Review Gating: Google and rater8 Say No

2021 Alliance sponsor feature article courtesy of rater8

To review gate, or not to review gate, that is the question
Negative reviews can tarnish a doctor’s online brand, so should they review gate?

What is review gating?
Review gating is the process of filtering patients before asking them to leave you a review. Usually, this is done by sending patients an email or text asking them if they had a positive or negative experience. If they had a positive experience, they are directed to leave a review on Google (or any other review site), but if they had a negative experience, they are prompted to leave private feedback and are never sent the option to leave a review publicly.

Employment Practices Liability Trends to Watch in 2021

2021 Alliance sponsor feature article courtesy of the Sentinel Risk Advisors

As an employer, you care about making your workforce feel valued and managing your organization successfully. However, even if you do everything you can to ensure smooth relationships with your staff, employment practices liability (EPL) risks remain. That’s why it’s crucial for your organization to have EPL coverage. Such a policy can offer protection for claims that result from employees alleging various employment-related issues—such as discrimination, harassment and wrongful termination. The policy can be extended to include third-party coverage for claims made by non-employees, patients or vendors who allege an employee engaged in harassment or discrimination.

Apart from securing EPL coverage, it’s important to stay up to date on the latest EPL market trends. In doing so, your organization will have the information needed to respond appropriately and make any necessary coverage adjustments. Here are the EPL trends to watch in 2021:

The COVID-19 Pandemic

The ongoing COVID-19 pandemic has forced many organizations to make serious workplace changes—such as having employees work remotely, adjusting office setups or conducting significant staff layoffs or furloughs. And with these changes, EPL claims followed. Some of the most common, pandemic-related EPL claims include:

  • Allegations that unsafe working conditions or minimal precautionary measures (e.g., poor sanitation practices, a lack of social distancing protocols or inadequate personal protective equipment) contributed to employees getting sick or dying from COVID-19
  • Allegations of retaliation after an objection to unsafe working conditions or workplace exposure to individuals displaying COVID-19 symptoms
  • Allegations of disability discrimination related to remote working (e.g., failing to accommodate remote staff or denying employees the option to work remotely)
  • Allegations related to employee leave concerns (e.g., forcing staff to take leave, retaliating against employees that take leave due to COVID-19 or not allowing staff to take leave due to COVID-19 altogether)
  • Allegations of laying off or furloughing staff without providing proper employment notices
  • Allegations of discrimination related to laying off or furloughing employees

With these trends in mind, it’s crucial to fully document and review any organizational changes created by the COVID-19 pandemic. These changes should be reviewed to ensure they adequately consider the needs of your workforce and are compliant with employment law.

Social Movements

Several social movements have led to an increase in EPL claims in recent years, including the #MeToo movement and the Black Lives Matter movement.

The #MeToo movement—which is an anti-sexual harassment campaign that was originally founded in 2006 and has gained significant social media attention since 2017—largely contributed to a 50% rise in sexual harassment lawsuits against employers over the past few years, according to the U.S. Equal Employment Opportunity Commission (EEOC). This movement emphasizes how important it is for employers to implement effective sexual harassment prevention measures (e.g., a zero-tolerance policy and a sexual harassment awareness training program), reporting methods and response protocols.

The Black Lives Matter movement—which is a racial justice campaign that was originally founded in 2013 and resurged in 2020 in the form of nationwide protests—has the potential to become a driving factor in race-related workplace discrimination and harassment lawsuits. This movement makes it increasingly vital for your organization to take steps to promote diversity, acceptance and inclusion in the workplace, as well as take any accusations or reports of racism seriously.

LGBTQ+ Protections

Although the EEOC had previously released guidance stating that workplace discrimination and harassment based on sexual orientation, gender identity and gender expression violated Title VII of the Civil Rights Act of 1964, the U.S. Supreme Court just recently confirmed in 2020 that Title VII protects gay and transgender employees from such treatment. While this is a relatively new development, the Supreme Court’s decision highlights the need for your organization to ensure all LGBTQ+ employees feel properly supported in the workplace.

