Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

Workers’ Comp ROI – Disclosures For Workers’ Compensation Purposes – HIM Scene

Posted on April 10, 2018 I Written By

The following is a HIM Scene guest blog post by Don Hardwick, Vice President, Client Relations and Account Management at MRO.

Even under the best of circumstances—excellent staff, streamlined workflows, the latest technology— Release of Information (ROI) is a precarious process. Specific rules apply to different categories of requests. One area of complexity and confusion is the disclosure of Protected Health Information (PHI) for workers’ compensation purposes. While the ROI process for workers’ comp requests is similar to the process for “regular” requests, the type of information allowable for disclosure is different unless the request is accompanied by a patient authorization.

According to HHS guidelines, “The HIPAA Privacy Rule does not apply to entities that are either workers’ compensation insurers, workers’ compensation administrative agencies, or employers, except to the extent they may otherwise be covered entities.” However, the rule recognizes the legitimate need of these entities involved in workers’ compensation cases to access PHI according to state or other laws. Due to variability among such laws, the Privacy Rule permits disclosures of PHI for workers’ compensation purposes in different ways.

Disclosures without individual/client authorization. In most cases, an employer or insurance carrier is permitted to request and receive information pertaining to the injury—on behalf of the company or on behalf of the client—without an authorization. So employers, insurance companies or their attorneys can obtain information on behalf of the insurance company or on behalf of the client. Typically an attorney would get an authorization from the client. However, the employer, the payer or an attorney representing the payer can generally request those records without individual authorization.

Disclosures with individual authorization. The Privacy Rule permits covered entities to disclose PHI to workers’ compensation insurers and others involved in workers’ compensation systems if the individual (patient/client) has provided an authorization for the Release of Information to the entity. The authorization must meet specific Privacy Rule requirements.

When considering a workers’ comp claim, we can only disclose PHI pertaining to the event that initiated that particular claim. For example, suppose a patient had five admissions in 2017, and was injured January 2018. The employer may want to determine if the patient had preexisting injuries or conditions where the most recent injury occurred. If the January 2018 injury was secondary to a problem that already existed with this patient, the requester generally cannot obtain prior information without a HIPAA valid authorization.

The main point is that rules and regulations pertaining to workers’ compensation claims differ depending on the type of request for information and the type of requester.

About Don Hardwick
As Vice President of Client Relations and Account Management, Hardwick oversees all client relations initiatives including implementation and account management. Prior to joining MRO, he was CEO and President of Record Enterprises Inc., a Health Information Management (HIM) company that provided hospitals with an outsourcing program for patient release of information, medical coding and medical/confidential record storage. Previously, he was CEO and president of MedRecs Law Inc., a record acquisition company. Additionally, he was a manager in the healthcare consulting division of Ernst & Young and worked as the Director of HIM at Saint Margaret Hospital in Montgomery, AL and Southampton Memorial Hospital in Franklin, VA. Hardwick is a past President of the Virginia Health Information Management Association (VHIMA) and the recipient of East Carolina’s Allied Health Sciences Distinguished Alumni Award. He holds a B.S. in Health Information Management.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Coding Accuracy: Study Reveals Differences Between Domestic and Offshore Coding – HIM Scene

Posted on March 23, 2018 I Written By

The following is a guest blog post by Bill Wagner, CHPS, Chief Operating Officer, KIWI-TEK.

In January 2015 the ICD-10-preparation frenzy was at its peak. Healthcare provider organizations were scrambling to find coding support during the implementation and transition phases of the quickly approaching ICD-10 implementation deadline. KIWI-TEK was one of those outsourced coding companies being asked to supply experienced, qualified coders.

KIWI-TEK was valiantly trying to keep up with the burgeoning client requests for coding support. And although they had been actively recruiting for months, their coding bench was empty. For the first time in company history, KIWI-TEK decided to augment their team with additional coding resources by contracting with several offshore coding services.

By April 2016, the crunch for additional coding support was all but over. However, the appeal of lower coding costs via offshore coding support drives many healthcare executives to contract with international outsourced coding support. Interest in offshore coding remains even to this day as evidenced by Partners Healthcare recent decision to outsource medical record coding to India.

But what about coding accuracy? This question remains and HIM Directors deserve a data-driven answer.

The Study

Until now, the only information available for providers to compare outsourced domestic coding quality with offshore coding performance was anecdotal. Specific quality data had not been produced or shared. Amidst rampant questions and red flags, KIWI-TEK partnered with six hospitals and health systems to answer the coding industry’s toughest question: “Who delivers higher coding accuracy, domestic or offshore outsourced coding services?” (Be sure to check out the full study results for a more detailed answer to this question).

Each of the six participants had experience with both domestic and offshore coders for at least one year. The same onboarding, auditing, and training procedures were applied equally to all.

Code Accuracy Lower with Offshore

Across all six organizations, code accuracy was lower for the outsourced offshore coding service versus the domestic coding companies by an average of 6.5 percentage points.

Poor coding quality also increased payer denials with additional management time required to onboard, train and audit the outsourced offshore coders.

And What About the Cost?

