Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

Heard at #AHIMACon17: Lessons Learned for HIM – HIM Scene

Posted on October 18, 2017 I Written By

The following is a HIM Scene guest blog post by Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President, Privacy, Compliance and HIM Policy, at MRO.  

The American Health Information Management Association (AHIMA) held its annual convention and exhibit in Los Angeles last week. Beginning with preconvention meetings and symposia, this year’s event delivered a renewed focus on the profession’s stalwart responsibility to protect and govern patient information. Updates for privacy, security, interoperability and information governance were provided. Here is a quick overview of my lessons learned at AHIMACon17.

Privacy and Security Institute

The 11th anniversary of AHIMA’s Privacy and Security Institute didn’t disappoint. Speakers from the HHS Office for Civil Rights (OCR), Federal Bureau of Investigations (FBI) and HITRUST joined privacy and HIM consultants for an information-packed two-day symposium. The most important information for HIM professionals and privacy officers came from the nation’s capital.

Cutbacks underway—Recent defunding of the Chief Privacy Officer (CPO) position by the OCR makes practical sense for the healthcare industry and the national budget. The position has been vacant for the past year, and during this time Deven McGraw successfully served as acting CPO and deputy director for health information privacy. Her imminent departure along with other cutbacks will have a trickle-down impact for privacy compliance in 2018.

Onsite audits cease—Yun-kyung (Peggy) Lee, Deputy Regional Manager, OCR, informed attendees that onsite HIPAA audits would no longer be conducted for covered entities or business associates due to staffing cutbacks in Washington, D.C. The concern here is that whatever doesn’t get regulatory attention, may not get done.

To ensure a continued focus on privacy monitoring, HIM and privacy professionals must remain diligent at the organizational, regional, state and national levels to:

  • Maintain internal privacy audit activities
  • Review any patterns in privacy issues and address through corrective action
  • Use environmental scanning to assess resolution agreement results
  • Review published privacy complaints to determine how to handle similar situations
  • Compare your state of readiness to known complaints

Interoperability advances HIPAA—The national push for greater interoperability is an absolute necessity to improve healthcare delivery. However, 30 years of new technology and communication capabilities must be incorporated into HIPAA rules. Old guidelines block us from addressing new goals. We expect more fine-tuning of HIPAA in 2018 to achieve the greater good of patient access and health information exchange.

Luminary Healthcare Panel

Tuesday’s keynote session was the second most relevant discussion for my role as vice president of privacy, compliance and HIM policy at MRO. Panelists provided a glimpse into the future of healthcare while reiterating HIM’s destiny—data integrity and information governance.

HIM’s role extends beyond ensuring correctly coded data for revenue cycle performance. It also includes the provision of correct and complete data for the entire healthcare enterprise and patient care continuum under value-based reimbursement. The need for stronger data integrity and overall information governance was threaded through every conversation during this session.

Final Takeaway

Make no doubt about it! HIM’s role is expanding. We have the underlying knowledge of the importance of data and the information it yields. More technology leads to more data and an increased need for sophisticated health information management and governance. Our history of protecting patient information opens the door to our future in the healthcare industry.

About Rita Bowen
In her role as Vice President of Privacy, Compliance and HIM Policy for MRO, Bowen serves as the company’s Privacy and Compliance Officer (PCO), oversees the company’s compliance with HIPAA, and ensures new and existing client HIM policies and procedures are to code. She has more than 40 years of experience in Health Information Management (HIM), holding a variety of HIM director and consulting roles. Prior to joining MRO, she was Senior Vice President and Privacy Officer for HealthPort, Inc., now known as CIOX Health. Bowen is an active member of the American Health Information Management Association (AHIMA), having served as its President and Board Chair, as a member of the Board of Directors, and of the Council on Certification. Additionally, Bowen is the chair for the AHIMA Foundation. She has been honored with AHIMA’s Triumph Award in the mentor category; she is also the recipient of the Distinguished Member Award from the Tennessee Health Information Management Association (THIMA). Bowen is an established author and speaker on HIM topics and has taught HIM studies at Chattanooga State and the University of Tennessee Memphis. Bowen holds a Bachelor of Medical Science degree with a focus in medical record administration and a Master’s degree in Health Information/ Informatics Management Technology.

MRO is a proud sponsor of HIM Scene.  If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Waiting For The Perfect “Standard” Is Not The Answer To Healthcare’s Interoperability Problem

Posted on October 16, 2017 I Written By

The following is a guest blog post by Gary Palgon, VP Healthcare and Life Sciences Solutions at Liaison Technologies.

