Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

The Wisdom of Yogi Berra in Medical Benefit Appeals

Posted on October 31, 2018 I Written By

The following is a guest blog post by Keith J. Saunders, Esq., Founder & CEO of FHAS.

“This hearing will now come to order.  For the record, today’s date is…and the following parties are present…”

I have repeated this sentence thousands of times over the past twenty three years while serving as a hearing officer for the Federal Medicare program and as an Administrative Law Judge (ALJ) for the Commonwealth of Pennsylvania Medicaid program.  Serving as an adjudicating official for medical benefit appeals can provide one with a unique perspective on human nature and the shortcomings of the medical appeals process. 

In this post, I would like to share three takeaways from my experience in order to assist you in being a successful participant in the appeals process, whether you participate from the side of the payor or appellant.

Know the medical facts.

My first piece of advice is inspired by a quote from the great New York Yankees baseball player and manager Yogi Berra: “You can observe a lot just by watching”.  Most participants in medical benefit appeals fail to perform the requisite watching.

If you are going to successfully defend or pursue your appeal, you must know the medical facts of the case. This might seem obvious, however you would be shocked to learn how many times a claim denial is appealed and it is very apparent that the parties don’t know or understand the condition of the patient, underlying the facts of their case. For medical provider appellants who are part of large health systems, the need to survey all records within your system pertaining to the subject of the appeal is critical.

For third party payers it is likewise critical to ensure that you possess a complete understanding of the condition of the patient.  I once presided over a hearing where the health insurer was challenging the necessity for the patient to have a wheelchair.  They indicated that the medical information submitted with the claims failed to indicate that the patient could not walk.   If they had performed a survey of the medical records contained within the file they would have ascertained that the patient was a bilateral AKA. For those of you who do not frequently traverse through medical records, this acronym stands for bilateral above the knee amputee; this patient had no legs.

Understand why the claim was denied.

Turning again to Yogi Berra for my second piece of advice: “You’ve got to be very careful if you don’t know where you are going because you might not get there.” In order to be an effective advocate for your position, you must thoroughly understand why a claim for reimbursement has been denied by the third party payor.  One of the most frequent bases advanced for denials in both the Medicare and Medicaid programs is the blanket catchall basis of, “a lack of medical necessity”.  This basis is utilized to deny submitted claims which lack a valid physician’s signature on the order, claims which fail to meet specific medical necessity criteria, or even claims that were not submitted in a timely manner.

As an appellant, you must possess a thorough understanding regarding what has transpired from the reimbursement standpoint, end of story.  If you are an appellant, please read the basis for the claim denial being put forth by the third party payer. To take my Yogi quote further, it is impossible for you as an advocate to get where you want to go, that is, get paid, if you do not know why the claim has been denied. When you as an appellant receive a denial notice, whether it is an explanation of benefits or a remittance advice, review the basis for denial.  If it indicates that critical medical necessity evidence is missing, review your records to find it.

Arguments that the medical policy is foolish or that the payor doesn’t understand what the patient needs may make you feel better for having given the adjudicator a piece of your mind, but are ultimately ineffective. I once had an appellant argue to me that requiring a physician’s order was a foolish requirement for an orthotic device.  When I asked the gentleman making that arguments how a payor was to ascertain if an item was medically necessary, he indicated that they should just ask him, the vendor.  Needless to say that was not an effective argument.

If you have received a blanket denial, such as a lack of medical necessity, please reach out to the third party payor to ascertain what exactly is missing or unclear.  Once you have determined what the problem is, you are then in a position to solve it.

Know the coverage and payment guidelines.

My final recommendation is that you acquire an in-depth knowledge of the coverage and payment guidelines or medical policies which govern the items or services for which you are seeking payment.  As a hearing officer or ALJ, I would find myself frequently asking appellants or payor representatives to furnish the basis within the policies for the denial of items.  More often than not on both sides of a case, neither party could articulate why an item should or should not have been paid.

I suppose in those situations they turned to another quote from Yogi: “If you ask me a question I don’t know, I’m not going to answer it.” Today there is no reason for any party to be unaware or unknowledgeable regarding medical policies or coverage and payment guidelines. All commercial health insurers and government programs, such as Medicare and Medicaid, publish their policies online.  Knowledge of the rules is one of the cornerstones to being a strong advocate for your position. From the provider standpoint, it is one of the critical components needed in order to have an item covered by a payor.

My advice may seem rather basic, but years of experience have shown me that it is a failure to address the fundamentals which causes most claims to be denied. In summary: 1. Know your patient and the medical records surrounding a claim; 2. Know the facts surrounding why reimbursement has been denied; 3. Know the rules which govern payment criteria for your claim.

If you pay attention to the foregoing you will be a much stronger advocate for your position and will likewise achieve and maintain a higher success rate in your appeals. In medical benefit appeals, as in baseball, “It ain’t over until it’s over.”