The final results showed that, despite what seems to be a much lower hourly rate for offshore coders, the total cost is much higher when all factors are taken into consideration. These factors include:

Auditing – Offshore coders required an average of 6 more hours per coder per month of auditing due to poor accuracy results.

Denied claims – Offshore coders averaged 10 more denied claims on Inpatient and Same Day Surgery encounters per week than domestic coders. Reworking of denied claims on these patient types takes 40 minutes for each claim.

The Final Answer

Yes, there is a difference. Offshore coding is less accurate, and in the long-term, may also be more expensive.

To read detailed findings of the study, download the KIWI-TEK White Paper entitled “Is Offshore Coding Really Saving You Money”.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.  KIWI-TEK is a proud sponsor of Healthcare Scene.

Tri-City Medical Center: Achieving a Middleware First

Posted on March 2, 2018 I Written By

The following is a guest blog post by Adam Klass, Chief Technology Officer, VigiLanz.

In the age of value-based care, it’s all about performance as hospitals continually face increased financial pressure to meet a number of different criteria related to decreasing length of stay, hospital-acquired infection rates and hospital readmissions. Today’s hospital organization must improve healthcare analytics and core measures, avoid penalties, and secure reimbursement, so it can continue to grow and thrive. This shift means hospitals must now consider cost avoidance instead of expecting direct reimbursement for patient care.

The challenge then becomes how to support and enable next-generation healthcare providers by delivering real-time results from disparate platforms and technology into any clinical workflow. It’s no surprise, then, that 62 percent of hospital CIOs identify interoperability as a top priority and 80 percent of accountable care organizations also cite integrating data as a top challenge for their IT departments.

To accomplish this goal, medical facilities like Tri-City Medical Center, a 388-bed full service, acute care hospital in Oceanside, California, require a services-oriented architecture and open application programming interface (API) capability that enables efficient aggregation, interaction and exchange of disparate data throughout the healthcare enterprise and across any of its software technologies, including EMRs and third-party single-point-solution vendors.

APIs Versus HL7

APIs fit the bill by allowing access to all of the data a digital health application and a health system would need, in real-time. Clinicians and administrators can now rapidly integrate new clinical and business information for better decision-making and, most importantly, for improved patient care with new interoperability services.

Tri-City Medical Center, which also operates a primary care clinic and employs more than 700 physicians practicing in 60 specialties, is the first VigiLanz customer site to utilize our middleware API solution, VigiLanz Connect, to convert health data from its EMR into uniform, actionable intelligence in the VigiLanz Platform. The hospital organization’s use of this solution turns its closed EMR systems into open platforms through robust services that do not rely on HL7 interfaces. Instead, our platform handles connectivity and normalizes data structures across major EMR platforms, like Cerner’s, which Tri-City Medical Center uses, to quickly unlock the data. Benefits include reduced integration time from months to days, elegant workflows, decreased maintenance costs and minimized risk.

“An API is definitely the way to go,” explained Mark Albright, Vice President of Technology, Tri-City Medical Center. “Anytime we have a choice between an interface and an API, we always go with APIs. It’s just so much easier to install and get up and running.”

“Not only are APIs easy to use but they are a no-brainer when it comes to rapid and successful implementation,” continued Albright. “Using VigiLanz’s middleware API helped us maximize the platform in a different, modern way. Not only is it a simpler effort than using a solution like HL7 but it’s also stable and steady so it’s easy to maintain, despite the significant amount of data being pulled.”

Taking EMR Systems to the Next Level

Clinical intelligence and interoperability services complement today’s EMR systems which, on their own, may be insufficient to deliver agile, real-time intelligence services. In contrast, a middleware API can interoperate with EMR systems and is built with innovative abstract data architectures that help hospitals like Tri-City Medical Center improve patient care and operational performance.

In contrasting his organization’s middleware API experience with what would have traditionally been an HL7 integration, Albright noted, “Our hospital charged a non-programmer, non-developer, non-HL7 person with spearheading this project, something that could have not happened in an HL7 world. She would have never been able to master that.”

That “she” is Melody Peterson, a senior systems analyst, who stepped into the project post-decision, after Tri-City’s pharmacy, infection control and clinical surveillance departments had already made the decision to purchase the middleware API, separate from the organization’s IT department.

“I was tasked with making this middleware API work, without having been part of the research or purchase decision,” explained Peterson. “Because VigiLanz supports the clinical and business sides of our hospital, though, it was easy to implement this ‘plug-and-play’ integration solution, in a way that applied to all areas critical to optimizing care – from risk scoring to antimicrobial stewardship.”

A middleware architecture is often the best technological solution for addressing the problem of EHR interoperability because it facilitates the transparent, yet secure, access of patient health data, directly from the various databases where it is stored. No longer does a hospital organization like Tri-City Medical Center have to do all of the development itself, but instead can rely on off-the-shelf applications to solve problems. Middleware brings an application-agnostic approach to connecting EMRs to one another while allowing for specific development to enhance the significant investment by hospitals, health systems and physicians.

How Mobile Computer Carts Reduce Errors and Increase Efficiency

Posted on February 2, 2018 I Written By

The following is a guest blog post by Andy Lurie, Director of Marketing and Partner Relations at Add On Data.

