I'd like to introduce our speaker to get us started this morning. Ms. Valerie Barkoff is a seasoned revenue cycle consulting and operations expert with over 30 years of experience in the healthcare industry. She leads the healthcare advisory practice for Wyndham Brannan where she has been a key leader for over 10 years. In 2020, she took on the role of CEO at SHOAR, a technology company started by Wyndham Brannan focusing on innovative solutions for the healthcare sector. As a visionary in her field, Valerie has expertise in organizational change management, leading teams through complex transitions and implementing strategic initiatives to drive operational excellence. She is also the creator of REACT, which is a comprehensive tool designed to maintain critical revenue cycle operations during catastrophic cyber attacks, ensuring financial resiliency for hospitals. We are so thankful that you're here with us today, Valerie, we invite you to go ahead and get us started. All right. Thank you, Lindsay. And thank you to everybody who took time out of their very busy schedules to join us today to talk about cyber resiliency in healthcare. I want to give you a little bit of an overview of what we're going to talk about today. I want to tell you a little bit about SHOAR Health and the reason we are very passionate about cyber resiliency. I want to talk about one of our clients that went through a catastrophic cyber attack about a year ago and the challenges they face and the lessons they learned. One of the things that is really important is to share some of the stories out there so that all of us can go back and evaluate our operations and prepare for the time when a cyber attack occurs. Then I'll kind of just have some closing remarks, really focusing in on what we're recommending hospital organizations do in terms of next steps. So let me tell you a little bit about SHOAR Healthcare. So as Lindsay mentioned, it was founded in 2020. It stands for Smart Healthcare Operations and Revenue, and it was really focused on trying to bring advanced technologies and innovative solutions into our healthcare clients. So we solely focus in the area of healthcare. We are owned by Wynton Brandon, which is one of the oldest and largest professional services firms in the Southeast. Healthcare is our largest industry segment that we serve. We really work to help organizations look at opportunities to align their operations, enhance the efficiency, and adopt innovative technologies. Our journey with cyber resiliency happened with a client, and I want to tell you a little bit about them because I think it's going to resonate, and no hospital is too small to think about what will happen. Recently, two things have come out. The American Hospital Association has recommended to all hospitals that we be prepared to run on paper for 30 days in the event of a cyber attack. What I'll tell you, and we'll go through in the presentation, is that the typical cyber attack lasts for about four to six weeks. So 30 days is probably a good estimate, but we need to be prepared to run longer. The second thing is that it was the FBI director who said there are really two types of companies out there, those that have had a cyber attack and those that will. So while we still encourage our clients and healthcare organizations to still focus on preparing to prevent an attack, we also now need to start preparing to survive an attack and how we're going to keep our operations running. So a little bit about our client. I'll tell you that when we started working with them, they were a 17-hospital health system. They're down to 15 hospitals. Nonprofit healthcare system located in the Midwest. August of 2023, they had a catastrophic cyber attack. And for us, that is really a downtime of more than one day. But for this institution, it was two weeks. What we will tell you is to be able to get your system back up in two weeks was actually a very impressive feat and something they should be very proud of because the average attack, as I mentioned, is around four to six weeks of downtime. Their systems that were affected was pretty much everything. This was an epic shop. They no longer had access to their electronic health record. They didn't have access to the internet and their phone systems were down. So imagine a scenario where you walk into your hospital and your CIO or your CISO comes in and says, all systems are down. We believe it's a cyber attack and we do not know when we're going to be up and running. I mentioned the downtime was approximately two weeks and the remediation costs for the revenue cycle alone were around four to six and a half million dollars. This does not include any money that they spent in terms of restoring systems, ransoms. This is solely focused on the revenue cycle operations. I think a footnote that is important to know is that it looks like the attackers had been in their system for quite some time, which is why probably their backup systems were corrupted as well. What I've learned through my journey in cyber security is that the bad players and attackers can possibly be in your system six, nine, 12 months before they actually attack you. And sometimes they will actually share the information with other bad players. So you may have multiple organizations that are already in your system maneuvered around. There have been situations across the globe where the cyber attackers actually get into your systems and change