Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

Remote Release of Information: The Next Step in Secure and Compliant Exchange of Patient Health Information

Posted on July 18, 2018 I Written By

The following is a guest blog post by Patty Sheridan, MBA, RHIA, FAHIMA; SVP, Life Sciences at Ciox & Tarun Kabaria; Executive VP, Provider Operations at Ciox.

Across the industry, there is an influx of health information management (HIM) departments and medical groups moving their HIM operations from hospital main campuses and individual physician practices to centralized, offsite locations to gain efficiencies and make better use of valuable square footage in their facilities. For many organizations, this move began decades ago with the implementation of remote coding and/or the need to free up space for patient care.

These ‘virtual HIM” departments can be located at a separate facility, home-based office or remote vendor locations, and result from the continued adoption of electronic health records (EHR) and pressure to manage costs, offering HIM directors and practice administrators the opportunity to reorganize and form more efficient spaces and processes. Outsourcing functions, such as release of information (ROI), allows HIM staff to focus on other priorities of data governance while maximizing available space.

From a financial perspective, costs associated with regulations, staffing, printing, mailing and square footage are increasing; and in some instances, volumes of requests are increasing due to health plans, lawsuits and the portability of healthcare. Furthermore, allowable fees for releasing medical records are decreasing in some states. As a result of these rising financial pressures, healthcare providers are finding it more difficult to make ROI a profit center in their organizations.

HIM departments are experiencing additional pressures from rising health plan request volumes, requiring flexible operational solutions in order to meet the increasing demand. In a typical year, the volume of health plan requests tends to increase to the order of 20-30 percent, and this year those numbers are expected to triple. With such an influx of requests, moving to a virtual model allows for the onsite staff to be augmented with the remote team, fulfilling these large volume requests without impacting the core ROI and patient requests.

Another prevalent challenge is timeliness. With the advent of rebranding the Meaningful Use program to focus on promoting interoperability and the increase in various governmental and payor audits, timeliness of response to requests for medical records is critical and penalties for non-compliance are steep. As such, healthcare providers are reaching the point of diminishing returns in regards to managing the ROI function on their own, and in some cases, will not be able to meet the time deadlines imposed upon them to gain incentives, avoid penalties and takebacks.

These new industry influences create the need for even faster, more efficient, error-free fulfillment of medical record requests and pave the way for a new approach designed to help your organization meet this demand: Remote ROI.

The Remote ROI Process

The ROI process is a time-consuming administrative challenge for HIM professionals, requiring compliance expertise, secure and efficient technology, and a trained and knowledgeable staff. The Remote ROI process starts at your healthcare facility when requests for release of health information are received. From there, your chosen third party vendor, such as Ciox, receives the request from the hospital or practice via a mutually agreed upon, secure mechanism. Securely connected and able to access the hospital or practice EHR, an offsite ROI Specialist then reviews the requests for proper authorizations, identifies and captures the records to be released, and transmits the medical records from your facility’s EHR in an encrypted electronic format to the third party vendor’s ROI centralized processing center. The release is delivered to the requestor through an automatic print and mail process or electronically via a secured delivery method. Ciox’s process is computer-assisted using artificial intelligence and natural language processing thereby reducing turnaround time, improving patient satisfaction and ROI outcomes.

When creating your Remote ROI process, follow these three fundamental steps to ensure its success:

1. Determine the method of access to the Request Letter/Authorization received by the hospital or physician practice.

There are several mechanisms by which requests and authorizations are securely made available to Remote ROI Specialists for ROI processing. The most common methods include:

  • Requests/Authorizations are scanned into the EHR – Staff at the facility scans the requests/authorizations into the EHR. The Remote ROI Specialist accesses the EHR to view the information and begin the process.
  • Requests/Authorizations are faxed – Staff at the facility faxes the requests/authorizations to a fax-in queue provided by the third party vendor. The Remote ROI Specialist accesses the fax-in queue to view the information.
  • Requests/Authorizations are scanned and placed in a shared folder – Staff at your facility scans the requests/authorizations into a shared folder accessible by the Remote ROI Specialist at the third party vendor’s secure Remote ROI Processing Center.
  • Requests/Authorizations are automatically received via health data exchange or health information exchange.

2. Establish connectivity to the EHR to validate the authorization, review the medical records and process the request.

An acceptable baseline for securing the connection to your EHR system(s) must be established for Remote ROI. The appropriate connectivity scenario depends on the underlying technologies at your facility. When understanding which technologies are at your disposal and establishing connectivity, remember that security is key in this part of the process. Keep that in mind when selecting a third party vendor, as it’s paramount to select a company that makes the security of the exchange of protected health information a top priority. Furthermore, it’s of critical importance to select a vendor that has earned certified status for information security by the Health Information Trust (HITRUST) Alliance. The HITRUST CSF Certified Status ensures that key healthcare regulations and requirements for protecting and securing sensitive private healthcare information are met.

