Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

The Challenge of Medical Records Requests in the Healthcare Business Office – HIM Scene

Posted on July 10, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

While at the HFMA Annual Conference (Formerly known as ANI), Healthcare Scene was able to sit down with Kim Charland, BA, RHIT, CCS, Director of Revenue Cycle Services at MRO, to talk about some unique issues with Release of Information (ROI) coming out of the healthcare business office.

This was an issue I hadn’t thought much about previously, but it makes a lot of sense that medical billing professionals probably aren’t the best people to be handling release of information to insurance companies. Billing professionals’ goal is to get paid, not ensure that they’re doing a proper release of information to payers. Plus, most of them have billing expertise, not ROI expertise. It makes a lot of sense for the business office to involve HIM professionals with release of information expertise into the process.

To learn more about this topic and what MRO is doing to help healthcare organizations address this compliance issue, watch the video interview below with Kim Charland:

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Lessons Learned from the 2017 AHIMA Information Governance Survey – HIM Scene

Posted on May 16, 2018 I Written By

The following is a guest blog post by Stephanie Crabb, Co-Founder and Principal at Immersive as part of the HIM Scene series of blog posts.

The American Health Information Management Association (AHIMA) 2017 Information Governance (IG) survey follows previous surveys administered in 2014 and 2015 to identify trends and offer insights associated with the healthcare industry’s understanding and adoption of IG. The good news from the 2017 survey is that awareness of IG, at least among the 1500+ survey respondents, is high with 84.6 percent reporting that they are familiar with IG. The bad news from the survey is that 51.6 percent of those same respondents report that lack of awareness or misunderstanding of IG is a barrier (the most significant barrier reported) to IG adoption in their organizations.

Who participated?

While the 2017 survey garnered more participation from outside the health information management professional community than previous efforts, it is important to note that the majority of respondents identified themselves as health information managers (HIM-ers). AHIMA’s work to raise IG awareness and educate the healthcare industry since 2012 has been significant and is to be commended. The body of knowledge created and published and the work completed is extraordinary; it has certainly paid off with its own constituents. Perhaps the survey demonstrates that there is still work to be done with additional stakeholders or that we need to do more to demonstrate the knowledge and capabilities that HIM-ers possess to support IG efforts.

IG Adoption, Drivers and Benefits

Based on what we see, read and experience, in every sector of the industry information and the data from which it is created are at the center of nearly every strategic and tactical activity. So why the disconnect, or the slow pace of formal IG adoption? Why did only 14.8 percent of respondents report an “initiated” IG program as illustrated below? Further, why did percent of respondents report that IG is not considered a priority in their organizations?

A closer look at what respondents had to say about the barriers to IG adoption is useful. The survey offered respondents a list of commonly-cited barriers to IG adoption across all industries and asked them to select their top three, resulting in the following:

For many, the term “governance” implies bureaucracy, expense, complexity, misplaced power and control, among other negative connotations. This may offer some context for these survey results and explain, in part, the top responses.

IG is a complex discipline, no doubt. However, everyone can identify IG or IG-like work that is getting done in their organization every day; it is just not formalized, organized or recognized as such. Sadly, much of that work is buried or siloed, in part, because it is not connected to a strategic imperative where it might gain greater visibility and appreciation as an IG effort.

The data around low IG adoption are even more confusing when we look at what respondents had to say about what they think does or should drive IG efforts. The survey demonstrates that there is no shortage of compelling and meaningful drivers to spur action. While the survey did not provide respondents with the same response choice options for “drivers” and “benefits” there was a connection and association reflected in the responses to these two questions.


These responses reflect an impressive number of business units, departments and individuals–workforce and patients—that can truly be served by and through IG.

What’s Changed from 2014 to 2017?

In 2014, 43% of respondents reported that a formal IG program had been initiated compared to 14.8% of respondents in 2017. What contributes to this dramatic change? Does it reflect organization abandonment of previously initiated IG efforts? Does it reflect that respondents are more educated today so what they labeled as IG in 2014 was not really IG? This area may warrant further exploration in future survey efforts.

In 2014, respondents cited “strong agreement” with regulatory compliance (80 percent), improvement in patient care and safety (73 percent) and the need to manage and contain costs (61 percent) as the top three drivers for IG, followed by analytics and business intelligence (53 percent). Interestingly, trust and confidence in data was the lowest rated driver. In 2017, data quality and trust ranked second. Analytics and business intelligence tops the list of drivers, patient safety falls to the middle and regulatory compliance is at the very bottom of the list.

