in 3 days and return to the ED if he developed chills, nausea, vomiting, or fever. The patient misunderstood the instructions to see Dr. T in 3 days; he contended that he was told “to call” Dr. T in 3 days.</p> <p>On January 4, the patient followed up with Dr. T for a repeat CT of the abdomen that showed persistent changes in the pancreas and gallbladder. Pancreatic necrosis could not be excluded. Dr. T recalls deliberating as to whether outpatient management was possible or if admission that day was necessary. He decided to schedule the patient to see the surgeon and permit him to convalesce at home.</p> <p>On January 6, the patient had a sudden onset of projectile vomiting and was admitted to the hospital with acute and chronic pancreatitis. A CT showed worsening of the pancreatitis, with possible abscess/necrotizing infection. Dr. T admitted the patient to the intensive care unit and consulted the surgery, infectious disease, and critical care departments.</p> <p>On January 8, surgery was performed for a pancreatic abscess with necrosis. The gallbladder was removed, and a jejunotomy tube was placed. The wound was left open, requiring packing and drain attention. The patient and his wife contend that when the surgeon saw them that morning she stated, “If the pancreas is necrotic today, it was on Friday and surgery was needed.”</p> <p>From January 8 to February 28, the patient convalesced in the hospital, being treated for a duodenal obstruction resulting from postoperative narrowing. In addition, on February 11, the patient was diagnosed with a thrombus of the left femoral vein and posterior tibial veins. On February 28, he was transferred to a transitional care hospital. He ultimately required additional treatment at a tertiary care center for a ductal fistula that had formed between the pancreas and biliary duct remnant. He had fully recovered by August of that year and had no residual permanent injury.&nbsp;<br></p> <p>Later that year, a medical malpractice lawsuit was initiated against the group practice, Dr. R, and Dr. T. After extensive discovery, the case was taken to trial, resulting in a verdict in favor of both doctors and the group practice. Defense costs were in the very high range.</p> <p><br></p> <h3><span style="color: rgb(0, 0, 0);">Discussion</span></h3> <p>An examination of this case shows that basically all of the providers’ failures were related to communication in one form or another. Unfortunately, such failures are not uncommon in daily practice, and they can have significant effects on patient care and the defensibility of malpractice cases.<br></p> <p>It is easy to see how Dr. R’s documentation of the conversation about surgery on November 7 could be misinterpreted. The documentation of “Discussed surgery if desired and if symptoms return again” becomes problematic in more than one way. A note this short and obtuse would not be very helpful to Dr. R if he were subsequently trying to recall what he was thinking when he wrote it. Additionally, another provider would have difficulty understanding exactly what Dr. R meant.<br></p> <p>A purpose of documentation that is less commonly recognized is its use to re-create the treatment circumstances at a later time, either as part of a peer review process, board of medicine inquiry, or in a subsequent legal process. Unclear and incomplete documentation is of little value when trying to reconstruct the case later (sometimes much later).</p> <p>It is clear that Dr. R’s intended referral to the surgery department did not happen. This can occur for many reasons, such as Dr. R being interrupted just as he was preparing to enter the referral (it was an electronic order entering system), incorrectly entering the information (such as the wrong date), or simply forgetting to do it.</p> <p>A simple solution (which works equally well with tracking test results) is to enlist the patient as a “fail-safe” technique. When a doctor indicates that he/she is going to order a test, consult, etc., he/she should tell the patient: “You should hear from surgery in the next 7 days. If you don’t, please let me know so that I can follow up.” This statement does two things. First, the typical patient is less likely to forget about it when he/she is expecting a call within a certain timeframe. Second, it puts some responsibility on the patient, which can be beneficial in circumstances such as this one in which disputed communication occurred.</p> <p>On December 28, when the patient was discharged from the ED, it was anticipated that he would come in to the practice in 3 days, an instruction he misunderstood. Although the discharge summary was not available for review, if it did not specifically say that he was to come to the practice on December 31, it should not be surprising that he might misunderstand, especially when he had previously misunderstood the meaning of “clear liquids.”</p> <p>Discharge instructions are very valuable to facilitate patient adherence as well as document what the patient was told; however, they must be clear, concise, and easy to understand to ensure patient comprehension. It is noteworthy that the patient did not call the clinic either.</p> <p>Finally, there is the issue of the surgeon’s alleged remark stating, “If the pancreas is necrotic today, it was on Friday and needed surgery.” Although it was disputed that the surgeon actually said this, if she did, it was obviously inappropriate and should not have been said. These kinds of remarks can rarely be used as evidence of malpractice, but they can serve as an impetus for less-than-completely-happy patients to contact an attorney.