About Keith J. Saunders, Esq.
Keith J. Saunders, Esq. is the Founder & CEO of FHAS, a leading provider of medical review analytics and support services to government and commercial sectors. Weaving together over 30 years of experience working on behalf of health plans, providers, and government agencies, Mr. Saunders furnishes his clients with valued-based solutions that minimize administrative waste, maximize return on investment, and yield holistic results for all stakeholders. A former General Counsel to Blue Cross Blue Shield Plans, Mr. Saunders was an Air Force Judge Advocate proudly serving in Operation Desert Shield/Desert Storm. Mr. Saunders attained his Juris Doctorate from Duquesne University and is a long-time member of the American Health Lawyers Association (AHLA).

About FHAS
FHAS, a URAC accredited IRO and ISO 9001 certified company, is one of the largest independent providers of “healthcare as a service” (HAAS) for government and commercial clients with a particular focus on adjudication services and medical claims’ review services. In 1996, FHAS began furnishing Medicare Fair Hearing Services to Durable Medical Equipment (DME) Administrative contractors located throughout the United States. Since that time, FHAS has expanded its scope of appeals services to include complex medical reviews for the following: Medicare Parts A, B, PDRC Appeals, and DME Appeals, internal and external health plan appeals, and the entire Pennsylvania Medicaid fair hearing process. FHAS utilizes a network of board certified physicians, legal professionals, and other healthcare professionals with diverse specialties, who have the expertise to render decisions for external review requests. In addition to professional services, FHAS provides enterprise-grade software solutions to healthcare and insurance industries. Their newest product Cogno-Solve is a comprehensive, RPA software platform that automates claims and appeals decision-making functions.

Medical Coding, Revenue Cycle Management and the EHR – HIM Scene

Posted on July 31, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

It’s unfortunate, but true that very few healthcare organizations thought about the impact the EHR selection and implementation would have on things like medical coding and revenue cycle management. The later has gotten more attention after hospitals implement an EHR and then run into cash flow problems when they realize their collections have started piling up after the EHR implementation. However, it’s surprising how many coding and revenue cycle management challenges exist post EHR go live.

With this in mind, Healthcare Scene recently talked with Susan Gatehouse, CEO of Axea Solutions, at the HFMA Annual conference about how EHR impacts medical coding and revenue cycle management. She shares some great insights into the topic and some practical ideas for those dealing with these challenges. Plus, we ask Susan what thing stood out to her at the HFMA annual conference.

Check out our interview with Susan Gatehouse:

*Note: This video was originally live streamed to Facebook, so please excuse the poorer quality video and audio.

Be sure to check out all of the Healthcare Scene interviews on YouTube. If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

The Challenge of Medical Records Requests in the Healthcare Business Office – HIM Scene

Posted on July 10, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

While at the HFMA Annual Conference (Formerly known as ANI), Healthcare Scene was able to sit down with Kim Charland, BA, RHIT, CCS, Director of Revenue Cycle Services at MRO, to talk about some unique issues with Release of Information (ROI) coming out of the healthcare business office.

This was an issue I hadn’t thought much about previously, but it makes a lot of sense that medical billing professionals probably aren’t the best people to be handling release of information to insurance companies. Billing professionals’ goal is to get paid, not ensure that they’re doing a proper release of information to payers. Plus, most of them have billing expertise, not ROI expertise. It makes a lot of sense for the business office to involve HIM professionals with release of information expertise into the process.

To learn more about this topic and what MRO is doing to help healthcare organizations address this compliance issue, watch the video interview below with Kim Charland:

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Lessons Learned from the 2017 AHIMA Information Governance Survey – HIM Scene

Posted on May 16, 2018 I Written By

The following is a guest blog post by Stephanie Crabb, Co-Founder and Principal at Immersive as part of the HIM Scene series of blog posts.

The American Health Information Management Association (AHIMA) 2017 Information Governance (IG) survey follows previous surveys administered in 2014 and 2015 to identify trends and offer insights associated with the healthcare industry’s understanding and adoption of IG. The good news from the 2017 survey is that awareness of IG, at least among the 1500+ survey respondents, is high with 84.6 percent reporting that they are familiar with IG. The bad news from the survey is that 51.6 percent of those same respondents report that lack of awareness or misunderstanding of IG is a barrier (the most significant barrier reported) to IG adoption in their organizations.

Who participated?

While the 2017 survey garnered more participation from outside the health information management professional community than previous efforts, it is important to note that the majority of respondents identified themselves as health information managers (HIM-ers). AHIMA’s work to raise IG awareness and educate the healthcare industry since 2012 has been significant and is to be commended. The body of knowledge created and published and the work completed is extraordinary; it has certainly paid off with its own constituents. Perhaps the survey demonstrates that there is still work to be done with additional stakeholders or that we need to do more to demonstrate the knowledge and capabilities that HIM-ers possess to support IG efforts.