The most promising insight from the 2017 survey is that data governance (DG) is a growing priority and reality in healthcare. Thirty percent of respondents reported a “formal structure” for DG in their organization. There is still a bit of confusion between IG and DG as disciplines. DG is one of the competencies in AHIMA’s IG Adoption Model and often referenced as a sub-domain of IG in other reference models. Simply stated, data are the building blocks of information, so DG is requisite to IG. One takeaway from the survey is that healthcare organizations are progressing along a path that positions DG as a precursor to IG, rather than a component of IG.

Conclusion

While the drivers for IG seem to have shifted over the time that AHIMA has spent surveying the industry, there is a universality to the vision and expectation that healthcare wants and needs to put its data and information to work to accomplish its ambitious and complex mission. Much of AHIMA’s and its IG partners’ work to document the experiences of IG pioneers is available at IGIQ.org.

Have ideas about how we can better study the topic of IG and deliver meaningful insights to you? Please share your comments.

About Stephanie Crabb
Stephanie is Co-Founder and Principal at Immersive, a healthcare data lifecycle management company where she leads program and solution development, knowledge management and customer success. Stephanie brings 25 years of experience in the healthcare industry where she has served in program/solution development, client service and business development roles for leading firms including The Advisory Board Company, WebMD, CTG Health Solutions and CynergisTek. She has led a number of program and product launches with an emphasis on competitive differentiation, rapid adoption, client satisfaction, and strategic portfolio management.

Prior to her work at these firms Stephanie worked for a large Maternal and Child Health Bureau grantee working on the national Bright Futures and Healthy Start initiatives to develop and document best practices in the care continuum for pediatrics and infant mortality, and to inform federal and state health policy initiatives in these areas.

Stephanie holds her A.B. and A.M. from the University of Chicago. Stephanie serves as the Scholarship Chair of CNFLHIMSS, on AHIMA’s Data Analytics Practice Council and recently completed a two-year term on the Advisory Board of the Association for Executives in Healthcare Information Security (AEHIS) of CHIME.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Workers’ Comp ROI – Disclosures For Workers’ Compensation Purposes – HIM Scene

Posted on April 10, 2018 I Written By

The following is a HIM Scene guest blog post by Don Hardwick, Vice President, Client Relations and Account Management at MRO.

Even under the best of circumstances—excellent staff, streamlined workflows, the latest technology— Release of Information (ROI) is a precarious process. Specific rules apply to different categories of requests. One area of complexity and confusion is the disclosure of Protected Health Information (PHI) for workers’ compensation purposes. While the ROI process for workers’ comp requests is similar to the process for “regular” requests, the type of information allowable for disclosure is different unless the request is accompanied by a patient authorization.

According to HHS guidelines, “The HIPAA Privacy Rule does not apply to entities that are either workers’ compensation insurers, workers’ compensation administrative agencies, or employers, except to the extent they may otherwise be covered entities.” However, the rule recognizes the legitimate need of these entities involved in workers’ compensation cases to access PHI according to state or other laws. Due to variability among such laws, the Privacy Rule permits disclosures of PHI for workers’ compensation purposes in different ways.

Disclosures without individual/client authorization. In most cases, an employer or insurance carrier is permitted to request and receive information pertaining to the injury—on behalf of the company or on behalf of the client—without an authorization. So employers, insurance companies or their attorneys can obtain information on behalf of the insurance company or on behalf of the client. Typically an attorney would get an authorization from the client. However, the employer, the payer or an attorney representing the payer can generally request those records without individual authorization.

Disclosures with individual authorization. The Privacy Rule permits covered entities to disclose PHI to workers’ compensation insurers and others involved in workers’ compensation systems if the individual (patient/client) has provided an authorization for the Release of Information to the entity. The authorization must meet specific Privacy Rule requirements.

When considering a workers’ comp claim, we can only disclose PHI pertaining to the event that initiated that particular claim. For example, suppose a patient had five admissions in 2017, and was injured January 2018. The employer may want to determine if the patient had preexisting injuries or conditions where the most recent injury occurred. If the January 2018 injury was secondary to a problem that already existed with this patient, the requester generally cannot obtain prior information without a HIPAA valid authorization.

The main point is that rules and regulations pertaining to workers’ compensation claims differ depending on the type of request for information and the type of requester.

About Don Hardwick
As Vice President of Client Relations and Account Management, Hardwick oversees all client relations initiatives including implementation and account management. Prior to joining MRO, he was CEO and President of Record Enterprises Inc., a Health Information Management (HIM) company that provided hospitals with an outsourcing program for patient release of information, medical coding and medical/confidential record storage. Previously, he was CEO and president of MedRecs Law Inc., a record acquisition company. Additionally, he was a manager in the healthcare consulting division of Ernst & Young and worked as the Director of HIM at Saint Margaret Hospital in Montgomery, AL and Southampton Memorial Hospital in Franklin, VA. Hardwick is a past President of the Virginia Health Information Management Association (VHIMA) and the recipient of East Carolina’s Allied Health Sciences Distinguished Alumni Award. He holds a B.S. in Health Information Management.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

An HIM Twitter Roundup – HIM Scene

Posted on December 13, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

For those that aren’t participating on Twitter, you’re missing out. The amount of knowledge and information that’s shared on Twitter is astounding. The problem is that many people think that Twitter is where you go to talk about yourself. Certainly, that’s an option if you want to do that, but I find that consuming information that people share on Twitter is extremely valuable.