Have you bought into the “standards will solve healthcare’s interoperability woes” train of thought? Everyone understands that standards are necessary to enable disparate systems to communicate with each other, but as new applications and new uses for data continually appear, healthcare organizations that are waiting for universal standards, are not maximizing the value of their data. More importantly, they will be waiting a long time to realize the full potential of their data.

Healthcare interoperability is not just a matter of transferring data as an entire file from one user to another. Instead, effective exchange of information allows each user to select which elements of a patient’s chart are needed, and then access them in a format that enables analysis of different data sets to provide a holistic picture of the patient’s medical history or clinical trends in a population of patients. Healthcare’s interoperability challenge is further exacerbated by different contextual interpretations of the words within those fields. For instance, how many different ways are there to say heart attack?

The development of the Health Level Seven (HL7®) FHIR®, which stands for Fast Healthcare Interoperability Resources, represents a significant step forward to interoperability. While the data exchange draft that is being developed and published by HL7 eliminates many of the complexities of earlier HL7 versions and facilitates real-time data exchange via web technology, publication of release 4 – the first normative version of the standard – is not anticipated until October 2018.

As these standards are further developed, the key to universal adoption will be simplicity, according to John Lynn, founder of the HealthcareScene.com. However, he suggests that CIOs stop waiting for “perfect standards” and focus on how they can best achieve interoperability now.

Even with standards that can be implemented in all organizations, the complexity and diversity of the healthcare environment means that it will take time to move everyone to the same standards. This is complicated by the number of legacy systems and patchwork of applications that have been added to healthcare IT systems in an effort to meet quickly changing needs throughout the organization. Shrinking financial resources for capital investment and increasing competition for IT professionals limits a health system’s ability to make the overall changes necessary for interoperability – no matter which standards are adopted.

Some organizations are turning to cloud-based, managed service platforms to perform the integration, aggregation and harmonization that makes data available to all users – regardless of the system or application in which the information was originally collected. This approach solves the financial and human resource challenges by making it possible to budget integration and data management requirements as an operational rather than a capital investment. This strategy also relieves the burden on in-house IT staff by relying on the expertise of professionals who focus on emerging technologies, standards and regulations that enable safe, compliant data exchange.

How are you planning to scale your interoperability and integration efforts?  If you're waiting for standards, why are you waiting?

As a leading provider of healthcare interoperability solutions, Liaison is a proud sponsor of Healthcare Scene. While the conversation about interoperability has been ongoing for many years, ideas, new technology and new strategies discussed and shared by IT professionals will lead to successful healthcare data exchange that will transform healthcare and result in better patient care.

About Gary Palgon
Gary Palgon is vice president of healthcare and life sciences solutions at Liaison Technologies. In this role, Gary leverages more than two decades of product management, sales, and marketing experience to develop and expand Liaison’s data-inspired solutions for the healthcare and life sciences verticals. Gary’s unique blend of expertise bridges the gap between the technical and business aspects of healthcare, data security, and electronic commerce. As a respected thought leader in the healthcare IT industry, Gary has had numerous articles published, is a frequent speaker at conferences, and often serves as a knowledgeable resource for analysts and journalists. Gary holds a Bachelor of Science degree in Computer and Information Sciences from the University of Florida.

Geisinger Partners With Pharmas To Improve Diabetes Outcomes

Posted on October 10, 2017 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or www.ziegerhealthcare.com.

Geisinger has struck a deal with Boehringer Ingelheim to develop a risk-prediction model for three of the most common adverse outcomes from type 2 diabetes. The agreement is on behalf of Boehringer’s diabetes alliance with Eli Lilly and Company.

What makes this partnership interesting is that the players involved in this kind of pharma relationship are usually health plans. For example:

  • In May, UnitedHealth Group’s Optum struck a deal to model reimbursement models in which payment for prescription drugs is better structured to improve outcomes.
  • Earlier this year, Aetna cut a deal with Merck in which the two will use predictive analytics to identify target populations and offer them specialized health and wellness services. The program started by focusing on patients with diabetes and hypertension in the mid-Atlantic US.
  • Another example is the 2015 agreement between Harvard Pilgrim health plan and Amgen, in which the pharma would pay rebates if its cholesterol-control medication Repatha didn’t meet agreed-upon thresholds.