Age Discrimination

According to the U.S. Bureau of Labor Statistics, the share of employees over the age of 55 in the labor force is expected to rise to nearly 25% by 2024 (up from 13% in 2001). This demographic shift makes it increasingly important for employers to take steps to minimize the potential for age discrimination issues within the workplace. After all, the Age Discrimination in Employment Act (ADEA) forbids age discrimination against employees and job applicants aged 40 and over.

Despite the ADEA; however, a recent Hiscox study found that 21% of U.S. employees have reported experiencing workplace discrimination based on their age. Such discrimination can lead to poor staff morale, a tarnished organizational reputation and an increase in EPL claims. With this in mind, it’s important to review your organization’s employment practices to ensure you are fostering a workplace culture that rejects ageism.

Wage, Leave and Salary History

As wage and hour laws continue to change across the country, it’s critical that your organization regularly reviews state-specific legislation related to minimum wage, employee classifications (e.g., hourly or salaried), overtime pay, sick leave and other paid time off. A failure to provide your staff with adequate wages or paid leave could lead to various EPL claims.

Employers’ ability to receive their employees’ prior salary history has also become a rising concern. In fact, in some states, recent legislation now prohibits employers from requesting or requiring salary history from a job applicant as a condition of being interviewed, hired or even considered for a position. In light of these changes, it’s best to speak with legal counsel for state-specific employee wage, leave and salary history guidance.

Marijuana Legalization

Following the 2020 election results, medical marijuana is now legal in 36 states and recreational marijuana is now legal in 15 states. As marijuana legalization becomes increasingly commonplace across the country, it’s crucial for your organization to review any state-specific legislation and adjust workplace policies and procedures accordingly.

Specifically, some states have enacted legislation that restricts an employers’ ability to conduct drug tests for marijuana. Further, several state court cases have ruled in favor of the employee in recent employment lawsuits related to marijuana usage. This includes a case in which a disabled employee sued their employer for alleged workplace discrimination due to medical marijuana usage, as well as a case in which an employee sued their employer for alleged wrongful termination due to a positive drug test for marijuana.

That being said, your organization may need to reconsider or revise procedures related to conducting workplace drug tests for marijuana or basing employment decisions on an employee’s marijuana usage, as these practices could potentially contribute to EPL claims. Be sure to consult legal counsel for state-specific compliance guidance on this topic.

We’re Here to Help

You don’t have to respond to this changing risk landscape alone. We’re here to help you navigate these EPL market trends with ease. For additional coverage guidance and solutions, contact Amelia Bernstein, Senior Director of Specialty Lines at Sentinel Risk Advisors.

Amelia Bernstein’s legal background allows her to provide clients with complex needs with specialty lines of coverage. As the Senior Director of Specialty Lines and a Partner in the firm, Amelia oversees a broad range of accounts, including all of Sentinel’s professional, executive and cyber liability insurance clients. She has a proven background of providing clients with risk management solutions they were once told were impossible to achieve.

Annual Conference Returns NCMGMA to In-person Meeting with Continuing Education, Awards, and Service Project

It was a long time in the making but the North Carolina Medical Group Management Association (NCMGMA) finally came back together, in-person, last week at the Marriott Myrtle Beach Resort & Spa at Grande Dunes for their 2021 Annual Conference (May 19-21). Members, sponsors, exhibitors and speakers were brought together for three-days of continuing education, networking and the showcasing of some of healthcare’s best products and services in the exhibit hall. This year’s featured speakers included Monica Wofford of Contagious Companies, motivational speaker and author Paul Long, Steve Parker of Curi, Jason Deshayes of Cook Wealth Management, and Sharon Jones, Ph.D., of thedot. Consulting.

Exhibitor/Sponsor Welcome Video

As a fun way to kick off this year’s event, some of our 2021 Alliance sponsors/Annual Conference exhibitors put together a short welcome video for our attendees. They let their personalities shine through and the video was a hit with conference goers. Click on the image below to view the Annual Conference welcome video.