<br></p> <p><br></p> <h3><span style="color: rgb(0, 0, 0);">Summary Suggestions</span></h3> <p>The following suggestions may be valuable to physicians treating patients who are demonstrating less than full adherence to treatment recommendations:</p> <ul><li>&nbsp;Ensure that your verbal communication with the patient is clear and understandable. Include the diagnosis and the treatment plan, and explain the consequences of not following the treatment plan. Using a technique such as “<a href="https://www.ahrq.gov/patient-safety/reports/engage/interventions/teachback.html">teach-back</a>” can help facilitate patient comprehension and identify potential issues or areas of misunderstanding.</li><li>Similarly, ensure that documentation of clinically significant conversations with patients are clear and understandable. Should patients call back to verify information, it will be necessary to accurately determine what the patients were originally told.</li><li>Implement a reliable and consistent process to track and monitor the status of diagnostic tests, referrals, and those patients requiring follow-up. Enlist the patient as a “double-check” on expected activity, such as referral calls or test results.</li><li>Provide a visit summary and discharge instructions. Ensure that discharge instructions are clear, understandable to the patient, and in the patient’s primary language. Summaries and instructions are of no value if the patient cannot easily understand them.</li><li>Be cautious whenever commenting on another provider’s care. You may not have a complete understanding of what was said or the exact circumstances, which can result in commentary that is inaccurate and potentially damaging.</li></ul> <p><br></p> <h3><span style="color: rgb(0, 0, 0);">Conclusion</span></h3> <p>Unfortunately, there will always be patients who don’t adhere to recommendations and treatment plans for many reasons, including miscommunication, fear, stubbornness, or just “not getting it.”</p> <p></p> <p>Every clinically significant conversation should be conducted with this fact in mind. You cannot change your patient; you can only arm your patient with accurate information in a way that maximizes his/her chances of understanding. Be sure to always thoroughly document your conversations with patients.</p> <p></p> <p><br></p> <figure><img src="/images/news/62749/17178/large/Cyber_update.png" data-image="17178" width="725" height="299" style="width: 725px; height: 299px;"></figure> <hr> <p></p> <p><span style="color: rgb(102, 102, 102);">This document does not constitute legal or medical advice and should not be construed as rules or establishing a standard of care. Because the facts applicable to your situation may vary, or the laws applicable in your jurisdiction may differ, please contact your attorney or other professional advisors if you have any questions related to your legal or medical obligations or rights, state or federal laws, contract interpretation, or other legal questions.</span></p> <p><span style="color: rgb(102, 102, 102);">MedPro Group is the marketing name used to refer to the insurance operations of The Medical Protective Company, Princeton Insurance Company, PLICO, Inc. and MedPro RRG Risk Retention Group. All insurance products are under�written and administered by these and other Berkshire Hathaway affiliates, including National Fire & Marine Insurance Company. Product availability is based upon business and/or regulatory approval and may differ among companies. &copy; 2021 MedPro Group Inc. All rights reserved.</span></p> <p></p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/11/risk-management-review">Read the full article at www.tmgworkcomp.com</a> </p> Health Care Risk Insights: Footwear in Health Care Settings http://www.tmgworkcomp.com/blog/2021/11/health-care-risk-insights-footwear-in-health-care-settings Tue, 09 Nov 2021 21:43:00 GMT http://www.tmgworkcomp.com/blog/p/62551 OSHA Health Care Risk Insights <h3><img src="/images/news/62551/17009/large/Cyber_update_23_.png" data-image="17009" width="750" height="309"></h3> <p><br></p> <p>Footwear is an important issue for health care professionals, many of whom spend long stretches of time standing or walking throughout the day. Good footwear is essential to worker comfort, but comfort concerns must be balanced with safety.</p> <p><br></p> <h3>Employer Obligations</h3> <p><span class="bodyChar">It might be tempting to assume that footwear concerns only apply to construction, manufacturing or other professions where heavy machinery, dangerous tools or heights pose an especially large danger. However, health care settings pose a number of hazards, ranging from falling objects, objects piercing footwear, slip, trips and falls, the contraction of blood borne illness and other potentially infectious materials (OPIMs). </span></p> <p><span class="bodyChar">OSHA hasn’t released any footwear guidance specifically tailored to the health care sector, but health care employees engage in work that might bring their feet into contact with several overlapping hazards. In particular, employers in health care settings need to be mindful of the standards regarding protective footwear and the standard regarding contact with blood borne pathogens.</span></p> <p></p> <p><br></p> <h3>Protective Footwear Standards</h3> <p><span class="bodyChar">OSHA has regulations regarding personal protective equipment (PPE), and protective footwear in particular (29 CFR 1910.132 and 1910.136). These standards don’t specify footwear types, but they do mandate that employees must use protective footwear if there is a danger of foot injuries due to falling or rolling objects, objects piercing the sole, or exposure to an electrical hazard. The standards also reference the American National Standards Institute (ANSI) and the American Society for Testing and Materials (ASTM) standards that footwear must meet to be in compliance with OSHA regulations. In health care settings, employees may come into contact with sharp medical instruments, needles, heavy rolling objects (like gurneys or hospital beds), and other heavy medical equipment. Under OSHA standards, foot protection must be used whenever work processes or environments could cause foot injuries. More importantly, from OSHA’s point of view, it is the employer’s responsibility to determine if and when employees are exposed to any hazards.