IG Adoption, Drivers and Benefits

Based on what we see, read and experience, in every sector of the industry information and the data from which it is created are at the center of nearly every strategic and tactical activity. So why the disconnect, or the slow pace of formal IG adoption? Why did only 14.8 percent of respondents report an “initiated” IG program as illustrated below? Further, why did percent of respondents report that IG is not considered a priority in their organizations?

A closer look at what respondents had to say about the barriers to IG adoption is useful. The survey offered respondents a list of commonly-cited barriers to IG adoption across all industries and asked them to select their top three, resulting in the following:

For many, the term “governance” implies bureaucracy, expense, complexity, misplaced power and control, among other negative connotations. This may offer some context for these survey results and explain, in part, the top responses.

IG is a complex discipline, no doubt. However, everyone can identify IG or IG-like work that is getting done in their organization every day; it is just not formalized, organized or recognized as such. Sadly, much of that work is buried or siloed, in part, because it is not connected to a strategic imperative where it might gain greater visibility and appreciation as an IG effort.

The data around low IG adoption are even more confusing when we look at what respondents had to say about what they think does or should drive IG efforts. The survey demonstrates that there is no shortage of compelling and meaningful drivers to spur action. While the survey did not provide respondents with the same response choice options for “drivers” and “benefits” there was a connection and association reflected in the responses to these two questions.


These responses reflect an impressive number of business units, departments and individuals–workforce and patients—that can truly be served by and through IG.

What’s Changed from 2014 to 2017?

In 2014, 43% of respondents reported that a formal IG program had been initiated compared to 14.8% of respondents in 2017. What contributes to this dramatic change? Does it reflect organization abandonment of previously initiated IG efforts? Does it reflect that respondents are more educated today so what they labeled as IG in 2014 was not really IG? This area may warrant further exploration in future survey efforts.

In 2014, respondents cited “strong agreement” with regulatory compliance (80 percent), improvement in patient care and safety (73 percent) and the need to manage and contain costs (61 percent) as the top three drivers for IG, followed by analytics and business intelligence (53 percent). Interestingly, trust and confidence in data was the lowest rated driver. In 2017, data quality and trust ranked second. Analytics and business intelligence tops the list of drivers, patient safety falls to the middle and regulatory compliance is at the very bottom of the list.

The most promising insight from the 2017 survey is that data governance (DG) is a growing priority and reality in healthcare. Thirty percent of respondents reported a “formal structure” for DG in their organization. There is still a bit of confusion between IG and DG as disciplines. DG is one of the competencies in AHIMA’s IG Adoption Model and often referenced as a sub-domain of IG in other reference models. Simply stated, data are the building blocks of information, so DG is requisite to IG. One takeaway from the survey is that healthcare organizations are progressing along a path that positions DG as a precursor to IG, rather than a component of IG.

Conclusion

While the drivers for IG seem to have shifted over the time that AHIMA has spent surveying the industry, there is a universality to the vision and expectation that healthcare wants and needs to put its data and information to work to accomplish its ambitious and complex mission. Much of AHIMA’s and its IG partners’ work to document the experiences of IG pioneers is available at IGIQ.org.

Have ideas about how we can better study the topic of IG and deliver meaningful insights to you? Please share your comments.

About Stephanie Crabb
Stephanie is Co-Founder and Principal at Immersive, a healthcare data lifecycle management company where she leads program and solution development, knowledge management and customer success. Stephanie brings 25 years of experience in the healthcare industry where she has served in program/solution development, client service and business development roles for leading firms including The Advisory Board Company, WebMD, CTG Health Solutions and CynergisTek. She has led a number of program and product launches with an emphasis on competitive differentiation, rapid adoption, client satisfaction, and strategic portfolio management.

Prior to her work at these firms Stephanie worked for a large Maternal and Child Health Bureau grantee working on the national Bright Futures and Healthy Start initiatives to develop and document best practices in the care continuum for pediatrics and infant mortality, and to inform federal and state health policy initiatives in these areas.

Stephanie holds her A.B. and A.M. from the University of Chicago. Stephanie serves as the Scholarship Chair of CNFLHIMSS, on AHIMA’s Data Analytics Practice Council and recently completed a two-year term on the Advisory Board of the Association for Executives in Healthcare Information Security (AEHIS) of CHIME.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Workers’ Comp ROI – Disclosures For Workers’ Compensation Purposes – HIM Scene

Posted on April 10, 2018 I Written By

The following is a HIM Scene guest blog post by Don Hardwick, Vice President, Client Relations and Account Management at MRO.

