“What’s new with HIPAA for HIM for 2017”
By Kelly McLendon, RHIA, CHPS
Two major issues are in play this year for our industry that we need to be aware of.
Privacy and patient access continues to be a major topic of discussion. Last year, the Office for Civil Rights (OCR) clarified that if a patient requests their own records you should not use a third party authorization form; yet nobody knew this! Your own information for getting copies of records and where to send the records is covered by specific HIPPA regulations. The problem is attorneys may not be complying with this regulation because most of the time they should be using a third party authorization. Some attorneys are requesting records as if they are the patients doing the asking. Whether or not the request is from a patient or another party has become quite complex. We are waiting for further guidance from the OCR. As of now, legislation is pending. The new OCR director named March 22 is Roger Severino. Stay tuned for the OCR response. Refer to more information about access on the OCR web site here.
Another red hot issue is on the security side of our profession. We continue to have problems with ransomware, hacking and phishing. Users need to be vigilant as to what emails they should open. We are preaching user vigilance and use of technology. Some of these practices are in play with users that have savvy IT. I receive calls regularly from sites with a breach. It’s still happening and we are working with the OCR and the FBI. Some are preparing Bitcoin accounts to prepare for caving in to Ransomware. The FBI does not recommend paying ransom for your files. If you have a business continuity plan and back up appropriately and are hacked, all you have to do is go to your latest backup, as long as you ensure it is not corrupted! We just had World Backup Day March 31 – Don’t be an April fool. Check out the resource page from Compliance Pro Solutions for applicable checklists. I’ve seen a single office provider who did not close all of the ports. A hacker found the ports, put a ransomware on them and encrypted all of their data but they were able to get by with no penalty from OCR because they were very diligent in creation of their HIPAA compliance program.
It’s a challenging time with all of the administrative changes and unknown changes coming. Don’t get anxious about it just continue what you’ve always been doing – being good stewards for health information management protection.
Kelly McLendon, RHIA, CHPS is a well-known consultant and industry expert in patient privacy and security, with specific expertise in the areas of privacy, incident, detection and automation. He is also an industry expert in legal health records, HIM operations, electronic document management and EHR project planning. Visit us on social media:
Twitter – @HIMprivacyGURU and @Comply_Pro
LinkedIn – Compliance Pro Solutions
Facebook – Compliance Pro Solutions
By Sandra Routhier, RHIA, CCS, CDIP is President of H.I.M.point with Darice Grzybowski, MA, RHIA, FAHIMA
Hospitals have been thorough in most places in setting up productivity standards for coders but it’s all about quantity, not necessarily quality of the documentation to support coding. This means they may be leaving more money on the table than they realize. It should not be a luxury to have a second review team or process in place to examine the quality of the coding but that is not the norm.
HIM and Coding deserve more respect for the role they play in the mid-cycle. Everything a coder does has a direct impact on how the hospital gets paid. Yes, it is important to get the bill out the door but consider for a moment what happens if is incorrect. With so many human and technology touches to complete the coding process, there lies a great potential for errors. With the transition to ICD-10 CM and ICD-10-PCS, the sheer volume of codes available puts coding accuracy at risk, it may be difficult to perform as accurate coding as it has been historically. Coding takes human intervention with training and experience but perhaps more than that, such as automated tools which help to audit coding compliance. Additionally, there are prospective clients who haven’t had an external audit completed since ICD-10 was implemented. Coding updates continue to be released on a yearly basis along with new coding guidelines and quarterly AHA Coding Clinic advice. This adds to the complexity and could result in missed opportunities because of not picking up these updates – all with the potential for financial impact.
Consultants tend to see the same types of errors during auditing activities. Leading edge hospitals are using automated tools that can scan 100% of the accounts and identify coding anomalies as well as documentation improvement opportunities. The goal is to get those cases screened and corrected prebill or within the payer’s rebill period. The idea is to screen for the quality of coding since if you can provide feedback to coders, the staff in the hospitals can learn from the intelligence in the software and do not repeat the error. There is also a large opportunity for an educational blitz for physicians to improve documentation so the coders don’t have to deal with this retroactively if the software can identify trends!
