Check Request Status610-994-7500

MRO at the 90th Annual AHIMA Convention and Exhibit in Miami, FL

As we approach the 2018 AHIMA National Convention and Exhibit in Miami, held September 22-26, 2018 in Miami, MRO is very excited to exhibit and have the chance to mingle with our Health Information Management (HIM) partners and friends.

During exhibit hall hours, members of MRO’s leadership will be available at Booth 437 to discuss topics surrounding Protected Health Information (PHI) disclosure management, including industry trends, breach risk mitigation and MRO’s KLAS #1-rated Release of Information (ROI) solutions. We will also have a mentalist/magician performing in our booth on Monday and Tuesday, September 24 and 25.

Some other places you can find MRO during the convention include:

AHIMA’s Privacy, Cybersecurity, and Information Governance Institute

Saturday and Sunday, September 22-23
Miami Beach Convention Center, Art Deco Ballroom, Room 228 AB

AHIMA is committed to remaining the leader in privacy, cybersecurity, and Information Governance (IG) throughout healthcare. Because of this commitment and healthcare’s evolution—which requires continued education on the most current topics and trends in the industry—AHIMA’s annual Privacy and Security Institute is evolving. This year AHIMA is introducing the Privacy, Cybersecurity, and Information Governance (PCIG) Institute.

MRO is proud to sponsor this year’s PCIG Institute, and Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, Vice President of Privacy, Compliance and HIM Policy for MRO will participate in Sunday’s 10:55am – 11:45am Eastern panel discussion “Privacy and Security Competency Gaps: How to Navigate Your Way to Success.

Case Study for Business Office ROI: Yale New Haven Health

Monday, September 24
Miami Beach Convention Center, Exhibit Hall, Theater C
12:15pm – 1:05pm Eastern

Join Kim Charland, RHIT, CCS, Director of Revenue Cycle Services for MRO, and Cindy Zak, MS, RHIA, PMP, FAHIMA, Executive Director of Corporate HIM for Yale New Haven Health, for a presentation on exploring ways MRO’s Medical Record Attachment Services for the Business Office can help HIM leaders improve interdepartmental collaborative efforts to efficiently and compliantly fulfill ROI requests that support claim payments.

ROI Networking Roundtable

Monday, September 25
Miami Beach Convention Center, Room 209
3:30pm – 4:15pm Eastern

Attend the presentation “The Modern Age of ROI – Are You Up to Date?” to network with HIM peers and experts in the field, including MRO’s Rita Bowen and Angela Rose, MHA, RHIA, CHPS, FAHIMA, Vice President of Implementation Services. Bring to the table any issues or challenges faced in ROI and discuss best practices.

Educational Session: Project Management in HIM Implementations

Monday, September 25
Miami Beach Convention Center, Ocean Drive Ballroom A-D
4:30pm – 5:15pm Eastern

To learn best practices for utilizing project management skills in enterprise-wide HIM implementations, join Angela Rose and Emilie Sturm, Sr. Revenue Management Consultant for Trinity Health, for this exploratory session.

Meet MRO at AHIMA

MRO has been exhibiting at this convention every year since 2004. In our 15th year at the event, we anticipate this to be our best year yet. I am looking forward to learning about the latest industry trends and being able to see and spend time with all our clients and friends in attendance. We hope to see you there!

Schedule a PHI disclosure management consultation at AHIMA.

Read More

DOs and DON’Ts of Outsourcing Release of Information

DOs and DON’Ts of Outsourcing Release of Information

Managing the disclosure of Protected Health Information (PHI) from within a healthcare organization has become increasingly complex. As the volume of medical Release of Information (ROI) continues to rise, multiple disclosure points place organizations at risk for privacy breach. Many have turned to outsourcing Release of Information to promote proper PHI disclosure. Choosing the right vendor can be a challenge if you don’t know where to start. Here are some suggestions to make the process easier.

DO—Use HIM peer feedback

The best way to begin is by seeking feedback from HIM peers who have experience with ROI vendors. Trusted peers can help with steps to identify vendors that offer high levels of service quality, accuracy and compliance.

Ensure the vendor is equipped to handle a health system your size

In today’s environment, there are fewer independent hospitals than in the past. Increased consolidation among hospital groups adds a new level of complexity due to size of the organization. It’s important to conduct a thorough evaluation to ensure the vendor can accommodate the size of your organization.

