Q: We are struggling with how to report the functional status codes that are required when a physical therapist provides therapy services post-operatively. We have a process for doing that for our “regular” therapy patients, but are struggling with how to implement this for the outpatient surgeries.
This week we have an excerpt from Observation Services Training Handbook, written by Janet L. Blondo, LCSW-C, MSW, CMAC, ACM, CCM, C-ASWCM, ACSW. For more information and to purchase, visit the HCPro Marketplace.
CMS wants your thoughts on its 2017 OPPS proposed changes. In various places in the proposed rule, CMS specifically asks providers to comment on the proposals. You may submit comments to the agency until September 6.
Q: What recommendations do you have for handling medical records for staff members who are also patients at the organization where they work? Should we provide extra protection for these patients? What can we do to ensure that staff members are not accessing their coworkers' records without permission or need?
A: I am a firm believer in not adding special protection to any record, because it implies that some records are more confidential than others. In fact, all records are confidential and staff should not access any record unless it is necessary to do so to do their jobs. And, if it is necessary, they should only access the minimum necessary to do the job. HIPAA requires access monitoring, so your organization should conduct routine audits to determine whether staff are accessing records without a work-related reason. There is now software available that can conduct routine audits by staff member and department. This software can be used to reassure staff that their information is not being accessed by coworkers and to hold accountable those who are not following the policy/law. When a staff member raises a concern, an audit should be run to determine whether inappropriate access has occurred, and if it has, sanctions should be applied. Organizations should also consider having a policy that staff should not handle coworkers' (or family members') records (except in an emergency) without the permission of their supervisor.
All of these points should be reviewed at orientation and during (at minimum) annual training to ensure all staff understand that the organization takes such transgressions seriously and will take action as needed to protect the privacy of every patient's information.