Other facilities may use manual routine internal and external documentation reviews and audits. Audit criteria and process will vary depending on whether needed for hospital inpatients, outpatients, or physician practices. It is important to review all the vendors in this space and ask to see actual reports on the quality improvement made for clients before making any technology additions. Coding is a proud and noble profession – coding professionals have strong clinical training, must understand both paper and electronic health documentation to determine what diagnoses and procedures can be coded, and the ability to assign the correct codes based on coding guidelines, index & tabular instructions and other recognized resources. Isn’t it time we gave them the tools, process, time, and feedback to continue to do an excellent and thorough job under ICD-10-CM/PCS?
Darice Grzybowski, MA, RHIA, FAHIMA has over 35 years of HIM experience and is President and Founder of H.I.Mentors, LLC since 2005. Sandra Routhier, RHIA, CCS, CDIP is President of H.I.M.point and has 30 years of experience in HIM, revenue cycle, and information technology.
As the New Year unfolds, many of us are wondering what kind of changes will affect our industry. A new president is in office and now we wait. As predicted, the Affordable Care Act will be overhauled. Our new administration will impact health care because they will revise what I have been calling, ‘unaffordable access to insurance coverage’ instead of providing ‘affordable access to health care’. Everybody is on the journey together to get a workable health care plan, not bankrupt the country.
I support the idea of a single payer system if it’s not purely government based. Medicare and Medicaid are good but they are administratively over burdensome and lack some choice to the consumers. In my opinion, the only way to control cost is to have a system built as a co-op that people can pay into and select their plans with a true competition based model. While basic health care coverage can come from taxes; the optional aspects should be based upon what individuals choose and can afford to pay for, like any other aspect of purchasing. And of course, ensuring we never return to a system where pre-existing health care conditions impact insurability should be a given.
Another big issue in the news is increasing concern about health care data security in our industry. We must worry about PHI (personal health information) breaches. Health care information is very valuable and needs to be protected. Our birth certificates can provide a lifetime of information. Hospital technology is behind and at the same time we are creating the perfect risk storm by outsourcing information overseas where foreign countries are not bound to HIPAA guidelines.
Another issue needs to be addressed is the flawed data we are based on problematic content in the Electronic Health Records (EHRs). Lack of standards lack of integrity in out date =- garbage in garbage out. We need to look at better quality data and data definitions with based on standards. We must also eliminate problematic practices such as copy and paste and use of repetitive and limited automatic fill-in of templated data. The H.I.M. community can be important leaders in health care standards as well as data and document integrity.
Have an awesome year!
In response to ICD10/ICD10PCS – who wants it or doesn’t and why:
-Software companies want it (selling at a profit- already invested in development)
-Consultants are fairly neutral unless they are only consulting in ICD10 training/auditing (the rest are getting work either way – preparation or clean up after from data quality problems)
-Physicians don’t want it (will force more detailed documentation, possible more med necessity denials, hiring higher skilled coders)
-Coders – some would like-who have been trained, others resistant – tougher system esp w PCS and documentation is lacking (hello CDI)
-Hospitals are mixed: those who invested big want, those that haven’t prepared – dread it coming and don’t have resources in place to handle productivity changes
-Outsource companies (really want – huge labor shortage predicted- recruiters want too)
-Managers (frustrated and fearing, doubt of reality of change, retraining and productivity concerns)
-Educators want it (tired of limbo of teaching both)
-Professional Associations – depends on which side you are
-Politicians – continue to leverage as bargaining power or want it to just go away
-Other countries – can’t figure out why we would want to put in a 20+ year old data system when I11 is around the corner (yes you can move from I9 to I11 and the speed depends on who cooperates and how much $ is put behind it. If US started 3 years ago before first delay – we’d be caught up to rest of world.)
