Category: Tower News

Building a Better Tower – Cybersecurity

February 18, 2021

hands on a keyboard overlaid with a lock symbol to illustrate cybersecurity

Tower has invested in significant cybersecurity initiatives to “Build a Better Tower” for our clients.  I provided a brief overview of those initiatives in a recent article and this week I highlight Tower’s investment in protecting Tower and our clients’ data.

Tower’s Cybersecurity Defenses

Long before COVID-19 came along, bringing a tsunami of cyberattacks, Tower had already proactively strengthened our internal IT defenses.

During the fall of 2019 we partnered with Vigilant Technology Solutions to use a service that combines passive monitoring technology with certified information security analysts. Through a customized deployment of Vigilant’s NDR (Network Detection and Response) and EDR (Endpoint Detection and Response) technology, Vigilant’s analysis engines and human threat hunting has reduced the time to detect and contain threats by 99.97% over the industry average.  Without this kind of 24/7/365 monitoring and action, bad actors can enter a system undetected and stay there for months learning how to circumvent security measures and destroying backup data resources.

The graph below shows the timeline of the recent attack on SolarWinds that ultimately compromised 18,000 through deployed software.  SolarWinds CEO disclosed an updated attack timeline, indicating that hackers had first accessed SolarWinds on September 4, 2019.  SourceSolarWinds blog, January 11, 2021.

But it is not sufficient to protect our own technology. We also educated our clients and others in the industry so they could understand and prevent cyber threats. Vigilant’s CEO Chris Nyhuis joined our VP of Information Technology Jesse Shade and another expert, Rob Kolb of Premier Mindset, for an eye-opening webinar in February.  It’s available on demand. Jesse also wrote two WorkCompWire articles with excellent advice that you can read here and here.

Third-Party Risk Assessments

In addition to ensuring the protection of its internal data, Tower also implemented a Vendor Risk Assessment Process for all third parties that had access to Tower data or networks or housed servers that stored our data. Our philosophy is that we are only as strong as our weakest link.  The result of this assessment is a vendor management process that continuously measures and monitors our partners to ensure that as per the AICPA Trust Criteria, we consistently honor the commitments made to our clients.

These are just a few of the ways that Tower is continually and proactively enhancing our infrastructure, processes and offerings to deliver measurably better services to you.

Rita Wilson,
Chief Executive Officer

 

MSPN Elects Dan Anders as President

February 3, 2021

Dan Anders who was quoted in the Claims Journal

Tower’s Chief Compliance Officer, Dan Anders, has been elected president of the National Medicare Secondary Payer Network (MSPN).  MSPN is the premier organization for individuals, companies and law firms who want to stay apprised of Medicare Secondary Payer compliance developments and collaborate on industry leading education and advocacy efforts.  Check out the news release: Tower MSA Partners Dan Anders Elected President of the National Medicare Secondary Payer Network.

This is the second time in three years Tower has had one of our executives at the helm of this organization.  Our CEO, Rita Wilson, served as president in 2018.

Dan takes office as the organization completes rebranding itself from its former name of the National Alliance of Medicare Set-Aside Professionals (NAMSAP) to the National MSP Network.  Over the years, the Centers for Medicare and Medicaid Services (CMS) expanded its MSP enforcement mechanisms beyond Medicare Set-Asides.  The organization kept pace, adding Medicare conditional payment recovery, mandatory insurer reporting to Medicare, and MSA professional administration and settlement structuring to its education and advocacy initiatives.

Dan looks forward to working with MSPN’s Executive Committee and Board, consisting of the most experienced and knowledgeable professionals in the MSP compliance community, to accomplish the organization’s 2021 goals.

Additionally, he will continue the organization’s positive working relationship with CMS’s Division of MSP Program Operations, which enables MSPN members to ask questions and raise concerns and provide solutions directly with those who develop and implement MSP policy while learning the agency’s reasoning and viewpoint firsthand.

If you would like to learn more about MSPN, please contact Dan Anders at daniel.anders@towermsa.com or (888) 331-4941, ext. 219.

Tower MSA Partners Receives SOC 2 Type I Attestation

August 21, 2020

AICPA SOC logo

Tower MSA Partners has completed its SOC 2 Type I audit. Performed by KirkpatrickPrice, this attestation provides evidence of Tower’s strong commitment to security and delivering high-quality services to its clients by demonstrating that it has the necessary internal controls and processes in place.

A SOC 2 Type I audit provides an independent, third-party validation that a service organization’s information security practices meet industry standards stipulated by the AICPA. During the audit, an organization’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system are tested. The SOC 2 report delivered by KirkpatrickPrice verifies the suitability of the design of Tower’s controls to meet the standards for these criteria.

“Tower’s processes have been technology driven from its beginning with the privacy and security of client data at the forefront of internal policy and procedure development,” said Tower CEO Rita Wilson.  “We are pleased to receive this affirmation from an independent analysis.”

“The SOC 2 audit is based on the Trust Services Criteria. Tower MSA Partners has selected the security and confidentiality criteria for the basis of their audit,” said Kirkpatrick Price President Joseph Kirkpatrick. “Tower delivers trust-based services to its clients and by communicating the results of this audit, its clients can be assured of their reliance on this company’s controls.”