2021 Award Winners

At the networking reception on Thursday evening, NCMGMA welcomed the sunshine out on the Marriott’s Courtyard and recognized healthcare leadership excellence with their 2021 Annual Awards. Congratulations to this year’s award winners:

Administrator of the Year Award
Michael Icenhour, CMPE
Mid Atlantic Emergency Med Associates, PLLC
The Administrator of the Year award, sponsored by Curi – a Medical Mutual Company, honors a medical practice administrator who has demonstrated exceptional leadership and management proficiency, and who has helped enhance the effectiveness of health care delivery in North Carolina. The Administrator of the Year Award also provides the recipient with a stipend for continuing education at a state or national Medical Group Management Association (MGMA) meeting or professional development through ACMPE.

(L-R): Administrator of the Year Michael Icenhour and Steve Parker of Curi – A Medical Mutual Company.

President’s Award
Frank Chitty, CMPE
Coastal Physicians Alliance
The President’s Award is given to a member of NCMGMA for outstanding service and contribution to the association, its members and medical practice management.

(L-R): President’s Award winner Frank Chitty and Steve Parker of Curi – A Medical Mutual Company.

Kim Harrah Becker Volunteer Award
Melissa White
Newton Family Physicians, P.A.
The Kim Harrah Becker Volunteer Award highlights the true meaning of volunteerism for NCMGMA and we are proud to present it to Melissa, a member whose continuous service and commitment to our organization truly embodies the spirit of this award.

(L-R): NCMGMA President Amanda McKinney and Kim Harrah Becker Volunteer Award winner Melissa White.

NourishNC Service Project

At the close of educational sessions on Thursday, May 20th, NCMGMA teamed up with NourishNC to make snack packs for children in need in North Carolina’s New Hanover County. NourishNC is a 5019 (c) 3 nonprofit whose mission is to provide healthy food to hungry children, empowering them to succeed in the classroom and in their community. In the end, attendees, exhibitors, sponsors, and NCMGMA staff made over 200 snack packs for NourishNC. Thank you to everyone who participated in this essential service project!

Upcoming Events

Our next in-person event is our 2021 Advocacy Days, scheduled for June 15-16 in Raleigh, NC. Registration is open and more details can be found here.

Watch your email for registration coming soon for our Fall Conference, scheduled for October 6-8 at the Renaissance Hotel in Asheville.

Event Photos

Efficient and Effective Pathways to Value-based Care

By Dr. Kenneth Persaud

2021 Alliance sponsor feature article courtesy of Sharecare

Partnering to Create an Expandable Framework
for Value-based Care Success


White-Wilson Medical Center Fort Walton Beach, Florida employs 80 physicians and advanced practice clinicians and had a goal to move to value-based care contracts with payors to improve care and reimbursement.

About White-Wison:

Founded in 1946, White-Wilson Medical Center occupies a unique position on Florida’s Emerald Coast as the largest, multi-specialty, outpatient physician group in the region. With locations in Fort Walton Beach, Crestview, Destin, Navarre, and Niceville, White-Wilson has the community’s largest team of physicians, specializing in more than 20 areas of medicine. In addition to primary and specialty care, White-Wilson offers immediate care services for any urgent care needs at each of its clinics.

The amount we learned from Sharecare is incredible. I can’t say enough about how much they taught us about the value-based care business, the market, and how to apply that learning going forward. Sharecare has been crucial to that process.

Mark Wiacek, Chief Operating Officer, White-Wilson Medical Center

The challenge:

Decreasing reimbursements from the fee-for-service model was limiting growth in revenue and patient outcomes and satisfaction. It was critical to the practice to remain independently owned in a competitive market. Value-based care contracts with Medicare and other payers offered a path to greater growth and better patient care, but the White-Wilson team had no experience in this area and needed expert resources to help them drive these programs. They found that just hiring people didn’t work – they needed processes and technologies to support this transition to value-based care.