</span></p> <p><span class="bodyChar">If employees are exposed, however infrequently, to any hazards during the course of business activities, then during that period of exposure, they would be required to wear protective footwear. If an employee is not exposed to any foot hazards, then the use of protective footwear would not be required.</span></p> <p><span class="sectionheaderChar">&nbsp;</span></p> <h3>Blood borne Pathogens Standard</h3> <p><span class="bodyChar">In addition to protecting their employees from foot injuries, employers have an obligation to protect their employees from contracting illnesses on the job. Specifically, the OSHA blood borne pathogens standard (29 CFR 1910.1030) requires that employers provide appropriate PPE when there is a risk of occupational exposure to blood or OPIMs. Under this standard, employers must provide adequate PPE at no cost to affected employees.</span></p> <p><span class="bodyChar">Blood borne pathogen PPE is considered “appropriate” only if it does not permit blood or OPIMs to pass through to or reach the employee's work clothes, street clothes, undergarments, skin, eyes, mouth or other mucous membranes. This requirement is evaluated under normal conditions of use and for the duration of time in which the PPE will be used. </span></p> <p><span class="bodyChar">However, when considering what PPE to provide, employers should note that under the blood borne pathogens standard, PPE <strong>excludes</strong> general work clothes (including shoes) an individual would normally wear outside of the facility. </span></p> <p>For these reasons, health care employers should consider providing PPE for employees to change into (and out of, when leaving the workplace) or PPE that protects workers’ “street shoes” when there is a reasonable expectation that employees’ feet may be exposed to blood. <span class="bodyChar"></span></p> <p><br></p> <h3>Drafting a Footwear Policy</h3> <p><span class="bodyChar">OSHA guidelines may not offer the specificity that many employers or employees would like, especially when it comes to questions about certain brands or styles of footwear. The benefit, though, to both employers and employees is that the guidelines allow all parties to find footwear solutions that balance competing workplace needs.</span></p> <p><span class="bodyChar">Remember these needs when drafting a dress code or footwear policy. Doctors, nurses and other health care employees need footwear that keeps their feet safe from hazards but that is also comfortable enough to wear during shifts filled with long periods of walking or standing. </span></p> <p><span class="bodyChar">Consider the specific hazards that your employees face&mdash;both frequently and infrequently&mdash;to make sure your policies match the circumstances your employees will actually have to deal with. After all, employees in a clinic might be exposed to radically different hazards than the ones present in an emergency or operating room or laboratory.</span></p> <p><span class="bodyChar">Please contact us at info@tmgworkcomp.com if you have further questions regarding workplace safety or OSHA compliance.</span></p> <p><br></p> <p><a href="/news/62551/17010/Footwear_in_Health_Care_Settings.pdf" data-file="17010">Footwear_in_Health_Care_Settings.pdf</a></p> <p><br></p> <p></p> <p><span style="color: rgb(153, 153, 153);">This Risk Insights is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. Source: OSHA. Design &copy; 2016 Zywave, Inc. All rights reserved</span>. </p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/11/health-care-risk-insights-footwear-in-health-care-settings">Read the full article at www.tmgworkcomp.com</a> </p> Preventing Trips and Slips: Health Care http://www.tmgworkcomp.com/blog/2021/11/playing-it-safe-health-care Tue, 09 Nov 2021 21:31:00 GMT http://www.tmgworkcomp.com/blog/p/62549 Trips and Slips <h3></h3> <figure><img src="/images/news/62549/17004/large/Cyber_update_22_.png" data-image="17004" width="750" height="309"></figure> <h2></h2> <h2>Preventing Trips and Slips</h2> <p><em>Helpful tips for health care workers</em></p> <p></p> <p>Wet floors, spills and excess clutter can mean disaster for employees working in a health care setting. Injuries caused by slips, trips and falls range from sprained or strained muscles and joints, to broken bones and head injury. There are several precautions you should take to ensure your safety and the safety of others in our facility. </p> <p><br></p> <h3>Floors </h3> <ul><li>Keep floors clean and dry at all times. Wet floors present a slip hazard and can promote the growth of infection-causing microbes like mold, fungi and bacteria. </li><li>Remove all objects and clutter from aisles, exits and passageways. </li><li>In the event that grease or oil spills on the kitchen floor, clean the mess immediately and alert your co-workers of the problem before they accidentally fall. </li><li>Use floor or ceiling electrical plugs for power to avoid running a cord down a long hallway. </li><li>Display warning signs to alert others of a wet floor. </li><li>Use floor mats while surfaces are drying after cleaning to provide traction. </li><li>Clean up spills immediately. </li><li>In areas prone to slipping (toilet and shower areas), use a no-skid wax product to clean. </li><li>While washing the floor, wear protective footgear to prevent falling. </li><li>Keep an eye out for uneven floors, and fix them or notify someone who can immediately.