Over the years, many independent hospitals have used small local ROI companies that served them well at the time. But as these organizations grow to include multiple facilities with hundreds of clinics, ROI becomes a more complicated process. Vendor reassessment involves two critical considerations—scalability and expertise. Does the vendor have the scalability to meet the needs of all facilities and the expertise to conduct the implementation from a proven project management perspective?

Scalability is especially important for organizations acquiring physician practices. For one organization, we are currently hiring 40 people to serve five hospitals and 300 physician practice locations. Few vendors are equipped to manage a project of that size. Organizations should consider the scope of the project and the vendor’s ability to conduct a smooth and seamless implementation. Best practice is to engage a dedicated implementation team of trained specialists to onboard staff and ensure a successful implementation.

Assess the vendor’s ability to offer high levels of service quality, accuracy and compliance

Your organization must have confidence in the vendor’s ability to measure quality and accuracy to ensure compliance. While seeking feedback from peers, review the company’s resources to assess quality standards, documentation processes, areas of priority and methods of measurement. What is the success rate in terms of service delivery and accuracy? What internal quality measures are in place to ensure proper disclosure of PHI and prevent breach? Also, look for independent measures of quality and reputation of a vendor you’re considering. One of those measures is KLAS, a third-party group that rates companies based on customer ratings.

DO—Visit the vendor

As part of the evaluation process, schedule an onsite visit. At MRO, we welcome the opportunity to show and tell what we do. Showing tells a lot about an organization. Take a tour of the workflow to see ROI processes firsthand. That’s where you’ll see those crucial quality checks.

DO—Leverage the latest technology innovations

Advanced technology is essential to provide optimal ROI services. Top priorities include EMR integration, electronic delivery, optical character recognition (OCR) technology for Quality Assurance, and IT expertise and leadership.

EMR integration

Look for technology with the capability to integrate with most EMR systems. Some ROI companies have built interfaces between their ROI platforms and EMRs to enhance workflows through automation. For example, MRO’s MROeLink® interface with Epic’s ROI module has the capability to automate typically manual and redundant steps in the ROI process to improve efficiency and reduce errors.

Electronic delivery

Organizations today need import and export capabilities that extend beyond extraction of information.

Look for the ability to receive requests and deliver information via electronic interchange. At MRO, we have thousands of portals set up with different organizations around the country to securely receive and deliver information. Additionally, our proprietary interface with SSA’s Disability Determination Services (DDS) and esMD for CMS enables healthcare organizations to enhance revenue, improve efficiency and drive compliance.

OCR technology for Quality Assurance

Quality Assurance requires the right people, processes and technology. The most effective programs offer technology and human intervention to review documents at various points within information management workflows. For example, we suggest a combination of OCR technology and specially trained staff to perform multiple quality checks during the ROI process. MRO’s IdentiScan® OCR validation technology checks for patient identifiers to catch comingled records. Any detected errors are quickly corrected and documented by Quality Assurance experts.

IT expertise and leadership

Finally, consider the vendor’s future plans for investment on the IT side of the ROI process. Many times smaller vendors can’t make large investments required to be on the leading edge of IT. Is the vendor forward thinking regarding IT? What capabilities are in place? Recommended practice is to have extensive internal IT resources backed by plans for future investment. Look for progressive companies with IT knowledge, experience and leadership.

DO—Consider an enterprise-wide approach

A centralized, enterprise-wide approach to PHI disclosure management is the recommended strategy to have complete confidence in achieving compliance. This approach guards a patient’s privacy while also protecting the organization against breach, financial risk and reputational harm. The benefits across the health system include:

  • Standardized policies and procedures
  • Consistent policy enforcement
  • Improved patient and third-party requester experience
  • Heightened PHI disclosure accuracy through quality-infused workflows

DON’T—Prioritize low cost over quality

Prioritizing low cost over quality and compliance will cost your organization more in the long run. Everyone wants the most economical deal, but not at the expense of quality. Noncompliance and associated costs are too great a risk. When evaluating a vendor, shop for accuracy and quality.

MRO is proud to be KLAS-rated #1 for outsourced Release of Information services, offering scalability, expertise, innovative technologies, and the highest levels of accuracy, quality and service. To request a demo of our ROI Online® solution, complete the form.

