News & Analysis

January 1, 2015
HIM Briefings

MRB asked HIM and release of information (ROI) professionals about their ROI practices for its first quarterly benchmarking survey of 2015. (The survey was completed in October 2014.) Half of survey respondents are HIM directors or managers (52%). Other respondents identified themselves as non-managerial HIM staff members (18%) or ROI directors or managers (4%). The majority of respondents (65%) work in hospitals.

January 1, 2015
HIM Briefings

RC.01.01.01, Content of the Medical Record, did not top the list of the survey findings for hospitals in the first half of 2014, according to the September 2014 issue of Joint Commission Perspectives. Nor was it on the list for critical access hospitals at all! However, 49% of hospitals surveyed received a requirement for improvement for this standard, primarily in the EPs related to timing and dating entries. This indicates hospitals are still using a lot of paper records. That said, the downward swing is encouraging as more and more hospitals fully implement the EMR.

January 1, 2015
HIM Briefings

For as long as I have been in the profession, HIM professionals have asked: How do we define who we are, and what is unique about what we do?

January 1, 2015
HIM Briefings

In September 2014, CMS and the Office for the National Coordinator (ONC) released a final rule that offers enhanced flexibility for eligible professionals, eligible hospitals, and critical access hospitals using certified EHR technology (CEHRT) and working toward meaningful use attestation (https://s3.amazonaws.com/public-inspection.federalregister.gov/2014-21021.pdf). The final rule regulations became effective October 1, 2014.

January 1, 2015
HIM Briefings

Q: I was recently hired for a position at a long-term care facility. Upon getting acclimated, I learned that the facility has completed handwritten logs for every fax that was sent out since 2003. This document is referred to as the HIPAA fax log and contains the date the fax was sent, to whom it was sent, by whom it was sent, the number of pages, and whether a cover sheet with confidentiality statement was included. I would like to do away with this form since fax machines can generate their own logs. However, if this is a necessary process then I would like to follow official guidelines and update the facility's policies and procedures accordingly. Does the HIPAA Privacy or Security Rule require these logs? If so, what information must we include?

January 1, 2015
Briefings on HIPAA

While organizations should focus on performing regular risk assessments and analyses, there are also other ways in which they must review their systems for compliance. Often, these other evaluations are overlooked despite their value, says Kevin Beaver, CISSP, an information security consultant in Atlanta. In particular, organizations should be careful not to forget about performing vulnerability assessments and penetration tests, which are components of an overall risk assessment or analysis, says Beaver, who is a BOH editorial advisory board member.

Pages