Creating an ACO involves putting a framework, including a governing board, into place to provide the coordinated, high-quality, efficient, and effective care that is the goal of the ACO program. The program also offers benefits to providers: when an ACO succeeds in both delivering high-quality care and spending health care dollars more wisely, it will share in the savings it achieves for the Medicare program. The program is not without risk, however, as ACOs that do not deliver effective care can lose money. Sharecare engaged as a full partner in this case, offering a contract that shared both risk and reward.

In addition, the coordinated care that is at the core of an ACO program increases emphasis on patient services that positively impact outcomes, such as wellness visits and transition care upon hospital release. These services also offer expanded opportunities for reimbursement and revenue growth.

Sharecare’s team offered expertise, guidance, processes, and technologies to support White-Wilson in their transition to value-based care. In 2016, White-Wilson started their journey by participating in the Medicare merit-based incentive payment system (MIPS), with Sharecare offering technologies that augmented the White-Wilson electronic health record (EHR) systems to produce the data required for value-based care. By 2017, the team had the data benchmarks they needed to create the White-Wilson ACO. In 2018, White-Wilson added risk-adjustment audit services to their ACO contract with Sharecare. By 2019, White-Wilson had won a value-based service contract with a major payor in the market.

Consultative collaboration was the key to success.

The augmentation of the White-Wilson EHR system with Sharecare technology bridged deficiencies in the EHR system to enable the value-based care reporting required by the MIPS program while putting off a costly upgrade to the EHR system that would otherwise have been necessary. The collaboration ensured that White-Wilson’s MIPS program stayed out of penalty and was awarded a “Top Performer” bonus.

The White-Wilson ACO, now serving around 100,000 patients, demonstrated quality improvement scores in the 94th percentile in each year, cost reductions of more than $3M over three years, and improved patient-satisfaction scores through the program along with over $6M in revenue on value-based payments with other payors. White-Wilson was able to put the necessary systems into place to ensure that they avoided penalties, and in those three years, 2017-2019, they saved between $700,000-$1,400,000 a year with Medicare.

White-Wilson’s ACO generated substantial revenue gains by doubling annual wellness visits and post hospitalization transition visits over the same period, with 2021 already on track to continue this trend. Most importantly, White-Wilson’s patients have received better, more coordinated, and effective care through these programs.

White-Wilson was able to develop payor-agonistic strategies and has already expanded the framework to private-payor value-based contracts. With this framework, they found that they could build an organization to manage a larger population and generate higher revenue without adding any full-time employees. In 2019, White-Wilson landed a sizeable multi-year agreement that will bring significant revenue to the practice. The momentum is built in the direction of more of these kinds of private-payor contracts in the future.

White-Wilson has adopted other Sharecare solutions, including diabetes management programs to optimize care, close gaps, and maximize revenue for their more than 24,000 eligible diabetes patients. The practice is also an early adopter of the Sharecare telehealth platform, which allows them to address patients’ important healthcare needs safely and conveniently remotely.

In the future, White Wilson is planning to expand to commercial private-payor value-based contracts and continue the partnership with Sharecare to offer more services to patients and expand revenue in key markets.

About Sharecare:

Sharecare value-based care enables payors to work with providers to offer the right care at the right time, improve population outcomes and the member experience while reducing per capita costs for healthcare. Sharecare is an all-inclusive value-based payments platform to help achieve better and more sustainable financial outcomes.

Sharecare offers the strength of many trusted individual solutions, with options to bundle each component and create unified actionable metrics that drive intelligent decision support for the entire healthcare ecosystem.

All together, better.

Want to know more about how to duplicate White-Wilson’s success? Contact us!

Does Your Brand Have a Strong Voice?

2021 Alliance sponsor feature article courtesy of Social Joey

Originally published to the Social Joey blog | Reprinted with permission

How’s it going? As more and more businesses across the country reopen and we start to carve out a new normal, how are things going for your business?

Let’s face it: COVID-19 has caused—and will continue to cause—us to pivot and change course more often than we’d like to think about. That applies to everything from our physical stores to our marketing!