Related Posts

Tower MSA Partners Completes SOC 2 Type II Audit

Forbes Technology Council Welcomes Tower’s Jesse Shade

June 24, 2020

Jesse Shade Portrait

Tower’s Vice President of Technology Jesse Shade has joined Forbes Technology Council, a prestigious invitation-only forum of senior CIOs, CTOs, and technology execs.  Members collaborate to help solve daily business challenges—like cybersecurity threats—and share insights in Forbes.com articles. Read the related release: Tower MSA Partners’ Vice President of IT, Jesse Shade Accepted into Forbes Technology Council

We know Jesse will be a major asset to the Council because he delivers such high value to Tower. Possessing an unusual blend of interpersonal skills as well as hands-on technical expertise, he is responsible for strategic planning and serves on Tower’s executive team.  

Tower designed and built its own technology based on best practices in MSP compliance and MSA preparation.  The seamless system drives all compliance processes from Section 111 Mandatory Insurer Reporting, conditional payment resolution, MSA triage, and clinical interventions all the way through MSA preparation, CMS submission, and claim closure.

To be simple for clients to use, technology has to be quite complex behind the scenes.  That’s where Jesse’s 35+ years of IT experience in numerous industries, including banking, defense and aviation, comes into play. He leads development efforts for our proprietary technology and its network infrastructure all within a cybersecurity framework that protects Tower and its clients and business partners. (To learn more about cybersecurity threats, especially during COVID-19, check out Jesse’s two Leaders Speak articles on WorkCompWire.)

We’re proud that Jesse will be participating in Forbes’ exclusive Technology Council and look forward to seeing his articles in Forbes.com.

Related information

Jesse Shade

Forbes business communities

Tower is Here for You

April 14, 2020

Overhead image of people working at a conference table overlaid with type reading "we are here to help"

While the COVID-19 pandemic represents a new challenge, as a company that has faced its share of hurricanes, we made a seamless transition to working remotely while continuing to serve our partner clients. As our CEO, Rita Wilson recently related, “We Are Here to Help“. While we apologize for the occasional barking dog or screaming child when you call us, you will nonetheless receive the same high level of service that you have come to expect from Tower and which we highlight below.

Expert MSP Consultation

Do I need an MSA?

Are these settlement terms appropriate?

Is a Zero MSA feasible?

How can we reduce the MSA amount?

What are my reporting obligations?

Does a Medicare Advantage plan have a lien?

As always, the Tower Team is readily available to answer these questions and address any other Medicare Secondary Payer compliance concern you encounter when resolving a claim.

Settlement-Driven Pre-MSAs and MSAs

Whether through an MSA or a Pre-MSA Triage, Tower’s clinical team continues to deliver our reports in an average 4 business days.   These reports identify MSA exposure and provide recommendations to address cost drivers and inappropriate care prior to submission of the MSA to CMS. 

Physician Follow-up

Many of you use our crack physician follow-up team that reaches out to treating physician offices to confirm when injury-related medical treatment was completed or clarify the ongoing need for treatment.  Despite some businesses closing, medical offices are either open or available by phone.  If anything, Tower has had even better success at obtaining the needed physician statements since many of these offices are seeing less patients.  This allows us to quickly obtain the necessary medical information and seek prompt CMS approval of the MSA facilitating settlement.

CMS Processes

Thus far, CMS and its various contractors, WCRC for MSA review and BCRC and CRC for Mandatory Insurer Reporting and conditional payment recovery, are responding and completing their services at turnaround times consistent with what we saw prior to the pandemic.

Social Security Verifications

All local Social Security offices have suspended responses to SSDI verification requests because of the coronavirus and Social Security has not announced when it will again respond to these requests.  We assume there will be a significant backlog since these requests are not a high priority for Social Security.  We will of course resume these verification requests when possible. 

Cybersecurity

As has been noted in many publications, the dramatic increase in employees working for home has made conditions ripe for threat actors to infiltrate systems through malware inadvertently downloaded to home laptops via local internet.  More than 2 years ago, Tower made the security of systems and our clients’ data a priority by investing in proactive measures to stop cyberattacks in their tracks.  This protection extends throughout Tower’s network and down to the individual employee working from their home.   

With 24 / 7 detection and response oversight overlaid with 2 factor authentication and managed endpoint services, our systems and data are secure.   All data exchanged between Tower’s systems and remote users is encrypted from the source and monitored through to the endpoint.  If a threat is identified at any point from laptop to server, the transmission is halted, our IT team is immediately notified and the IP address of the source is identified.  

Claim Closure Settlement Projects

Many businesses and injured workers face difficult financial challenges as a result of the pandemic’s economic impact. Tower is working with employers on claim closure settlement projects that mitigate exposure to open-ended medical claims and provide the injured worker with much-needed funds while still protecting their access to future injury-related medical.  Please contact your dedicated Tower account representative to discuss how Tower can coordinate such a project on your behalf.

Multiple Referral Methods

As a result of working from home, you may need to change your referral method.  Tower has multiple methods for making referrals:

  • Via e-mail:  referrals@towermsa.com
  • Via mail:  Tower MSA Partners, 223 NE 5th Ave., Suite 101, Delray Beach, FL 33483
  • Via web portal:  www.towermsa.com (Click refer and compete referral form)
  • Via phone:  (888) 331-4941

If making a referral by phone, e-mail or web, upon receipt, we will provide you a username and password to log in to the TowerConnect portal for secure upload of referral documents.

Note, when you log in to the TowerConnect Portal, you will be directed to enter a phone number to receive a code via SMS or phone call for verification. Additionally, you can download Duo Mobile to your phone to allow you to receive a “push” notification to easily authenticate. Your device can be registered and remembered for up to 7 days. More information is available here: https://guide.duo.com/enrollment

If there is any other way we can assist you, please do not hesitate to contact us at referrals@towermsa.com or (888) 331-4941.

Please keep safe,

The Tower Team!