Mobile computing carts have been a mainstay in the hospital environment since the electronic medical records (EMR) mandate took effect in the United States. To show meaningful use of electronic health records in the healthcare environment, facilities across the nation have adopted mobile computing carts as the primary means of addressing EMR at the point-of-care. Mobile carts offer better ergonomics and productivity than tablets or mobile devices.

Mobile computer carts aren’t just a means of satisfying the new meaningful use requirements for EMR however, they’re becoming vital aspects of workflow optimization and error reduction strategies at healthcare facilities everywhere. Hospitals that initially overlooked the practical benefits of satisfying the EMR mandate are now benefiting from fewer recording errors in patient records, more accurate medication administration, and enhanced worker productivity. Keep reading to find out how!

Mobile Computer Carts Help Care Providers Get More Done

It’s easy to imagine how the introduction of mobile workstations to the healthcare environment has enhanced productivity, especially for the nurses and physicians that use this equipment daily. Here’s what a workflow for patient visits might have looked like before the introduction of mobile workstations:

  1. The nurse visits the patient’s room.
  2. The nurse interviews the patient and conducts any relevant assessments (blood pressure, vitals, etc.)
  3. The nurse visits the medication/equipment room to get materials needed by the patient.
  4. The nurse returns to the patient and administers treatments.
  5. The nurse returns to the stationary workstation located at the nurse’s station.
  6. The nurse records the patient’s condition and documents the treatment provided.
  7. The nurse is ready to visit a new patient.

With mobile computer carts, nurses can reduce many of the walking steps in this process. Basic medical supplies and medications can be stored securely in the drawers of a mobile computing cart, reducing the need for trips to supply rooms. The nurse can also update patient records at the bedside, eliminating the need to repeatedly return to a stationary workstation throughout their shift. A 10-20% reduction in the time taken for a patient visit represents massive productivity gains for an organization.

Mobile Computer Carts Reduce Errors in EMR Recording

EMR recording errors are an insidious and completely unnecessary cause of adverse outcomes for the patient, but they’re a sad reality of an inefficient workflow that separates the processes of patient care from the process of documentation.

We all trust our healthcare providers to provide attentive and conscientious care for each patient, but it’s easy to imagine how documentation errors can occur. Nurses who routine to a stationary workstation between patient visits may sometimes find that computer occupied, meaning they have to wait before documenting the most recent interaction. Sometimes nurses encounter distractions on their way to document a patient interaction – it could be a medical emergency, an urgent request from another staff member, a disruptive patient or visitor, or anything else.

Nurses and physicians need to be accountable for accurately documenting every interaction they have with patients, and this is best achieved with mobile computer carts. Mobile carts ensure the presence of an available workstation at the point of care, ensuring that patient care is documented as it happens and without delay. This reduces data entry errors and enhances patient safety.

Mobile Computer Carts Help Ensure Secure and Accurate Medicine Administration

Mobile computer carts have been used effectively to ensure the security, accuracy, and timeliness of medication administration in hospitals. Carts can be customized with secure drawers for holding medication, as well as bar-code scanners that nurses use to correctly identify patients and match them with the appropriate medications. The combination of medication verification software and organized storage of patient medications virtually eliminates the possibility of patient medication errors.

A study that assessed adverse drug events (ADEs) found that each hospital experiences a medication error every 22.7 hours and every 19.73 admissions. Miscommunication and “Human Factors” have been identified as leading factors contributing to these mistakes, along with similar labeling on medications and patient name confusion. Using bar-code scanners and software to match patients with their proper medications reduces these errors and ultimately saves lives by addressing sources of error that are inherent to the manual administration of medicines in the hospital setting.

Conclusion

While the implementation of mobile computer carts in the healthcare environment is important for satisfying the EMR mandate, hospitals should not overlook the real opportunities to generate and capitalize on the other benefits of mobile carts. Effective usage of mobile computing carts reduces errors and increases hospital efficiency, helping facilities reduce their costs and improve patient safety and health outcomes.

Breaking Bad: Why Poor Patient Identification is Rooted in Integration, Interoperability

Posted on December 20, 2017 I Written By

The following is a guest blog post by Dan Cidon, Chief Technology Officer, NextGate.

The difficulty surrounding accurate patient ID matching is sourced in interoperability and integration.

Coordinated, accountable, patient-centered care is reliant on access to quality patient data. Yet, healthcare continues to be daunted by software applications and IT systems that don’t communicate or share information effectively. Health data, spread across multiple source systems and settings, breeds encumbrances in the reconciliation and de-duplication of patient records, leading to suboptimal outcomes and avoidable costs of care. For organizations held prisoner by their legacy systems, isolation and silo inefficiencies worsen as IT environments become increasingly more complex, and the growth and speed to which health data is generated magnifies.

A panoramic view of individuals across the enterprise is a critical component for value-based care and population health initiatives. Accurately identifying patients, and consistently matching them with their data, is the foundation for informed clinical decision-making, collaborative care, and healthier, happier populations. As such, the industry has seen a number of high-profile initiatives in the last few years attempting to address the issue of poor patient identification.