If you’re taking a thoughtful look at your marketing efforts these days, you aren’t alone. That’s why we thought it would be good to hone in on an important part of any effective strategy: a distinctive brand voice.

Your audience can’t hear what you’re saying if your voice isn’t strong. Read on as our Social Joey team offers a deep dive into why a brand voice is so important.

Why a Brand Voice Is Important

As we step forward toward the post-COVID-19 future, it’s more important than ever to stand out from other businesses offering the same product or service.

People are spending more time than ever online and on social media specifically, making them more likely to be educated buyers. They’re looking for helpful, useful and relevant guidance and resources to help them make good buying decisions when they need something.

They’re also looking for something that helps them determine which brand is the best.

When you’re trying to stand out, your words and messaging play a key role in setting your business or franchise apart from your competitors. Having a distinctive and strong brand voice is essential for carving out your place in an increasingly digital world.

The Difference Between “Voice” and “Tone”

Before we dive into how you can build your own distinctive brand voice, let’s first clarify an important point. While the two terms are often used interchangeably, voice and tone are not the same thing.

Let’s break it down this way:

  • Your voice is your brand’s character, your personality. It stays the same and consistent, no matter what message you’re conveying. This is how your brand speaks and acts.
  • Your tone is the inflection you’re giving your voice in a particular piece of content. Tone will vary depending on the specific message and audience. It has to change in order to stay relevant to the people you’re trying to reach.

The Components of a Brand Voice

While you now know that a distinctive voice is important for your business, you may have no idea where to begin.

But there are some basic components involved in establishing and maintaining this voice. These components include:


What do you stand for? What are your values? What is your mission?

These are the underlying questions behind determining your brand voice. You need to know what’s behind your brand in order to know how it speaks.

It may even be helpful to think of your brand as a person. After all, you’re determining its personality!

What type of words does your “person” use? Is your person laid-back or energetic? Warm or cool? Formal or irreverent?

This is your brand voice. Making it clear who are you are as a brand will help you carve out a niche with your customers and potential customers. That’s what sets you apart!


We’ve talked about the importance of consistency many times before, but we usually discuss it in the context of maintaining frequent, regular social media posting.

Consistency also matters for your brand voice. You’ve carved out a distinctive voice. That’s step one. But step two is to carry that voice through everything you create.

This consistency should be maintained in all of our marketing materials, including your social media marketing. Keeping “on brand” can help ensure your target audience hears your voice loud and clear.

How can you make your voice shine on social media? It’s pretty simple, really!

Once you’ve nailed down what your brand voice is, you want to determine how it affects the various pieces of your strategy. This includes making sure that external pieces you’ll be sharing are still distinctively in your voice and ensuring that the posts themselves are crafted in the right voice and tone.

Because the only thing constant is change, it may also be beneficial to think through what your brand’s voice will be in times of chaos, turmoil or emergencies. While we don’t like to think of the worst case scenario, it’s still an important part of planning.


Does your brand have an established style guide? Yes? OK, next question—do you stick with your style guide?

Be honest! Believe it or not, your style makes an impact when it comes to your brand’s voice. Carving out an established set of style, grammar and other guidelines is vitally important.

We talked above about why it’s important to remain consistent in your brand’s voicing. Your style guide—and adhering to that style guide—is key to ensuring you are giving your audiences a consistent voice.

What’s involved in a style guide? Well, it’s everything that makes your brand a brand! It’s all the little tiny components that give you a voice.

A style or branding guide (the two terms are essentially the same thing) helps provide clarity and guidelines around your brand voice. It should include basics such as logos and color palettes and more specific guidelines related to style and grammar.

This can get as granular as whether you use commas in a simple series or as simple as words you prefer. (Don’t worry if you don’t know what a simple series is or why it matters—we’ve got that base covered for you!)

Why is this type of guide important? Refer back to the items we just talked about, clarity and consistency.

You’ve clarified your voice by determining the personality of your brand, and you need to be consistent in the use of that voice across all your content. A style guide provides a set of specifics on how you do that.

