• Home
  • MGMA Washington Connection 07/16/20

MGMA Washington Connection 07/16/20

07/16/2020 10:17 AM | Rebekah Francis (Administrator)

Practices see rise in cyberattacks during COVID-19 pandemic

Healthcare entities, including medical practices and hospitals, are seeing an increase in the number of cyberattacks since the start of the COVID-19 pandemic. In particular, practices are vulnerable to ransomware, a type of malware that locks valuable digital files and then demand a ransom in order for these files to be unlocked. As well, stealing electronic health records can be more valuable than getting access to credit card numbers alone, allowing thieves to file fraudulent insurance claims, obtain prescription medication, and steal identities. To assist in protecting your practice against cyberattacks, members are encouraged to visit the MGMA HIPAA Resource Center to access resources such as the Cybersecurity Action Steps for Medical Practices tool and the Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients resource developed by the federal government.

MGMA advocates for changes to tax treatment of Provider Relief Funds

The Internal Revenue Service clarified on July 6 that for-profit healthcare providers must pay taxes on any grant payments received from the Provider Relief Fund. In response to this announcement, MGMA urged Congress to change this policy to ensure these funds are not taxed. The CARES Act established both the Provider Relief Fund and the Paycheck Protection Program (PPP) and specifically addressed the taxability of the PPP by stating any PPP loan payments that are forgiven are not counted as taxable income. However, the Act did not address the tax treatment of the Provider Relief Fund. MGMA believes this was an oversight and is advocating for change. 

Apply for Medicaid/CHIP Provider Relief Fund payment by July 20

July 20 is the deadline for eligible Medicaid and Children’s Health Insurance Program (CHIP) providers to apply for funding via the Enhanced Provider Relief Fund Payment Portal. The Department of Health & Human Services (HHS) expects to distribute $15 billion to eligible providers that did not previously receive a payment from the $50 billion General Distribution. The portal will allow such providers to report their annual revenue data to HHS and apply to receive a payment equal to at least two percent of reported gross revenues from patient care. For additional information on eligibility and the application process, providers can refer to the program’s application instructions

HHS modifies substance use disorder privacy regulations

The Substance Abuse and Mental Health Services Administration, an agency within HHS, released a final rule modifying the 42 CFR Part 2 regulation governing the confidentiality of records for patients with substance use disorder (SUD). While HIPAA permits the sharing of patient data for treatment, payment, and healthcare operations without patient consent, Part 2 creates a separate standard for the sharing of SUD information that requires patient consent. Key modifications include:

·     Treatment records created by non-Part 2 providers are explicitly not covered by Part 2, unless any SUD records previously received from a Part 2 program are incorporated into such records;

·     SUD patients may consent to disclosure of Part 2 treatment records to a practice without naming an individual (previously, they would have had to identify a specific person in the practice); and

Non-opioid treatment program and non-central registry treating providers are now eligible to query a central registry in order to determine whether their patients are already receiving opioid treatment.


To develop and equip our members to create dynamic, successful medical group practices.


To be the recognized leader in defining and supporting the profession of medical practice management in Missouri.


PO Box 381533
Birmingham, AL 35238
Phone: (573) 556-6111
Fax: (877) 720-1495

Copyright 2020, MGMA-MO.org | info@mgma-mo.org