the medical records. There was a patient that was killed in Germany based upon this exact situation happening where the doctors were operating on what they believed to be information in the patient's record but had been changed by the bad players. There's really two reasons we get attacked. One of them is obviously money. You know, they're going to do a ransomware attack, but hospitals are considered critical infrastructure and we are being attacked in retaliation for the United States being involved in different skirmishes across the globe. So a little bit more about them. I mentioned that they were a 17 hospital system and I'll explain to the reasoning behind 15 now. They had 250 physician practice facilities across the Midwest. In terms of some things that are very important to note, and you'll discover why as we go along, many of the hospitals that were in the health system were 340B hospitals. So this really is something to emphasize and underline when we talk about pharmacy. Epic was their EHR and they were, they believed that they had effective procedures for downtime. In terms of statistics, they had about 12,000 employees, 3,200 physicians, and did 1.3 million outpatient registrations annually. So the immediate concerns of the organization when they walked in that day and were told by their CISO that they were down and to start operating on paper were two things. How are we going to take care of the patients? And what are we going to do to restore the systems? One of the things that I didn't share in my background is that prior to getting back into consulting in 2009, I had two roles here in Georgia. The first, I was the Executive Director of Managed Care Contracting and Revenue Management for DeKalb Regional Health System. And I was the Vice President of Revenue Cycle for St. Joseph's Hospital of Atlanta. When our client first called us and told us that they were down and that they thought they were going to need some assistance, and we started to understand a little bit more about what happened, the first thing that came to mind is how exposed I would have been when I was at St. Joseph's or DeKalb. And what I meant by that is we did downtime drills, but from the perspective of revenue cycle, my focus was registration and the ability to get the patients registered so that they could be treated immediately. I never thought about how was I going to handle the financial operations that reported to me should there be a downtime. And as you can tell from our client, neither did they. They were focused on how we're going to take care of the patients and how we're going to restore the systems as quickly as possible. Well, when they were down for two weeks, I want to talk a little bit about some of the biggest issues that bubbled up. Medical records documentations, that became a very real and very challenging issue, particularly after systems were restored. Essentially, what you had happen is you had 17 hospitals who each individually huddled and within each of those hospitals, each department individually huddled and made a decision about how they were going to treat the patients and document that on paper. So imagine if you are a centralized function receiving information from 17 hospitals and all the departments within those 17 hospitals, and now you have numerous ways of capturing that information. So we're going to talk a little bit and do a deeper dive into medical records. Capturing the flow of patients between level of cares, and for us, we're talking about a patient who starts off in the emergency room. Maybe they go to observation and then into a med-surg unit. Maybe they go ED to ICU and then back down to a med-surg unit. It's very critically important that we capture the level of care changes and that we have orders that are legal orders, meaning that they are signed, dated, and time-stamped so that we can have a complete medical record. Huge charge capture inconsistencies. I talked about the huddling at the individual hospitals. So pharmacy A and hospital A may have had a different way of documenting their medication administration record than hospital B and pharmacy B, and that became a real big challenge very fast. And then, while I said that they believed they had processes in place for downtime, they really were unprepared for a catastrophic downtime, and then they did not have the appropriate resources in place to help them during the downtime, particularly when it came to the revenue cycle functions, and then they definitely did not have enough resources when systems were restored and trying to get the charges captured and the bills out the door. The biggest takeaways from this is that we had a huge disruption to revenue cycle functions. The charges, the documentation, the orders, medical necessity, all of those things, even being able to do prior authorizations, we had huge disruptions, which led to the suspension of billing activities. I'm going to cut to the punchline on this particular health system. When they first called us, they said, we think we need five seasoned revenue integrity people to help us with this, which is what we did. As soon as we started seeing the numbers come through, I remember calling them and said, as much as I would love to be engaged with you for five years, we are not going to be able to get through all of these records in a short timeframe, so we really need to ramp up. So they ended up engaging two different firms, and there was a total of 