Submit your HIPAA questions to Associate Editor Nicole Votta at nvotta@hcpro.com and we will work with our experts to provide you with the information you need.
Q: Our front desk receptionist has asked the following question regarding residents who are admitted to our long-term care facility. If someone calls the front desk asking for information on a resident, such as "Is (resident) in your facility?" or "What is their room number?", would this information be considered PHI?
A: The answer is not straightforward when it comes to long-term care. It all depends on the care setting. If care is provided in an assisted living facility and the assisted living facility does not provide healthcare services, such as nursing care related to treatment or a clinic on-site, the information is not PHI. On the other hand, if the facility is a skilled nursing facility (SNF) and is providing what HIPAA defines as healthcare, it would be considered PHI. That doesn't mean the receptionist cannot share the information about whether a resident is at the facility or the resident's room number. Similar to a hospital, a long-term care facility could maintain a facilities directory. Unless the resident has specifically requested he or she not be included in the facility directory, you can share whether a resident is at the facility and where the resident is located in the facility. Providing more information would be prohibited. Review the long-term care regulations in the state in your state.
Editor’s note: Chris Apgar, CISSP, president of Apgar and Associates in Portland, Oregon, answered this question. This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions.
CMS giveth and CMS taketh away. More than $21 billion in payments under the Medicare EHR Incentive Program and more than $10.1 billion in Medicaid EHR Incentive Program payments has been doled out between 2011 and 2015?but not every payment remains with its intended recipient. Contractors will perform audits to ensure that those eligible for the program can support their attestation through examination of supporting documentation to back a claim that a provider or hospital has fulfilled the requirements for meaningful use.
CMS contracted Figliozzi and Company to conduct pre- and postpayment desk audits of the meaningful use program.
"What we have been seeing from our clients' experience is Figliozzi is attempting to perform audits on 5% of attestations submitted to CMS," says David Holtzman, JD, CIPP, vice president of compliance at CynergisTek, Inc., in Austin, Texas.
Holtzman also notes a spike in state Medicaid offices and the Office of Inspector General (OIG) performing audits for those attesting to meaningful use. These audits are conducted on site by a team of auditors.
"Both Medicaid and Medicare meaningful use audits are pass-fail audits," Holtzman says. "Therefore, if any requirement or measure is not met, the result is that the provider or hospital will not receive the incentive payment in the case of a prospective audit or will be required to return any payment received for the prior period as a result of the audit."
Under the Affordable Care Act, the latter would be considered an overpayment by Medicare or Medicaid, and the provider or organization would be required to return the incentive dollars within 60 days or face fines and penalties subject to the False Claims Act.
"There is increased attention by the U.S. Attorney's Office and the Office of Inspector General for investigating and prosecuting fraudulent attestations for meaningful use that results in incentive payments," Holtzman says. "I look at this as a claims recovery effort."
CMS may occasionally report on overall rates of audit failure by eligible providers and hospitals. However, it will not provide any specific guidance on how to resolve identified issues, Holtzman says. "Once the reporting year has ended, the attestation is filed or the hospital/provider selected for audit, no substantive changes are permitted," he says. "Best practices are to carefully review documentation for meaningful use attestation using internal experts or bring in a third-party reviewer to ensure accuracy."
The Hospital Readmissions Reduction Program is a CMS pay-for-performance program that links the amount hospitals are paid to risk-adjusted readmission rates. Measures included in the program are claims based, which simply means that the ICD-10 codes we submit on our claims for payment are also used to assess our performance; our performance then impacts our payment.
As we celebrate our 30th year of delivering you the latest in HIM, we would like to invite you to celebrate the HIM profession with us. Each month this year, HIM Briefings (formerly Medical Records Briefing) will include a special feature that highlights the changes to our publication and the HIM profession over the years.
The 2016 OPPS final rule includes the first negative payment update for the system. CMS finalized its proposal to reduce the conversion factor by 2% to account for its overestimation of dollars for packaged labs built into the 2014 APC rates, despite congressional and provider pressure to not proceed with this payment reduction.
Per CPT1, modifier -52 is used when a service or procedure is partially reduced or eliminated at the provider's discretion. Such a situation is identified by using the service's usual HCPCS/CPT code and adding modifier -52, signifying that the service is reduced.
