UPDATES AND HELPFUL INFORMATION
MedHOK held its 2018 User Conference on June 4 – 7, 2018, in St. Petersburg, FL. The four-day affair featured a series of healthcare insight panels, as well as some fun times and collaboration between our great client plans.
For those who could not attend, see our blog where we summarize some of the key themes discussed during the User Conference and we hope you will be able to make it next year.
Did you know CMS is now publishing HPMS memos on the CMS public website on a weekly basis? Click here to access the HPMS memos on the CMS website.
MMP Marketing Materials
CY2019 MMP Model Marketing materials were released for several states. Click here to access the recent posts on the CMS website.
Addressing Opioid Dependency or Misuse Among Dually Eligible Beneficiaries
At the 7th Annual Special Needs Plan Leadership Summit a few weeks ago, there was a lot of discussion regarding the need for a plan’s system to ensure that opioid-based interventions were addressed on member care plans for SNP/MMP members, and that a plan’s Medication Therapy Management (MTM) program has strong ties to their Care Management program. A reminder memo was just issued by CMS on July 5, 2018 asking MMPs, PACE organizations, and integrated D-SNPs to help prevent, identify, and treat opioid dependency or misuse. Plans should review this memo and ensure they are taking the necessary steps to address the opioid epidemic. MedHOK has integration between the MTM and Care Management solutions and continues to make enhancements that will further address opioid dependency or misuse.
The biggest threat to your cybersecurity is hiding in plain sight
While organizations understandably make significant investments in technology to defend against external cyber threats, their biggest security vulnerability is internal and hiding in plain sight: their employees.
Willis Towers Watson’s cyber insurance claims data show that two thirds of cyber breaches are caused or enabled by employee negligence or malfeasance, including losing laptops, the accidental disclosure of information or actions of rogue employees. By contrast, only 18% are directly driven by an external threat.
Employees can be the strongest asset in an organization’s cyber security strategy. However, it takes more than technology solutions to turn them into your first line of defense against cyber threats.
The following steps can help organizations build a strong, cyber-savvy culture:
1) Assess your internal risk culture
To build a risk-averse culture, organizations must be able to measure the risk inherent in employee behavior. Perhaps the most useful and least obvious assessment tool is a cyber risk culture survey – an employee survey that assesses an individual’s sense of responsibility and accountability for cyber security.
By having employees answer questions related to their awareness of cyber risks and their behavior in response to threats (e.g. does an individual send important or confidential information by email using password protection?), an employer can develop a profile of the groups most in need of attention.
This type of assessment can also help reveal how well an organization and its leaders support a cyber risk culture. For example, the survey can measure employee perception of cyber risk training across key functional areas. In addition, with the right capabilities and data, organizations can compare their outcomes to those of industry peers and high performers globally.
The resulting insights will help senior leaders target high-risk segments and develop plans to bridge gaps in cyber risk education as well as overall organizational support for cybersecurity.
2) Priority-targeted training
Because employees will have different levels of awareness and knowledge of cyber risk, it is essential to tailor ongoing training initiatives to different employee groups.
Training components can include training delivered online or in person by an instructor, self-paced learning and “learning-by-doing” approaches – think simulations where employees have to respond to cyber threats such as phishing schemes.
3) Rethink your skills strategies
Given the information security skills shortages in many economies and evolving talent requirements, it is essential to assess skills gaps at regular intervals and determine how to best fill those gapseither by hiring new talent or upgrading the skills of existing employees. An ongoing opportunity to learn new skills also gives high-value employees a reason to stay with their organization.
As information security plays an increasingly critical role in the organization, new talent challenges arise. For example, in some organizations, information security is “co-led” with the business. This shift creates a need for hybrid roles in cybersecurity requiring business acumen as well as technical skills. Keeping up with these changing roles can provide a competitive edge.
Cyber threats show no sign of easing any time soon. By assessing the threat, providing ongoing opportunities to learn, and developing forward-looking talent strategies, organizations can create a strong, cyber-smart culture to protect against cyber breaches.
Dagostino, Anthony “The biggest threat to your cybersecurity is hiding in plain sight”. World Economic Forum, 07 Dec. 2017. Web. 26 Jun. 2018.