50, 5-0 plus professionals with outside consulting firms who were brought in simply to help them get bills out the door, and we worked for approximately nine months. So after the systems were restored, it took us almost nine months to get through the majority of the bills to get them out the door. Now obviously, this has led to significant financial implications, so let's put aside any long-term reputational damage that happened to this hospital in terms of business that they may not be able to recover. For those patients that were in the hospital, there was definitely significant revenue loss that we were unable to recover, and the financial strain that this put on the organization has led them to make a couple decisions. I mentioned they were 17 hospitals, and they're 15 now. They decided to sell two of their hospitals. Now, I do believe these hospitals were already being considered, but I do believe that the cyber attack led them to finalize that decision to go ahead and get rid of those two hospitals. And then the resource strain was very significant. They had to cut a lot of key initiatives that they were working on, and there's just a few other things that I know about that have been going on at that health system that have really caused a lot of strain to their organization and their strategic plans at the end of the day. So let's take a deeper dive into, I think, one of the most significant issues that happened was the medical record preparedness. I'm going to start with what was the lesson learned. We absolutely need to have better disaster recovery plans for medical records. Let's go back to the fact that the American Hospital Association has said we need to be prepared to run on paper for 30 days. When we all moved to an electronic health record, I say we threw the baby out with the bathwater, and by that I mean we used to have processes in place to digitize large volumes of paper that then became an electronic record for us to manage. When we moved to EHRs like Epic, we no longer had the need to be able to have solid processes to scan, prep, and index large volumes of paper. We still have loose paper, but for the most part, any processes that we had to make sure that we had the ability to manage the paper went out the window. So what I will tell you is with this particular health system, because they did not have processes in place, all you can see when you go into their medical record system right now is one large PDF file that says downtime documents. So if you were in the hospital for the two-week period that this cyber attack occurred, all of your documentation, the notes, the provider orders, the lab results, the radiology interpretation, it is all in this big PDF document that had to be reviewed page by page to pull out the information. They were unable to properly attach that to the patient or to the correct part of the electronic medical record, meaning lab results should be in the lab section, radiology results should be in radiology. That all went out the window. So we really need to look at the challenges that your medical record department has in the ability to digitize paper for one week, two weeks, four weeks, six weeks. I frequently ask my clients if a truckload or multiple truckloads pulled up with paper, do you have the ability to digitize this and get that back into your system so that we can restore that legal medical record? We had huge issues with incomplete medical documentation. If we think about it, a lot of the providers who are working today have not had to do any documentation on paper, and so they didn't have any foundation, and they really didn't have any resources that were going to be working with these providers or the clinicians to make sure that they were documenting everything appropriately. So there were large gaps in the documentation that we just were never able to recover. Lesson learned number two, the level of care. And some people look at us when we say that, right? This was a huge issue. The lesson that we learned is the importance of standardizing documentation procedures. We need to be able to recreate that visit in our paper, and the ability for the doctors to capture, to collect the order, and the movement of the patient became very, very difficult. And that's critical because it does drive charges, but it is also something that we have to have in that legal medical record in case that record is ever requested. So we need to have the orders as to the movement of the patient and the movement of the levels That will help us attach the right charge, whether it's an observation charge, whether it's a med surge charge, or an ICU, and it also helps us to be able to recreate the care that we gave to that patient. The other issue that we had with documenting level of care is we had patients that sat in observation status for extended periods of time. You had patients sitting in observation for six, seven, eight days. They got lost because we didn't have the systems there to flag to us that this patient needed to be moved into an inpatient level of care. We needed to get an updated order. We need to notify the payer that they are there and now moving into an inpatient level of care. And essentially, that is a lot of lost revenue. Those, we pretty much decided there wasn't a whole lot we could do because they were discharged. We cannot go back and make any adjustments, but we had significant issues with the provider documentation and the management