Request a Demo

Read More

Onboarding a New Release of Information Vendor: Six Strategies to Ensure a Smooth Transition Process

Begin with the end in mind.  – Stephen Covey

Stephen Covey will long be remembered as the author of The Seven Habits of Highly Effective People. The wisdom of those habits is applicable to organizations as well. When onboarding a new Release of Information (ROI) vendor, the end goal is to standardize policies and processes across the enterprise for timely, accurate and efficient disclosure of Protected Health Information (PHI).

Partnering with a new vendor for outsourcing Release of Information doesn’t have to be a daunting task. Whether your organization is managing ROI in house or considering a change from one outsourcing vendor to another, making a smooth transition across the enterprise is critical. Defined tasks and activities are required to successfully bring a new ROI vendor on board and resume normal operations as efficiently and effectively as possible. A seamless process begins with a dedicated implementation team to facilitate the transition, keeping the end goal in mind.

In our experience, organizations often encounter challenges that are difficult to overcome without the expertise of an implementation team. Here are some of the most common pitfalls:

  • Lack of executive ownership
  • Resistance from stakeholders, no buy-in
  • Lack of process knowledge/ownership
  • Scope creep—project not well defined, documented, controlled
  • Communication issues
  • Insufficient staffing, training and other resources
  • Multiple technology platforms/EMR

Setting the Stage for PHI Disclosure Management Success: Six Strategies to Ensure a Smooth Transition

When evaluating an ROI vendor, be sure the vendor has a dedicated implementation team to facilitate a smooth transition. That is your first priority. The team will guide the implementation through the following six strategies:

Define the Project. Define the project scope, goals and objectives. Identify the project owner, executive sponsor and all stakeholders. Set expectations and accountability. Develop a timeline with milestones and phases.

Manage Contracts. Monitor and manage the terms of the contract to ensure contractual obligations are met. Deliver to the client exactly as specified in the contract. Proper management prevents scope creep.

Communicate. Provide ways to communicate with senior management and all stakeholders across the enterprise. Communication tools include internal memos, email templates, press releases, onsite meetings, workflow tips, helpline, monthly updates to senior management on timelines and milestones, and post-implementation touch-point calls. Communication builds trust.

Plan. Planning and communication go hand in hand. Otherwise, the project implementation plan won’t leave the conference room. To assist with planning, here at MRO, we provide new clients with a detailed overview of our implementation planning process including the following:

  • Pre-Implementation Activities
  • Implementation Timeline
  • Go-Live Activities
  • Post Implementation Activities

Planning is everything. Proper planning presents the opportunity to identify and address issues up front, setting the stage to achieve optimal results.

Document. Comprehensive documentation clearly defines the project desired outcomes. Transparency and accountability are essential. One of our practices is to send welcome packets introducing what we do and what’s going to happen during the implementation period, along with escalation pathways and MRO contact information. Throughout the transition, we provide a detailed agenda for every meeting, minutes following each meeting, training documentation, videos, monthly updates and project monitoring reports. The entire process is documented from the beginning.

Train and Educate. In preparation for go-live, an effective training and education program promotes successful outcomes. The recommended strategy is to begin training after the planning phase and continue throughout go-live. At MRO, our implementation specialists provide training on MRO ROI policies and procedures, current and legacy EMR systems, HIPAA privacy and security, ROI Online® system use and best practices.

Best Practices Yield Optimal Outcomes

Beginning with the end in mind, providers and vendors should work together to help organizations achieve timely, accurate and efficient ROI outcomes.  At MRO, our dedicated implementation team guides you every step of the way with proven strategies to ensure a seamless transition.

Sign Up for Future Blog Posts

Read More

Five Takeways from the HFMA 2018 Conference

“Efficiency is doing things right; effectiveness is doing the right things.” Peter Drucker

Peter Drucker, world-renowned business management guru, reminds us to focus on both efficiency and effectiveness to improve long-standing processes, procedures or policies. Healthcare finance leaders and revenue cycle professionals were charged with the same goal—creating efficiencies and building effectiveness—during the recent HFMA 2018 Annual Conference held in Las Vegas, June 24-27, 2018.

For central business offices (CBOs) and patient financial services (PFS) departments, the need to address stubborn problems and improve performance is paramont to cut costs and reduce risk. One way to achieve these goals is by fostering innovation.

This blog shares HFMA’s call for innovation, summarizes four other takeaways from the 2018 event and lays out an important MRO strategy to improve business office efficiency and CBO effectiveness.