If you’ve never done Twitter before, sign up (it’s free) and then you need to go in and follow about 50 HIM professionals and other healthcare influencers. You can start by following @healthcarescene. HIM professionals are easy to find. Just search for the term AHIMA or ICD-10 and you’ll find a lot of them to follow.

Ok, enough of the Twitter lesson. Just to show you some of the value of Twitter, here’s a quick roundup of HIM related tweets. Plus, I’ll add a little commentary of my own after each tweet.


This is becoming such an important role for HIM professionals in a healthcare organization. HIM staff can do an amazing work ensuring that the data that’s stored in an EHR or other clinical system is accurate. If the data’s wrong, then all these new data based decisions are going to be wrong.


I think upcoding stories are like an accident on the freeway. When you see one you just have to look.


I’m still chewing on this one. Looks like a lot of deep thoughts at the AHIMA Data Summit in Orlando.


The opioid epidemic is such an issue. We need everyone involved to solve it. So, it’s great to see HIM can help with the problem as well. I agree that proper documentation and EHR interoperability is a major problem that could help the opioid epidemic. It won’t solve everything, but proper EHR documentation is one important part.


This is an illustration of where healthcare is heading. So far we’ve mostly focused on data collection. Time to turn the corner and start using that data in decision making.

Opening the Door to Data Analytics in Medical Coding – HIM Scene

Posted on November 15, 2017 I Written By

The following is a HIM Scene guest blog post by Julia Hammerman, RHIA, CPHQ, is Director of Education and Compliance, himagine solutions.

Data analytics has moved from IT and finance to the majority of business functions—including clinical coding. However, most healthcare organizations admit they could do more with analytics. This month’s HIM Scene blog explores the importance of analyzing clinical coding data to improve quality, productivity, and compliance.

Coding Data in ICD-10: Where We Are Today

HIM leaders are implementing coding data analytics to continually monitor their coding teams and cost-justify ongoing educational investments. Coding data analytics isn’t a once-and-done endeavor. It is a long-term commitment to improving coding performance in two key areas: productivity and accuracy.

A Look at Productivity Data

Elements that impact coding productivity data include: the type of electronic health record (EHR) used, the number of systems accessed during the coding process, clinical documentation improvement (CDI) initiatives, turnaround time for physician queries, and the volume of non-coding tasks assigned to coding teams.

Once any coding delays caused by these issues are corrected, coding productivity is best managed with the help of data analytics. For optimal productivity monitoring, the following data must be tracked, entered, and analyzed:

  • Begin and end times for each record—by coder and chart type
  • Average number of charts coded per hour by coder
  • Percentage of charts that take more than the standard minutes to code—typically charts with long lengths of stay (LOS), high dollar or high case mix index (CMI)
  • Types of cases each coder is processing every day

A Look at Accuracy Data

Accuracy should never be compromised for productivity. Otherwise, the results include denied claims, payer scrutiny, reimbursement issues, and other negative financial impacts.

Instead, a careful balance between coding productivity and accuracy is considered best practice.

Both data sets must be assessed simultaneously. The most common way to collect coding accuracy data is through coding audits and a thorough analysis of coding denials.

  • Conduct routine coding accuracy audits
  • Analyze audit data to target training, education and other corrective action
  • Record data so that back-end analysis is supported
  • Assess results for individual coders and the collective team

Using Your Results

Results of data analysis are important to drive improvements at the individual level and across entire coding teams. For individuals, look for specific errors and provide coaching based on the results of every audit. Include tips, recommendations, and resources to improve. If the coding professional’s accuracy continues to trend downward, targeted instruction and refresher coursework are warranted with focused re-audits to assure improvement over time.

HIM and coding managers can analyze coding audit data across an entire team to identify patterns and trends in miscoding. Team data pinpoints where multiple coders may be struggling. Coding hotlines or question queues are particularly helpful for large coding teams working remotely and from different geographic areas. Common questions can be aggregated for knowledge sharing across the team.

Analytics Technology and Support: What’s Needed

While spreadsheets are still used as the primary tool for much data analysis in healthcare, this option will not suffice in the expanded world of ICD-10. Greater technology investments are necessary to equip HIM and coding leaders with the coding data analytics technology they need.