As the two organizations note in their joint press statement, cardiovascular disease is the leading cause of death associated with diabetes, and diabetes is the top cause of kidney failure in the U.S. population. Cardiovascular complications alone cost the U.S. more than $23 billion per year, and roughly 68 percent of deaths in people with type 2 diabetes in the U.S. are caused by cardiovascular disease.

The two partners hope to improve the odds for diabetics by identifying their condition quickly and treating it effectively.

Under the Geisinger/Boehringer agreement, the partners will attempt to predict which adults with type 2 diabetes are most likely to develop kidney failure, undergo hospitalization for heart failure or die from cardiovascular causes.

To improve the health of diabetics, the partners will develop predictive risk models using de-identified EHR data from Geisinger. The goal is to develop more precise treatment pathways for people with type 2 diabetes, and see that the pathways align with quality guidelines.

Though this agreement itself doesn’t have a value-based component, it’s likely that health systems like Geisinger will take up health plans’ strategies for lowering spend on medications, as the systems will soon be on the hook for excess spending.

After all, according to a KPMG survey, value-based contracts are becoming a meaningful percentage of health system revenue. The survey found that while value-based agreements aren’t dominant, 36 percent of respondents generated some of their revenue from value-based payments and 14 percent said the majority of revenue is generated by value-based payments.

In the meantime, partnerships like this one may help to improve outcomes for expensive, prevalent conditions like diabetes, high blood pressure, arthritis and heart disease. Expect to see more health systems strike such agreements in the near future.

KLAS Summit: Interoperability Doing the Work to Move HealthIT Forward

Posted on October 9, 2017 I Written By

Healthcare as a Human Right. Physician Suicide Loss Survivor. Janae writes about Artificial Intelligence, Virtual Reality, Data Analytics, Engagement and Investing in Healthcare. twitter: @coherencemed

I had the privilege of attending the KLAS research event with leaders in patient data interoperability. From the ONC to EHR vendors- executives from EHR vendors and hospital systems made their way to a summit about standards for measurement and improvement. These meetings are convened with the mutual goal of contributing to advancement in Health IT and improvement of patient outcomes. I’m a big fan of collaborative efforts that produce measurable results. KLAS research is successfully convening meetings everyone in the HealthIT industry has said are necessary for progress.

The theme of Interoperability lately is: Things are not moving fast enough.

The long history of data in health records and variety in standards across records have created a system that is reluctant to change. Some EMR vendors seem to think the next step is a single patient record- their record.

Watching interactions between EHR vendors and the ONC was interesting. Vendors are frustrated that progress and years of financial investment might be overturned by an unstable political atmosphere and lack of funding. Additionally, device innovation and creation is changing the medical device landscape at a rapid rate. We aren’t on the same page with new data and we are creating more and more data from disparate sources.

Informatics experts in healthcare require a huge knowledge base to organize data sharing and create a needs based strategy for data sharing. They have such a unique perspective across the organization. Few of the other executives have the optics into the business sense of the organization. They have to understand clinical workflows and strategy., as well as financial reimbursement. Informatics management is a major burden and responsibility- they are in charge of improving care and making workflows easier for clinicians and patients. EMR use has frequently been cited as a contributor to physician burnout and early retirement. Data moving from one system can have a huge impact on care delivery costs and patient outcomes. Duplicated tests and records can mean delayed diagnosis for surgeons and specialists. Participants of the summit discussed that patients can be part of improving data sharing.

We have made great progress in terms of interoperability but there is still much to be done. Some of the discussion was interesting, such as the monumental task the VA has in patient data with troop deployment and care. There was also frank discussion about business interests and data blocking ranging from government reluctance to create a single patient identifier to a lack of resources to clean duplicated records.

Stakeholders want to know what the next steps are- how do we innovate and how do we improve from this point forward? Do we create it internally or partner with outside vendors for scale? They are tired of the confusion and lack of progress. Participants want more. I asked a few participants what they think will help things move forward more quickly. Not everyone really knows how to make things move forward faster.

Keith Fraidenburg of CHIME praised systems for coming together and sharing patient data- to improve patient outcomes. I spoke with him about the Summit itself and his work with informatics in healthcare. He discussed how the people involved in this effort are some of the hardest working people in healthcare. Their expertise in terms of clinical knowledge and data science is highly specialized and has huge implications in patient outcomes.

“To get agreement on standards would be an important big step forward. It wouldn’t solve everything but to get industry wide standards to move things forward the industry needs a single set of standards or a playbook.”