</li></ul> <p><br></p> <h3>Other Recommendations</h3> <ul><li>Use strong ladders to reach as opposed to standing on small stools or boxes. </li><li>Stretch out bulging carpets to prevent trips and falls. </li><li>Use the handrails while walking down stairs to prevent slipping walking too fast. Repair broken light fixtures and replace bulbs for adequate visibility.</li></ul> <p><br></p> <h3>Always Stay Alert</h3> <p>I<strong></strong>f you notice any situation that you think could present a slipping, tripping or falling hazard in the facility, act immediately to remedy it or notify your supervisor. You could be saving an unsuspecting victim serious pain.&nbsp; &nbsp; &nbsp;&nbsp;</p> <p><br></p> <p><span style="color: rgb(153, 153, 153);"><a href="/news/62549/17003/Health_Care-Preventing_Trips_and_Slips.pdf" data-file="17003">Health_Care-Preventing_Trips_and_Slips.pdf</a><br></span></p> <p><span style="color: rgb(153, 153, 153);"><br></span></p> <p><span style="color: rgb(153, 153, 153);"><br></span></p> <p><span style="color: rgb(153, 153, 153);"><br></span></p> <p><span style="color: rgb(153, 153, 153);">This flyer is for informational purposes only and is not intended as medical or legal advice.</span></p> <p><span style="color: rgb(153, 153, 153);">&copy; 2007-2010, 2018 Zywave, Inc. All rights reserved</span> </p> <p><br></p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/11/playing-it-safe-health-care">Read the full article at www.tmgworkcomp.com</a> </p> Regulatory Roundup | October 22 http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-22 Fri, 22 Oct 2021 09:31:00 GMT http://www.tmgworkcomp.com/blog/p/62171 Regulatory Roundup <p class="text-center"><strong>October 22, 2021</strong></p> <p class="text-center">Regulatory Roundup is a weekly compilation of employee wellness and safety news provided by Texas Mutual.</p> <p class="text-center">You can read the full article by clicking the titles below.</p> <p><br></p> <p><strong>The National Safety Council (NSC)</strong></p> <p><a href="https://www.safetyandhealthmagazine.com/articles/21865-safe-sound-campaign-webinar-to-highlight-participation-representation-in-safety" target="_blank">NSC and Others to Host Webinar on Employee Participation in Safety</a></p> <p>NSC is teaming up with the Occupational Safety and Health Administration (OSHA), National Institute for Occupational Safety and Health (NIOSH) and other safety organizations to host a webinar on employee participation in workplace safety. Speakers will focus on engaging employees and setting measurable goals around participation. The free virtual event will take place on November 16.</p> <p></p> <p><strong>The American Society of Safety Professionals (ASSP)</strong></p> <p><a href="https://www.assp.org/news-and-articles/assp-forms-policy-statements-on-heat-stress-and-pandemic" target="_blank">ASSP Issues Policy Statement on Heat Stress and COVID-19</a></p> <p>ASSP issued a policy statement in support of a heat illness prevention regulation and discussed its own work to create a voluntary national consensus standard. The organization also included statements on current and anticipated emergency temporary standards regarding COVID-19.</p> <p></p> <p><strong>The Occupational Safety and Health Administration (OSHA)</strong></p> <p><a href="https://www.safetyandhealthmagazine.com/articles/21871-covid-19-whistleblowing-new-fact-sheet-from-osha" target="_blank">New Fact Sheet Addresses COVID-19 Whistleblowing</a></p> <p>A new OSHA fact sheet explains protections for employees who report workplace concerns involving COVID-19. It provides examples of retaliation and details protected actions such as reporting infections and exposures.</p> <p></p> <p><strong>Studies, Resources, Trends, News</strong></p> <p><a href="https://www.ishn.com/articles/113145-look-out-for-seemingly-innocent-hazards-that-can-cause-serious-injuries" target="_blank">Preventing Slips, Trips and Falls</a></p> <p>An Industrial Safety & Hygiene News article discusses the “seemingly innocent hazards” of slips, trips and falls. In addition to providing common causes of injuries, the article discusses how to prevent slips, trips and falls through communication and personal protective equipment.</p> <figure><img src="/images/news/60514/16577/large/Cyber_update.png" width="750" height="353" style="max-width: 100%; height: auto; cursor: pointer;"></figure> <p>texasmutual.com</p> <p>844-WORKSAFE (967-5723) | safety@texasmutual.com</p> <p>October 22, 2021</p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-22">Read the full article at www.tmgworkcomp.com</a> </p> Regulatory Roundup | October 15 http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-15 Fri, 15 Oct 2021 08:23:00 GMT http://www.tmgworkcomp.com/blog/p/62169 <p class="text-center"><strong>October 15, 2021</strong><br></p> <p class="text-center">Regulatory Roundup is a weekly compilation of employee wellness and safety news provided by Texas Mutual.</p> <p class="text-center">You can read the full article by clicking the titles below.</p> <p><br></p> <p><strong>The Occupational Safety and Health Administration (OSHA)</strong></p> <p><a href="https://ohsonline.com/articles/2021/10/12/osha-top-10-for-fy-2021-announced-at-nsc-congress.aspx">OSHA Announces Top 10 Standards for 2021</a></p> <p>Based on preliminary data from fiscal year 2021, OSHA announced the newest list of the 10 most frequently cited standards. While the list contains very familiar standards, several changed positions on the list from the previous year.