The following technology guidelines can help evaluate new coding systems and level-up data analytics staff:

  • Data analytics programs with drill-down capabilities are imperative. These systems are used to effectively manage and prevent denials.
  • Customized workflow management software allows HIM and coding leaders to assign coding queues based on skillset.
  • Discharged not final coded and discharged not final billed analytics tools are important to manage each piece of accounts receivables daily and provide continual reporting.
  • Systems should have the ability to build rules to automatically send cases to an audit queue based on specific factors, such as diagnosis, trend, problematic DRGs.
  • Capabilities to export and manipulate the data within other systems, such as Excel, while also trending data are critical.
  • Staff will need training on advanced manipulation of data, such as pivot charts.
  • Every HIM department should have a copy of the newly revised AHIMA Health Data Analysis Toolkit, free of charge for AHIMA members.

HIM directors already collect much of the coding data required for improved performance and better decision-making. By adding data analytics software, organizations ensure information is available for bottom-line survival and future growth.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Heard at #AHIMACon17: Lessons Learned for HIM – HIM Scene

Posted on October 18, 2017 I Written By

The following is a HIM Scene guest blog post by Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President, Privacy, Compliance and HIM Policy, at MRO.  

The American Health Information Management Association (AHIMA) held its annual convention and exhibit in Los Angeles last week. Beginning with preconvention meetings and symposia, this year’s event delivered a renewed focus on the profession’s stalwart responsibility to protect and govern patient information. Updates for privacy, security, interoperability and information governance were provided. Here is a quick overview of my lessons learned at AHIMACon17.

Privacy and Security Institute

The 11th anniversary of AHIMA’s Privacy and Security Institute didn’t disappoint. Speakers from the HHS Office for Civil Rights (OCR), Federal Bureau of Investigations (FBI) and HITRUST joined privacy and HIM consultants for an information-packed two-day symposium. The most important information for HIM professionals and privacy officers came from the nation’s capital.

Cutbacks underway—Recent defunding of the Chief Privacy Officer (CPO) position by ONC makes practical sense for the healthcare industry and the national budget. The position has been vacant for the past year, and during this time Deven McGraw successfully served as acting CPO and deputy director for health information privacy. Her imminent departure along with other cutbacks will have a trickle-down impact for privacy compliance in 2018.

Onsite audits cease—Yun-kyung (Peggy) Lee, Deputy Regional Manager, OCR, informed attendees that onsite HIPAA audits would no longer be conducted for covered entities or business associates due to staffing cutbacks in Washington, D.C. The concern here is that whatever doesn’t get regulatory attention, may not get done.

To ensure a continued focus on privacy monitoring, HIM and privacy professionals must remain diligent at the organizational, regional, state and national levels to:

  • Maintain internal privacy audit activities
  • Review any patterns in privacy issues and address through corrective action
  • Use environmental scanning to assess resolution agreement results
  • Review published privacy complaints to determine how to handle similar situations
  • Compare your state of readiness to known complaints

Interoperability advances HIPAA—The national push for greater interoperability is an absolute necessity to improve healthcare delivery. However, 30 years of new technology and communication capabilities must be incorporated into HIPAA rules. Old guidelines block us from addressing new goals. We expect more fine-tuning of HIPAA in 2018 to achieve the greater good of patient access and health information exchange.

Luminary Healthcare Panel

Tuesday’s keynote session was the second most relevant discussion for my role as vice president of privacy, compliance and HIM policy at MRO. Panelists provided a glimpse into the future of healthcare while reiterating HIM’s destiny—data integrity and information governance.

HIM’s role extends beyond ensuring correctly coded data for revenue cycle performance. It also includes the provision of correct and complete data for the entire healthcare enterprise and patient care continuum under value-based reimbursement. The need for stronger data integrity and overall information governance was threaded through every conversation during this session.

Final Takeaway

Make no doubt about it! HIM’s role is expanding. We have the underlying knowledge of the importance of data and the information it yields. More technology leads to more data and an increased need for sophisticated health information management and governance. Our history of protecting patient information opens the door to our future in the healthcare industry.

About Rita Bowen
In her role as Vice President of Privacy, Compliance and HIM Policy for MRO, Bowen serves as the company’s Privacy and Compliance Officer (PCO), oversees the company’s compliance with HIPAA, and ensures new and existing client HIM policies and procedures are to code. She has more than 40 years of experience in Health Information Management (HIM), holding a variety of HIM director and consulting roles. Prior to joining MRO, she was Senior Vice President and Privacy Officer for HealthPort, Inc., now known as CIOX Health. Bowen is an active member of the American Health Information Management Association (AHIMA), having served as its President and Board Chair, as a member of the Board of Directors, and of the Council on Certification. Additionally, Bowen is the chair for the AHIMA Foundation. She has been honored with AHIMA’s Triumph Award in the mentor category; she is also the recipient of the Distinguished Member Award from the Tennessee Health Information Management Association (THIMA). Bowen is an established author and speaker on HIM topics and has taught HIM studies at Chattanooga State and the University of Tennessee Memphis. Bowen holds a Bachelor of Medical Science degree with a focus in medical record administration and a Master’s degree in Health Information/ Informatics Management Technology.

