New water management requirement goes into effect

The Joint Commission’s new standard for water management went into effect Jan. 1. The standard was approved last year to address Legionella and other waterborne pathogens. Previously, EC.02.05.01, Element of Performance (EP) 14 (for hospitals and critical access hospitals) and EP 6 (for nursing care centers), required organizations to minimize pathogenic biological agents in cooling towers, domestic hot- and cold-water systems, and other aerosolizing water systems. These two EPs were deleted Dec. 31, 2021. The new requirement falls under EC.02.05.02, EPs 1–4, and is a more comprehensive standard applying to hospitals, critical access hospitals and nursing care centers. 

CMS ends process for temporary hospital status 

Although the Centers for Medicare & Medicaid Services (CMS) continues to review the need for existing waivers and flexibilities issued in response to the COVID-19 public health emergency (PHE), it has decided to end the flexibility of a streamlined process to allow ambulatory surgery centers (ASCs) and licensed independent freestanding emergency departments (IFEDs) to temporarily enroll as hospitals during the PHE. Effective upon issuance of the memo, no new ASC or licensed IFED requests to temporarily enroll as hospitals will be accepted, the agency states. However, facilities that are temporarily enrolled as hospitals under this flexibility can continue providing inpatient and outpatient hospital services until the health care facility voluntarily ends the program or CMS deems that the program is no longer necessary.

HHS launches web resource on cybersecurity

The Department of Health and Human Services launched a central web resource for information on cybersecurity best practices recognized by its 405(d) program. A legislative provision (H.R. 7898) enacted by Congress this year allows the Department of Health and Human Services’ Office for Civil Rights (OCR) to recognize certain recommended security practices when making determinations related to Health Insurance Portability and Accountability Act audits, fines and resolution agreements associated with a cyberattack, including practices recognized by the 405(d) program. The American Hospital Association has urged OCR to quickly initiate rulemaking for the legislative provision, and strongly advocated for regulatory relief for hospital and health system victims of cyberattacks in testimony before a Senate hearing last year.