The premature end of CHIME’s National Patient ID Challenge last month should be a sobering industry reminder that a universal solution may never be within reach. However, the important lesson emanating in the wake of the CHIME challenge is that technology alone will not solve the problem. Ultimately, the real challenge of identity management and piecing together a longitudinal health record has to do with integration and interoperability. More specifically, it revolves around the demographics and associated identifiers dispersed across multiple systems.

Because these systems often have little reason to communicate with one another, and because they store their data through fragmented architecture, an excessive proliferation of identifiers occurs. The result is unreliable demographic information, triggering further harm in data synchronization and integrity.

Clearly, keeping these identifiers and demographics as localized silos of data is an undesirable model for healthcare that will never function properly. While secondary information such as clinical data should remain local, the core identity of a patient and basic demographics including name, gender, date of birth, address and contact information shouldn’t be in the control of any single system. This information must be externalized from these insulated applications to maintain accuracy and consistency across all connected systems within the delivery network.

However, there are long-standing and relatively simple standards in place, such as HL7 PIX/PDQ, that allow systems to feed a central demographic repository and query that repository for data. Every year, for the past eight years, NextGate has participated in the annual IHE North American Connectathon – the healthcare industry’s largest interoperability testing event. Year after year, we see hundreds of other participating vendors demonstrating that with effective standards, it is indeed possible to externalize patient identity.

In the United Kingdom, for example, there has been slow but steady success of the Patient Demographic Service – a relatively similar concept of querying a central repository for demographics and maintaining a global identifier. While implementation of such a national scale service in the U.S. is unlikely in the near-term, the concept of smaller scale regional registries is clearly an achievable goal. And every deployment of our Enterprise Master Patient Index (EMPI) is a confirmation that such systems can work and do provide value.

What is disappointing, is that very few systems in actual practice today will query the EMPI as part of the patient intake process. Many, if not most, of the systems we integrate with will only fulfill half of the bargain, namely they will feed the EMPI with demographic data and identifiers. This is because many systems have already been designed to produce this outbound communication for purposes other than the management of demographic data. When it comes to querying the EMPI for patient identity, this requires a fundamental paradigm shift for many vendors and a modest investment to enhance their software. Rather than solely relying on their limited view of patient identity, they are expected to query an outside source and integrate that data into their local repository.

This isn’t rocket science, and yet there are so few systems in production today that initiate this simple step. Worse yet, we see many healthcare providers resorting to band aids to remedy the deficiency, such as resorting to ineffective screen scraping technology to manually transfer data from the EMPI to their local systems.

With years of health IT standards in place that yield a centralized and uniform way of managing demographic data, the meager pace and progress of vendors to adopt them is troubling. It is indefensible that a modern registration system, for instance, wouldn’t have this querying capability as a default module. Yet, that is what we see in the field time and time again.

In other verticals where banking and manufacturing are leveraging standards-based exchange at a much faster pace, it really begs the question: how can healthcare accelerate this type of adoption? As we prepare for the upcoming IHE Connectathon in January, we place our own challenge to the industry to engage in an open and frank dialogue to identify what the barriers are, and how can vendors be incentivized, so patients can benefit from the free flow of accurate, real-time data from provider to provider.

Ultimately, accurate patient identification is a fundamental component to leveraging IT for the best possible outcomes. Identification of each and every individual in the enterprise helps to ensure better care coordination, informed clinical decision making, and improved quality and safety.

Dan Cidon is CTO and co-founder NextGate, a leader in healthcare identity management, managing nearly 250 million lives for health systems and HIEs in the U.S. and around the globe.

Opening the Door to Data Analytics in Medical Coding – HIM Scene

Posted on November 15, 2017 I Written By

The following is a HIM Scene guest blog post by Julia Hammerman, RHIA, CPHQ, is Director of Education and Compliance, himagine solutions.

Data analytics has moved from IT and finance to the majority of business functions—including clinical coding. However, most healthcare organizations admit they could do more with analytics. This month’s HIM Scene blog explores the importance of analyzing clinical coding data to improve quality, productivity, and compliance.

Coding Data in ICD-10: Where We Are Today

HIM leaders are implementing coding data analytics to continually monitor their coding teams and cost-justify ongoing educational investments. Coding data analytics isn’t a once-and-done endeavor. It is a long-term commitment to improving coding performance in two key areas: productivity and accuracy.

A Look at Productivity Data

Elements that impact coding productivity data include: the type of electronic health record (EHR) used, the number of systems accessed during the coding process, clinical documentation improvement (CDI) initiatives, turnaround time for physician queries, and the volume of non-coding tasks assigned to coding teams.

Once any coding delays caused by these issues are corrected, coding productivity is best managed with the help of data analytics. For optimal productivity monitoring, the following data must be tracked, entered, and analyzed:

  • Begin and end times for each record—by coder and chart type
  • Average number of charts coded per hour by coder
  • Percentage of charts that take more than the standard minutes to code—typically charts with long lengths of stay (LOS), high dollar or high case mix index (CMI)
  • Types of cases each coder is processing every day

A Look at Accuracy Data

Accuracy should never be compromised for productivity. Otherwise, the results include denied claims, payer scrutiny, reimbursement issues, and other negative financial impacts.

