A cyberattack on any healthcare organization can be damaging, but for a small surgical practice it can have disastrous consequences. The April 2025 issue of the Bulletin of the American College of Surgeons includes an article by Joint Commission Board Member Lenworth M. Jacobs, Jr., MD, MPD, FACS.
Dr. Jacobs writes of a billing-related hack experienced by a small surgery practice in February 2024, when cyber criminals unleashed a ransomware attack on the medical billing company used by the practice. “All it takes is one disruption to threaten everything that a small practice has developed over decades,” writes Dr. Jacobs.
The article provides advice for small surgical practices from John Riggi, national advisor for cybersecurity and risk for the American Hospital Association (AHA). In 2023, Riggi helped The Joint Commission develop “Sentinel Event Alert 67: Preserving patient safety after a cyberattack” to provide guidance and safety actions for healthcare organizations.
Read the article, "Disastrous Consequences Result from Medical Billing Cyberattack on Small Practice".
As a reminder, existing high-rise healthcare occupancies – including critical access hospitals, hospitals, inpatient hospice facilities, and nursing care centers – must be fully sprinklered by July 5, 2028. This is stipulated in the U.S. Centers for Medicare & Medicaid Services (CMS) final rule on July 5, 2016, when CMS adopted the 2012 edition of the National Fire Protection Association’s (NFPA) Life Safety Code®* (NFPA 101-2012). (Life Safety Code® is a registered trademark of the National Fire Protection Association, Quincy, Massachusetts.)
With the deadline 3-1/2 years away, The Joint Commission is reminding healthcare organizations about this large-scale improvement project to install sprinklers throughout unsprinklered or partially sprinklered facilities. As of July 5, 2025, only 25% of the grace period remains.
Life Safety Code surveyors will be discussing compliance plans during survey in high-rise facilities that are not yet fully sprinklered.
Joint Commission accredited organizations should contact their account executive for questions about compliance.
Expand your knowledge in the growing area of Health Data Analytics with the National Association for Healthcare Quality’s (NAHQ’s) new Micro-Credential. This growing portfolio offers deeper learning into each of the domains of NAHQ’s Healthcare Quality Competency Framework.
Complete the two courses for the Health Data Analytics Micro-Credential and receive a certificate of completion, digital badge and Certified Professional in Healthcare Quality (CPHQ) continuing education (CE) credit.
Learn more about NAHQ’s Micro-Credentials.