MRO is a proud sponsor of HIM Scene.  If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

How to Train Business Office Staff to Perform Like ROI (Release of Information) Pros – HIM Scene

Posted on September 27, 2017 I Written By

The following is a HIM Scene guest blog post by Mariela Twiggs, MS, RHIA, CHIP, FAHIMA, National Director of Motivation & Development at MRO.  This is the third blog in a three-part sponsored blog post series focused on the relationship between HIM departments and third-party payers. Each month, a different MRO expert will share insights on how to reduce payer-provider abrasion, protect information privacy and streamline the medical record release process during health plan or third-party commercial payer audits and reviews.

Millions of payer requests for medical records are sent to hospital business offices every day. Business office staff are often tasked with pulling, compiling and sending Protected Health Information (PHI) to meet these requests.

Many payer requests are part of treatment, payment and operations (TPO) according to HIPAA. Payer requests are the “P” in TPO. However, others such as Medicaid assistance applications and disability requests are not covered under TPO. Knowing the difference and managing each request with the upmost regard for patient privacy is the focus of this month’s HIM Scene post.

Business Office Disclosures: Haste Makes Breach

Time is of the essence in the business office. Staff are focused on submitting claims, appealing denials or responding to audits and reviews as covered in last month’s HIM Scene. During the rush to get claims paid, key steps in the Release of Information (ROI) process may be skipped, compromised or mistakenly omitted. It’s during these situations that privacy concerns arise and PHI breaches may occur.

To ensure business office disclosures are kept safe and secure, organizations should train their financial staff using the same information, curriculum and courses presented to Health Information Management (HIM) teams. The ROI steps are the same. And disclosure management processes must be consistent to reduce breach risk. Here are five key areas of disclosure management to cover with your business office employees.

1. ROI and HIPAA Basics

Ensure employees understand the definition of  HIPAA, the privacy rule, ARRA HITECH Omnibus, PHI and differences between federal versus state law. Each state is different and laws apply to where the care was given, not where the organization is headquartered. This is an important distinction for central business offices processing requests for care locations across several states.

Also emphasize which types of payer requests fall under HIPAA’s TPO exemption and which don’t. For those that aren’t considered disclosures for TPO, a patient authorization is required.

Another important topic to cover is the Health and Human Services (HHS) minimum necessary guidance under the HIPAA privacy rule. This guidance helps organizations determine what information can be used, disclosed or requested by payers for a particular purpose. Payers don’t need entire copies of records. They only need specific documents depending on the type of request. By helping business office staff thoroughly understand and apply the minimum necessary guidance, organizations tighten privacy compliance and mitigate breach risk.

2. The Medical Record

Define the various components of the medical record to business office staff. These include common documents, various types of encounters, and properly documented corrections and amendments.

3. Confidentiality and Legal Issues

Outline the legal health record concept and what it includes for your organization. All the various confidentiality and legal issues should also be fully explained. For example, with regard to state subpoena laws, one needs to know quash periods and whether special documentation must be provided. Louisiana requires affidavits while Virginia requires certifications from attorneys saying a notice of patient objection was not received.

4. Types of Requests

List all the various types of requests that might be received in the business office. For each category, differentiate which are part of TPO and which are not. Those that fall outside of TPO require a patient authorization and should be forwarded to HIM for processing. The types of requests to discuss with the business office include:

  • Treatment requests
  • Internal requests
  • Patient requests
  • Government agency requests
  • Disability requests
  • Insurance requests
  • Post-payment audit requests
  • Attorney requests
  • Law enforcement requests
  • Court orders
  • Subpoenas
  • Research requests

5. Sensitive Records and Other Special Situations

Identify and describe specific disclosure management practices related to sensitive records. These cases can include information on genetics, HIV/AIDS, STDs, mental/behavioral health, substance abuse and other sensitive issues. There are also special situations surrounding disclosures for deceased patients and minors. Sensitive records require special handling. Complex federal and state legal issues may be involved with these cases and business office personnel should be aware of them.

With so many details to know, many hospitals and health systems are opting to centralize all disclosures within the HIM department or with a single outsourced ROI vendor.

Make the Case for Centralized ROI

There is a national trend toward centralized disclosure management versus each department handling information requests internally. Beyond the business office, requests are also frequently received in the radiology department, clinical locations, human resources, physician practices, nursing units and HIM.