</p> <p><br></p> <p><strong>The Texas Department of Insurance, Division of Workers' Compensation (DWC)</strong></p> <p><a href="https://www.tdi.texas.gov/wc/forms/documents/drwpsforms1021m.pdf">DWC Accepting Feedback on Updates to 5 Forms</a> </p> <p>DWC is currently accepting comments on proposed revisions to forms related to the rejected risk employer program and accident prevention services. Forms include the DWC Form-101, 102, 104, 105 and 109. The revised forms are available for review on DWC’s website and comments must be submitted by October 26.</p> <p><br></p> <p><strong>The National Institute for Occupational Safety and Health (NIOSH)</strong></p> <p><a href="https://ohsonline.com/articles/2021/10/11/noise-hazard.aspx">Over Half of Workers Exposed to Noise Aren't Wearing Hearing Protection</a> </p> <p>A NIOSH study found that among workers exposed to occupational noise, 53% did not wear hearing protection consistently. Industries with the highest rates of non-hearing protection usage included accommodation and food services, health care and social assistance, and education services. However, industries with higher noise-level risks such as agriculture, forestry, and construction also had non-usage rates of over 50%.</p> <p><br></p> <p> </p> <p><strong>Studies, Resources, Trends, News</strong></p> <p><a href="https://www.assp.org/news-and-articles/this-is-why-osha-s-no.-1-violation-never-changes">Fall Protection Expert Discusses Why the Standard Remains First on Top 10 List</a></p> <p>The fall protection standard has held the number one spot on OSHA’s top 10 list for 11 years. The American Society of Safety Professionals (ASSP) spoke with a fall protection expert about why violations remain so high, what kind of data employers should be using and what types of training strategies can be helpful.</p> <figure><img src="/images/news/60514/16577/large/Cyber_update.png" width="750" height="353" style="cursor: pointer; max-width: 100%; height: auto;"> </figure> <p>texasmutual.com</p> <p>844-WORKSAFE (967-5723) | safety@texasmutual.com</p> <p>October 15, 2021</p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-15">Read the full article at www.tmgworkcomp.com</a> </p> Health Care Risk Insights: Protecting Patient Data by Preventing Cyber Attacks http://www.tmgworkcomp.com/blog/2021/10/health-care-risk-insights-protecting-patient-data-by-preventing-cyber-attacks Tue, 12 Oct 2021 16:55:00 GMT http://www.tmgworkcomp.com/blog/p/62071 Health Care Risk Insights Cyber Security <h2></h2> <figure><img src="/images/news/62071/16920/large/Cyber_update_20_.png" data-image="16920" width="750" height="309"></figure> <h2></h2> <h2><span style="color: rgb(0, 0, 0);">Protecting Patient Data by Preventing Cyber Attacks</span></h2> <p>The threat of a data breach in a health care facility is daunting. Privacy is the foundation of hospitals’ information systems, and compliance with the Health Insurance Portability and Accountability Act (HIPAA)– along with the facility’s reputation–will be jeopardized if just one patient’s information falls into the wrong hands. Health care facilities are particular targets for two reasons: </p> <ul><li><strong>Type of data stored:</strong> Health care facilities may keep a patient’s social security number, insurance and financial account data, birth date, name, billing address, and phone number, making them a valuable target for cyber attack. </li><li><strong>Many potential vulnerabilities:</strong> Health care facilities are obligated to provide access to several external networks and web applications in order to stay connected with patients, employees, insurers or business partners. The volume of data shared represents a risk.</li></ul> <p>It is much less costly, both from a financial and reputational point of view, to prevent a cyber breach than to notify individuals and the Department of Health and Human Services of a breach as required by the Health Information Technology for Economic and Clinical Health Act (HITECH). As a result, administration must respond by preventing, detecting and responding to cyber attacks or misuse of patient records through a well-orchestrated cybersecurity program.&nbsp;</p> <p><br></p> <h3>What are the Risks?</h3> <p>The first step in protecting your business is to recognize the parts of your processes that are prone to cyber attack.&nbsp;</p> <p><strong>Applications and systems: </strong>External applications and systems are ripe for improper access to sensitive patient data. Since administrators do not have complete control over the security of external applications, facilities should perform web application security testing on a regular basis.</p> <p><strong>Software flaws: </strong>Weaknesses in software and computer systems attract hackers and intruders. The results of this cyber risk can range from minimal mischief-such as creating a virus with no negative impact-to malicious activity-stealing or altering information. Intrusion prevention and detection systems can alert you of cyber attacks and allow you to respond in real time.&nbsp;</p> <p><strong>Malicious code (viruses, worms and Trojan horses): </strong>There are a various types of malicious code that can put your organization at risk:</p> <ul><li>Viruses: This type of code requires that the user take an action before it can infect your system, such as open an email attachment or go to a particular webpage. </li><li>Worms: This code propagates systems without user intervention. They typically begin by exploiting a software flaw or weakness. Once the victim’s computer is infected, the worm will attempt to find and infect other computers. </li><li>Trojan horses: This code is software that claims to be one thing while it is acting differently behind the scenes (for example, a program that claims to speed up your computer system but is actually sending confidential information to a remote intruder). </li></ul> <p>&nbsp;Implementing systems of preventing these attacks, including firewalls and regular security controls is essential to protecting sensitive data.