We might have different interests, but the people involved in interoperability care about interoperability advancement. Klas research formed a collaborative of over 31 organizations that are dedicated to giving great feedback and data about end users. The formation of THE EMR Improvement Collaborative can help measure the success of data interoperability. Current satisfaction measures are helpful, but might not give health IT experts and CMIOs and CIOs the data they need to formulate an interoperability strategy.

The gaps in transitions of care is a significant oversight in the existing interoperability marketplace. Post acute organizations have a huge need for better data sharing and interorganizational trust is a factor. Government mandates about data blocking and regulating sharing has a huge impact on data coordination. Don Rucker, MD, John Fleming, MD, Genevieve Morris and Steve Posnack participated in a listening session about interoperability.  Some EMR vendors mentioned this listening session and ability to have a face to face meeting were the most valuable part of the Summit.

Conversations and meetings about interoperability help bridge the gaps in progress. Convening the key conversations between stakeholders helps healthcare interoperability move faster. There is still work to be done and many opportunities for innovation and improvement. Slow progress is still progress. Sharing data from these efforts by the KLAS research team shows a dedication to driving interoperability advancement. We will need better business communication between stakeholders and better data sharing to meet the needs of an increasingly complex and data rich world.

What do you think the next steps are in interoperability?

How to Balance Privacy, Security and Quality with Offshore Coding: Three Critical Caveats for HIM – HIM Scene

Posted on October 4, 2017 I Written By

The following is a guest blog post by Sarah Humbert, RHIA, ICD-10 AHIMA Certified Trainer, Coding and Compliance Manager, KIWI-TEK. If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Prior to ICD-10 there was a shortage of domestic coders, making offshore services a necessity for many organizations. But in a post ICD-10 environment, experienced U.S. coders are more readily available and accessible. Domestic coding services are still considered best practice by most HIM professionals. In fact, 72 percent of hospital respondents outsource more than half of their coding needs according Black Book’s October 2016 Outsourced HIM Report.

While acceptance of offshore coding services has grown there are important caveats for HIM professionals to know according to the Black Book report. Price isn’t everything when it comes to protecting your patient’s privacy and your organization’s financial performance. Additional offshore concerns continue to be reported by U.S. hospitals and health systems:

  • Increased audit costs
  • Higher denial rates
  • Missed procedure codes

As Black Book states, it is imperative for offshore coding companies to tighten processes in three key areas: privacy, security and quality. With ransomware on the rise, hospitals, health systems and medical groups have greater levels responsibility to fully assess their business associates—especially those using protected health information (PHI) offshore.

Because of these concerns and those mentioned above, HIM professionals must carefully explore, vet and secure detailed service level agreements prior to even considering the offshore option. This month’s blog lays out three critical caveats to consider and weigh against the proven value of domestic coding services.

Verify and Test Privacy and Security for Offshore Coding

The first step for HIM professionals is to understand the annual attestation requirements. Originally required by CMS for Medicare Advantage (MA) plans, the following annual attestations have become best practice for healthcare provider organizations and other covered entities (CEs) working to protect PHI.

  1. Provide notice to CMS—30 days prior to beginning the contractual relationship—that offshore contractors will be used, providing CMS an opportunity to review and raise an objection if warranted.
  2. Sign an annual attestation to accurately report to CMS the use of any offshore contractors.

For example, if a hospital wants to use a coding or billing company with personnel located offshore, it must submit the initial notification, receive no objections from CMS, and then annually attest that protections are in place with the offshore vendor.

Beyond the two-step attestation process, HIM professionals must take the following five precautionary steps with all offshore HIM services vendors.

  • Discuss any offshore contacts with your legal counsel and the vendor prior to signing.
  • Include language to indicate that onshore vendors will not subcontract with offshore vendors or coders.
  • Make sure your vendors are aware of attestation rules and take precautions to safeguard PHI.
  • Obtain cybersecurity insurance that includes coverage for potential breaches of offshore data.
  • Identify any other clinical services that may be provided offshore, such as coding audits, and consult your legal counsel to determine if that service should be identified in the attestation.

Rigorous due diligence of offshore coding vendor privacy and security safeguards ensures HIM professionals are doing their part in reducing PHI breaches and ransomware attacks in healthcare. Six states went a step further by prohibiting Medicaid members from sending any PHI offshore: Arizona, Ohio, Missouri, Arkansas, Wisconsin and New Jersey. If your state provides healthcare services in any of these states, additional review by legal counsel is mandatory.

Watch Offshore Coding Quality

The second area for concern with offshore medical record coding services is accuracy.