of the patient flow through level of care. Clinical documentation, going deeper into this, the lesson learned is that we have a huge need to do comprehensive training for the clinical staff. One of the things we've discovered with a lot of clients is that most of the time when we do downtime, we do it on third shift. We know about it. And there's just a handful of people who really know how to operate during downtime. So we really haven't given our staff the tools and the training that they need to be successful if they were to walk in during normal business hours and their systems are down. A lot of organizations have eliminated forms committee. So we don't have standard in counter forms. And we've really moved away from being having anything barcoded. So when we were looking through the clinical documentation, we had a lot of discrepancies and gaps in that patient care record. And those of us who live and breathe revenue cycle, what we will say to you is not documented, not done. And the chart and the bill need to be able to recreate the care that we gave to the patient. It's telling the story of how our clinicians took care of that patient. And there were just huge gaps in that. And understandably so because they didn't have downtime standard documentation. They had not been trained on how to document during downtime. And we didn't have the resources to deploy during that two week downtime to go to 17 hospitals and to all the departments to teach them how to do it. That in turn had a huge, huge impact on our ability to capture charges. At the end of the day, clinical documentation is what drives our charges. If we don't have that clinical documentation, we are unable to pick up a charge. We cannot assume some sort of care was given. Another footnote that I will tell you is the payers were not necessarily good players either because they knew this organization had suffered a catastrophic cyber attack. The bills as they were being released were being selected for audits because they were, in my opinion, counting on the fact that we might have missed a few steps and they would be able to take back some payments or deny care completely or deny our bill completely. Keeping going in the charge capture, the implementation of backup charge capture systems is really non-existent. I'm going to get into this example in a little bit, but I want to walk you through an example of one department for a single hospital. There's a hospital that we work with and they do 20,000 pharmacy scripts a day. They do approximately 25,000 to 30,000 lab tests a week. Let's really hone in on lab. If you were down for four weeks, and that's what the American Hospital Association has said we should be prepared for, the thing that creates a charge in the lab is the result. Let's use Epic as an example. In Epic, you need to have really three things that's going to make that charge drop onto a bill. If we can't recreate it when the systems are back up, then we're going to have a challenge, which almost everybody does. We need to have a lab rec, the order that has to be in the system. We have to have the lab results, but we also need to have the specimen number that ties the two together, which is ultimately going to drop the charge onto the bill. If we don't have mechanisms to get 30,000 times four lab recs in, specimen numbers entered, and lab results pushed back over, we're not going to be able to pick up any lab charges. Because we didn't have systems to capture charges, there were huge errors and omissions, and there was financial impacts due to the inadequate processes. I want to play out the lab a little bit more for you guys. Let's talk about a four, five, or six-week downtime. When we're working with hospitals, one of the things we want to know is how long are your subsystems, your lab subsystems, going to maintain that result? Because when the systems are restored, we need the results to push back over. Almost every subsystem is going to have some sort of a data limitation. We need to start thinking about what are we going to do when our subsystems are now hitting that memory issue, and we're potentially going to purge lab results that have not made it back into our EHR because our systems are still down. This downtime, when you're thinking of it from the terms of financial resiliency, it really takes on a lot of tentacles that goes into clinical operations because, again, not documented, not done, we need to be able to understand the care that was given so that we can charge for it, and you get to root causes about, well, we may have a situation where our laboratory subsystem is not going to maintain those results, and we're potentially going to lose those. We need to think about that now and not when we're in the middle of chaos. With this organization, significant financial impact. Aside from everything else that I think we're still going to take a year or two to figure out what was the true negative financial impact, what I can tell you is the impact on the revenue cycle. They ended up spending around a half a million to three quarters of a million a month on consultants and outside people to help them recreate charges, capture bills, look through the medical records to make sure we had a compliant medical record and that everything was in there. Lots of delays in payment, lots of lost revenue, the need for immediate access to resources who can go through and look at a medical record and review claims for