</p> <p><strong>Email lacking encryption: </strong>HIPAA guidelines require that some email communications with physicians’ offices and hospitals be encrypted to protect patient information. Since most communication is now electronic, monitoring these means is especially important. </p> <p><strong>Insider attack: </strong>Current or former employees ranging from billing clerks to clinicians should understand that the consequences for consulting patient records without a valid cause can range from serious punishment to termination. Often employees are simply curious, and only a severe policy can effectively prevent this type of data loss. Many facilities implement log monitoring, for which logs of access to sensitive patient data are regularly reviewed. </p> <p><strong>Physical loss of information: </strong>Another potential risk is that of lost or stolen laptops, which lead to missing personal information related to patients or employees. </p> <p>In the event of a security breach, HITECH calls for notification of the individuals concerned and Health and Human Services (HHS) in a short time span. </p> <p><br></p> <h3>Risk Management</h3> <p>In the case of a surprise HHS or HIPAA inspection, facilities must prove that they are compliant with all regulations and requirements outlined in HIPAA and HITECH. </p> <p>To reduce your facility’s cyber risks, it is wise to develop a comprehensive risk management plan. Risk management solutions utilize industry standards and best practices to assess hazards from unauthorized access, use, disclosure, disruption, modification or destruction of your facility’s information systems. Thereafter, perform regular security risk assessments, which will give you a better understanding of the risks posed to your protected health information and personally identifiable information outlined in these two acts. </p> <p>You should also examine the controls in place at your facility to ensure they are sufficient for regulatory requirements. Executing this process helps your organization remain in compliance and demonstrates diligence and a commitment to compliance in the case of an audit.&nbsp; </p> <p>Consider the following when implementing risk management strategies: </p> <ul><li>Create a formal, documented risk management plan that addresses the scope, roles, responsibilities, compliance criteria and methodology for performing cyber risk assessments. This plan should include a characterization of all systems used at the organization based on their function, the data stored and processed and importance to the facility. </li></ul> <p>Perform security risk assessments at least on an annual basis and update it whenever there are significant changes to your information systems or the facilities where systems are stored, or when there are other changes that may impact the vulnerability of the organization.&nbsp;&nbsp;</p> <p><br></p> <h3>Selecting an ISP</h3> <p>In addition, your organization should take precautionary measures when selecting an internet service provider (ISP), which provides access to the internet, website hosting and other services. To select the ISP that will best reduce your cyber risks, consider the level of security, privacy and reliability it offers. </p> <p><br></p> <h3>Transferring the Risk</h3> <p>Cybersecurity is a serious concern for all health care facilities. Contact your agent to learn about available risk management resources and insurance solutions such as internet and media liability, security and privacy liability, and identity theft insurance today.</p> <p></p> <p><br></p> <p><span style="color: rgb(204, 204, 204);">This Risk Insights is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. &copy; 2015 Zywave, Inc. All rights reserved.</span> </p> <p><br></p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/10/health-care-risk-insights-protecting-patient-data-by-preventing-cyber-attacks">Read the full article at www.tmgworkcomp.com</a> </p> Health Care Risk Insights: Cyber Security http://www.tmgworkcomp.com/blog/2021/10/health-care-risk-insights-cyber-security Tue, 12 Oct 2021 16:46:00 GMT http://www.tmgworkcomp.com/blog/p/62070 <h2></h2> <figure><img src="/images/news/62070/16919/large/Cyber_update_19_.png" data-image="16919" width="750" height="309"></figure> <h2></h2> <h2>Cyber Security for Medical Devices and Hospital Networks</h2> <p><span class="bodyChar">Many medical devices contain configurable embedded computer systems that can be vulnerable to cyber-security breaches. In addition, as medical devices are increasingly interconnected via the Internet, hospital networks, other medical devices or smartphones, there is an increased risk of cyber-security breaches, which could affect how a medical device operates.</span></p> <p><span class="bodyChar">The Food and Drug Administration (FDA) has recently become aware of cyber-security vulnerabilities and incidents that could directly impact medical devices or hospital network operations, such as the following:</span></p> <ul><li>Network-connected/configured medical devices infected or disabled by malware</li><li>The presence of malware on hospital computers, smartphones and tablets, targeting mobile devices using wireless technology to access patient data, monitoring systems and implanted patient devices</li><li>Uncontrolled distribution of passwords, disabled passwords, hard-coded passwords for software intended for privileged device access (e.g., to administrative, technical and maintenance personnel)</li><li>Failure to provide timely security software updates and patches to medical devices and networks and to address related vulnerabilities in older medical device models (legacy devices)</li><li>Security vulnerabilities in off-the-shelf software designed to prevent unauthorized device or network access, such as plain-text or no authentication, hard-coded passwords, documented service accounts in service manuals and poor coding/SQL injection.