Q: We recently received a request for a patient's records. The patient transferred to another provider several years ago and we subsequently transferred all the patient's records to the new provider. Should I direct the request to the provider the patient transferred to? I'm unsure that we should be responsible for retrieving and releasing information for this patient since we transferred the patient's entire record to the new provider.
A: If you sent a copy of the patient's records to the new provider and still have the original records, it would be appropriate for you to respond to the request. If you transferred all records to the new provider and no longer have the patient's information, refer the request to the new provider.
Editor's note: Mary Brandt, MBA, RHIA, CHE, CHPS, is a healthcare consultant specializing in healthcare regulatory compliance and operations improvement. She is also an advisory board member for BOH. This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions. Opinions expressed are those of the author and do not represent HCPro or ACDIS. Email your HIPAA questions to Associate Editor Nicole Votta at nvotta@hcpro.com.
When I look back on 30 years of involvement with HIM, it's hard to believe that I was also passionate about another profession at one time. But I actually came to my career as a coder by way of my associate's degree in veterinary science.
CMS is looking to implement the Section 603 provisions of the Bipartisan Budget Act of 2015 regarding off-campus, provider-based departments (PBD) by January 1, 2017, according to the 2017 OPPS proposed rule (https://s3.amazonaws.com/public-inspection.federalregister.gov/2016-16098.pdf). The agency is proposing to pay the nonfacility or office Medicare Physician Fee Schedule (MPFS) amount to the performing/supervising physician and preclude hospitals from billing on a UB-04 form or receiving OPPS payment for services performed at these locations for 2017, but plans to explore other options for 2018 and beyond.
Physicians would be paid at the higher nonfacility rate of the MPFS, but only hospitals that have employed or contracted physicians that reassign their billing to the hospital would get paid under the MPFS for these services.
Hospitals would be able to bill claims on CMS-1500 forms for physicians who have already reassigned their billing to the hospital, as in the case of employed physicians. Otherwise, hospitals would have the option of enrolling the location as the type of provider or supplier it wishes to bill to meet the requirements of that payment system (e.g., ambulatory surgery center or group practice).
"This proposal will be very challenging for hospitals that have community physicians practice at their off-campus outpatient departments that will no longer be paid under OPPS," says Valerie Rinkle, MPA, lead regulatory specialist and instructor for HCPro, a division of BLR, in Middleton, Massachusetts.
"These physicians would bill with the office place of service code and the hospital would have to figure out how to get compensated," she says. "This will likely require hospitals to rewrite their agreements with these physicians."
Q: What recommendations do you have for handling medical records for staff members who are also patients at the organization where they work? Should we provide extra protection for these patients? What can we do to ensure that staff members are not accessing their coworkers' records without permission or need?
A: I am a firm believer in not adding special protection to any record, because it implies that some records are more confidential than others. In fact, all records are confidential and staff should not access any record unless it is necessary to do so to do their jobs. And, if it is necessary, they should only access the minimum necessary to do the job. HIPAA requires access monitoring, so your organization should conduct routine audits to determine whether staff are accessing records without a work-related reason. There is now software available that can conduct routine audits by staff member and department. This software can be used to reassure staff that their information is not being accessed by coworkers and to hold accountable those who are not following the policy/law. When a staff member raises a concern, an audit should be run to determine whether inappropriate access has occurred, and if it has, sanctions should be applied. Organizations should also consider having a policy that staff should not handle coworkers' (or family members') records (except in an emergency) without the permission of their supervisor.
All of these points should be reviewed at orientation and during (at minimum) annual training to ensure all staff understand that the organization takes such transgressions seriously and will take action as needed to protect the privacy of every patient's information.
Observation hours start accruing not when the patient comes into the hospital, but when the physician writes the order for observation. Observation hours end when all medically neces¬sary services related to observation are complete.
Physician advisors (PA) are an important ally for case managers at many organizations when it comes to ensuring proper patient status. But one organization has greatly expanded the role of PAs to include performance improvement and as a result has seen improvements in everything from readmissions to length of stay.
