Paper doesn’t get the publicity these days, but maintaining current and legacy paper-based health records continues to be important to day-to-day HIM operations. Understanding how to file, retrieve, and maintain paper records—especially across multiple locations, such as offsite storage—remains a core function in many departments.

Most HIM departments file by terminal digits, which is the only way to keep files expanding at an even rate. In a terminal digit filing system the last two, three, or four digits of the file number are treated as a single number. Since all numbers in the file are sorted by their ending digits, each section contains approximately the same number of folders, so the file shelves are divided for easy expansion.

A new, free toolkit from AHIMA offers best practices in terminal digit filing. Managers can use the kit to train new or existing staff by having employees review the kit and complete the exercises.

Organizations can find further guidance on developing electronic signature policies in the online version of the November–December practice brief “Electronic Signature, Attestation, and Authorship (Updated).”

The online version includes five separate appendixes, linked at the end of the brief:

• Appendix A excerpts portions of the HL7 EHR-System Records Management and Evidentiary Support Functional Profile Standard, which can be used to develop proposals for selecting an EHR system or as a checklist to evaluate current applications for basic record management functionality.
• Appendix B lists the various e-signature laws, regulations, and acts that organizations can refer to in developing and implementing e-signature functionality and policy.
• Appendix C outlines a sample e-signature model policy template, including important legal and compliance recommendations.
• Appendix D provides a glossary of terms that organizations can use in their e-signature policies.
• Appendix E provides practice guidance on making amendments, corrections, and deletions in transcribed reports.

Managing e-signatures is complex, but doing it correctly is critical  in supporting an organization’s legal health record. Successfully implementing and using e-signatures requires proper attention to individual system functionality, regulatory requirements, and organizational policy.

Keeping the organization’s master patient index clean leads some HIM departments all the way back to patient registration, where they collaborate to prevent errors before care starts. Accurate registration helps keep patient data complete and clean as it moves throughout the organization.

Long-term trouble can start during a brief check-in. A rushed or incomplete search of the organization’s MPI can cause clinical registrars to create duplicate patient records or even select the wrong record.

Faulty information entered at check-in streams straight through the system, risking treatment errors and leading to eventual billing problems. Entities that participate in health information exchange will export bad information into their networks.

Error-ridden MPIs also hamper an organization’s ability to understand its patient population and its own performance, both for internal and external reporting. Patient information spread across multiple records can distort measures of patient severity and overall risk of mortality. And correcting errors consumes time.

HIM departments often are the hub of identifying and mitigating registration errors. HIM staff sift through the MPI, merging duplicate records and  separating out information that has been overlaid into the wrong patient account. (more…)

On Wednesday the Centers for Medicare and Medicaid Services (CMS) published the interim final rule for the Genetic Information Nondiscrimination Act (GINA). In it, CMS modifies the HIPAA privacy rule to explicitly include genetic information within the definition of health information. 

The rule also proposes to:

• prohibit health plans from using or disclosing protected health information that is genetic information for underwriting purposes;
• revise the provisions relating to the notice of privacy practices for health plans that perform underwriting;
• make conforming modifications to definitions and other provisions of the privacy rule; and
• make technical corrections to update the definition of “health plan.”

The interim final rule applies GINA’s prohibitions on using and disclosing protected genetic health information for underwriting to all health plans subject to the privacy rule, rather than solely to the plans GINA explicitly requires be subject to the prohibition. It also proposes applying the prohibition on using or disclosing is genetic information for underwriting purposes to all health plans that are covered entities as defined by the HIPAA privacy rule.

CMS will accept public comments for 60 days.

Signed in 2008, GINA protects individuals against discrimination in health coverage or employment based on their genetic information.

A son calls the HIM department and requests his deceased father’s medical records. Shortly afterward, the man’s wife requests the records, also. Then a man calls identifying himself as the executor of the estate. Who is authorized to access the records?

Determining appropriate release of a deceased patient’s medical records can be complex. HIPAA, sometimes blamed for denied requests, is rarely cause for a roadblock, however. The federal law does extend a person’s privacy rights into death, but it also explicitly requires facilities to release records to authorized individuals.

The complications typically come when a patient dies without having named a personal representative. In those instances, HIPAA defers to state law to determine access rights.

