BREACH NOTIFICATIONS

MGMA sent a letter to the Department of Health and Human Services’ Office for Civil Rights (OCR) in response to its recent position that covered entities (i.e., medical groups) with protected health information impacted by the Change Healthcare cyberattack may delegate HIPAA breach notification requirements to Change. Specifically, we urged OCR to offer further, definitive guidance that:

• Change/United is fully and solely responsible for all HIPAA breach notification requirements,
• No action needs to be taken by providers to ensure Change/United fulfill these obligations, and
• Providers are protected from regulatory scrutiny in connection with breach notifications rightfully performed by Change/United.

PRIOR AUTHORIZATION BILL REINTRODUCED IN CONGRESS

The Improving Seniors’ Timely Access to Care Act has been reintroduced in Congress. This legislation would significantly improve the prior authorization process within the Medicare Advantage program by codifying the establishment of an electronic prior authorization process, increased transparency requirements for health plans on their prior authorization utilization, and more. The bill has widespread support from both chambers of Congress and over 380 endorsing organizations.

MGMA helped draft this legislation and strongly supports its passage. Utilize our Contact Congress portal to send a pre-populated letter to your congressional representatives expressing your support for the bill.

CFPB RELEASES PROPOSED RULE ON MEDICAL DEBT

The Consumer Financial Protection Bureau (CFPB) released a proposed rule that would ban medical bills from credit reports, stop credit reporting companies from sharing medical debts with lenders, and bar lenders from using medical debt to make lending decisions. This is a proposed rule and still has to go through a public comment period prior to CFPB issuing a final rule. MGMA plans to submit comments on the proposal.