Even under the best of circumstances—excellent staff, streamlined workflows, the latest technology— Release of Information (ROI) is a precarious process. Specific rules apply to different categories of requests. One area of complexity and confusion is the disclosure of Protected Health Information (PHI) for workers’ compensation purposes. While the ROI process for workers’ comp requests is similar to the process for “regular” requests, the type of information allowable for disclosure is different unless the request is accompanied by a patient authorization.

According to HHS guidelines, “The HIPAA Privacy Rule does not apply to entities that are either workers’ compensation insurers, workers’ compensation administrative agencies, or employers, except to the extent they may otherwise be covered entities.” However, the rule recognizes the legitimate need of these entities involved in workers’ compensation cases to access PHI according to state or other laws. Due to variability among such laws, the Privacy Rule permits disclosures of PHI for workers’ compensation purposes in different ways.

Disclosures without individual/client authorization. In most cases, an employer or insurance carrier is permitted to request and receive information pertaining to the injury—on behalf of the company or on behalf of the client—without an authorization. So employers, insurance companies or their attorneys can obtain information on behalf of the insurance company or on behalf of the client. Typically an attorney would get an authorization from the client. However, the employer, the payer or an attorney representing the payer can generally request those records without individual authorization.

Disclosures with individual authorization. The Privacy Rule permits covered entities to disclose PHI to workers’ compensation insurers and others involved in workers’ compensation systems if the individual (patient/client) has provided an authorization for the Release of Information to the entity. The authorization must meet specific Privacy Rule requirements.

When considering a workers’ comp claim, we can only disclose PHI pertaining to the event that initiated that particular claim. For example, suppose a patient had five admissions in 2017, and was injured January 2018. The employer may want to determine if the patient had preexisting injuries or conditions where the most recent injury occurred. If the January 2018 injury was secondary to a problem that already existed with this patient, the requester generally cannot obtain prior information without a HIPAA valid authorization.

The main point is that rules and regulations pertaining to workers’ compensation claims differ depending on the type of request for information and the type of requester.

About Don Hardwick
As Vice President of Client Relations and Account Management, Hardwick oversees all client relations initiatives including implementation and account management. Prior to joining MRO, he was CEO and President of Record Enterprises Inc., a Health Information Management (HIM) company that provided hospitals with an outsourcing program for patient release of information, medical coding and medical/confidential record storage. Previously, he was CEO and president of MedRecs Law Inc., a record acquisition company. Additionally, he was a manager in the healthcare consulting division of Ernst & Young and worked as the Director of HIM at Saint Margaret Hospital in Montgomery, AL and Southampton Memorial Hospital in Franklin, VA. Hardwick is a past President of the Virginia Health Information Management Association (VHIMA) and the recipient of East Carolina’s Allied Health Sciences Distinguished Alumni Award. He holds a B.S. in Health Information Management.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

An HIM Twitter Roundup – HIM Scene

Posted on December 13, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

For those that aren’t participating on Twitter, you’re missing out. The amount of knowledge and information that’s shared on Twitter is astounding. The problem is that many people think that Twitter is where you go to talk about yourself. Certainly, that’s an option if you want to do that, but I find that consuming information that people share on Twitter is extremely valuable.

If you’ve never done Twitter before, sign up (it’s free) and then you need to go in and follow about 50 HIM professionals and other healthcare influencers. You can start by following @healthcarescene. HIM professionals are easy to find. Just search for the term AHIMA or ICD-10 and you’ll find a lot of them to follow.

Ok, enough of the Twitter lesson. Just to show you some of the value of Twitter, here’s a quick roundup of HIM related tweets. Plus, I’ll add a little commentary of my own after each tweet.


This is becoming such an important role for HIM professionals in a healthcare organization. HIM staff can do an amazing work ensuring that the data that’s stored in an EHR or other clinical system is accurate. If the data’s wrong, then all these new data based decisions are going to be wrong.


I think upcoding stories are like an accident on the freeway. When you see one you just have to look.


I’m still chewing on this one. Looks like a lot of deep thoughts at the AHIMA Data Summit in Orlando.


The opioid epidemic is such an issue. We need everyone involved to solve it. So, it’s great to see HIM can help with the problem as well. I agree that proper documentation and EHR interoperability is a major problem that could help the opioid epidemic. It won’t solve everything, but proper EHR documentation is one important part.


This is an illustration of where healthcare is heading. So far we’ve mostly focused on data collection. Time to turn the corner and start using that data in decision making.

Opening the Door to Data Analytics in Medical Coding – HIM Scene

Posted on November 15, 2017 I Written By

The following is a HIM Scene guest blog post by Julia Hammerman, RHIA, CPHQ, is Director of Education and Compliance, himagine solutions.

Data analytics has moved from IT and finance to the majority of business functions—including clinical coding. However, most healthcare organizations admit they could do more with analytics. This month’s HIM Scene blog explores the importance of analyzing clinical coding data to improve quality, productivity, and compliance.