Offshore coders are mostly former nurses or other well-educated candidates. Although global coding staff speak English and are highly competent, they may not be well trained in self-directed chart interpretation.

Our clients often report international coding accuracy concerns and the need for additional audits, higher denials and missed procedure codes—especially as global coders expand beyond relatively simple and repetitive ancillary testing and radiology cases. In fact, 22 percent of HIM executives continue to shy away from a non-U.S. workforce, according to Black Book.

When it comes to coding quality, here are five recommendations to measure, monitor and manage accuracy prior to engaging an offshore coder.

  • Confirm who is actually doing your coding initially, and after each month into the services engagement.
  • Know global coders’ credentials, testing results and accuracy scores.
  • Verify that less experienced coders aren’t engaged following the initial work assignment.
  • Conduct a minimum of monthly coding audits to quickly identify and correct any negative trend or patterns.
  • Refuse to accept lower quality standards for offshore coding.

Re-evaluate Your Options

The medical record coding industry has shifted. Now is the time to re-evaluate the risks and returns of offshore coding services—keeping privacy, security and quality top of mind.

About Sarah Humbert
Sarah serves as the manager of coding and compliance at KIWI-TEK, a 100% domestic coding and audit services company. She is responsible for coding quality control—accuracy, turnaround time and compliance.

Sarah oversees all coding processes, including coders’ performance, credentials and recurrent testing. She is a member of AHIMA, IHIMA, CHIMA, and she is also a Certified ICD-10 AHIMA trainer. Sarah has worked in a variety of health information management positions for Health Care Excel, MedFocus and St. Vincent Health System.

Kiwi-Tek is a proud sponsor of Healthcare Scene. If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Digital Health is Dead! Long Live Digital Health!

Posted on October 2, 2017 I Written By

Colin Hung is the co-founder of the #hcldr (healthcare leadership) tweetchat one of the most popular and active healthcare social media communities on Twitter. Colin speaks, tweets and blogs regularly about healthcare, technology, marketing and leadership. He is currently an independent marketing consultant working with leading healthIT companies. Colin is a member of #TheWalkingGallery. His Twitter handle is: @Colin_Hung.

Rob Coppedge, CEO of Echo Health Ventures recently wrote a provocative post for CNBC proclaiming that digital health is dead.

As evidence, Coppedge cited the work of Rock Health that shows $16 Billion in VC funding has gone to approximately 800 digital health companies since 2014 (note: Rock Health tracks VC deals >$2M for US-based digital health companies). He argued that in order for these VCs to see their expected returns, the entire digital health market would have to triple in value by 2021 – well beyond current projections. Coppedge’s conclusion was that fewer and fewer VC deals in the digital health space will happen in the years ahead – effectively signaling the death of the market.

Although I don’t agree with Coppedge’s claim that that digital health overall is dead, I do concur with his observations and commentary on why VCs may exit the space. Here are some of his lessons learned after investing in digital health:

  1. Better mousetraps are not enough. Inadequate attention was paid to solving how to go to market.
  2. Ill-equipped for enterprise health care. Subject matter expertise, outcomes measurement and political savvy is needed in healthcare – which is rarely necessary in star-ups targeting other industries.
  3. Consumers and patients are not the same. Unlike consumers, patients may not be the ones paying for the service they receive. Plus, engaging individuals in their health is surprisingly difficult and low engagement is common.
  4. Healthcare sales cycles are slow and industry adoption is measured. Growth expectations need to be tempered.
  5. DC is not to blame for stalling digital health. There is no evidence that supports the theory that healthcare innovation has stalled because of the uncertainty surrounding funding and regulations.

For long-time readers of this publication, the list above states the obvious.

Technology alone has never been enough to guarantee success in healthcare. Not only do healthcare customers need evidence a company’s solution actually works, they also need to help through (and beyond) the implementation of the technology. For companies, this often means creating new workflows that incorporate the new technology and helping their client’s staff adjust to those changes. Digital health companies cannot simply activate an account then foist self-serve instructional videos onto clients and expect success.

For me Coppedge’s post reaffirmed something I have long believed – Success in healthcare IT/digital health takes effort. Not only do you need a good product that actually solves a problem, you need a dedicated team of individuals who are healthcare-savvy that can help you navigate the complex health ecosystem. You need people on your team who are truly passionate about and dedicated to improving healthcare – those are the people with staying power and who will help you ride through the frustrating slow pace of change.