accuracy, that's a big ask these days. Then, like I said, a huge amount of money that was spent on outside labor to get these claims out the door. Let's pivot. I've told you a horror story about an organization and something real that they went through. I've talked to actually a couple other organizations that suffered a cyber attack and their stories line up like our client's story. We really want people to do a cyber resiliency assessment. This is through a new lens. One of the things that we frequently talk about is that you may have, up till this point, looked at what you're doing in the area of cybersecurity and feel like that has been sufficient and that that was protecting you. We may look at it today in 2024 and as we head into 2025 and say, wow, we have a lot of exposure. The reason for that is that we need to say the landscape has changed. I think the first time we saw a major cyber attack on a hospital, we said, jeez, bad luck, right? Glad that wasn't us. Then we saw more and more. I've talked to a lot of experts. I've talked to a lot of attorneys. I've asked this question. I said, did the decision for Change Healthcare to pay that ransom actually make us more of a target? Everybody believes yes. They were able to successfully disrupt our operations and they were able to successfully get a huge payment for that ransom. Now we need to do a cyber resiliency assessment and we have to set ourselves up for we may find areas of exposure and risk that we did not know about before because we're looking at it through a different lens of not how do we prevent an attack, but how do we prepare ourselves to operate when we are attacked? So let's walk through the components of a cyber resiliency assessment. So the first is to really do a thorough assessment of all your processes impacting billing. I'm going to tell you that I kind of hone in on a few things. One, it's going to be medical records. Do we have what we need to manage a large volume of paper records and digitize those when systems are up and running and get those indexed to the proper parts of our medical record? Do we have departments that impact the majority of our records? And what I'm looking there is I'm looking at pharmacy, I'm looking at radiology, and I'm looking at laboratory. Then which departments are critical that we're going to have to maintain going forward? And then I'm looking at things like your emergency department areas where we're doing infusion therapy. Let's really look at those areas and all departments, but let's focus in on those high risk ones and say, what is our current downtime procedure? And would this be sufficient to operate one day down, one week down, and all the way up to six weeks? And by doing this, we're really starting to formulate those business continuity plans. So what I will tell you is people are going to get very anxious after you start having these questions about what would you do if you didn't have access to any systems tomorrow? How are you going to manage the schedule, document the care that was given, take care of orders, and then how are you going to get that information back into the system? So once you've done that thorough assessment, we really need to then start looking at our ability to recover from these events. So one's going to be, what's our current business plan and downtime procedures? What are we going to do to recover from that? So looking at our current disaster recovery and response plans, most of them are not going to be sufficient right now. I think this is an area of weakness for almost every hospital across the country. I applaud those organizations that are actually starting to do a deep dive into this. And let's determine our capacity to handle and recover from that cyber attack. Are there things that you can do now to make sure that you wouldn't need to call in a cavalry to have your back to get claims out the door? And then finally, it's really looking at those business continuity plans with a focus of financial resiliency. So not just through the lens of patient care, that always should be our number one concern. But second, financial resiliency. How are we going to get this done and recovered quickly? So we have to create comprehensive strategies, not only to maintain operations during a disruption, but also after. So I frequently tell people one of the things with revenue cycle in stable state is that the relationship with the patient tends to be much longer than the clinical relationship. And I will say the same thing about a cyber attack. The impact on the clinical departments, it is going to be far more significant to your revenue cycle than it is for the clinical departments. In the moment, it's going to be significant. But nine months later, when they're back to stable state and taking care of their patients and operating normally, we are still recovering from all the disruption. You need to focus on how are you going to recover quickly. We're also encouraging people to start looking at your managed care contracts and putting clauses in there for cyber attacks, and how are you going to work with those payers. And then finally, we really want people to look at doing regular training and drills for their organizations. We have to put this into some sort of a muscle memory where we do drills. So that way, when the moment comes and we are told by our CISO that this is real, it is not a drill, that we have that moment of, you know, all that we say in our