Coding Data in ICD-10: Where We Are Today

HIM leaders are implementing coding data analytics to continually monitor their coding teams and cost-justify ongoing educational investments. Coding data analytics isn’t a once-and-done endeavor. It is a long-term commitment to improving coding performance in two key areas: productivity and accuracy.

A Look at Productivity Data

Elements that impact coding productivity data include: the type of electronic health record (EHR) used, the number of systems accessed during the coding process, clinical documentation improvement (CDI) initiatives, turnaround time for physician queries, and the volume of non-coding tasks assigned to coding teams.

Once any coding delays caused by these issues are corrected, coding productivity is best managed with the help of data analytics. For optimal productivity monitoring, the following data must be tracked, entered, and analyzed:

  • Begin and end times for each record—by coder and chart type
  • Average number of charts coded per hour by coder
  • Percentage of charts that take more than the standard minutes to code—typically charts with long lengths of stay (LOS), high dollar or high case mix index (CMI)
  • Types of cases each coder is processing every day

A Look at Accuracy Data

Accuracy should never be compromised for productivity. Otherwise, the results include denied claims, payer scrutiny, reimbursement issues, and other negative financial impacts.

Instead, a careful balance between coding productivity and accuracy is considered best practice.

Both data sets must be assessed simultaneously. The most common way to collect coding accuracy data is through coding audits and a thorough analysis of coding denials.

  • Conduct routine coding accuracy audits
  • Analyze audit data to target training, education and other corrective action
  • Record data so that back-end analysis is supported
  • Assess results for individual coders and the collective team

Using Your Results

Results of data analysis are important to drive improvements at the individual level and across entire coding teams. For individuals, look for specific errors and provide coaching based on the results of every audit. Include tips, recommendations, and resources to improve. If the coding professional’s accuracy continues to trend downward, targeted instruction and refresher coursework are warranted with focused re-audits to assure improvement over time.

HIM and coding managers can analyze coding audit data across an entire team to identify patterns and trends in miscoding. Team data pinpoints where multiple coders may be struggling. Coding hotlines or question queues are particularly helpful for large coding teams working remotely and from different geographic areas. Common questions can be aggregated for knowledge sharing across the team.

Analytics Technology and Support: What’s Needed

While spreadsheets are still used as the primary tool for much data analysis in healthcare, this option will not suffice in the expanded world of ICD-10. Greater technology investments are necessary to equip HIM and coding leaders with the coding data analytics technology they need.

The following technology guidelines can help evaluate new coding systems and level-up data analytics staff:

  • Data analytics programs with drill-down capabilities are imperative. These systems are used to effectively manage and prevent denials.
  • Customized workflow management software allows HIM and coding leaders to assign coding queues based on skillset.
  • Discharged not final coded and discharged not final billed analytics tools are important to manage each piece of accounts receivables daily and provide continual reporting.
  • Systems should have the ability to build rules to automatically send cases to an audit queue based on specific factors, such as diagnosis, trend, problematic DRGs.
  • Capabilities to export and manipulate the data within other systems, such as Excel, while also trending data are critical.
  • Staff will need training on advanced manipulation of data, such as pivot charts.
  • Every HIM department should have a copy of the newly revised AHIMA Health Data Analysis Toolkit, free of charge for AHIMA members.

HIM directors already collect much of the coding data required for improved performance and better decision-making. By adding data analytics software, organizations ensure information is available for bottom-line survival and future growth.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

Heard at #AHIMACon17: Lessons Learned for HIM – HIM Scene

Posted on October 18, 2017 I Written By

The following is a HIM Scene guest blog post by Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President, Privacy, Compliance and HIM Policy, at MRO.  

The American Health Information Management Association (AHIMA) held its annual convention and exhibit in Los Angeles last week. Beginning with preconvention meetings and symposia, this year’s event delivered a renewed focus on the profession’s stalwart responsibility to protect and govern patient information. Updates for privacy, security, interoperability and information governance were provided. Here is a quick overview of my lessons learned at AHIMACon17.

Privacy and Security Institute

The 11th anniversary of AHIMA’s Privacy and Security Institute didn’t disappoint. Speakers from the HHS Office for Civil Rights (OCR), Federal Bureau of Investigations (FBI) and HITRUST joined privacy and HIM consultants for an information-packed two-day symposium. The most important information for HIM professionals and privacy officers came from the nation’s capital.

Cutbacks underway—Recent defunding of the Chief Privacy Officer (CPO) position by ONC makes practical sense for the healthcare industry and the national budget. The position has been vacant for the past year, and during this time Deven McGraw successfully served as acting CPO and deputy director for health information privacy. Her imminent departure along with other cutbacks will have a trickle-down impact for privacy compliance in 2018.