Instead, a careful balance between coding productivity and accuracy is considered best practice.

Both data sets must be assessed simultaneously. The most common way to collect coding accuracy data is through coding audits and a thorough analysis of coding denials.

  • Conduct routine coding accuracy audits
  • Analyze audit data to target training, education and other corrective action
  • Record data so that back-end analysis is supported
  • Assess results for individual coders and the collective team

Using Your Results

Results of data analysis are important to drive improvements at the individual level and across entire coding teams. For individuals, look for specific errors and provide coaching based on the results of every audit. Include tips, recommendations, and resources to improve. If the coding professional’s accuracy continues to trend downward, targeted instruction and refresher coursework are warranted with focused re-audits to assure improvement over time.

HIM and coding managers can analyze coding audit data across an entire team to identify patterns and trends in miscoding. Team data pinpoints where multiple coders may be struggling. Coding hotlines or question queues are particularly helpful for large coding teams working remotely and from different geographic areas. Common questions can be aggregated for knowledge sharing across the team.

Analytics Technology and Support: What’s Needed

While spreadsheets are still used as the primary tool for much data analysis in healthcare, this option will not suffice in the expanded world of ICD-10. Greater technology investments are necessary to equip HIM and coding leaders with the coding data analytics technology they need.

The following technology guidelines can help evaluate new coding systems and level-up data analytics staff:

  • Data analytics programs with drill-down capabilities are imperative. These systems are used to effectively manage and prevent denials.
  • Customized workflow management software allows HIM and coding leaders to assign coding queues based on skillset.
  • Discharged not final coded and discharged not final billed analytics tools are important to manage each piece of accounts receivables daily and provide continual reporting.
  • Systems should have the ability to build rules to automatically send cases to an audit queue based on specific factors, such as diagnosis, trend, problematic DRGs.
  • Capabilities to export and manipulate the data within other systems, such as Excel, while also trending data are critical.
  • Staff will need training on advanced manipulation of data, such as pivot charts.
  • Every HIM department should have a copy of the newly revised AHIMA Health Data Analysis Toolkit, free of charge for AHIMA members.

HIM directors already collect much of the coding data required for improved performance and better decision-making. By adding data analytics software, organizations ensure information is available for bottom-line survival and future growth.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Heard at #AHIMACon17: Lessons Learned for HIM – HIM Scene

Posted on October 18, 2017 I Written By

The following is a HIM Scene guest blog post by Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President, Privacy, Compliance and HIM Policy, at MRO.  

The American Health Information Management Association (AHIMA) held its annual convention and exhibit in Los Angeles last week. Beginning with preconvention meetings and symposia, this year’s event delivered a renewed focus on the profession’s stalwart responsibility to protect and govern patient information. Updates for privacy, security, interoperability and information governance were provided. Here is a quick overview of my lessons learned at AHIMACon17.

Privacy and Security Institute

The 11th anniversary of AHIMA’s Privacy and Security Institute didn’t disappoint. Speakers from the HHS Office for Civil Rights (OCR), Federal Bureau of Investigations (FBI) and HITRUST joined privacy and HIM consultants for an information-packed two-day symposium. The most important information for HIM professionals and privacy officers came from the nation’s capital.

Cutbacks underway—Recent defunding of the Chief Privacy Officer (CPO) position by ONC makes practical sense for the healthcare industry and the national budget. The position has been vacant for the past year, and during this time Deven McGraw successfully served as acting CPO and deputy director for health information privacy. Her imminent departure along with other cutbacks will have a trickle-down impact for privacy compliance in 2018.

Onsite audits cease—Yun-kyung (Peggy) Lee, Deputy Regional Manager, OCR, informed attendees that onsite HIPAA audits would no longer be conducted for covered entities or business associates due to staffing cutbacks in Washington, D.C. The concern here is that whatever doesn’t get regulatory attention, may not get done.

To ensure a continued focus on privacy monitoring, HIM and privacy professionals must remain diligent at the organizational, regional, state and national levels to:

  • Maintain internal privacy audit activities
  • Review any patterns in privacy issues and address through corrective action
  • Use environmental scanning to assess resolution agreement results
  • Review published privacy complaints to determine how to handle similar situations
  • Compare your state of readiness to known complaints

Interoperability advances HIPAA—The national push for greater interoperability is an absolute necessity to improve healthcare delivery. However, 30 years of new technology and communication capabilities must be incorporated into HIPAA rules. Old guidelines block us from addressing new goals. We expect more fine-tuning of HIPAA in 2018 to achieve the greater good of patient access and health information exchange.

Luminary Healthcare Panel

Tuesday’s keynote session was the second most relevant discussion for my role as vice president of privacy, compliance and HIM policy at MRO. Panelists provided a glimpse into the future of healthcare while reiterating HIM’s destiny—data integrity and information governance.

HIM’s role extends beyond ensuring correctly coded data for revenue cycle performance. It also includes the provision of correct and complete data for the entire healthcare enterprise and patient care continuum under value-based reimbursement. The need for stronger data integrity and overall information governance was threaded through every conversation during this session.

