Q: I am familiar with the HIPAA Security Rule requiring information system review audits. Are there any HIPAA Privacy Rule requirements?other than to perform audits?that require the examination of inappropriate access for an alleged breach? Currently, our security team performs monthly information system review audits and issues reports to leadership on a quarterly basis. Will this suffice, or are there audits that the privacy team should perform as well?
More than ever before, HIM is being recognized as an enterprise profession important to ambulatory, acute, and postacute settings. A good example of the transformation is HIM's involvement in CMS' risk adjustment and Hierarchical Condition Category coding system.
Coding and documentation should tell a patient's complete story. With the greater specificity in ICD-10, organizations should be better able to capture these stories, and the respiratory codes, listed in Chapter 10: Diseases of the Respiratory System (J00?J99), are no exception.
While it can be challenging to define your organization's legal health record (LHR), one health system in Denver is proving that collaboration and perseverance can lead to an effective LHR and EHR.