Onsite audits cease—Yun-kyung (Peggy) Lee, Deputy Regional Manager, OCR, informed attendees that onsite HIPAA audits would no longer be conducted for covered entities or business associates due to staffing cutbacks in Washington, D.C. The concern here is that whatever doesn’t get regulatory attention, may not get done.

To ensure a continued focus on privacy monitoring, HIM and privacy professionals must remain diligent at the organizational, regional, state and national levels to:

  • Maintain internal privacy audit activities
  • Review any patterns in privacy issues and address through corrective action
  • Use environmental scanning to assess resolution agreement results
  • Review published privacy complaints to determine how to handle similar situations
  • Compare your state of readiness to known complaints

Interoperability advances HIPAA—The national push for greater interoperability is an absolute necessity to improve healthcare delivery. However, 30 years of new technology and communication capabilities must be incorporated into HIPAA rules. Old guidelines block us from addressing new goals. We expect more fine-tuning of HIPAA in 2018 to achieve the greater good of patient access and health information exchange.

Luminary Healthcare Panel

Tuesday’s keynote session was the second most relevant discussion for my role as vice president of privacy, compliance and HIM policy at MRO. Panelists provided a glimpse into the future of healthcare while reiterating HIM’s destiny—data integrity and information governance.

HIM’s role extends beyond ensuring correctly coded data for revenue cycle performance. It also includes the provision of correct and complete data for the entire healthcare enterprise and patient care continuum under value-based reimbursement. The need for stronger data integrity and overall information governance was threaded through every conversation during this session.

Final Takeaway

Make no doubt about it! HIM’s role is expanding. We have the underlying knowledge of the importance of data and the information it yields. More technology leads to more data and an increased need for sophisticated health information management and governance. Our history of protecting patient information opens the door to our future in the healthcare industry.

About Rita Bowen
In her role as Vice President of Privacy, Compliance and HIM Policy for MRO, Bowen serves as the company’s Privacy and Compliance Officer (PCO), oversees the company’s compliance with HIPAA, and ensures new and existing client HIM policies and procedures are to code. She has more than 40 years of experience in Health Information Management (HIM), holding a variety of HIM director and consulting roles. Prior to joining MRO, she was Senior Vice President and Privacy Officer for HealthPort, Inc., now known as CIOX Health. Bowen is an active member of the American Health Information Management Association (AHIMA), having served as its President and Board Chair, as a member of the Board of Directors, and of the Council on Certification. Additionally, Bowen is the chair for the AHIMA Foundation. She has been honored with AHIMA’s Triumph Award in the mentor category; she is also the recipient of the Distinguished Member Award from the Tennessee Health Information Management Association (THIMA). Bowen is an established author and speaker on HIM topics and has taught HIM studies at Chattanooga State and the University of Tennessee Memphis. Bowen holds a Bachelor of Medical Science degree with a focus in medical record administration and a Master’s degree in Health Information/ Informatics Management Technology.

MRO is a proud sponsor of HIM Scene.  If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

How to Train Business Office Staff to Perform Like ROI (Release of Information) Pros – HIM Scene

Posted on September 27, 2017 I Written By

The following is a HIM Scene guest blog post by Mariela Twiggs, MS, RHIA, CHIP, FAHIMA, National Director of Motivation & Development at MRO.  This is the third blog in a three-part sponsored blog post series focused on the relationship between HIM departments and third-party payers. Each month, a different MRO expert will share insights on how to reduce payer-provider abrasion, protect information privacy and streamline the medical record release process during health plan or third-party commercial payer audits and reviews.

Millions of payer requests for medical records are sent to hospital business offices every day. Business office staff are often tasked with pulling, compiling and sending Protected Health Information (PHI) to meet these requests.

Many payer requests are part of treatment, payment and operations (TPO) according to HIPAA. Payer requests are the “P” in TPO. However, others such as Medicaid assistance applications and disability requests are not covered under TPO. Knowing the difference and managing each request with the upmost regard for patient privacy is the focus of this month’s HIM Scene post.

Business Office Disclosures: Haste Makes Breach

Time is of the essence in the business office. Staff are focused on submitting claims, appealing denials or responding to audits and reviews as covered in last month’s HIM Scene. During the rush to get claims paid, key steps in the Release of Information (ROI) process may be skipped, compromised or mistakenly omitted. It’s during these situations that privacy concerns arise and PHI breaches may occur.

To ensure business office disclosures are kept safe and secure, organizations should train their financial staff using the same information, curriculum and courses presented to Health Information Management (HIM) teams. The ROI steps are the same. And disclosure management processes must be consistent to reduce breach risk. Here are five key areas of disclosure management to cover with your business office employees.

