Historically, the healthcare revenue cycle has been dominated by fee-for-service (FFS) payment arrangements that reimburse providers for the volume of care they provide. These reimbursement models have always been tempered by medical necessity determinations to ensure that the care delivered to patients is in fact medically necessary. Over the past several decades, healthcare costs have been rising precipitously. In response, new payment models have been developed to curb that trend and to deliver more cost-effective care with higher quality and better outcomes.
At HCPro's Accreditation Specialist Boot Camp, we continue to receive questions about standing orders, protocols, and verbal/telephone orders. With spring on its way by the time this article is published, I thought a fresh look at these topics would be in order (no pun intended). Let's try to dispel the myths and go straight to what the regulations say and what is best practice to meet them.
Q: Is there a sample risk analysis about how an enterprise or clinic might evaluate and determine if data-at-rest protection through encryption is reasonable and appropriate as defined in the HIPAA Security Rule?
Release of information (ROI) is typically a function that is managed by the HIM department, but privacy and security officers often play a critical role in ensuring records remain secure during transmission.