In my opinion, digital health is far from dead. It is evolving and changing. The influx of VC money has brought in smart, enthusiastic risk-takers from other industries who have now gotten a sobering dose of cold water dumped on them. Now that many companies are waking up to the reality that it takes years to become an overnight success in healthcare, we will see more consolidation and flame-outs in digital health. To me this potential turmoil represents an evolution of the market rather than a death spiral. The easy money and opportunists will soon be making an exit – leaving the market wide open for true believers and passionate hard workers.

How to Train Business Office Staff to Perform Like ROI (Release of Information) Pros – HIM Scene

Posted on September 27, 2017 I Written By

The following is a HIM Scene guest blog post by Mariela Twiggs, MS, RHIA, CHIP, FAHIMA, National Director of Motivation & Development at MRO.  This is the third blog in a three-part sponsored blog post series focused on the relationship between HIM departments and third-party payers. Each month, a different MRO expert will share insights on how to reduce payer-provider abrasion, protect information privacy and streamline the medical record release process during health plan or third-party commercial payer audits and reviews.

Millions of payer requests for medical records are sent to hospital business offices every day. Business office staff are often tasked with pulling, compiling and sending Protected Health Information (PHI) to meet these requests.

Many payer requests are part of treatment, payment and operations (TPO) according to HIPAA. Payer requests are the “P” in TPO. However, others such as Medicaid assistance applications and disability requests are not covered under TPO. Knowing the difference and managing each request with the upmost regard for patient privacy is the focus of this month’s HIM Scene post.

Business Office Disclosures: Haste Makes Breach

Time is of the essence in the business office. Staff are focused on submitting claims, appealing denials or responding to audits and reviews as covered in last month’s HIM Scene. During the rush to get claims paid, key steps in the Release of Information (ROI) process may be skipped, compromised or mistakenly omitted. It’s during these situations that privacy concerns arise and PHI breaches may occur.

To ensure business office disclosures are kept safe and secure, organizations should train their financial staff using the same information, curriculum and courses presented to Health Information Management (HIM) teams. The ROI steps are the same. And disclosure management processes must be consistent to reduce breach risk. Here are five key areas of disclosure management to cover with your business office employees.

1. ROI and HIPAA Basics

Ensure employees understand the definition of  HIPAA, the privacy rule, ARRA HITECH Omnibus, PHI and differences between federal versus state law. Each state is different and laws apply to where the care was given, not where the organization is headquartered. This is an important distinction for central business offices processing requests for care locations across several states.

Also emphasize which types of payer requests fall under HIPAA’s TPO exemption and which don’t. For those that aren’t considered disclosures for TPO, a patient authorization is required.

Another important topic to cover is the Health and Human Services (HHS) minimum necessary guidance under the HIPAA privacy rule. This guidance helps organizations determine what information can be used, disclosed or requested by payers for a particular purpose. Payers don’t need entire copies of records. They only need specific documents depending on the type of request. By helping business office staff thoroughly understand and apply the minimum necessary guidance, organizations tighten privacy compliance and mitigate breach risk.

2. The Medical Record

Define the various components of the medical record to business office staff. These include common documents, various types of encounters, and properly documented corrections and amendments.

3. Confidentiality and Legal Issues

Outline the legal health record concept and what it includes for your organization. All the various confidentiality and legal issues should also be fully explained. For example, with regard to state subpoena laws, one needs to know quash periods and whether special documentation must be provided. Louisiana requires affidavits while Virginia requires certifications from attorneys saying a notice of patient objection was not received.

4. Types of Requests

List all the various types of requests that might be received in the business office. For each category, differentiate which are part of TPO and which are not. Those that fall outside of TPO require a patient authorization and should be forwarded to HIM for processing. The types of requests to discuss with the business office include:

  • Treatment requests
  • Internal requests
  • Patient requests
  • Government agency requests
  • Disability requests
  • Insurance requests
  • Post-payment audit requests
  • Attorney requests
  • Law enforcement requests
  • Court orders
  • Subpoenas
  • Research requests

5. Sensitive Records and Other Special Situations

Identify and describe specific disclosure management practices related to sensitive records. These cases can include information on genetics, HIV/AIDS, STDs, mental/behavioral health, substance abuse and other sensitive issues. There are also special situations surrounding disclosures for deceased patients and minors. Sensitive records require special handling. Complex federal and state legal issues may be involved with these cases and business office personnel should be aware of them.

With so many details to know, many hospitals and health systems are opting to centralize all disclosures within the HIM department or with a single outsourced ROI vendor.

