A business case for resourcing a compliance assurance program for privacy and security should be possible solely on the basis of the need to respond to complaints made directly to a covered entity (CE) (or business associate (BA) acting as an agent of a CE). However, despite stepped-up enforcement and periodic audits required by HITECH, industry experts still anticipate that a more proactive process for compliance may not be taken until an untoward event occurs. Consequently, other avenues for substantiating the importance of privacy and security measures are necessary and readily available. Information privacy and security officials may find it necessary to go beyond information about HIPAA Privacy and Security Rule enforcement in making the business case. Monitoring the general security industry and relating those risks to healthcare privacy and security are important when doing so. Consider the following:
In October 2014 a record number of hospitals were fined for excessive care transitions. In total, CMS penalized some 2,610 hospitals, and will assess fines between October 2014 and September of this year. Through these penalties, the government has given hospitals sufficient incentive to revamp their processes with an eye on preventing readmissions and improving transitions.
RC.01.01.01, Content of the Medical Record, did not top the list of survey findings for hospitals in the first half of 2014, according to the September 2014 issue of Joint Commission Perspectives. Nor was it on the list for critical access hospitals at all! However, 49% of hospitals surveyed received a requirement for improvement for this standard, primarily in the EPs related to timing and dating entries. This indicates hospitals are still using a lot of paper records. That said, the downward swing is encouraging as more and more hospitals fully implement the EMR.
Coronary artery bypass graft (CABG) procedures are not the only ones coders will report using the root operation bypass in ICD-10-PCS. Surgeons can create bypasses in other vessels of the body.
Inpatient coding professionals are used to DRG systems where all of the diagnoses and procedures map to a single DRG. So they may not look for additional procedures and services to report outside of that DRG.