</li></ul> <p><span class="bodyChar"><br></span></p> <h3>FDA Recommendations/Actions </h3> <p><span class="bodyChar">The FDA Has a number of recommendations to mitigate the risks that technology may pose to health care organizations.</span> </p> <p><span class="bodyChar">&nbsp;</span> </p> <p><span class="bodyChar"><strong>For all device manufacturers:</strong></span> </p> <p><span class="bodyChar">Manufacturers are responsible for remaining vigilant about identifying risks and hazards associated with their medical devices, including risks related to cyber security, and are responsible for putting appropriate mitigations in place to address patient safety and ensure proper device performance.</span> </p> <p><span class="bodyChar">The FDA expects medical device manufacturers to take appropriate steps to limit the opportunities for unauthorized access to medical devices. Specifically, it is recommended that manufacturers review their cyber-security practices and policies to ensure that appropriate safeguards are in place to prevent unauthorized access or modification to their medical devices or compromise the security of the hospital network that may be connected to the device. The extent to which security controls are needed will depend on the medical device, its environment of use, the type and probability of the risks to which it is exposed, and the probable risks to patients from a security breach.</span> </p> <p><span class="bodyChar">In evaluating your device, consider doing the following:</span> </p> <ul><li>Take steps to limit unauthorized device access to trusted users only, particularly for those devices that are life-sustaining or could be directly connected to hospital networks.</li><li>Appropriate security controls may include user authentication, such as user ID and password, smartcard, or biometrics; strengthening password protection by avoiding hard-coded passwords and limiting public access to passwords used for technical device access; physical locks; card readers; and guards.</li><li>Protect individual components from exploitation and develop strategies for active security protection appropriate for the device’s use environment. Such strategies should include timely deployment of routine, validated security patches and methods to restrict software or firmware updates to authenticated code. The FDA typically does not need to review or approve medical device software changes made solely to strengthen cyber security.</li><li>Use design approaches that maintain a device’s critical functionality, even when security has been compromised, known as “fail-safe modes.”</li><li>Provide methods for retention and recovery after an incident where security has been compromised.</li><li>Cyber-security incidents are increasingly likely and manufacturers should consider incident response plans that address the possibility of degraded operation and efficient restoration and recovery.</li><li></li></ul> <p><span class="bodyChar"><strong>For health care facilities:</strong></span> </p> <p><span class="bodyChar">The FDA recommends that you take steps to evaluate your network security and protect your hospital system. In evaluating network security, hospitals and health care facilities should consider doing the following:</span> </p> <ul><li>Restricting unauthorized access to the network and networked medical devices</li><li>Making certain that appropriate antivirus software and firewalls are up to date</li><li>Monitoring network activity for unauthorized use</li><li>Protecting individual network components through routine and periodic evaluation, including updating security patches and disabling all unnecessary ports and services</li><li>Contacting the specific device manufacturer if you think you may have a cyber-security problem related to a medical device<ul><li>If you are unable to determine the manufacturer or cannot contact the manufacturer, the FDA may be able to assist in vulnerability reporting and resolution.</li></ul></li><li>Developing and evaluating strategies to maintain critical functionality during adverse conditions</li></ul> <p><br></p> <h3>Reporting Problems to the FDA&nbsp;</h3> <p>Prompt reporting of adverse events can help the FDA identify and better understand the risks associated with medical devices. If you suspect that a cyber-security event has impacted the performance of a medical device or has impacted a hospital network system, file a voluntary report through MedWatch, the FDA Safety Information and Adverse Event Reporting program.&nbsp;</p> <p>Health care personnel employed by facilities that are subject to the FDA's user facility reporting requirements should follow the reporting procedures established by their facilities.</p> <p><span class="bodyChar">Device manufacturers must comply with the Medical Device Reporting (MDR) regulations.</span></p> <p></p> <p></p> <p><span style="color: rgb(153, 153, 153);">This Risk Insights is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. Design &copy; 2013 Zywave, Inc. All rights reserved.</span> </p> <p><br></p> <p><br></p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/10/health-care-risk-insights-cyber-security">Read the full article at www.tmgworkcomp.com</a> </p> Regulatory Roundup | October 8 http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-8 Fri, 08 Oct 2021 09:51:00 GMT http://www.tmgworkcomp.com/blog/p/62162 Regulatory Roundup NIOSH The Department of Labor <p class="text-center"><strong>October 8, 2021</strong></p> <p class="text-center">Regulatory Roundup is a weekly compilation of employee wellness and safety news provided by Texas Mutual.</p> <p class="text-center">You can read the full article by clicking the titles below.