Final Takeaway

Make no doubt about it! HIM’s role is expanding. We have the underlying knowledge of the importance of data and the information it yields. More technology leads to more data and an increased need for sophisticated health information management and governance. Our history of protecting patient information opens the door to our future in the healthcare industry.

About Rita Bowen
In her role as Vice President of Privacy, Compliance and HIM Policy for MRO, Bowen serves as the company’s Privacy and Compliance Officer (PCO), oversees the company’s compliance with HIPAA, and ensures new and existing client HIM policies and procedures are to code. She has more than 40 years of experience in Health Information Management (HIM), holding a variety of HIM director and consulting roles. Prior to joining MRO, she was Senior Vice President and Privacy Officer for HealthPort, Inc., now known as CIOX Health. Bowen is an active member of the American Health Information Management Association (AHIMA), having served as its President and Board Chair, as a member of the Board of Directors, and of the Council on Certification. Additionally, Bowen is the chair for the AHIMA Foundation. She has been honored with AHIMA’s Triumph Award in the mentor category; she is also the recipient of the Distinguished Member Award from the Tennessee Health Information Management Association (THIMA). Bowen is an established author and speaker on HIM topics and has taught HIM studies at Chattanooga State and the University of Tennessee Memphis. Bowen holds a Bachelor of Medical Science degree with a focus in medical record administration and a Master’s degree in Health Information/ Informatics Management Technology.

MRO is a proud sponsor of HIM Scene.  If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Waiting For The Perfect “Standard” Is Not The Answer To Healthcare’s Interoperability Problem

Posted on October 16, 2017 I Written By

The following is a guest blog post by Gary Palgon, VP Healthcare and Life Sciences Solutions at Liaison Technologies.

Have you bought into the “standards will solve healthcare’s interoperability woes” train of thought? Everyone understands that standards are necessary to enable disparate systems to communicate with each other, but as new applications and new uses for data continually appear, healthcare organizations that are waiting for universal standards, are not maximizing the value of their data. More importantly, they will be waiting a long time to realize the full potential of their data.

Healthcare interoperability is not just a matter of transferring data as an entire file from one user to another. Instead, effective exchange of information allows each user to select which elements of a patient’s chart are needed, and then access them in a format that enables analysis of different data sets to provide a holistic picture of the patient’s medical history or clinical trends in a population of patients. Healthcare’s interoperability challenge is further exacerbated by different contextual interpretations of the words within those fields. For instance, how many different ways are there to say heart attack?

The development of the Health Level Seven (HL7®) FHIR®, which stands for Fast Healthcare Interoperability Resources, represents a significant step forward to interoperability. While the data exchange draft that is being developed and published by HL7 eliminates many of the complexities of earlier HL7 versions and facilitates real-time data exchange via web technology, publication of release 4 – the first normative version of the standard – is not anticipated until October 2018.

As these standards are further developed, the key to universal adoption will be simplicity, according to John Lynn, founder of the HealthcareScene.com. However, he suggests that CIOs stop waiting for “perfect standards” and focus on how they can best achieve interoperability now.

Even with standards that can be implemented in all organizations, the complexity and diversity of the healthcare environment means that it will take time to move everyone to the same standards. This is complicated by the number of legacy systems and patchwork of applications that have been added to healthcare IT systems in an effort to meet quickly changing needs throughout the organization. Shrinking financial resources for capital investment and increasing competition for IT professionals limits a health system’s ability to make the overall changes necessary for interoperability – no matter which standards are adopted.

Some organizations are turning to cloud-based, managed service platforms to perform the integration, aggregation and harmonization that makes data available to all users – regardless of the system or application in which the information was originally collected. This approach solves the financial and human resource challenges by making it possible to budget integration and data management requirements as an operational rather than a capital investment. This strategy also relieves the burden on in-house IT staff by relying on the expertise of professionals who focus on emerging technologies, standards and regulations that enable safe, compliant data exchange.

How are you planning to scale your interoperability and integration efforts?  If you're waiting for standards, why are you waiting?

As a leading provider of healthcare interoperability solutions, Liaison is a proud sponsor of Healthcare Scene. While the conversation about interoperability has been ongoing for many years, ideas, new technology and new strategies discussed and shared by IT professionals will lead to successful healthcare data exchange that will transform healthcare and result in better patient care.

About Gary Palgon
Gary Palgon is vice president of healthcare and life sciences solutions at Liaison Technologies. In this role, Gary leverages more than two decades of product management, sales, and marketing experience to develop and expand Liaison’s data-inspired solutions for the healthcare and life sciences verticals. Gary’s unique blend of expertise bridges the gap between the technical and business aspects of healthcare, data security, and electronic commerce. As a respected thought leader in the healthcare IT industry, Gary has had numerous articles published, is a frequent speaker at conferences, and often serves as a knowledgeable resource for analysts and journalists. Gary holds a Bachelor of Science degree in Computer and Information Sciences from the University of Florida.