Foster Innovation for Business Office Efficiency and Better Outcomes

Kevin Brennan, FHFMA, CPA, the new chair of HFMA’s 2018-2019 board of directors and recently retired Executive VP, Finance and CFO at Geisinger Health System, welcomed attendees by discussing the importance of promoting experimentation and new ideas to bolster efficiency in revenue cycle workflow and operations. Brennan encouraged revenue cycle leaders to resist the fear of failing and build new business models to promote performance. As Brennan stated, a good new motto to follow might be “Never be fearful of making new mistakes.”

Build Collaboration through Better Tools and Workflows

By coupling innovation with collaboration, Brennan urged HFMA attendees to build new bridges with other departments, providers, payers, consumers and the government. The call for better collaboration was reiterated by Tuesday’s keynote speaker, Dr. Rubin Pillay, medical futurist, physician and professor.

With collaboration as the central theme of this year’s event, revenue cycle professionals were encouraged to “try new tools and make existing workflows work better” as one pathway to foster collaboration and improve business office efficiency within CBOs and PFS departments.

Go to a New Level in Healthcare Delivery

Dr. Pillay also discussed the role of artificial intelligence and technological innovation in spurring healthcare collaboration. Pillay provided examples of growing organs for corneal transplants and using robotics to help paraplegics walk as important ways healthcare organizations can take patient care to a new level. According to Pillay, “Technology and data, their convergence with policy, and provider and payer strategies are driving major trends to transform healthcare.”

Enhance the Patient’s Financial Experience

The final takeaway from the HFMA 2018 Conference was a continued cry to improve the patient’s financial experience. Best practices from HFMA’s 2017 MAP winners were referenced as innovative ways to make steady, incremental changes and improve performance. In reviewing these MAP winner strategies, we are reminded of the need to continually speed processes and streamline operations—this is especially true for CBOs.

Improve Business Office Efficiency by Reducing Biller Distractions

Consistent with HFMA’s themes of efficiency, effectiveness, innovation and collaboration, MRO is laser focused on improving business office performance. For most CBOs and PFS departments, biller distraction is an important issue—one we intend to reduce for MRO clients. We continue to hear from clients that billers and collectors become distracted with trying to process payer requests for medical records. Our latest service was discussed with HFMA attendees during the conference and received rave reviews.

Challenge:

Business office personnel release millions of medical records annually to commercial health plans and government payers to expedite payment of claims, appeal denials or fulfill auditor requests. However, it doesn’t make sense for these business office staff—billers or collectors—to handle payer requests for medical records when they should be focused on reimbursement. There are also HIPAA risks to consider when billers release Protected Health Information (PHI) versus having Health Information Management (HIM) professionals manage this task.

Receiving, processing and managing payer requests for health information is what MRO does best. So we’re applying this expertise to cut cost and reduce risk for CBOs and PFS departments.

Solution:

Instead of distracting billers and collectors from their core objective of collecting revenue, MRO disclosure management experts apply new workflows and HIM collaboration to the process of Release of Information (ROI) in the business office. Here is a high-level summary of how the new MRO service works.

  • Business office logs requests and attaches billing documents
  • MRO adds medical record documentation
  • MRO quality checks and releases billing and medical documentation to the payer
  • MRO sends documentation by payer-requested delivery method

Results:

MRO clients who are using this service from MRO are achieving both efficiency and effectiveness in their CBOs and PFS departments. Specific improvements include:

  • Heightened efficiency and cost savings
  • Minimized breaches and more compliant PHI exchange
  • Payer request trackability for analytics
  • Enhanced collaboration between HIM and the business office
  • Maximized production by keeping teams focused on what they do best
  • Improved visibility and transparency for both teams

Request information about MRO’s business office ROI services

Read More

How to Improve PHI Disclosure Efficiency in the Business Office

PHI Disclosure

Releasing medical records from a healthcare organization’s business office can be accomplished in a more efficient and cost-effective method. Instead of distracting billers and collectors from their main duties of collecting revenue, business offices should consider the following options to improve efficiency and ensure proper tracking of Protected Health Information (PHI). I provide more detailed information in an HFMA blog “PHI Disclosure Management in the Business Office.”

