Q: Our facility does not often use open-ended queries to physicians. Could you give an example of an open-ended query and any disadvantages they may have?
Q: We see many assertions that encryption at the right level meets the National Institute of Standards and Technology (NIST)/HIPAA safe harbor provision with no explanation of what is necessary to prove the breached electronic protected health information (PHI) was actually encrypted at the moment of breach. How can a covered entity prove the PHI was actually encrypted at the time of the breach?
Q: Ever since we moved to an electronic health record (EHR), our HIM department has noticed some physicians copying and pasting information from previous records. How do we know when this is allowed or when we can query the provider to clarify?
We found out after an observation patient was discharged that one of the procedures performed was an inpatient-only procedure. Can we bill this to Medicare without an official inpatient order on the medical record?
