☰ Menu

CHC in the Spotlight



Community Hospital Blog

Telecommunications Savings: Rural Health Care Program Update

by Melvin Ostlie, CHC Director of Information Technology


One line-item expense in every hospital budget regardless of facility size or location is telecommunications. Why do rural hospitals tend to pay more for telecom services than their urban counterparts? Carriers are able to charge for the expense of installing and maintaining communications to rural areas. Fortunately, reduced rates for broadband and telecom services are available to rural providers through the Rural Healthcare Telecommunications (RHC) Program, a federal program supporting universal service and access throughout the country. It includes two subprograms, the Healthcare Connect Fund (HCF) Program and the Telecommunications (Telecom) Program.


It’s easy to see why the program has become so popular with rural hospitals. In fact, due to a high demand for RHC Program funds in Funding Year 2016 (FY2016), the funding limit cap of $400 million was reached, and a second filing window – a fixed period when all funding requests received are treated as though they were received at the same time – was closed. In 2017, new funding requests were accepted under a revised filing window period from March 1 to June 30, 2017. Given this demand, the review process to obtain funding is more discriminating than ever before.


Also, effective January 1, 2017, Skilled Nursing Facilities (SNFs) came into the mix. SNFs can now begin the process to obtain RHC Program funding by applying as an individual health care provider.


Along with a tighter review process, hospitals need to ensure that everything is laid out in the way and language that funders want. That’s where CHC Consulting comes in. Our experts know what systems and equipment qualify and understand the filing process, helping hospitals access telecom savings ranging from 60 to 90 percent.


How CHC Consulting can help


To meet provider needs and enhance funding opportunities, CHC Consulting offers customized support, including:

  • Funding process management strategy and application services
  • USAC documentation and ongoing monitoring
  • Onsite or web-based support and training options for staff
  • Access to a rural-urban HCF Consortium set up to facilitate funding and savings
  • Appeals support for denied funding requests

For more information


See Telecommunications and USAC to discover how CHC can help your facility save money on telecom expenses. 

Tags: Technology
Managing Organizational Risk: Ways to Keep Your Hospital Safe

by Brian Doerr, CHC SVP Information Technology & Security and Privacy Officer

In this era of electronic data, we’ve come to expect that personal information stored electronically will remain private, accessible only on a “need-to-know” basis to those you identify. But what happens when organizational data becomes available to others as a result of cyber attacks? As an industry, hospitals face particular challenges.


In fact, health care organizations top the list of the most cyber-attacked industries, followed by manufacturing, financial services and the government. Data breaches place private patient data at risk, and HIPAA standards and compliance audits don’t adequately address security issues.


Some of the reasons why health care security risks have steadily increased include:

  • Enhanced access to data via the web and remote devices;
  • Application sprawl, as applications are brought in to satisfy niche requests and unused applications are not decommissioned;
  • Use of mobile and embedded systems such cell phones, laptops, pumps, printers, copiers and more;
  • Limited resources and staff expertise to address growing security needs.

Although the healthcare industry has taken steps to manage IT intrusions, risk management ultimately falls to health systems, hospitals and physician practices. Based on my experience working with these front-line providers, here are some best practice tips to quickly identify, reduce, and manage hospital risk while balancing safety and access to data.

  • Be proactive. It’s not a matter of IF but rather WHEN your organization will be attacked - have a plan in place to quickly identify and mitigate threats.
  • Connect IT security to organizational risk. Reframe the conversation on IT security as a significant organizational risk, beyond the IT function or “checkbox” compliance. Include hospital leadership and an IT steering committee in evaluating the business risks of seemingly small IT implementations to large scale capital investments.
  • Study security roles. Do you really have a Chief Information Security Officer? Perhaps you have an IT Director and/or Security Officer, and they are different individuals. Do they have the training needed to manage security? You may want to re-evaluate positions and governance structure based on a risk/security focus.
  • Monitor data flow. Ensure data is secure at every stage of the workflow, from data flowing through the network, to endpoint devices. Confirm that the network and systems are logging activity and are consistently monitored. Conduct monthly/quarterly penetration testing and incident response exercises and earn from testing outcomes.
  • Analyze the IT environment. Simplify systems whenever possible. Standardize remote access methods.
  • Complete tactical modifications. Review processes and systems needed to improve security, such as 2-factor authentication and single sign-on services. Also, evaluate devices used in clinical settings and their need for full internet access. Ensure all devices with data stored locally are encrypted.
  • Communicate and educate. You can’t communicate “too much.” Inform end-users, management, and board members about cyber-security risks and stress their critical role in protecting the organization. Include education on cyber and physical security as part of orientation, and don’t forget ongoing communication with end-users. Let the community know what the facility is doing to protect their data.

Learn more about CHC Information Management Services including IT technology and security.

Tags: Cyber attack, Hacking, IT Security, Malware, Technology

CHC in the Spotlight