In other words, it’s your user’s guide to raising your voice!

Whether you have a distinctive brand voice or need help putting one into action, we’re here to help! Let our Social Joey team go to work to transform your social media marketing.

Cary Orthopaedics Case Study

2021 Alliance sponsor feature article courtesy of rater8

Cary Orthopaedics has proudly served Raleigh and Southeast Wake County for over 30 years. When CEO, Brad Scheel, joined the team in January 2019, he knew he had to do something about their subpar online image. Brad states “My best doctors had only 2-3 online reviews after practicing for 10-20 years.”

Cary Orthopaedics struggled with the same problem many medical practices experience today: poor and too few online reviews. Most patients had exceptional experiences at the practice. However, the few outliers were inclined to vent their frustrations online. Having encountered this problem at his previous practice, Raleigh Endocrine Associates, Brad knew how to address this.

Mean What You Say and Say What You Mean

By Janet Woodall, Owner/Operator, Rockingham Revenue Services, LLC

2021 Alliance Sponsor feature article courtesy of Rockingham Revenue Services, LLC

I am the oldest of four children. My parents were very strict on us. Of course, my dad was a Pastor, so we had to behave. The one thing I learned the most from my parents is “mean what you say and say what you mean.” If we went to a store and my dad said we were only purchasing certain items on a list, you can guarantee we would not be getting anything else. Even if we asked, he would say “I meant what I said.”

As managers, we struggle with our staff having issues with communication. Nine times out of ten when issues arise it is because of the lack of communication. Someone failed to give all the information, or someone did not mean what they said. In order for us to avoid communication issues, I have listed some ways that are helpful to me when communicating information:

Team Meeting – If there is an issue with your team as a whole, then you should meet with them all together. Make sure to lay some ground rules, such as being respectful to each other and allowing the other person to speak their mind. Team meetings can create a sense of unity. However, you do not want it to turn into a blaming session. Make sure to redirect negativity as much as possible.

One-On-One – Sometimes issues need to be dealt with directly with your staff. If there is an issue that continues to happen, I would avoid the team approach and go straight to the source. I feel much better approaching a staff member directly when something is wrong rather than making everyone else feel like it does not apply to them.

Listen – God gave us two ears and one mouth for a reason. We often want to solve people’s problems before they can even finish what they are saying. Listen to them carefully and make them feel like they have been heard.

Thankful and Grateful – Always let your staff know you are thankful and grateful for them bringing things to your attention that need to be addressed. If you do not know you cannot address it. They need to know that you care.

Five Myths Your Landlord Wants You to Believe

By Stephanie Daniels, CARR

2021 Alliance Sponsor feature article courtesy of CARR

It can be difficult to discern fact from fiction when dealing with landlords. A misunderstanding of these key issues can have serious consequences for your practice. The following information should help dispel some common myths and prevent costly mistakes in your next lease negotiation.

Myth #1: The landlord is on your side

Many landlords attempt to befriend their tenants, making it difficult for tenants to remember the landlord’s primary goal is financial gain. They are seeking to secure a lease with the tenant paying as much as possible. Even the friendliest landlord wants to make the maximum profit on his space, just like the nicest tenant seeks the lowest possible lease rate so his business can thrive. Financial burdens quickly arise for tenants who place undue trust in their landlord and fail to properly negotiate their lease. By having representation, you can learn how your lease compares to the market and ensure you are getting the best possible terms.

Myth #2: You are not entitled to representation

Some landlords employ intimidation, instead of friendliness, to achieve their goal. The intimidation tactics may include telling tenants they are not allowed to have representation. This is not true. Lease negotiations are different than negotiating the price of a car or trying to haggle for a better price at a flea market. They are complex transactions, layered with hidden opportunities for landlords to take advantage of anyone not represented by an expert. Landlords are professionals who are aware of these complexities. If a landlord says you are not allowed to have representation, that is a clear signal they do not respect your desire to be treated fairly.