Happy St. Patrick’s Day! Even if you aren’t Irish, we could all use a little luck in dealing with the upcoming ICD-10 tornado that is due to hit in October 1, 2015. (revised date). If you haven’t started preparing, it’s time to hit the Fast Forward button and get going on your implementation checklist. It seems most of the ‘panic’ calls we are getting are coming from physician practices who are just starting to understand this is going to represent a major change for them. Working with Cavanaugh Consulting Group who is a business partner of H.I.Mentors, we have jointly developed the following ICD-10 facts to share with your medical staff who may be struggling with understanding the differences between ICD-9 and ICD-10 coding. Call 708-352-3507 today to set up some Fast Track help with ICD-10 if you find yourself needing a little more than a lucky clover.
WHAT YOU NEED TO KNOW ABOUT USING ICD-10-CM IN PHYSICIAN OFFICES
1. ICD-10 training in clinical documentation, NOT coding, is needed for physicians.
2. The documentation quality will determine if medical necessity and compliance are proven.
3. There is not a direct map nor one-to-one crosswalk from ICD-9 to ICD-10 codes. Many codes will require support from additional documentation in order to be assigned.
4. Choosing a non-specific code, as was often allowed under ICD-9, may not be accepted nor meet medical necessity if used under the ICD-10 system.
5. Coders can assign codes only if there is supporting clinical documentation from the physician. They cannot extrapolate or make assumptions.
6. The total volume of codes needed, per encounter, is expected to increase dramatically in many cases.
7. ICD-10-CM was designed to have clinical documentation performed by physicians and clinical coding performed specifically by coders using encoder software.
8. There may be a need to submit ICD-9 as well as ICD-10 codes for certain payors for a certain length of time.
9. ICD-10-CM is not designed to work with superbills or pick lists.
10. Ambulatory physicians who also see patients in a hospital setting will have different rules and guidelines regarding documentation for ICD-10-CM and because of the added use of ICD-10-PCS for procedure coding for hospital inpatients.
11. There will be different levels and methods of training to meet the ICD-10 educational needs for clinical staff, administrative/executive level staff, and coding/billing staff.
Less than a year away and the clock is ticking….your checklists should be at 95% checked off and you are now in the stages of intense coder education and training……
As coding is integral to the revenue cycle, you must invest in staff preparedness to minimize the impact of your DNFB and accounts receivables. Many healthcare organizations are preparing for impending coding backlogs and the impact on medical record completion due to incomplete clinical documentation necessary to submit accurate and complete codes.
If you are in the stages of upgrading to a new EHR system, or modifying your existing documentation templates, be sure to apply the impact of ICD-10 code structure and documentation requirements. Forms and query templates must include verbiage to identify ICD-10 specificity requirements in order to capture the most specific ICD-10 codes.
If you have not yet dedicated or found the resources for a comprehensive ICD-10 education program, know that it is important to assess your current state to identify areas, specialties, and target audience to focus on specifics. While the official coding guidelines and DRGs will not change significantly, ICD-10 new coding sets and structure will bring new changes to coding rules. Coders who have been used to ICD-9 for 30 years will need to learn these coding nuances. Your ICD-10 assessment should include identifying what specialties need more attention; this includes physician specialties where clinical documentation gaps can be identified. Coders, clinical documentation specialists, physicians and other clinicians can benefit in the education of results from documentation gap assessments.
See the link to the article below for a good summary of why ICD-10-CM preparation isn’t something to be taken lightly. While clinician and coder training doesn’t necessarily need to start until closer to the date, all providers should have an assessment of their systems, interfaces, reports, and software upgrade status completed, and an audit done on their coding to understand coding and software resource and training needs. Call 708-352-3507 for best pricing and availability of these services from H.I.Mentors.