Maintaining oversight and privacy compliance for all these areas is an arduous task—and opens the door for breach risk. If you are in doubt about the ability of business office or other staff to properly and securely process requests, a centralized ROI model may be your organization’s safest approach.

About Mariela Twiggs
In her role as Director of Motivation and Development, Twiggs leads MRO’s internal motivational efforts and manages MRO Academy, a rigorous and required online educational and testing platform for all employees, which is comprehensive and current with external developments and regulations. Prior to joining MRO, she was CEO of MTT Enterprises, LLC, a Release of Information business. Previously, she worked as a Health Information Management (HIM) Director. Twiggs is the past president of the Association of Health Information Outsourcing Services (AHIOS), Louisiana Health Information Management Association (LHIMA) and Greater New Orleans Health Information Management (GNOHIMA); a fellow of the American Health Information Management Association (AHIMA); recipient of LHIMA’s Distinguished Member & Career Achievement Awards; past treasurer of LHIMA and GNOHIMA; and serves on the advisory board of the Delgado Community College Health Information Technology Program. Twiggs holds a B.S. in Medical Record Administration and a Master’s Degree in Health Care Administration. She is also certified in healthcare privacy (CHP) and is a Certified Document Imaging Architect (CDIA+) with expertise in electronic document management.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

ROI in the Business Office: Why HIM Should Keep a Watchful Eye – HIM Scene

Posted on August 16, 2017 I Written By

The following is a HIM Scene guest blog post by Lula Jensen, MBA, RHIA, CCS, Director of Product Management at MRO.  This is the second blog in a three-part sponsored blog post series focused on the relationship between HIM departments and third-party payers. Each month, a different MRO expert will share insights on how to reduce payer-provider abrasion, protect information privacy and streamline the medical record release process during health plan or third-party commercial payer audits and reviews.

According to most business office staff, pulling information and releasing medical record documentation to payers is a necessary evil to get claims paid and reduce accounts receivables. It is not their core competency.

Whether the request is unsolicited or solicited by the payer, time required to compile information and respond wreaks havoc on business office productivity. Also in efforts to meet payer deadlines and expedite claims, human mistakes can be made. Incorrect patient information might slip through the cracks.

Despite concerns, many business office directors prefer that payer disclosures be sent out by their own business staff—versus by the HIM department. If your organization follows that practice, this HIM Scene blog post is for you.

Two Types of Business Office Requests

There are two instances of business office Release of Information (ROI) to know: unsolicited and solicited requests. The unsolicited process takes place when medical documentation containing all the additional information pertinent to the service being billed is submitted proactively by the provider with the initial claim. The solicited process occurs when the original claim is sent without additional supporting medical record documentation and the payer subsequently (during the adjudication process) determines that additional information is needed. The payer then places a request for the additional documentation from the provider.

Unsolicited Releases During Claims Processing

The purpose of releasing information during claims processing is to expedite payment. In an effort to get the claim paid faster, medical records are sent proactively with the claim. This is especially true for high-dollar claims, payer policies, readmissions within 30 days and the published Office of Inspector General (OIG) Work Plan.

Sounds like a good intention with the organization’s best financial interests in mind. However, three concerns arise when business offices send medical record documentation to payers—versus having HIM professionals take charge.

  1. Business office staff may not know which parts of the medical record will be required to support the claim. Often, the entire chart is sent—a process that is not practical for high-dollar or long-length-of-stay cases.
  2. Sending the entire record is also not compliant with HIPAA’s Minimum Necessary Standard. By sending too much information, hospitals are at risk for HIPAA breach.
  3. Upon receipt of prepay documentation, the payer’s staff logs each record received, scans or otherwise digitizes the documents, and incorporates them into their own electronic systems. This creates a huge administrative burden on payers.

Similar challenges ensue with solicited payer medical record requests that occur during the adjudication process or retrospective reviews.

Business Office Disclosures for Payer Audits and Reviews

There has been significant uptick in payer audits and reviews, a topic that was covered by HIM Scene last month. This includes governmental and third-party commercial. According to one central business office director at an MRO client site, “The pull lists for payer audits and reviews keep getting longer and the piles of medical records to send keep getting higher.”

To reduce administrative burdens with payers, some organizations are allowing payers direct access to their EMRs and EHRs to obtain the required information during audits and reviews. While this process may lighten the load for billing personnel, it is laden with additional privacy risks.

Business office personnel complain about the travails of responding to all the various requests for records. However, a significant number of business office directors still insist on owning the ROI process for payer audits and reviews. When this is the case, there are several important steps for HIM directors to consider.