Make the Case for Centralized ROI

There is a national trend toward centralized disclosure management versus each department handling information requests internally. Beyond the business office, requests are also frequently received in the radiology department, clinical locations, human resources, physician practices, nursing units and HIM.

Maintaining oversight and privacy compliance for all these areas is an arduous task—and opens the door for breach risk. If you are in doubt about the ability of business office or other staff to properly and securely process requests, a centralized ROI model may be your organization’s safest approach.

About Mariela Twiggs
In her role as Director of Motivation and Development, Twiggs leads MRO’s internal motivational efforts and manages MRO Academy, a rigorous and required online educational and testing platform for all employees, which is comprehensive and current with external developments and regulations. Prior to joining MRO, she was CEO of MTT Enterprises, LLC, a Release of Information business. Previously, she worked as a Health Information Management (HIM) Director. Twiggs is the past president of the Association of Health Information Outsourcing Services (AHIOS), Louisiana Health Information Management Association (LHIMA) and Greater New Orleans Health Information Management (GNOHIMA); a fellow of the American Health Information Management Association (AHIMA); recipient of LHIMA’s Distinguished Member & Career Achievement Awards; past treasurer of LHIMA and GNOHIMA; and serves on the advisory board of the Delgado Community College Health Information Technology Program. Twiggs holds a B.S. in Medical Record Administration and a Master’s Degree in Health Care Administration. She is also certified in healthcare privacy (CHP) and is a Certified Document Imaging Architect (CDIA+) with expertise in electronic document management.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

AHA Asks Congress To Reduce Health IT Regulations for Medicare Providers

Posted on September 22, 2017 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or www.ziegerhealthcare.com.

The American Hospital Association has sent a letter to Congress asking members to reduce regulatory burdens for Medicare providers, including mandates affecting a wide range of health IT services.

The letter, which is addressed to the House Ways and Means Health subcommittee, notes that in 2016, CMS and other HHS agencies released 49 rules impacting hospitals and health systems, which make up nearly 24,000 pages of text.

“In addition to the sheer volume, the scope of changes required by the new regulations is beginning to outstrip the field’s ability to absorb them,” says the letter, which was signed by Thomas Nickels, executive vice president of government relations and public policy for the AHA. The letter came with a list of specific changes AHA is proposing.

Proposals of potential interest to health IT leaders include the following. The AHA is asking Congress to:

  • Expand Medicare coverage of telehealth to patients outside of rural areas and expand the types of technology that can be used. It also suggests that CMS should automatically reimburse for Medicare-covered services when delivered via telehealth unless there’s an individual exception.
  • Remove HIPAA barriers to sharing patient medical information with providers that don’t have a direct relationship with that patient, in the interests of improving care coordination and outcomes in a clinically-integrated setting.
  • Cancel Stage 3 of the Meaningful Use program, institute a 90-day reporting period for future program years and eliminate the all-or-nothing approach to compliance.
  • Suspend eCQM reporting requirements, given how difficult it is at present to pull outside data into certified EHRs for quality reporting.
  • Remove requirements that hospitals attest that they have bought technology which supports health data interoperability, as well as that they responded quickly and in good faith to requests for exchange with others. At present, hospitals could face penalties for technical issues outside their control.
  • Refocus the ONC to address a narrower scope of issues, largely EMR standards and certification, including testing products to assure health data interoperability.

I am actually somewhat surprised to say that these proposals seem to be largely reasonable. Typically, when they’re developed by trade groups, they tend to be a bit too stacked in favor of that group’s subgroup of concerns. (By the way, I’m not taking a position on the rest of the regulatory ideas the AHA put forth.)

For example, expanding Medicare telehealth coverage seems prudent. Given their age, level of chronic illness and attendant mobility issues, telehealth could potentially do great things for Medicare beneficiaries.

Though it should be done carefully, tweaking HIPAA rules to address the realities of clinical integration could be a good thing. Certainly, no one is suggesting that we ought to throw the rulebook out the window, it probably makes sense to square it with today’s clinical realities.

Also, the idea of torquing down MU 3 makes some sense to me as well, given the uncertainties around the entirety of MU. I don’t know if limiting future reporting to 90-day intervals is wise, but I wouldn’t take it off of the table.

In other words, despite spending much of my career ripping apart trade groups’ legislative proposals, I find myself in the unusual position of supporting the majority of the ones I list above. I hope Congress gives these suggestions some serious consideration.

Predictive Analytics with Andy Bartley from Intel

Posted on September 20, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

#Paid content sponsored by Intel.