Centralize all Requests for Records

If the business office wishes to continue to process using their staff, the function should be centralized and assigned to a core group of processors to fulfill all requests. This will help minimize administrative burden from the billers and collectors. Centralization also promotes consistent, standardized processes. These dedicated business office staff should be thoroughly trained in proper PHI disclosure management to maximize efficiency, eliminate redundancy and mitigate risk of HIPAA breach for requests that may fall outside of TPO such as itemized bills for outside attorney requests.

Transfer the Work to HIM

HIM staff are well trained in processing requests for information. They have the knowledge and skills to complete requests efficiently and in compliance with HIPAA guidelines. Nevertheless, some organizations fear delegating this function to HIM because of concerns regarding timeliness and payer deadlines. To reduce turnaround time fears, the following four best practices should be implemented:

  1. Ensure open and ongoing communication between the business office and HIM
  2. Optimize the use of EHR and PHI disclosure management technologies to route requests and share information
  3. Assign dedicated Release of Information (ROI) experts to support the business office and process requests
  4. Conduct regular meetings to discuss new trends in payer requests and proactively improve turnaround time through SFTP delivery

Outsource Business Office PHI Disclosures

A number of national firms, including MRO, provide Release of Information services to process payer requests. MRO’s services for business office disclosure management ensure timely delivery of information to payers, full compliance with HIPAA guidelines, and around-the-clock staffing to avoid backlogs or delays.

Careful and strategic tracking of information released, to whom and why, will make the PHI disclosure process more efficient. If your organization needs to improve this process, you should consider: centralization, delegating work to HIM or outsourcing PHI disclosure management. By implementing these alternative workflow options, your organization will be taking the right steps towards improving billing processes and decreasing denials.

Sign Up for Future Blog Posts

Read More

How to Lead Enterprise-Wide Projects: HIM Expert Advice

From encoders to Electronic Health Records (EHRs), Health Information Management (HIM) professionals are often tasked with enterprise-wide project management including new technologies, changing workflows and centralized operations. These massive projects require strong HIM skills, expanded partnerships and greater collaboration among vendors, HIM, IT and others. With leadership skills, specialized education, and peer-to-peer relationships, HIM professionals are perfectly positioned to promote collaboration among all stakeholders, secure executive support, ensure timelines are met and cover every detail of an enterprise-wide initiative.

A few months ago, I moderated a roundtable discussion with three HIM experts: consultant, Pat Biesboer, RHIA, MSS, PMP; Susan Carey, MHI, RHIT, PMP, FAHIMA, System Director of HIM for Norton Healthcare; and Emilie Sturm, MA, RHIA, CHPS, Senior Revenue Management Consultant for Trinity Health. They each discussed mapping out enterprise-wide projects, such as PHI disclosure management and how to meet milestones and resolve common challenges. You can find the full discussion, “Using HIM Skills to Lead Enterprise-Wide Projects: An Expert Roundtable,” in the February 2018 issue of Journal of AHIMA.

During the roundtable, all three HIM experts provided their main lessons learned from their experiences as enterprise-wide project managers. If you are an HIM professional, you may benefit from reviewing the lessons below:

    1. Provide concise, timely, and honest communication. Keep people motivated by injecting fun into your discussions. Keep the current status in front of stakeholders according to a regular schedule, providing the degree of detail they need.
    2. Have realistic expectations and transparency. If difficulties are expected, prepare the team ahead of time. This will help build trust.
    3. Follow stated goals. Guide your team toward the goals you established. When you run into blockers, review your options. Objectively provide the background, options, rationale and a recommended direction to maintain forward progress.
    4. Avoid bringing assumptions to the table. Remain open-minded and validate your expectations. Susan Carey reflected, “When I was the project manager for our EHR’s operating room, nursing and HIM modules, I mistakenly assumed that IT resources understood HIM. Looking back, I should have educated my peers who were managing other parts of the project regarding the tenets of HIM. This would have facilitated HIM operations leaders’ attempts to maintain decision-making regarding the electronic record configurations and policy.”
    5. Conduct reference calls with organizations using any technology you are considering. HIM needs differ from those of other departments. Current users can suggest ways to configure applications to best meet your needs and save valuable implementation time and resources.
    6. Perform as a project manager with HIM knowledge. Project managers are valuable when they have subject matter expertise and can develop subsidiary plans within the overall project management plan.
    7. Have the right stakeholders at the table when starting a project. Due diligence should be conducted to map out all areas of the project and determine vested parties. Having the right team on board provides for a productive group of multidisciplinary professionals with varying expertise.
    8. Identify lessons learned during each phase of a multiphase project. With a multiphase project, such as a system rollout, identify lessons learned during each phase. When possible, incorporate those lessons into the next phase for a stronger outcome. As your timeline allows, be flexible and don’t hesitate to post-pone a go-live if critical goals are not yet achieved.
    9. Communicate often with your project team and stakeholders. For HIM-driven projects, it’s critical that the local HIM director communicates with key constituents or peers. Establish regular meetings over the course of each project or expand your schedule if necessary. Disseminate project management tools such as timelines and meeting minutes to the project team. Regularly review the project plan to monitor progress compared with the overall timelines.