Three Steps for HIM: Educate, Track and Talk

For both types of business office disclosures, it is important to educate billing staff about the implications of a HIPAA breach and privacy risks listed above. Establish an organization-wide standard for ROI to keep PHI safe during all types of business office disclosures. Educating all personnel involved in business office ROI (whether for claims processing, audits or reviews) helps relieve frustration with the record release process.

Billers should also track which specific records, and what sections of each, were sent. By documenting and then reviewing this information, organizations gain valuable knowledge about payer trends—insights that can be used to prevent denials and negotiate more favorable terms for payer contracts.

Collaborate with privacy and the business office to determine which release information to track. Then establish a common database or software application to document each release to payers. Here are four ways to make the most of business office ROI tracking data:

  • Look for patterns in what payers are requesting. Any trends in payer request activity could offer opportunities for provider improvement.
  • Identify risk. Analytics can help business offices detect weaknesses in the revenue cycle, involving coding, documentation or other internal processes.
  • Educate coders, biller, collectors, physicians, etc. on payer trends and how collaboration can promote accurate, complete billing for services rendered and support a claim via medical record documentation.
  • Use data analysis. When payer contract negotiations arise, use payer trend statistics to your advantage in the next round of negotiations.

Talk with local payers and stay updated on policy changes related to claims processing, audits and retrospective reviews. Open communication with each payer is recommended to ensure records are sent in the most secure way possible. Communication with payers also reduces phone tag and minimizes payer-provider abrasion.

Finally, due to the importance of collecting medical record documentation, health plans are willing to pay for records. Business offices and HIM departments fulfilling these requests are encouraged to discuss and pursue reimbursement from payers.

About Lula Jensen

In her role as Director of Product Management for MRO, Jensen drives product enhancements and new product initiatives to ensure MRO’s suite of solutions enable the highest levels of client success and end-user satisfaction. She has more than 15 years of experience in healthcare, focusing on Health Information Management (HIM), Revenue Cycle Management, analytics, software development and consulting. In addition to holding product management roles at McKesson Health Solutions and CIOX Health, she also served as Revenue Cycle Manager at Fox Chase Cancer Center and taught a course on ICD-9 CM Coding and Reimbursement at Bucks County Community College. Jensen is an active member of the Healthcare Financial Management Association (HFMA), American Health Information Management Association (AHIMA) and Pennsylvania Health Information Management Association (PHIMA); she is a 2005 PHIMA Scholar Award recipient. Jensen holds a B.S. in HIM from Temple University and an M.B.A. in Health Care Administration from Holy Family University.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Finding Civility in Payer Relationships: Audits, Reviews and HIM – HIM Scene

Posted on July 19, 2017 I Written By

The following is a HIM Scene guest blog post by Greg Ford, Director, Requester Relations and Receivables Administration at MRO.  This is the first blog in a three-part sponsored blog post series focused on the relationship between HIM departments and third-party payers. Each month, a different MRO expert will share insights on how to reduce payer-provider abrasion, protect information privacy and streamline the medical record release process during health plan or third-party commercial payer audits and reviews.

Civility is defined by Webster’s as courtesy and politeness. It is a mannerly act or expression between two parties. While civility in politics has waned, it appears to be on the rise in healthcare.

New opportunities for civility between payers and providers have emerged with the shift from fee-for-service to value-based reimbursement. Population health, quality payment programs and other alternative payment models (APMs) are opening the door to better collaboration and communications with payers. Optimal patient care is a mutual goal between payers and providers.

HIM professionals can also contribute to stronger payer-provider relationships. Our best opportunity to build civility with health plans and payers is during audits and reviews. HIM professionals who take the time to understand the differences will make notable strides toward a more polite and respectful healthcare experience.

Payer Audits vs. Payer Reviews: What’s the Difference?

It’s no secret to most HIM professionals that the volume of health plan medical record requests continues to increase significantly. In fact, between 2013 and 2016 the number of requests for HEDIS and Risk Adjustment reviews increased from one percent to 11 percent of the total Release of Information requests received by MRO.

The main difference between audits and reviews is the potential negative financial impact to providers. Payer audits include risk for revenue recoupment while payer reviews do not.

For example, audits conducted by third-party payers are intended to recoup funds on overpaid claims. The most common reason for a post-payment payer audit is to confirm correct coding and sequencing as billed on the claim to determine if payment was made to the provider correctly. In audits, the health plan’s intention is to recoup funds on overpaid claims.

Payer reviews do not carry financial risk to the provider. Instead, payer reviews deliver valuable insights providers can use to improve their relationships with health plans and patient populations.

The Upside of Payer Reviews

HEDIS and Risk Adjustment reviews are the most common types of payer reviews. Payer data submissions for HEDIS are due to the National Committee for Quality Assurance (NCQA) by June of every year. Medicare Risk Adjustment results are due in January and Commercial in May.