In the latest Healthcare Scene video interview, I talk with Andy Bartley, Senior Solutions Architect in the Health and Life Sciences Group at Intel. Andy and I talk about the benefits of and challenges to using predictive analytics in healthcare.

Andy offers some great insights on the subject, having had a long and varied career in the industry. Before joining Intel, he served in multiple healthcare organizations, including nurse communication and scheduling application startup NurseGrid, primary care practice One Medical Group and medical device manufacturer Stryker.

In my interview, he provides a perspective on what hospitals and health systems should be doing to leverage predictive analytics to improve care and outcomes, even if they don’t have a massive budget. Plus, he talks about predictive analytics that are already happening today.

Here are the list of questions I asked him if you’d like to skip to a specific topic in the video. Otherwise, you can watch the full video interview in the embedded video at the bottom of this post:

What are your thoughts on predictive analytics? How is it changing healthcare as we know it? What examples have you seen of effective predictive analytics? We look forward to seeing your thoughts in the comments and on social media.

Interoperability: Is Your Aging Healthcare Integration Engine the Problem?

Posted on September 18, 2017 I Written By

The following is a guest blog post by Gary Palgon, VP Healthcare and Life Sciences Solutions at Liaison Technologies.
There is no shortage of data collected by healthcare organizations that can be used to improve clinical as well as business decisions. Announcements of new technology that collects patient information, clinical outcome data and operational metrics that will make a physician or hospital provide better, more cost-effective care bombard us on a regular basis.

The problem today is not the amount of data available to help us make better decisions; the problem is the inaccessibility of the data. When different users – physicians, allied health professionals, administrators and financial managers – turn to data for decision support, they find themselves limited to their own silos of information. The inability to access and share data across different disciplines within the healthcare organization prevents the user from making a decision based on a holistic view of the patient or operational process.

In a recent article, Alan Portela points out that precision medicine, which requires “the ability to collect real-time data from medical devices at the moment of care,” cannot happen easily without interoperability – the ability to access data across disparate systems and applications. He also points out that interoperability does not exist yet in healthcare.

Why are healthcare IT departments struggling to achieve interoperability?

Although new and improved applications are adopted on a regular basis, healthcare organizations are just now realizing that their integration middleware is no longer able to handle new types of data such as social media, the volume of data and the increasing number of methods to connect on a real-time basis. Their integration platforms also cannot handle the exchange of information from disparate data systems and applications beyond the four walls of hospitals. In fact, hospitals of 500 beds or more average 25 unique data sources with six electronic medical records systems in use. Those numbers will only move up over time, not down.

Integration engines in place throughout healthcare today were designed well before the explosion of the data-collection tools and digital information that exist today. Although updates and additions to integration platforms have enabled some interoperability, the need for complete interoperability is creating a movement to replace integration middleware with cloud-based managed services.

A study by the Aberdeen Group reveals that 76 percent of organizations will be replacing their integration middleware, and 70 percent of those organizations will adopt cloud-based integration solutions in the next three years.

The report also points out that as healthcare organizations move from an on-premises solution to a cloud-based platform, business leaders see migration to the cloud and managed services as a way to better manage operational expenses on a monthly basis versus large, up-front capital investments. An additional benefit is better use of in-house IT staff members who are tasked with mission critical, day-to-day responsibilities and may not be able to focus on continuous improvements to the platform to ensure its ability to handle future needs.

Healthcare has come a long way in the adoption of technology that can collect essential information and put it in the hands of clinical and operational decision makers. Taking that next step to effective, meaningful interoperability is critical.

As a leading provider of healthcare interoperability solutions, Liaison is a proud sponsor of Healthcare Scene. It is only through discussions and information-sharing among Health IT professionals that healthcare will achieve the organizational support for the steps required for interoperability.

Join John Lynn and Liaison for an insightful webinar on October 5, titled: The Future of Interoperability & Integration in Healthcare: How can your organization prepare?

About Gary Palgon
Gary Palgon is vice president of healthcare and life sciences solutions at Liaison Technologies. In this role, Gary leverages more than two decades of product management, sales, and marketing experience to develop and expand Liaison’s data-inspired solutions for the healthcare and life sciences verticals. Gary’s unique blend of expertise bridges the gap between the technical and business aspects of healthcare, data security, and electronic commerce. As a respected thought leader in the healthcare IT industry, Gary has had numerous articles published, is a frequent speaker at conferences, and often serves as a knowledgeable resource for analysts and journalists. Gary holds a Bachelor of Science degree in Computer and Information Sciences from the University of Florida.