head, but then we turn around and we go to all our training and we're able to handle our operations. So when it comes to enhancing your medical record preparedness, I really do want people to start here. We do need to be looking at our clinical departments, but the first thing I want you to look at is let's make sure medical records has what they need to be successful. We need to implement disaster recovery plans that focus on the need for them to have truckloads of paper and get that back into the system. This may mean for organizations that we need to look at, go through all of our forms that are currently out there, make sure that they're up to date. We might need to look at the process of doing barcodes. That way, each form can be barcoded so we can properly index it, and we really need to go through and make sure that we've got it documented on exactly how are we going to do this. So we need to make sure that whatever the process is, that it's going to allow them to quickly digitize records. The other footnote that I'm going to put on here for each and every one of you is that it's pretty common these days for people to either one have their coders no longer on site so completely dependent upon the electronic health record or it could be overseas. I know a lot of hospitals that have outsourced their coding to the Philippines so there is not going to be any ability if you have remote coders or offshore coders to even do the coding from the paper records while we're down. So we need to think through that process too but the first thing that we need to do is how are we going to get these records back into the system and then let's train our staff on these emergency procedures for medical record maintenance. If you have documentation from before your EHR you happen to have an old school person who's been hanging around for a while let's get them back to the table and talk about how did we do this before we moved to an electronic health record and let's go back through and start to recreate some of those downtime processes. After that we're looking to start standardizing your documentation. So we've got the processes for the medical records department to start digitizing large volumes of paper. The way we make this easier is if we go through a whole review of the documentation that we have and we start developing standardized procedures. So as part of this we've looked at our forms. We've got an inventory of it. We've now got bar codes. Now let's start creating standard procedures so those clinical departments know how to use these forms. When we were looking at the medication administration records we were having to flip those suckers, zoom in. It was a complete nightmare and everybody had their different interpretations of how to do it. They need to be told this is how you document on this particular form and these are the elements that are crucial for it. We need to then have real-time backup documentation tools so that we can reduce the errors. The first thing we need to do is operate on paper but the second thing we need to do is see how can we supplement what would be paper processes during downtime with some sort of an automated tool. Then again we need to incorporate training and ongoing training to each of our providers in clinical areas on how to capture that accurate documentation during downtime. Then we're going to focus in on those documentation practices and really enhance the training program utilizing technology to streamline the documentation. There are definitely tools out there that can help. You're going to want to conduct some regular audits so that you can ensure compliance and accuracy. To optimize the charge capture process we're looking at organizations and encouraging them to adopt these automated backup systems for accurate and timely charge capture so that we're reducing the reliance on paper. The paper chart will be your legal medical record but there are tools out there that can help you so that you're not keying in 30,000, 60,000 lab orders and 30,000, 60,000 specimen numbers. Implementing regular reviews and audits of your charge capture process. So it's important even during normal time that we evaluate our charge capture processes and it's even more important that we do downtime drills and we evaluate their ability to go completely on paper and then use that information to train them on best practices. It's always been a pain point for those of us in revenue cycle is that we know we have revenue leakage because we haven't captured everything. It's going to become even more important during downtime. And then strengthening our financial resiliency. It is having then a solid comprehensive financial plan at the end of the day. And then thinking in advance can we have a dedicated team for crisis management and financial recovery. It would be my recommendation that you have a team that covers clinical, financial, and all areas of the hospital that really become your experts that are going to be out there helping when the time comes. We can train people quarterly or biannually but at the end of the day if we don't use it we're really not going to remember it. So we're going to want to have a core team that's part of this financial resiliency plan. And again really constantly reviewing and updating your contingency plans because as your system changes you're going to want to make sure that your resiliency plans change as well. So some of the key points before we go to