3. Ensure compliance standards to track when and who accessed protected health information.

As an added security effort, it’s crucial to follow compliance standards that allow insight as to who accessed patient health information and when it was accessed. To ensure maximum security, computers located at the third party’s Remote ROI processing facility should be secured utilizing encryption, anti-virus protection and web filters.

Passwords should be provided by the facility for access to their specific EHR and stored in an electronic password vault. The password vault should be linked to the third party’s directory that is only accessible by the ROI Specialist using their directory account. Third parties should provide complete audit trail capabilities to track personnel accessing the EHR and processing medical record requests from your applications.

By moving some or all of the onsite ROI functions to a Remote operation, you can streamline the ROI workflow, reclaim square footage for other purposes and have additional capacity available for request volume fluctuation. As an added benefit, the immediate access to requests and authorizations speeds turnaround times on processing requests, which is particularly important when considering tight timelines for meeting Meaningful Use and audit-related releases.

If you’re looking to make HIM operations more efficient and cost effective, Remote ROI can open the doors to achieving those goals.

About Ciox
Ciox is a health technology company working to solve the clinical data illiquidity challenge by providing transparency across the healthcare ecosystem and helping clients manage disparate medical records and a proud sponsor of Healthcare Scene. When stakeholders do not have timely access to the complete clinical picture of patients, critical decisions about patient care, medical outcomes research, disease prevention, reimbursement, and payments are sub-optimized. Ciox’s scale, expertise, expansive provider network and industry leading technology platform make it the most reliable clinical data company in the US. Through its standards based technology platform, HealthSource, Ciox helps clients securely and consistently solve the last mile challenges in clinical interoperability.  Learn more about Ciox’s technology and solutions by visiting www.ciox.com

The Challenge of Medical Records Requests in the Healthcare Business Office – HIM Scene

Posted on July 10, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

While at the HFMA Annual Conference (Formerly known as ANI), Healthcare Scene was able to sit down with Kim Charland, BA, RHIT, CCS, Director of Revenue Cycle Services at MRO, to talk about some unique issues with Release of Information (ROI) coming out of the healthcare business office.

This was an issue I hadn’t thought much about previously, but it makes a lot of sense that medical billing professionals probably aren’t the best people to be handling release of information to insurance companies. Billing professionals’ goal is to get paid, not ensure that they’re doing a proper release of information to payers. Plus, most of them have billing expertise, not ROI expertise. It makes a lot of sense for the business office to involve HIM professionals with release of information expertise into the process.

To learn more about this topic and what MRO is doing to help healthcare organizations address this compliance issue, watch the video interview below with Kim Charland:

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

The Disconnect Between Patient Experience and Records Requests – HIM Scene

Posted on April 19, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This post is part of the HIM Series of blog posts. If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.

This week I met with one of the digital marketing team at a children’s hospital. We had a great conversation about the hospital website and the way the hospital’s website represented the organization to the patient. Plus, we talked about how patients choose to interact with the hospital through their website. There are a wide variety of patient requests through the website, but one of those requests was a request for their patient record.

It wasn’t really a surprise that this digital marketer didn’t really know the details of what’s required for a patient to make an appropriate medical record request from his hospital. In his defense, he didn’t usually answer the questions, but just created the website that collected the questions. However, it was quite clear that the workflow for any medical records request was to send it to their HIM department and let them figure it out.

Most organization then have their HIM staff play phone tag with the patient to explain how to make a proper records request which will allow them to release the information to the patient. The progressive organizations might send the patient an email. However, many of them will then ask the patient to mail, drop off or fax in the official records request. If this sounds painful, I can assure you that it’s as painful as it sounds.

This illustrates the massive disconnect between creating a great patient experience and most organization’s current records request process. Please note that I’m not blaming the digital team at hospitals for the issue and I’m not blaming the HIM people for this problem. I’m blaming the disconnect between the two organizations because the only way to solve this problem is to have both organizations involved.

The best patient experience would actually be for the patient to go to their patient portal and download their whole record. Maybe we’ll get their one day, but there are hundreds of systems in a hospital where a patient’s data is stored. So, it’s going to take a while for us to reach the point where a patient can self-service their data requests.

Since I’m not holding my breath on this amount of data sharing happening between disparate systems, I’m more interested in making the current processes so it’s a seamless experience for the patient. If you can model a medical records request on paper, then you can do it digitally. To their credit, I’ve seen a few organizations working on this. In fact, their system is part education about records requests and part getting the information that’s needed to fulfill a records request.

It’s time that HIM and a hospital’s digital and tech teams come together to make the process for requesting records a seamless patient experience. And if you think using a fax machine is a seamless experience for patients, then you’re part of the problem.

If you’d like to receive future HIM posts in your inbox, you can subscribe to future HIM Scene posts here.