Your Complete Policy Management Partner
Everything your healthcare organization needs to confidently maintain accreditation compliance.
Robust document control and workflow management software solution
Simplify & automate policy access, review and approval across your organization
Web-based library of more than 18,000 customizable policy documents
Instantly access up-to-date policies, procedures & forms authored by MCN experts
Automated regulatory notification system of daily email or mobile alerts
Keep current with regulatory changes from more than a dozen federal regulatory bodies, including TJC & NIAHO
What Our Customers are Saying
MCN Healthcare has been indispensable to our accreditation compliance efforts. With Policy Manager, Policy Library and StayAlert!, we have peace of mind that our policies will always be up-to-date and easy to locate.
Beverly McKenzie, Compliance Programs Director, IASIS Healthcare
Helpful MCN Healthcare Resources
The U.S. Food and Drug Administration (FDA) is informing health care professionals of a Class I Recall of Endologix, Inc.'s AFX Introducer System Model S17-45 due to reports of the dilator breaking during procedures.
The AFX Introducer System is intended to help introduce catheters and other medical devices into blood vessels during procedures with minimal blood loss. This recalled product was distributed and manufactured from April 1, 2013 through April 30, 2013 and distributed in the U.S. only in Florida, Indiana, Michigan, New Hampshire, New Jersey and New York. Affected lot numbers include 1079840, 1079843, 1079844, 1079845.
On May 13, 2013, Endologix sent its customers an Urgent Medical Device Recall Notice letter stating "Do not use or further distribute any affected product." The firm also instructed their customers to share this information with physicians who perform these procedures at their facilities. On May 21 the firm expanded the recall by mailing a recall notification letter to an additional customer. Customers may contact the firm with questions at 1-800-983-2284.
Read the complete MedWatch Safety Alert, including a link to the Recall Notice, at the link provided below.
The U.S. Food and Drug Administration (FDA) is investigating two unexplained deaths in patients who received an intramuscular injection of the antipsychotic drug Zyprexa Relprevv (olanzapine pamoate). The patients died 3-4 days after receiving an appropriate dose of the drug, well after the 3-hour post-injection monitoring period required under the Zyprexa Relprevv Risk Evaluation and Mitigation Strategy (REMS). Both patients were found to have very high olanzapine blood levels after death.
Under the REMS, patients are required to receive the Zyprexa Relprevv injection at a REMS-certified health care facility, to be continuously monitored at the facility for at least 3 hours following an injection, and to be accompanied home from the facility. The Zyprexa Relprevv label contains warnings about the risk of post-injection delirium sedation syndrome (PDSS), a serious condition in which the drug enters the blood too fast following an intramuscular injection, causing greatly elevated blood levels with marked sedation (possibly including coma) and/or delirium
The FDA is providing this information to health care professionals while it continues its investigation. If therapy with Zyprexa Relprevv is started or continued in patients, health care professionals should follow the REMS requirements and drug label recommendations. Patients and caregivers should talk to their health care professional(s) about any questions or concerns.
Healthcare professionals and patients are encouraged to report adverse events or side effects related to the use of these products to the FDA's MedWatch Safety Information and Adverse Event Reporting Program.
Read the complete MedWatch Safety Alert, including a link to the Safety Communication, at the link provided below.
FDA Issues Safety Communication and Guidance on Cybersecurity for Medical Devices and Hospital Networks
The U.S. Food and Drug Administration (FDA) is recommending that medical device manufacturers and health care facilities take steps to assure that appropriate safeguards are in place to reduce the risk of failure due to cyberattack, which could be initiated by the introduction of malware into the medical equipment or unauthorized access to configuration settings in medical devices and hospital networks.
According to the FDA, many medical devices contain configurable embedded computer systems that can be vulnerable to cybersecurity breaches. In addition, as medical devices are increasingly interconnected, via the Internet, hospital networks, other medical device, and smartphones, there is an increased risk of cybersecurity breaches, which could affect how a medical device operates.
Recently, the FDA has become aware of cybersecurity vulnerabilities and incidents that could directly impact medical devices or hospital network operations, including:
- Network-connected/configured medical devices infected or disabled by malware;
- The presence of malware on hospital computers, smartphones and tablets, targeting mobile devices using wireless technology to access patient data, monitoring systems, and implanted patient devices;
- Uncontrolled distribution of passwords, disabled passwords, hard-coded passwords for software intended for privileged device access (e.g., to administrative, technical, and maintenance personnel);
- Failure to provide timely security software updates and patches to medical devices and networks and to address related vulnerabilities in older medical device models (legacy devices);
- Security vulnerabilities in off-the-shelf software designed to prevent unauthorized device or network access, such as plain-text or no authentication, hard-coded passwords, documented service accounts in service manuals, and poor coding/SQL injection.
The FDA is not aware of any patient injuries or deaths associated with these incidents nor do they have any indication that any specific devices or systems in clinical use have been purposely targeted at this time. The FDA has been working closely with other federal agencies and manufacturers to identify, communicate and mitigate vulnerabilities and incidents as they are identified.
The FDA Safety Communication has recommendations for device manufacturers as well as health care facilities.
The FDA is recommending that health care facilities take steps to evaluate network security and protect your hospital system. In evaluating network security, hospitals and health care facilities should consider:
- Restricting unauthorized access to the network and networked medical devices
- Making certain appropriate antivirus software and firewalls are up-to-date
- Monitoring network activity for unauthorized use
- Protecting individual network components through routine and periodic evaluation, including updating security patches and disabling all unnecessary ports and services
- Contacting the specific device manufacturer if there us suspicion of a cybersecurity problem related to a medical device. If unable to determine the manufacturer or cannot contact the manufacturer, the FDA and DHS ICS-CERT may be able to assist in vulnerability reporting and resolution
- Developing and evaluating strategies to maintain critical functionality during adverse conditions.
Prompt reporting of adverse events can help the FDA identify and better understand the risks associated with medical devices. If a confirmed or suspected cybersecurity event has impacted the performance of a medical device or has impacted a hospital network system, the FDA encourages reporting through MedWatch, the FDA Safety Information and Adverse Event Reporting program.
Included with today's notice are policies and procedures related to the FDA Guidance on preventing cybersecurity attacks. Organizations will find that many of the recommendations included in this FDA guidance are already required by existing HIPAA regulations.
Featured Policy Library Manuals
MCN Healthcare’s HIPAA Guidelines Policy and Procedure Manual provides policies and procedures addressing the HIPAA Privacy Rule, the HIPAA Security Rule, Notification of Breach of Protected Health Information (HITECH), and Transactions and Code Sets as mandated by the federal government. Policies and procedures include the changes covered in the Omnibus Final Rule, January 2013.Read more »
The Medical Office Policy and Procedure Manual is cross referenced to Joint Commission standards for Ambulatory Care and Primary Care Medical Homes and NCQA standards for Patient Centered Medical Homes. This manual includes policies that meet OSHA requirements for safety and infection control, Human Resources policies and Medical Office Compliance Plan and much more!Read more »
MCN Healthcare’s Comprehensive Long Term Care Manual contains over 600 policies and procedures that are cross-referenced to Joint Commission standards and CMS regulations. The LTC Manual addresses the following areas: Emergency Management, HR, Infection Control, Information Management, Leadership, Medication Management, Performance Improvement, Patient Care, Medical Records, Resident Rights and Waived TestingRead more »