the next section is you need to be prepared that you will be the victim of a cyber attack and it will cause severe disruptions. Hope is not a strategy in this one. We should do everything we can to prevent the attack but what we need to do is we need to prepare for severe disruptions. By doing that we need to really hone in on those preparedness gaps. Where are we at risk? This is not about getting an A. If somebody doesn't know where their downtime box is, if somebody hasn't submitted their downtime audits to IT regularly, if somebody doesn't know how to log into their downtime computer, we need to know that now and be able to rectify that and not in the middle of chaos. So I've seen a lot of organizations get a little bit punitive when you're doing a preparedness gap and going how did you not know where your downtime box was. That's not the time or the place. The fact that we identified that a department did not know where it was or that the documents had not been updated for several years is a finding and now we need to rectify that and have a process in place that we make sure it stays up to date. And then let's really think about this financial impact and the cost that it's going to take for you to do this preparedness assessment is going to be so minor compared to what it would cost you to try to recover in case you did have a cyber attack. So it may require you to invest with your people to take them out of their operations and really focus on this as an initiative. You may make the decision that you want to bring in some outside consultants. For a single hospital, we believe it is about 2,000 hours that you would need to invest to do the preparedness assessment and go through the preparedness gaps and develop the contingency plan. So that's our estimate for a single hospital is it's about 2,000 hours worth of work. So some of the recommendations again, let's really do those cyber resiliency assessments to identify the vulnerabilities, to create strategies and minimize the financial impact. Let's enhance our preparedness by developing those protocols for maintaining and digitizing those medical records. Let's focus on improving documentation in a downtime situation by having standardized provider documentation, by having job aids and doing training. Let's strengthen our charge capture by looking for possible tools and technology that can be deployed in a downtime and having protocols and job aids to help them. And then really let's do a complete review to say, would we be able to financially recover if we had a downtime from the ability to make sure that we hit complete documentation, reconcile charges and make sure that we're in compliance with everything. So before we go into any questions, I really wanted to walk through a scenario that we've recently done with a standalone hospital. And this is a health system again, that did 20,000 scripts a day, about 25 to 30,000 lab visits a day. And according to them, they do about 70,000 claims a month. Their average daily net revenue was approximately $4 million. And so what the exercise that we did with them and that we encourage you to do is if we were down for one day, what is the number of people and what is the potential financial impact? So one of the things that you should set as an expectation is that when our systems recover, we should be able to try and get those claims reviewed and out the door within a two week period. I think that is a very reasonable idea to have. Now execution of that becomes very complex. What we said to the organizations, the lessons learned from the hospital in the Midwest was that a seasoned revenue integrity person could possibly only review 15 to 20 charts a day. So some of the issues that I said I would circle back to is let's start with pharmacy. The medication administration record was very difficult to reconcile and for us to capture the pharmacy charges. Because a large majority of these hospitals were 340 B, the need to capture all pharmacy charges was incredibly high. For the non 340 B hospitals, we made decisions that I think you should think about in advance and not while you're in the middle of chaos is that we're going to focus on high dollar drugs, which are typically the ones with a revenue code 636. So approximately 60% of all claims that were being reviewed by these 50 plus revenue integrity people had some sort of a pharmacy issue on them. And it required a lot of review of that big giant PDF to go through and try to pull out what was going on and then try to interpret the medication administration record. And then I talked about lab and the fact that you need to get the orders back in the system, you need to have the results flow through, and you need to be able to tie that with a specimen number typically for their downtime procedures. And even if you're down for one week, manually keying in 30,000 lab requisitions, 30,000 specimen numbers is very is going to be a daunting task. By our estimations for this particular health system, if they were down one day, they would probably need about five people dedicated to reviewing records to make sure that they would go out the door. If they were down for a week, that number starts to grow and escalate. And then when we get to about one month of downtime, four weeks, it was up to over 180 people would be needed to review the medical records to capture all the charges and to review the compliance with orders. And so that quickly starts to tie up