How to Balance Privacy, Security and Quality with Offshore Coding: Three Critical Caveats for HIM – HIM Scene

Posted on October 4, 2017 I Written By

The following is a guest blog post by Sarah Humbert, RHIA, ICD-10 AHIMA Certified Trainer, Coding and Compliance Manager, KIWI-TEK. If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Prior to ICD-10 there was a shortage of domestic coders, making offshore services a necessity for many organizations. But in a post ICD-10 environment, experienced U.S. coders are more readily available and accessible. Domestic coding services are still considered best practice by most HIM professionals. In fact, 72 percent of hospital respondents outsource more than half of their coding needs according Black Book’s October 2016 Outsourced HIM Report.

While acceptance of offshore coding services has grown there are important caveats for HIM professionals to know according to the Black Book report. Price isn’t everything when it comes to protecting your patient’s privacy and your organization’s financial performance. Additional offshore concerns continue to be reported by U.S. hospitals and health systems:

  • Increased audit costs
  • Higher denial rates
  • Missed procedure codes

As Black Book states, it is imperative for offshore coding companies to tighten processes in three key areas: privacy, security and quality. With ransomware on the rise, hospitals, health systems and medical groups have greater levels of responsibility to fully assess their business associates—especially those using protected health information (PHI) offshore.

Because of these concerns and those mentioned above, HIM professionals must carefully explore, vet and secure detailed service level agreements prior to even considering the offshore option. This month’s blog lays out three critical caveats to consider and weigh against the proven value of domestic coding services.

Verify and Test Privacy and Security for Offshore Coding

The first step for HIM professionals is to understand the annual attestation requirements. Originally required by CMS for Medicare Advantage (MA) plans, the following annual attestations have become best practice for healthcare provider organizations and other covered entities (CEs) working to protect PHI.

  1. Provide notice to CMS—30 days prior to beginning the contractual relationship—that offshore contractors will be used, providing CMS an opportunity to review and raise an objection if warranted.
  2. Sign an annual attestation to accurately report to CMS the use of any offshore contractors.

For example, if a hospital wants to use a coding or billing company with personnel located offshore, it must submit the initial notification, receive no objections from CMS, and then annually attest that protections are in place with the offshore vendor.

Beyond the two-step attestation process, HIM professionals must take the following five precautionary steps with all offshore HIM services vendors.

  • Discuss any offshore contacts with your legal counsel and the vendor prior to signing.
  • Include language to indicate that onshore vendors will not subcontract with offshore vendors or coders.
  • Make sure your vendors are aware of attestation rules and take precautions to safeguard PHI.
  • Obtain cybersecurity insurance that includes coverage for potential breaches of offshore data.
  • Identify any other clinical services that may be provided offshore, such as coding audits, and consult your legal counsel to determine if that service should be identified in the attestation.

Rigorous due diligence of offshore coding vendor privacy and security safeguards ensures HIM professionals are doing their part in reducing PHI breaches and ransomware attacks in healthcare. Six states went a step further by prohibiting Medicaid members from sending any PHI offshore: Arizona, Ohio, Missouri, Arkansas, Wisconsin and New Jersey. If your state provides healthcare services in any of these states, additional review by legal counsel is mandatory.

Watch Offshore Coding Quality

The second area for concern with offshore medical record coding services is accuracy.

Offshore coders are mostly former nurses or other well-educated candidates. Although global coding staff speak English and are highly competent, they may not be well trained in self-directed chart interpretation.

Our clients often report international coding accuracy concerns and the need for additional audits, higher denials and missed procedure codes—especially as global coders expand beyond relatively simple and repetitive ancillary testing and radiology cases. In fact, 22 percent of HIM executives continue to shy away from a non-U.S. workforce, according to Black Book.

When it comes to coding quality, here are five recommendations to measure, monitor and manage accuracy prior to engaging an offshore coder.

  • Confirm who is actually doing your coding initially, and after each month into the services engagement.
  • Know global coders’ credentials, testing results and accuracy scores.
  • Verify that less experienced coders aren’t engaged following the initial work assignment.
  • Conduct a minimum of monthly coding audits to quickly identify and correct any negative trend or patterns.
  • Refuse to accept lower quality standards for offshore coding.

Re-evaluate Your Options

The medical record coding industry has shifted. Now is the time to re-evaluate the risks and returns of offshore coding services—keeping privacy, security and quality top of mind.

About Sarah Humbert
Sarah serves as the manager of coding and compliance at KIWI-TEK, a 100% domestic coding and audit services company. She is responsible for coding quality control—accuracy, turnaround time and compliance.

Sarah oversees all coding processes, including coders’ performance, credentials and recurrent testing. She is a member of AHIMA, IHIMA, CHIMA, and she is also a Certified ICD-10 AHIMA trainer. Sarah has worked in a variety of health information management positions for Health Care Excel, MedFocus and St. Vincent Health System.

KIWI-TEK is a proud sponsor of Healthcare Scene. If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

How to Train Business Office Staff to Perform Like ROI (Release of Information) Pros – HIM Scene

Posted on September 27, 2017 I Written By

The following is a HIM Scene guest blog post by Mariela Twiggs, MS, RHIA, CHIP, FAHIMA, National Director of Motivation & Development at MRO.  This is the third blog in a three-part sponsored blog post series focused on the relationship between HIM departments and third-party payers. Each month, a different MRO expert will share insights on how to reduce payer-provider abrasion, protect information privacy and streamline the medical record release process during health plan or third-party commercial payer audits and reviews.