1. ROI and HIPAA Basics

Ensure employees understand the definition of  HIPAA, the privacy rule, ARRA HITECH Omnibus, PHI and differences between federal versus state law. Each state is different and laws apply to where the care was given, not where the organization is headquartered. This is an important distinction for central business offices processing requests for care locations across several states.

Also emphasize which types of payer requests fall under HIPAA’s TPO exemption and which don’t. For those that aren’t considered disclosures for TPO, a patient authorization is required.

Another important topic to cover is the Health and Human Services (HHS) minimum necessary guidance under the HIPAA privacy rule. This guidance helps organizations determine what information can be used, disclosed or requested by payers for a particular purpose. Payers don’t need entire copies of records. They only need specific documents depending on the type of request. By helping business office staff thoroughly understand and apply the minimum necessary guidance, organizations tighten privacy compliance and mitigate breach risk.

2. The Medical Record

Define the various components of the medical record to business office staff. These include common documents, various types of encounters, and properly documented corrections and amendments.

3. Confidentiality and Legal Issues

Outline the legal health record concept and what it includes for your organization. All the various confidentiality and legal issues should also be fully explained. For example, with regard to state subpoena laws, one needs to know quash periods and whether special documentation must be provided. Louisiana requires affidavits while Virginia requires certifications from attorneys saying a notice of patient objection was not received.

4. Types of Requests

List all the various types of requests that might be received in the business office. For each category, differentiate which are part of TPO and which are not. Those that fall outside of TPO require a patient authorization and should be forwarded to HIM for processing. The types of requests to discuss with the business office include:

  • Treatment requests
  • Internal requests
  • Patient requests
  • Government agency requests
  • Disability requests
  • Insurance requests
  • Post-payment audit requests
  • Attorney requests
  • Law enforcement requests
  • Court orders
  • Subpoenas
  • Research requests

5. Sensitive Records and Other Special Situations

Identify and describe specific disclosure management practices related to sensitive records. These cases can include information on genetics, HIV/AIDS, STDs, mental/behavioral health, substance abuse and other sensitive issues. There are also special situations surrounding disclosures for deceased patients and minors. Sensitive records require special handling. Complex federal and state legal issues may be involved with these cases and business office personnel should be aware of them.

With so many details to know, many hospitals and health systems are opting to centralize all disclosures within the HIM department or with a single outsourced ROI vendor.

Make the Case for Centralized ROI

There is a national trend toward centralized disclosure management versus each department handling information requests internally. Beyond the business office, requests are also frequently received in the radiology department, clinical locations, human resources, physician practices, nursing units and HIM.

Maintaining oversight and privacy compliance for all these areas is an arduous task—and opens the door for breach risk. If you are in doubt about the ability of business office or other staff to properly and securely process requests, a centralized ROI model may be your organization’s safest approach.

About Mariela Twiggs
In her role as Director of Motivation and Development, Twiggs leads MRO’s internal motivational efforts and manages MRO Academy, a rigorous and required online educational and testing platform for all employees, which is comprehensive and current with external developments and regulations. Prior to joining MRO, she was CEO of MTT Enterprises, LLC, a Release of Information business. Previously, she worked as a Health Information Management (HIM) Director. Twiggs is the past president of the Association of Health Information Outsourcing Services (AHIOS), Louisiana Health Information Management Association (LHIMA) and Greater New Orleans Health Information Management (GNOHIMA); a fellow of the American Health Information Management Association (AHIMA); recipient of LHIMA’s Distinguished Member & Career Achievement Awards; past treasurer of LHIMA and GNOHIMA; and serves on the advisory board of the Delgado Community College Health Information Technology Program. Twiggs holds a B.S. in Medical Record Administration and a Master’s Degree in Health Care Administration. She is also certified in healthcare privacy (CHP) and is a Certified Document Imaging Architect (CDIA+) with expertise in electronic document management.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

ROI in the Business Office: Why HIM Should Keep a Watchful Eye – HIM Scene

Posted on August 16, 2017 I Written By

The following is a HIM Scene guest blog post by Lula Jensen, MBA, RHIA, CCS, Director of Product Management at MRO.  This is the second blog in a three-part sponsored blog post series focused on the relationship between HIM departments and third-party payers. Each month, a different MRO expert will share insights on how to reduce payer-provider abrasion, protect information privacy and streamline the medical record release process during health plan or third-party commercial payer audits and reviews.

According to most business office staff, pulling information and releasing medical record documentation to payers is a necessary evil to get claims paid and reduce accounts receivables. It is not their core competency.

Whether the request is unsolicited or solicited by the payer, time required to compile information and respond wreaks havoc on business office productivity. Also in efforts to meet payer deadlines and expedite claims, human mistakes can be made. Incorrect patient information might slip through the cracks.

Despite concerns, many business office directors prefer that payer disclosures be sent out by their own business staff—versus by the HIM department. If your organization follows that practice, this HIM Scene blog post is for you.