your revenue. And everybody is very sensitive these days with slipping margins and days cash on hand. So we encourage everybody to kind of go through that exercise of looking at your current volumes and applying the two underlying assumptions that you would want to get your claims out the door within two weeks of your systems being recovered, and that it probably would take a seasoned revenue integrity person manually about 15 to 20 records a day. You apply those assumptions, and then you calculate your net revenue impact. And you're really going to start to see how quickly this can escalate for an organization. So I'm going to pause there. I want to maybe turn it over to see if we have any questions from any of the participants so far, Lindsay. Perfect. Thank you so much, Valerie. I don't see any pending questions at this time. So if you do have any questions, go ahead and be typing those into the Q&A option found there at the bottom of your Zoom window. Or if you don't see that option on your screen, you can of course just utilize the chat and type in your questions for Valerie as well. Yeah, I was going to while we're waiting to see if anybody has questions, there are definitely a lot of free resources out there too for hospitals and health care organizations, particularly rural hospital organizations to have access to, we're talking about the prevention side of the house, to do free penetration testing. So please be going out there and looking for those opportunities as well. We also hear that there's going to be grant money that may be coming through that could possibly pay for some of your preparedness and resiliency initiatives. So keep your eyes out for some grant money too. I understand that money is definitely precious and we want to make sure that we are good stewards of every single dollar. So going out there to try to find any way to help you guys be prepared. We're always on the lookout for grant money too and we make sure our clients are aware if we see anything that could possibly help them cover some cyber consulting services. Perfect, thank you for sharing those resources with us. I do see one question that just came in here asking about the recording and Valerie, are we able to share a PDF copy of the slides? Absolutely. With everyone for today? Yes. Okay, perfect. So we'll make sure that you all get a copy of that following today's presentation and with that I'll go ahead and just make a couple of comments here. So you will all receive an email tomorrow morning. Just note that it will come from educationnoreplyatzoom.us and so because it does come from that Zoom email address, it very well may get called in your spam, quarantine, your junk folders. So if you don't see that in your inbox in the morning, I would first encourage you to go check those additional folders. Maybe mark that email as a safe sender so that you do get those emails in the future if you join our webinars often. But included in that email will be a link to the full recording of today's presentation and then as we get the slides from Valerie, I'll make sure that you have a PDF copy of the slides as well in that email. And then if you're joining us, especially as a member of the Georgia Hospital Association, please pay special attention to that final link that was included in that email tomorrow morning and that'll be a link to a survey. If you click on that and complete the information, then you'll receive the certificate of attendance and additional information regarding continuing education credits that are offered today. And if you're joining us as a member of a partner state hospital association, please reach out to your contact within your association to obtain any information that they are offering regarding continuing education credits for today's session as well. And the recording is available for 60 days from today's date. We do have an additional security measure in place so that we're protecting Valerie's intellectual property here. So when you click on that Zoom link, you'll need to just enter your information that will prompt an email to come to us for approval. We do approve those requests very quickly, but we ask that you give us one business day to approve those recording access requests. And then again, you'll have full access to the recording for 60 days from today's date. And Valerie, is your contact information included in the slides? If they have any additional questions? I will make sure that it is before I send the PDF over to you. Perfect, perfect. So if you do have any questions and you want to reach out to Valerie directly, we'll make sure that you have that in the email tomorrow as well. And if not, if you'd like just reach us for any other questions, you can always reach out to us at education at gha.org. And we'll be happy to get those questions over to Valerie and get her responses over to you as well. Okay, Valerie, I don't see any pending questions at this time, but this information is of course very timely and we just so appreciate you for presenting this and sharing your knowledge with us. And thank you all for joining us today. And we hope to have you back with us for future sessions. Thank you so much, Valerie. I hope you all have a wonderful afternoon. Thank you. I appreciate it. Thank you. Bye-bye.

cyber resiliency

healthcare

revenue cycle consulting

disaster recovery

cyberattack preparedness

financial recovery strategy

crisis management

contingency planning