    Though HIM professionals have always managed projects, enterprise-wide endeavors raise the bar for communication, organization and leadership. HIM professionals have unique abilities to manage enterprise-wide projects. More importantly, HIM professionals can help team members solve problems, achieve their goals and enjoy the journey.

    If you are interested in learning more about this topic, come join me and Emilie Sturm, MA, RHIA, CHPS, Senior Revenue Management Consultant for Trinity Health, at the 2018 AHIMA National Convention in Miami, for our presentation titled “Project Management in Enterprise-Wide HIM Implementations.”

Sign Up for Future Blog Posts

Read More

How to Ensure Proper PHI Disclosure across your Healthcare Enterprise

PHI Disclosure

When it comes to Protected Health Information (PHI), one of the main duties of Health Information Management (HIM) departments is to protect their patients’ privacy and ensure proper disclosure. HIM departments have had a long-held reputation of being the top disclosers of PHI within a healthcare enterprise. However, recent trends in PHI disclosure management are changing things around. Combined requests from other areas such as radiology, business offices, and physician practices are matching, if not exceeding, the PHI disclosure volumes in HIM. This combination of departments managing PHI disclosure causes high volumes of records and increases risk. Below are a few best practices, as outlined in a Journal of AHIMA article, for how HIM professionals can ensure proper disclosure and mitigate breach.

Know the Risky Spots: Audit your Points of PHI Disclosure

A practical first step is to conduct an enterprise-wide audit of all disclosure points. An audit of all PHI disclosure points should be conducted and updated yearly as part of your organization’s privacy compliance assessment. Auditing your enterprise helps HIM leaders become aware of the risks, which they can then work to mitigate. HIM professionals should audit non-HIM PHI disclosure areas to ensure compliance with relevant laws. During the audit, HIM leaders should review a list of items for disclosures which includes date received, date delivered and more.

Train and Educate Based on Needs

Training is essential for safe and compliant enterprise-wide Release of Information. This goes for the HIM department as well as any other employees that release PHI. Well-trained ROI staff keep the flow of information running smoothly. Based on the individual department’s most common requests, ROI training should be focused on accuracy, include all HIPAA privacy basics, and include the following six PHI disclosure management fundamentals:

  1. Track and monitor each type of request being received.
  2. Define each type of request.
  3. Emphasize accuracy.
  4. Reiterate minimum necessary.
  5. Coach personnel on patient requests.
  6. Direct requests to HIM.

Establish HIM as the Enterprise-wide PHI Gatekeepers

Annual HIM reviews and continuous communication with other departments that release information are essential to mitigate breach risk, expedite payer reimbursement, and prevent a requester dissatisfaction crisis. Non-HIM staff are focused on their core competency areas and are rarely trained in proper PHI disclosure management. The result is often hasty PHI processing and increased risk of breach. To mitigate risk while also ensuring the appropriate ROI, HIM departments should maintain oversight of PHI disclosure management across the entire enterprise—not just within HIM.

Complete the form below to download MRO’s eBook “Breach Risk in Release of Information: Don’t Leave Risk to Chance” and learn strategic, enterprise-wide approaches to PHI disclosure management and mitigating breach risk.

DOWNLOAD MRO’S EBOOK “BREACH RISK IN RELEASE OF INFORMATION: DON’T LEAVE RISK TO CHANCE.”

Read More

Two Private Eyes on Your ROI: Quality Assurance in Release of Information

Quality Assurance in Release of Information

Small scale privacy breaches, like those caused by errors in the Release of Information process, can be just as damaging to healthcare organizations as larger breaches. The repercussions include both monetary penalties and reputational harm. With the stakes this high, it is important to ensure the highest levels of quality when disclosing Protected Health Information (PHI).