Myth #3: You are already getting the best possible rate for your space

There are many conditions that factor into lease rates for a commercial space. Things such as current building vacancy, length of the lease, amount of tenant improvement allowance, building condition and many other considerations impact the appropriate rate for a particular space. Several of these considerations are specific to spaces for healthcare tenants, highlighting the need for a real estate professional who has expertise in healthcare. Healthcare practices are often told they are getting the best possible rate for their space, yet they can receive a much better offer from the landlord when an expert assesses these mitigating factors.

Myth #4: Your renewal is not negotiable

Most leases provide an option for the tenant to renew their lease when it expires, and may even detail the exact terms of the renewal. However, it is important to understand that your renewal is negotiable, even if you have renewal terms specified in your current lease. A landlord who says you cannot renegotiate the terms for your renewal is usually doing so because they can get you to pay more by exercising the option to renew instead of negotiating new terms. The only way to be certain you have the best possible terms for your renewal is to compare those terms with current market rates in the area, a vital step often missed by healthcare professionals entering this process alone.

Myth #5: You have no other options; the landlord has many

This common myth might be the most important to address, because it is fundamental to how landlords operate. The landlord wants you to believe that his property is the only suitable location for your practice. The truth is there are likely several other properties that would fit the needs of your practice, and the landlord should be competing to keep you in his building.

The landlord also wants you to believe he has several potential tenants ready to occupy your space if you don’t take it. This position is used to force a tenant to rush into signing an unfavorable lease, when, in fact, it usually takes months or years to fill a commercial space. Each leasing situation is unique, and a healthcare real estate professional who knows your strengths as a tenant can help you understand what type of leverage you have.

This information represents a few of the many misconceptions involving landlords in healthcare real estate transactions. Using a real estate professional with expertise in healthcare will help protect you from falling victim to these and other common landlord myths.

CARR is the nation’s leading provider of commercial real estate services for healthcare tenants and buyers. Every year, thousands of healthcare practices trust CARR to achieve the most favorable terms on their lease and purchase negotiations. CARR’s team of experts assist with start-ups, lease renewals, expansions, relocations, additional offices, purchases, and practice transitions. Healthcare practices choose CARR to save them a substantial amount of time and money; while ensuring their interests are always first.

Visit CARR.US to learn more and find an expert agent representing healthcare practices in your area.

Five Predictions for the 2021 Supply Chain

Originally published on Premier’s blog

2021 Alliance Sponsor feature article courtesy of stockd, Premier’s e-commerce platform

It’s no secret that 2020 was a tough year for the healthcare supply chain. But in 2021, we’re bringing forward both reflection and new strength – and as several great scholars have noted: “The best way to predict the future is to create it.”

Premier and our members are doing just that. Even as COVID-19 exposed supply chain flaws and transformed the healthcare landscape, together we’re showing up and leveling up to address the biggest challenges as a result of COVID-19 and drive healthcare innovation for the future.

And we’re not yet done bringing the supply chain back to health.

Follow this link to view the complete article.

Cyber Security for Medical Devices and Hospital Networks

2021 Alliance sponsor feature article courtesy of the Sentinel Risk Advisors

Many medical devices contain configurable embedded computer systems that can be vulnerable to cyber-security breaches. In addition, as medical devices are increasingly interconnected via the Internet, hospital networks, other medical devices or smartphones, there is an increased risk of cyber-security breaches, which could affect how a medical device operates.

The Food and Drug Administration (FDA) has recently become aware of cyber-security vulnerabilities and incidents that could directly impact medical devices or hospital network operations, such as the following:

  • Network-connected/configured medical devices infected or disabled by malware.
  • The presence of malware on hospital computers, smartphones and tablets, targeting mobile devices using wireless technology to access patient data, monitoring systems and implanted patient devices.
  • Uncontrolled distribution of passwords, disabled passwords, hard-coded passwords for software intended for privileged device access (e.g., to administrative, technical and maintenance personnel).
  • Failure to provide timely security software updates and patches to medical devices and networks and to address related vulnerabilities in older medical device models (legacy devices).
  • Security vulnerabilities in off-the-shelf software designed to prevent unauthorized device or network access, such as plain-text or no authentication, hard-coded passwords, documented service accounts in service manuals and poor coding/SQL injection.