Though most state laws are sufficiently clear, the hierarchy may be complex, and some situations will still require judgment calls. Facility staff who are unclear on the law may err on the side of caution and refuse access rather than risk violating privacy laws. On the other extreme, they may release records without requesting proper verification or release them rather than upset or anger the requestor.

The best practice, experts say, is to gain knowledge of the law, share it, and request that patients identify their personal representatives during the admission process. (more…)

A new AHIMA toolkit helps HIM professionals steer their organizations through the Recovery Audit Contractor (RAC) program.

 The “Recovery Audit Contractor (RAC) Toolkit” includes background on the program and an overview of the process, including what entities are eligible to be audited, the basis for the audits, and the type of audits. It also includes appendixes providing: (more…)

In the June print issue Robert James Campbell writes on applying lean thinking techniques to healthcare. The process improvement technique can be used to identify and eliminate waste in any activity. Campbell, an assistant professor at East Carolina University in Greenville, NC, teaches the lean thinking technique to health services and health information students. Here he shares one project in which students reengineer a patient transfer process using lean thinking.

* * *

As healthcare expenses continue to erode household, government, and provider budgets, the industry needs better methods to reduce the cost of care. One tool that can increase efficiency and value is a change management technique called lean thinking.

Lean thinking is based on the Toyota Production Model and is built upon five steps to identify and eliminate waste: value, value stream, flow, pull, and perfection. The ultimate goal of lean thinking as applied to healthcare is to provide services and products that add value to the patient by improving care in the most efficient manner possible. (more…)

New Health and Human Services secretary Kathleen Sebelius was on Capitol Hill yesterday with two new reports from the Agency for Healthcare Research and Quality in hand. Both had discouraging news about the quality of healthcare Americans received in 2008.

In particular, Sebelius singled out unequal care. AHRQ’s “2008 National Healthcare Disparities Report,” she told the House Ways and Means Committee, “highlights that severe and pervasive disparities continue to persist in this county. Minority patients still receive disproportionately poor care compared to their Caucasian neighbor.”

Solving healthcare disparities is complicated by a lack of comprehensive data about its prevalence.

Last month in the Journal, Jennifer Hornung Garvin and coauthors wrote, “At the heart of … efforts to develop effective strategies to address healthcare disparities is the need for accurate and complete data. However, data describing racial, ethnic, language, cultural, and socioeconomic characteristics are frequently inaccurate, incomplete, and lacking in detail in the healthcare setting. Sometimes they are not collected at all.”

Addressing healthcare disparities, the authors stress, “requires that providers capture better data about race, ethnicity, and socioeconomic status, an effort complicated by the sensitive nature of the data and the challenges of categorizing them appropriately.” They point to several data sets that providers can adopt to improve their collection of this so-called equity data in support of efforts to create equal care for all.

See “Data Collection and Reporting for Healthcare Disparities” in the April 2008 issue.

Healthcare organizations must ensure that their sanctions policies for internal privacy and security breaches are consistent, fair, and objective for all staff members. Organizations that fail to do so send a confusing message to staff, compromise their privacy and security programs, and lose public trust.

The May practice brief “Sanction Guidelines for Privacy and Security Breaches” offers recommendations for the internal application of sanctions related to information privacy and security breaches for healthcare organizations that manage or service protected health information or individually identifiable health information.

The brief includes a sample sanctions determination document that organizations can customize for their investigations and trending. Each incident requires appropriate investigation along with managerial discretion to declare a misdeed.

“No two healthcare organizations will approach sanctioning and enforcement for privacy and security breaches in exactly the same way,” the authors write. “Each healthcare organization needs to show a demonstrated, consistent ability to deal with privacy and security issues in its own way to ensure consumer trust. Inherent to privacy and security professional roles is a firm leadership commitment to consistent policy and enforcement and sanction application for noncompliance.”

The Department of Health and Human Services has published guidance related to the Genetic Information Nondiscrimination Act (GINA) and its effect on researchers.

“Guidance on the Genetic Information Nondiscrimination Act: Implications for Investigators and Institutional Review Boards” provides background on protections provided by GINA and discusses GINA’s impact on investigators who conduct genetic research and the institutional review boards that review it, particularly on criteria for IRB approval of research and the requirements for obtaining informed consent under the HHS regulations for the protection of human subjects (45 CFR part 46).

Final GINA regulations are expected in May.

To review GINA’s provisions, see the July 2008 “Word from Washington” column “Getting to Know GINA.”