Two Types of Business Office Requests

There are two instances of business office Release of Information (ROI) to know: unsolicited and solicited requests. The unsolicited process takes place when medical documentation containing all the additional information pertinent to the service being billed is submitted proactively by the provider with the initial claim. The solicited process occurs when the original claim is sent without additional supporting medical record documentation and the payer subsequently (during the adjudication process) determines that additional information is needed. The payer then places a request for the additional documentation from the provider.

Unsolicited Releases During Claims Processing

The purpose of releasing information during claims processing is to expedite payment. In an effort to get the claim paid faster, medical records are sent proactively with the claim. This is especially true for high-dollar claims, payer policies, readmissions within 30 days and the published Office of Inspector General (OIG) Work Plan.

Sounds like a good intention with the organization’s best financial interests in mind. However, three concerns arise when business offices send medical record documentation to payers—versus having HIM professionals take charge.

  1. Business office staff may not know which parts of the medical record will be required to support the claim. Often, the entire chart is sent—a process that is not practical for high-dollar or long-length-of-stay cases.
  2. Sending the entire record is also not compliant with HIPAA’s Minimum Necessary Standard. By sending too much information, hospitals are at risk for HIPAA breach.
  3. Upon receipt of prepay documentation, the payer’s staff logs each record received, scans or otherwise digitizes the documents, and incorporates them into their own electronic systems. This creates a huge administrative burden on payers.

Similar challenges ensue with solicited payer medical record requests that occur during the adjudication process or retrospective reviews.

Business Office Disclosures for Payer Audits and Reviews

There has been significant uptick in payer audits and reviews, a topic that was covered by HIM Scene last month. This includes governmental and third-party commercial. According to one central business office director at an MRO client site, “The pull lists for payer audits and reviews keep getting longer and the piles of medical records to send keep getting higher.”

To reduce administrative burdens with payers, some organizations are allowing payers direct access to their EMRs and EHRs to obtain the required information during audits and reviews. While this process may lighten the load for billing personnel, it is laden with additional privacy risks.

Business office personnel complain about the travails of responding to all the various requests for records. However, a significant number of business office directors still insist on owning the ROI process for payer audits and reviews. When this is the case, there are several important steps for HIM directors to consider.

Three Steps for HIM: Educate, Track and Talk

For both types of business office disclosures, it is important to educate billing staff about the implications of a HIPAA breach and privacy risks listed above. Establish an organization-wide standard for ROI to keep PHI safe during all types of business office disclosures. Educating all personnel involved in business office ROI (whether for claims processing, audits or reviews) helps relieve frustration with the record release process.

Billers should also track which specific records, and what sections of each, were sent. By documenting and then reviewing this information, organizations gain valuable knowledge about payer trends—insights that can be used to prevent denials and negotiate more favorable terms for payer contracts.

Collaborate with privacy and the business office to determine which release information to track. Then establish a common database or software application to document each release to payers. Here are four ways to make the most of business office ROI tracking data:

  • Look for patterns in what payers are requesting. Any trends in payer request activity could offer opportunities for provider improvement.
  • Identify risk. Analytics can help business offices detect weaknesses in the revenue cycle, involving coding, documentation or other internal processes.
  • Educate coders, biller, collectors, physicians, etc. on payer trends and how collaboration can promote accurate, complete billing for services rendered and support a claim via medical record documentation.
  • Use data analysis. When payer contract negotiations arise, use payer trend statistics to your advantage in the next round of negotiations.

Talk with local payers and stay updated on policy changes related to claims processing, audits and retrospective reviews. Open communication with each payer is recommended to ensure records are sent in the most secure way possible. Communication with payers also reduces phone tag and minimizes payer-provider abrasion.

Finally, due to the importance of collecting medical record documentation, health plans are willing to pay for records. Business offices and HIM departments fulfilling these requests are encouraged to discuss and pursue reimbursement from payers.

About Lula Jensen

In her role as Director of Product Management for MRO, Jensen drives product enhancements and new product initiatives to ensure MRO’s suite of solutions enable the highest levels of client success and end-user satisfaction. She has more than 15 years of experience in healthcare, focusing on Health Information Management (HIM), Revenue Cycle Management, analytics, software development and consulting. In addition to holding product management roles at McKesson Health Solutions and CIOX Health, she also served as Revenue Cycle Manager at Fox Chase Cancer Center and taught a course on ICD-9 CM Coding and Reimbursement at Bucks County Community College. Jensen is an active member of the Healthcare Financial Management Association (HFMA), American Health Information Management Association (AHIMA) and Pennsylvania Health Information Management Association (PHIMA); she is a 2005 PHIMA Scholar Award recipient. Jensen holds a B.S. in HIM from Temple University and an M.B.A. in Health Care Administration from Holy Family University.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.