Millions of payer requests for medical records are sent to hospital business offices every day. Business office staff are often tasked with pulling, compiling and sending Protected Health Information (PHI) to meet these requests.

Many payer requests are part of treatment, payment and operations (TPO) according to HIPAA. Payer requests are the “P” in TPO. However, others such as Medicaid assistance applications and disability requests are not covered under TPO. Knowing the difference and managing each request with the upmost regard for patient privacy is the focus of this month’s HIM Scene post.

Business Office Disclosures: Haste Makes Breach

Time is of the essence in the business office. Staff are focused on submitting claims, appealing denials or responding to audits and reviews as covered in last month’s HIM Scene. During the rush to get claims paid, key steps in the Release of Information (ROI) process may be skipped, compromised or mistakenly omitted. It’s during these situations that privacy concerns arise and PHI breaches may occur.

To ensure business office disclosures are kept safe and secure, organizations should train their financial staff using the same information, curriculum and courses presented to Health Information Management (HIM) teams. The ROI steps are the same. And disclosure management processes must be consistent to reduce breach risk. Here are five key areas of disclosure management to cover with your business office employees.

1. ROI and HIPAA Basics

Ensure employees understand the definition of  HIPAA, the privacy rule, ARRA HITECH Omnibus, PHI and differences between federal versus state law. Each state is different and laws apply to where the care was given, not where the organization is headquartered. This is an important distinction for central business offices processing requests for care locations across several states.

Also emphasize which types of payer requests fall under HIPAA’s TPO exemption and which don’t. For those that aren’t considered disclosures for TPO, a patient authorization is required.

Another important topic to cover is the Health and Human Services (HHS) minimum necessary guidance under the HIPAA privacy rule. This guidance helps organizations determine what information can be used, disclosed or requested by payers for a particular purpose. Payers don’t need entire copies of records. They only need specific documents depending on the type of request. By helping business office staff thoroughly understand and apply the minimum necessary guidance, organizations tighten privacy compliance and mitigate breach risk.

2. The Medical Record

Define the various components of the medical record to business office staff. These include common documents, various types of encounters, and properly documented corrections and amendments.

3. Confidentiality and Legal Issues

Outline the legal health record concept and what it includes for your organization. All the various confidentiality and legal issues should also be fully explained. For example, with regard to state subpoena laws, one needs to know quash periods and whether special documentation must be provided. Louisiana requires affidavits while Virginia requires certifications from attorneys saying a notice of patient objection was not received.

4. Types of Requests

List all the various types of requests that might be received in the business office. For each category, differentiate which are part of TPO and which are not. Those that fall outside of TPO require a patient authorization and should be forwarded to HIM for processing. The types of requests to discuss with the business office include:

  • Treatment requests
  • Internal requests
  • Patient requests
  • Government agency requests
  • Disability requests
  • Insurance requests
  • Post-payment audit requests
  • Attorney requests
  • Law enforcement requests
  • Court orders
  • Subpoenas
  • Research requests

5. Sensitive Records and Other Special Situations

Identify and describe specific disclosure management practices related to sensitive records. These cases can include information on genetics, HIV/AIDS, STDs, mental/behavioral health, substance abuse and other sensitive issues. There are also special situations surrounding disclosures for deceased patients and minors. Sensitive records require special handling. Complex federal and state legal issues may be involved with these cases and business office personnel should be aware of them.

With so many details to know, many hospitals and health systems are opting to centralize all disclosures within the HIM department or with a single outsourced ROI vendor.

Make the Case for Centralized ROI

There is a national trend toward centralized disclosure management versus each department handling information requests internally. Beyond the business office, requests are also frequently received in the radiology department, clinical locations, human resources, physician practices, nursing units and HIM.

Maintaining oversight and privacy compliance for all these areas is an arduous task—and opens the door for breach risk. If you are in doubt about the ability of business office or other staff to properly and securely process requests, a centralized ROI model may be your organization’s safest approach.

About Mariela Twiggs
In her role as Director of Motivation and Development, Twiggs leads MRO’s internal motivational efforts and manages MRO Academy, a rigorous and required online educational and testing platform for all employees, which is comprehensive and current with external developments and regulations. Prior to joining MRO, she was CEO of MTT Enterprises, LLC, a Release of Information business. Previously, she worked as a Health Information Management (HIM) Director. Twiggs is the past president of the Association of Health Information Outsourcing Services (AHIOS), Louisiana Health Information Management Association (LHIMA) and Greater New Orleans Health Information Management (GNOHIMA); a fellow of the American Health Information Management Association (AHIMA); recipient of LHIMA’s Distinguished Member & Career Achievement Awards; past treasurer of LHIMA and GNOHIMA; and serves on the advisory board of the Delgado Community College Health Information Technology Program. Twiggs holds a B.S. in Medical Record Administration and a Master’s Degree in Health Care Administration. She is also certified in healthcare privacy (CHP) and is a Certified Document Imaging Architect (CDIA+) with expertise in electronic document management.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.