The Cost of PHI Breach

Although small breaches, affecting less than 500 patients per incident, are not usually broadcasted as widely as a large cyberattack, the financial impact is real.

• Each breach can cost between $8,000 to $300,000, not including HIPAA violation civil penalties.

• Penalties are rising to as much as $50,000 per breach with a maximum of $1.5 million annually for repeated occurrences.

• As many as 10 states now consider HIPAA to be the “relevant standard of care for state privacy violation claims brought by individuals.”

Release of Information – Risky Business

Criminal attacks and lost or stolen devices were the root cause of most PHI data breaches in recent years, but almost as many—40 percent—were due to “unintentional employee action,” according to 2015 survey results from the Ponemon Institute.

Unintentional employee actions include more than using the wrong fax number or mailing address when disclosing PHI. There are multiple points in the ROI process that can result in breaches.

• With typical ROI workflows, 20 to 30 percent of all submitted authorizations are initially found to be invalid. MRO’s research shows there are around 100 types of authorization errors.

• Five percent or more of patient data in Electronic Medical Records (EMRs) have integrity issues, including comingling of patient records.

• Well-trained ROI specialists will catch the majority of mixed records; however, with just one level of quality control, up to 0.7 percent will contain mixed patient data.

Additionally, in the typical ROI workflow, requests for health information come into a facility and are logged by onsite ROI staff that also handle many other responsibilities, such as: requester calls, support and issue resolutions, record retrieval, invoicing and collections, producing copies, and delivering records. There is no “second set of eyes” for Quality Assurance. This approach results in inefficiencies, distractions and increased errors.

Closing the Quality Assurance Gap in ROI

At MRO, we believe the best practice is to ensure “second set of eyes” Quality Assurance measures are taken across multiple steps of the ROI process. Not one, but two teams should check each ROI authorization for accuracy, in addition to checking PHI multiple times for accuracy, e.g. ensuring there are no comingled records.

Sophisticated ROI vendors will offer technologies to assist with this process – like MRO’s IdentiScan® record integrity application that uses optical character recognition to scan for mixed patient data. Technology, such as barcoding systems, can also be used to maintain shipping integrity.

Introducing MRO’s Two Private Eyes on Your ROI

If you subscribe to the Journal of AHIMA, or have visited MRO’s website or social media pages recently, you may have noticed our new campaign called Two Private Eyes on Your ROI. This theme was developed by the creative team at MRO. The idea was born while brainstorming ad concepts that could be tied into a Miami theme, with the 2018 annual AHIMA Convention being hosted in Miami Beach. What started as a Miami Vice theme quickly turned to a private investigator theme when the idea of “Two Private Eyes on your ROI” – a play on MRO’s “second set of eyes” redundant quality checks within our Release of Information workflow – was bounced around. Since the Miami Vice detectives were with the police force and not PI’s, we looked at famous private eyes over history and developed the characters Magnum PHI and SureLook Holmes.

Be sure to check out the “premier episode” of Two Private Eyes on Your ROI by visiting our microsite.

Sign Up for Future Blog Posts

Read More

Training Business Office Staff on PHI Disclosure Management

Millions of payer requests for medical records are sent to hospital business offices every day. Business office staff are often tasked with gathering and releasing Protected Health Information (PHI) to payers in a very short amount of time to get claims paid. During this rush to meet payer deadlines and expedite claims, human mistakes can be made. Critical steps of the Release of Information (ROI) process may be skipped or accidentally omitted. This increases PHI breach risk.

To ensure business office disclosures are kept safe and secure, organizations should train their staff on disclosure management using the same information, curriculum and courses presented to Health Information Management (HIM) teams. Below is a video where I discuss MRO’s unique approach for training and educating employees, as well as five PHI disclosure management topics to train your business office staff on.

PHI Disclosure Management Training/Education at MRO Corp.

Five PHI Disclosure Management Topics to Train Your Business Office Employees On

1) ROI and HIPAA Basics

Ensure employees understand the definition of HIPAA (Health Insurance Portability and Accountability Act), the privacy rule, ARRA HITECH Omnibus, PHI and differences between federal versus state law. This distinction is especially important for business offices that process requests for care locations across different states.

Another important topic to cover is the Health and Human Services (HHS) minimum necessary guidance under the HIPAA privacy rule. This guidance helps organizations determine what information can be used, disclosed or requested by payers for a specific purpose. Business office staff need to know which parts of the record to send to the payer. By training business office staff to fully understand and apply the minimum necessary guidance, organizations tighten privacy and mitigate breach risk.

