IHA Daily Briefing: Nov. 7

Thursday, November 7, 2019
New Medicaid and CHIP Data Available
Leapfrog Releases Fall Hospital Safety Grades
House Committee Investigates Vape Producers
Hospitals Gain Cybersecurity Skills at IHA Exercise

New Medicaid and CHIP Data Available
Today, the Centers for Medicare & Medicaid Services (CMS) announced the release of its Transformed Medicaid Statistical Information System (T-MSIS), an updated Medicaid and Children’s Health Insurance Program (CHIP) data system. T-MSIS provides key information updated monthly, including Medicaid managed care utilization and spending, and is designed to enable research and analysis to improve quality of care, assess beneficiary care costs and enrollment, and improve program integrity. As of August 2019, 50 states (including the District of Columbia), Puerto Rico and the Virgin Islands were submitting monthly data files to T-MSIS.

External researchers can obtain access to T-MSIS data by submitting a request to the CMS Research Data Assistance Center (ResDAC) and signing a CMS data use agreement containing strict beneficiary privacy and data security requirements.

Read more in a CMS fact sheet.

CMS also announced today the first annual update to the Medicaid and CHIP Scorecard, initially released in June 2018. The scorecard includes measures in three areas: State Health System Performance; State Administrative Accountability; and Federal Administrative Accountability. CMS says the updated scorecard has increased functionality by allowing users to sort measures by performance rate or alphabetical order and toggle between screens to view measures that have multi-component rates.

A CMS fact sheet provides more details on the scorecard.

Leapfrog Releases Fall Hospital Safety Grades
Today, the Leapfrog Group released its fall 2019 Hospital Safety Grades. Leapfrog biannually releases safety grades, assigning “A,” “B,” “C,” “D,” and “F” letter grades to general acute-care hospitals in the U.S based on patient safety—preventable errors, accidents, injuries and infections.

In Illinois, 46 Illinois hospitals earned As; 19 got Bs; 39 earned Cs, and 4 received Ds. No hospital in Illinois received an F.

Based on the number of A hospitals in the state, Illinois was ranked 11th nationally, moving up three spots from the spring ranking. Nearly 43% of hospitals in the state received an A, up from 38% of hospitals receiving an A in fall 2018.

  • More than 2,600 hospitals were graded with the breakdown as: 33% As,  25% Bs, 34% Cs, 8% Ds and under 1% Fs;
  • Five states with the highest percentages of A hospitals are: Maine (59%), Utah (56%), Virginia (56%), Oregon (48%) and North Carolina (47%);
  • There are no A hospitals in Wyoming, Alaska and North Dakota.

IHA released a fact sheet this week highlighting the numerous IHA quality improvement initiatives and achievements led by IHA’s Institute for Innovations in Care and Quality and the Midwest Alliance for Patient Safety (MAPS) Patient Safety Organization.

House Committee Investigates Vape Producers
Today, U.S. Rep. Raja Krishnamoorthi (IL-D), Chairman of the House Subcommittee on Economic and Consumer Policy, sent letters to JUUL Labs, Inc. (JUUL) and Alternative Ingredients, Inc. requesting documents and information about reports that JUUL may have knowingly sold nearly one million contaminated vaping pods. The subcommittee requests that the companies produce documents and information regarding the potential hazards of the contaminated pods JUUL distributed by Nov. 20.

As of today, Illinois has 173 cases of vaping-related lung injury, with 41 cases under investigation and three deaths. The Centers for Disease Control and Prevention (CDC) notes 2,051 cases of vaping-related lung injury nationwide, and 39 deaths as of Nov. 5.

CDC's National Youth Tobacco Survey indicates that youth use of e-cigarettes has risen to an all-time high, with 27.5% of high school students reporting e-cigarette use.  That is a 32% increase in the past year and a 135% increase over two years. Fruit and mint flavors were the most popular among high school and middle school users. Findings from this survey were published online on the JAMA Network.

Hospitals Gain Cybersecurity Skills at IHA Exercise
The 2019 IHA Emergency Preparedness Exercise, held Thursday, simulated a hospital’s discovery of ransomware so hospital staff could analyze their response and the attack’s impact on operations.

Representatives from over 75 hospitals and health systems participated in the live, interactive exercise, which organizations had the opportunity to customize.
Hospital staff were asked to consider:

  • Who would you notify immediately after the ransomware attack?
  • Would you pay the ransomware?
  • How might the cyberattack affect security cameras, parking gates, payroll or the medication dispensing system?

“We all know what to do when somebody discovers a fire or a hazardous spill, but this exercise shows it’s just as important to have a go-to response in the event of a cyberattack,” said Tim Brosnan, vice president of planning at Palos Health in Palos Heights.

For participating health systems, much of the conversation centered on how to efficiently notify all system facilities at once.

While a key part of the exercise was identifying vulnerabilities in response plans, its ultimate goal was for hospital staff to remedy those issues.

“It’s easy to poke holes in the boat, but it takes more effort and willingness to patch the holes in the boat,” said expert presenter Christopher Sonne, CHEC, of HSS, Inc. “If we identify the issues now, we can remedy them before a potential incident.”

When analyzing continuity of operations, participants reviewed procedures to:

  • Maintain temperature and humidity control;
  • Administer and monitor IV medications if infusion pump libraries are wiped;
  • Handle intake of new patients;
  • Evacuate vulnerable populations; and
  • Determine which machines or systems are corrupted.

Hospitals were encouraged to ensure their policies, procedures and business continuity plan are available offline in the event of network failure.

This exercise was designed in response to the growing threat of cyberattacks in healthcare, as noted in an FDA alert last month.