The FDA has been working closely with other federal agencies and manufacturers to identify, communicate and mitigate vulnerabilities and incidents as they are identified.

FDA Recommendations/Actions

The FDA has a number of recommendations to mitigate the risks that technology may pose to health care organizations.

For all device manufacturers:

Manufacturers are responsible for remaining vigilant about identifying risks and hazards associated with their medical devices, including risks related to cyber security, and are responsible for putting appropriate mitigations in place to address patient safety and ensure proper device performance.

The FDA expects medical device manufacturers to take appropriate steps to limit the opportunities for unauthorized access to medical devices. Specifically, it is recommended that manufacturers review their cyber-security practices and policies to ensure that appropriate safeguards are in place to prevent unauthorized access or modification to their medical devices or compromise the security of the hospital network that may be connected to the device. The extent to which security controls are needed will depend on the medical device, its environment of use, the type and probability of the risks to which it is exposed, and the probable risks to patients from a security breach.

In evaluating your device, consider doing the following:

  • Take steps to limit unauthorized device access to trusted users only, particularly for those devices that are life-sustaining or could be directly connected to hospital networks.
  • Appropriate security controls may include user authentication, such as user ID and password, smartcard, or biometrics; strengthening password protection by avoiding hard-coded passwords and limiting public access to passwords used for technical device access; physical locks; card readers; and guards.
  • Protect individual components from exploitation and develop strategies for active security protection appropriate for the device’s use environment. Such strategies should include timely deployment of routine, validated security patches and methods to restrict software or firmware updates to authenticated code. The FDA typically does not need to review or approve medical device software changes made solely to strengthen cyber security.
  • Use design approaches that maintain a device’s critical functionality, even when security has been compromised, known as “fail-safe modes.”
  • Provide methods for retention and recovery after an incident where security has been compromised.
  • Cyber-security incidents are increasingly likely and manufacturers should consider incident response plans that address the possibility of degraded operation and efficient restoration and recovery.

For health care facilities:

The FDA recommends that you take steps to evaluate your network security and protect your hospital system. In evaluating network security, hospitals and health care facilities should consider doing the following:

  • Restricting unauthorized access to the network and networked medical devices.
  • Making certain that appropriate antivirus software and firewalls are up to date.
  • Monitoring network activity for unauthorized use.
  • Protecting individual network components through routine and periodic evaluation, including updating security patches and disabling all unnecessary ports and services.
  • Contacting the specific device manufacturer if you think you may have a cyber-security problem related to a medical device.
  • If you are unable to determine the manufacturer or cannot contact the manufacturer, the FDA may be able to assist in vulnerability reporting and resolution.
  • Developing and evaluating strategies to maintain critical functionality during adverse conditions

Reporting Problems to the FDA

Prompt reporting of adverse events can help the FDA identify and better understand the risks associated with medical devices. If you suspect that a cyber-security event has impacted the performance of a medical device or has impacted a hospital network system, file a voluntary report through MedWatch, the FDA Safety Information and Adverse Event Reporting program.

Health care personnel employed by facilities that are subject to the FDA’s user facility reporting requirements should follow the reporting procedures established by their facilities. Device manufacturers must comply with the Medical Device Reporting (MDR) regulations.

For guidance on how to keep your healthcare facility safe and secure from cyber threats, contact Amelia Bernstein, Senior Director of Specialty Lines at Sentinel Risk Advisors.

Amelia Bernstein’s legal background allows her to provide clients with complex needs with specialty lines of coverage. As the Senior Director of Specialty Lines and a Partner in the firm, Amelia oversees a broad range of client accounts, including all of Sentinel’s professional, executive and cyber liability insurance clients. She has a proven background of providing clients with risk management solutions they were once told were impossible to achieve.