Since these payer reviews both overlap and occur simultaneously, HIM departments are deluged with medical record requests. Understanding the importance of these reviews improves communication between HIM, Release of Information staff and health plan requesters.

HEDIS Reviews

HEDIS reviews can benefit providers during contract negotiations because the HEDIS performance rankings can be used to gauge the quality and effectiveness of different health plans for potential participation with the facility.

Risk Adjustment Reviews

With these reviews, health plans are required to prove the needs of the population to CMS so they can continue to provide services for higher risk patients and pay providers for the care of this population.

In both cases, medical records are needed to provide the analysis, so HIM is involved.

HIM’s Role: Reimbursable Release of Information

In 2015, 85 percent of MRO’s audit and review requests came from third-party vendors representing health plans. Both post-payment audit and review requests are typically chargeable to the requesting party. Due to the importance of collecting medical record documentation, health plans and payers are willing to pay for records.

HIM professionals are encouraged to pursue reimbursement for payer requests. This is especially true if your HIM department is working diligently to accommodate the payer deadline for record receipt.

A provider’s Release of Information staff should be able to work directly with these requesters to ensure payment for the timely delivery of records. HIM professionals can reduce payer-provider abrasion and ultimately strengthen relationships to improve compliance. It’s the first step to increasing civility in healthcare.

Watch for our August HIM Scene post to learn more about how to secure patient privacy when sending records to payers and health plans.

About Greg Ford
In his role as Director of Requester Relations and Receivables Administration for MRO, Ford serves as a liaison between MRO’s healthcare provider clients and payers requesting large volumes of medical records for purposes of post-payment audits, as well as HEDIS and risk adjustment reviews. He oversees payer audit and review projects end-to-end, from educating and supporting clients on proper billing practices and procedural obligations, to streamlining processes that ensure timely delivery of medical documentation to the requesting payers. Prior to joining MRO, Ford worked as Director of Operations and Sales at ARC Document Solutions for 15 years. He received his B.A. from Delaware Valley University.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

ACOs Not Scaling Well, But Health IT Helps

Posted on March 13, 2017 I Written By

Anne Zieger is veteran healthcare branding and communications expert with more than 25 years of industry experience. and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also worked extensively healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or www.ziegerhealthcare.com.

ACOs were billed as the next big thing in healthcare, a model which would create economies of scale and tame rising costs of care. In theory, unifying hospitals and doctors into an overarching entity – and creating shared clinical and financial goals – should improve care and boost efficiency.

Of course, creating them doesn’t come cheap. In fact, creating even a modest ACO typically calls for between $1 million and $3 million in capital investment, according to Michael Deegan, MD, who recently developed a course on ACOs for the University of Texas at Dallas. It also takes 18 to 24 months to launch an ACO, Deegan told an interviewer at UT.

But once all of the Ts have been crossed and the Is dotted, ACOs can meet their stated goals, right? Actually, not so much, though health IT can help things along, according to Indranil Bardham, a colleague of Deegan’s at UT Dallas who serves as professor of information systems.

According to an article in HealthcareITNews, Bardhan recently completed a study on ACO performance which concluded that health IT had a measurable impact on their efficiency. The study, which drew on 2013-2015 data from CMS, reviewed the performance of 400 ACOs.

Among the key takeways Bardhan took from his research was that the larger an ACO was, the more likely it was to be inefficient. This flies in the face of conventional wisdom, which would suggest that bigger is better when it comes to improving efficiency.

On the other hand, health IT use had the effect its champions might hope for, though modest in scope. The study concluded that a 1 percent increase in HIT usage was associated with an 0.5 percent increase in ACO efficiency.

The thing is, these measures represent just a couple of ways to evaluate ACO performance, making it hard to tell just what is working, Bardhan told HIN. “Healthcare, with respect to ACOs, is fascinating because there is not just one single output measure that you are using to compare performance,” he told the magazine’s Bill Siwicki. “…It is difficult to measure the performance of organizations against each other when you have multiple outputs that cannot easily be transformed into a single dollar number.”

This squares with commentary by other ACO researchers, who seem to agree that the whole ACO evaluation process is a bit mysterious. As health policy analyst David Introcaso notes, in a review of ACO-based Medicare Shared Savings Program, CMS isn’t helping either. “While CMS details financial and quality performance results, the agency does not explain, at least publicly, how results, favorable or unfavorable, were achieved.”

Without knowing more about what we should measure, and why – much less what steps helped in achieving their results – it’s too soon to tell what type of health IT should be deployed in ACOs. But looked at more optimistically, once we have a better idea of what ACO success factors are, it seems likely that health IT tools will help execs address them. (For a look at one completely health IT-based ACO concept, see this piece on the Virtual ACO.)