</p> <p><strong>The Texas Department of Insurance (TDI)</strong></p> <p><a href="https://www.tdi.texas.gov/tips/safety/fireprevent.html">Tips for Fire Prevention</a></p> <p>According to the Texas Department of Insurance, fires affect about 17,000 businesses every year. In light of National Fire Prevention Month, TDI is sharing five steps employers can take to prepare for a potential fire emergency. The tips cover planning, training, housekeeping and creating a response team.</p> <p><br></p> <p><strong>The National Institute for Occupational Safety and Health (NIOSH)</strong></p> <p><a href="https://www.cdc.gov/niosh/topics/noise/">Resources for "Protect Your Hearing" Month</a><br></p> <p></p> <p>It's estimated that about 22 million workers are exposed to hazardous noise levels each year. During Protect Your Hearing Month, NIOSH is encouraging businesses to evaluate and reduce noise levels in their workplace. The organization offers resources, tools and more on its website.</p> <p><br></p> <p><strong>The Department of Labor (DOL)</strong></p> <p><a href="https://www.safetyandhealthmagazine.com/articles/21770-house-republicans-call-on-dol-to-suspend-work-on-covid-19-vaccination-and-testing-mandate">House Representatives Ask DOL to Suspend Work on COVID-19 Temporary Standards</a><br></p> <p>Twenty-three republican members of the House Education and Labor Committee have asked Labor Secretary, Marty Walsh, to suspend work on the COVID-19 vaccination and testing emergency temporary standards. The representatives cited concerns from businesses about potential logistical, legal and financial impacts. Under the current plan of action, businesses would not be able to share concerns with the DOL directly until after the standards go into effect.<br></p> <p><br></p> <p><strong>Studies, Resources, Trends, News</strong></p> <p><a href="https://ohsonline.com/Articles/2021/09/01/The-Rise-of-Electrification.aspx?oly_enc_id=&Page=1" target="_blank">New Guidance Requires Federal Contractor Employees to Receive COVID-19 Vaccine</a></p> <p>The Safer Federal Workforce Task Force issued new guidance requiring full COVID-19 vaccination from certain federal contractor employees by December 8, 2021. There are certain exceptions employers should consider for disabilities or religious beliefs, but the guidance does not specify how to evaluate requests for accommodation. The formal rulemaking proceeding is expected to be initiated this month.</p> <figure><img src="/images/news/60514/16577/large/Cyber_update.png" width="750" height="353"><br></figure> <p>texasmutual.com</p> <p>844-WORKSAFE (967-5723) | safety@texasmutual.com</p> <p>October 8, 2021</p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-8">Read the full article at www.tmgworkcomp.com</a> </p> Regulatory Roundup | October 1 http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-1 Fri, 01 Oct 2021 11:32:00 GMT http://www.tmgworkcomp.com/blog/p/62159 <p class="text-center"><strong>October 1, 2021</strong><br></p> <p class="text-center">Regulatory Roundup is a weekly compilation of employee wellness and safety news provided by Texas Mutual.</p> <p class="text-center">You can read the full article by clicking the titles below.</p> <p><br></p> <p><strong>The National Institute for Occupational Safety and Health (NIOSH)</strong></p> <p><a href="https://www.safetyandhealthmagazine.com/articles/21759-niosh-spotlights-resources-aimed-at-combating-opioid-use-in-construction">Resources for Combating Opioid Use in the Construction Industry</a> </p> <p>According to an analysis from Washington University, construction workers are more likely to use opioids long term and develop misuse disorder after being prescribed the medication for musculoskeletal pain. NIOSH is sharing recommendations and resources for construction industry employers to assist them in combatting opioid use among their workforce. Resources include toolbox talks, videos and more.</p> <p><br></p> <p><strong>Studies, Resources, Trends, News</strong></p> <p><a href="https://ohsonline.com/Articles/2021/09/01/The-Rise-of-Electrification.aspx?oly_enc_id=&Page=1">Protection from Increasing Electrical Hazards</a> </p> <p>As industries convert to using more electrical power, the risk of encountering electrical hazards are increasing. An Occupational Health & Safety article discusses common electrical hazards and what types of personal protective equipment (PPE) workers should be wearing. PPE discussed includes rubber and leather gloves, sleeves, dielectric footwear and arc flsah protection.</p> <p><a href="https://www.ishn.com/articles/113118-asbestos-safety-measures-for-construction-workers">Reminders on Asbestos Safety</a> </p> <p>Exposure to asbestos can lead to severe and potentially fatal illnesses such as mesothelioma. Construction workers are at risk of exposure in buildings constructed before the 1980s and should understand the risks and protection methods.</p> <p><a href="https://www.safetyandhealthmagazine.com/articles/21666-ladder-safety?page=1&utm_campaign=MEM+712955+Benefit+Spotlight&utm_content=&utm_medium=email&utm_source=sfmc">Best Practices for Ladder Safety</a><br></p> <p>According to the Center for Construction Research and Training (CPWR), over 70 workers are killed each year after suffering a fall from a ladder. In a recent Safety+Health article, safety experts dissect the common issues and discuss training, inspections and tools.</p> <figure><img src="/images/news/60514/16577/large/Cyber_update.png" width="750" height="353" style="cursor: pointer; max-width: 100%; height: auto;"></figure> <p>texasmutual.com</p> <p>844-WORKSAFE (967-5723) | safety@texasmutual.com</p> <p>October 1, 2021</p> <p><br></p> <p> <a href="http://www.tmgworkcomp.com/blog/2021/10/regulatory-roundup-october-1">Read the full article at www.tmgworkcomp.com</a> </p>