2) Medical Record Components

Make sure to define the various components of the medical record to business office staff. These components include: common documents, various types of encounters, properly documented corrections and amendments.

3) Confidentiality and Legal Issues

Outline the legal health record concept and what it includes for your organization. Additionally, all the various confidentiality and legal issues should be explained in full detail.

4) Types of Requests

List all the various types of requests that might be received in the business office. For each category, differentiate which are part of Treatment, Payment and Healthcare operations (TPO) and which are not. Those that fall outside of TPO require a patient authorization and should be forwarded to HIM for processing. For a list of types of requests to discuss, read this article.

5) Sensitive Records and Special Situations

Identify and describe specific PHI disclosure management practices related to sensitive records. These cases can include information on genetics, HIV/AIDS, STDs, mental/behavioral health, substance abuse, deceased patients, minors and other sensitive issues. Federal and state legal issues may be involved with these and business office employees should be aware of them.

If you’re concerned about the ability of business office or other staff to properly and securely process requests, a centralized ROI model may be your organization’s safest approach.

To sign up for future blog posts, complete the form below.

Sign Up for Future Blog Posts

Read More

How Providers Can Prepare for a HEDIS Review: A Proactive Approach

Three major types of payer record reviews are conducted every year: Healthcare Effectiveness Data and Information Set (HEDIS), Medicare Risk Adjustment, and Commercial Risk Adjustment. A HEDIS Review, in particular, is performed by a payer or health plan to measure the quality and effectiveness of care delivered to their covered patient populations. They are the smallest of the three major payer reviews and occur every year from January to mid-May.

As the volume of payer and health plan reviews continues to sky rocket, millions of patient records are requested. From 2016 to 2017, payer review requests to MRO clients increased by 14%, with HEDIS Review requests increasing from 2% to 3% of the total Release of Information requests processed by MRO nationally.

A recent article in HIM Briefings about HEDIS Reviews details benefits, lessons learned, and what to expect. Below are three important tips that are outlined for providers to prepare for the upcoming HEDIS Review season.

Tips for Managing Payer Requests During the Upcoming HEDIS Review Season

In working with payer record reviews, several practical strategies have emerged to minimize payer-provider abrasion and reduce operational costs. Providers should take a proactive approach and follow these three tips:

1) Engage early.
The National Committee for Quality Assurance (NCQA) is proactive in announcing which quality measures will be targeted for review in the year ahead. For example, the 2018 NCQA quality measures are now published and available to both providers and payers. Proactive providers should reach out to their contracted payers and health plans in December or January to discuss the upcoming HEDIS Review season. With the potential for thousands of medical records to be requested between January and May, two conversations are critical: expected volumes and reimbursement for the provider’s efforts. Keep in mind this dialogue sets the tone for the relationship.

2) Determine expected volumes.
The most important conversation that should occur between payer and provider is about determining the number of record requests that will be received. Be sure to plan ahead for the increased staff workload needed to produce the required medical record documentation. The number of requests depends on the size of the hospital or the healthcare system. Each payer has a designated HEDIS Review team responsible for the program. Contact the team lead or local health plan representative to schedule this conversation during the HEDIS Review planning period in December or January.

3) Set rate for records.
The initial perception in the industry suggested that providers could not charge payers for the time, manpower, and mailing costs associated with producing records for a HEDIS Review. However, this is not the case. Payers understand the tremendous staff burden on providers and are willing to reimburse them for their efforts.

How Your Release of Information Vendor Can Help

At MRO, we utilize our industry knowledge and “easy to work with” approach to create partnerships with payers and their vendors to streamline the processing of HEDIS Review, Medicare Risk Adjustment and Commercial Risk Adjustment projects. This process includes establishing a rate per chart for these projects, as payers are willing to pay for review requests regardless of the language in the managed care contracts. We have found that most payers are reasonable and understand the cost associated with producing these high-volume requests. Hence, why they are willing to pay for them. MRO ensures that the cost of producing these records is not a burden on our clients.
Watch the below video interview to learn more about reducing payer-provider abrasion, and what MRO is doing to help providers handle these payer review requests.

To sign up for future blog posts, complete the form below.

Sign Up for Future Blog Posts

Read More