Healthcare provider organizations face a growing number of challenges in managing the disclosure of Protected Health Information (PHI). Among these trends are changing HIPAA requirements, hospital mergers and acquisitions and a growing number of disclosure points throughout the enterprise.
Information technology (IT), however, is helping organizations ensure Release of Information (ROI) is accurate, while making the disclosure process more efficient. One such organization effectively utilizing IT to improve its ROI process is Lancaster General Health/Penn Medicine (LG Health/Penn Medicine).
A vital element to LG Health/Penn Medicine's success was selecting a PHI disclosure management partner who offered new and advanced technologies, capable of interfacing with their Epic electronic medical record (EMR) system, to standardize and centralize the ROI process. Also important to achieving improved ROI accuracy and efficiency was extensive planning and collaboration between the organization's IT and health information management (HIM) departments. IT tools and expert guidance, combined with planning and collaboration, turned out to be ingredients the organization needed for its accurate, secure and streamlined ROI process.
Industry and Regulatory Changes Demand Information Governance
Merger and acquisition activity among provider organizations continues to be strong. In the first half of 2016, 49 hospital deals were announced, which is virtually even with the 48 deals announced in the first half of 2015. In addition to requiring systems integration, the merging of facilities demand standardization of ROI policies and processes to ensure PHI disclosure is compliant with HIPAA and internal policies.
EMR systems, some with their own ROI modules, increase the number of disclosure points across an enterprise and likewise may escalate the risk of non-compliant PHI disclosure or breach. Using multiple, disparate systems, which is often the case when organizations merge, also raises the risk of data gaps or comingled patient records.
Establishing strong Information Governance (IG) assists in eliminating those gaps and helps ensure HIPAA compliance, PHI security and data integrity. Collaboration between HIM and IT departments is essential in developing an IG plan, as each group brings unique expertise to the table.
Collaborations Yield Benefits for LG Health/Penn Medicine
One such successful cross-departmental collaboration occurred at LG Health/Penn Medicine, a 689-bed health system in Lancaster, P, which includes the 533-bed Lancaster General Hospital, the 97-bed Women & Babies Hospital, 14 outpatient locations and 51 physician practices.
As a HIMSS7 organization and a 2016 Most Wired health system winner, innovating and leveraging new technologies is important to LG Health/Penn Medicine's leaders. One example is LG Health/Penn Medicine's implementation of the Epic EMR across its enterprise, with a strong focus on maximizing the investment in the system.
SEE ALSO: Managing IT in a New Era of Healthcare
In regard to PHI disclosure management, leaders wanted to use technology to automate processes and improve quality and turnaround of the estimated 50,000 ROI requests it received each year. This initiative began in 2014, led by the HIM director, who was extensively trained on the Epic platform and previously served in the IT department as an Epic Analyst. The end goal of the project was to ensure ROI accuracy, quality and efficiency across its hospitals and outpatient clinics.
The first step was selecting a new PHI disclosure management partner. After an RFP for ROI services was issued, the new vendor selection process took 18 months. With the HIM director taking ownership of the initiative, the search included collaboration between HIM and IT while vetting candidates, presenting options and helping establish realistic implementation timelines.
Expanding Technology Toolkit for Risk Mitigation and Efficiency
LG Health/Penn Medicine selected a partner that offered technology to seamlessly integrate with the organization's Epic EMR. Due to the significant resources the organization devoted to implement and optimize its EMR, LG Health/Penn Medicine was inclined to take advantage of innovative technology that would help them maximize their investment.
The ROI partner's technology synchronized data between the EMR and ROI platform, which eliminated the need for dual data entry and other duplicative processes in both systems. This helped improve efficiency and accuracy, while also standardizing the ROI process across the enterprise by automating steps, such as sharing request authorizations between systems. The request close-out process was also streamlined by flowing record delivery information from the partner's platform to the EMR's ROI module.
The partner also helped mitigate breach risk through a record integrity application that uses optical character recognition (OCR) scanning technology to "read" each page of a patient chart. The technology helps identify and correct comingled records that could potentially result in a breach if not caught during the quality check.
Due to its ROI request volume, LG Health/Penn Medicine also outsourced a variety of related services, including requester calls and correspondence, as well as billing and collections, allowing the HIM department to concentrate on more complex duties.
Time Saved and Breaches Prevented
Since fully implementing the ROI process improvements and accompanying technology in the summer of 2015, LG Health/Penn Medicine has experienced a number of time saving and efficiency benefits.
The direct integration between the EMR and ROI technology has eliminated dual data entry and reduced processing times by 50%, yielding significant improvements in accuracy and efficiency. Further time savings have occurred through routing more than 7,000 requester calls to the ROI partner. In addition, a patient advocate program managed by the partner offers patients extra assistance in understanding how to access requested PHI.
Today, LG Health/Penn Medicine benefits from multiple layers of quality assurance in their ROI process. Since the beginning of their partnership, approximately 13,000 incidents of non-compliant disclosures, such as omitted names of authorized disclosing providers, omissions of authorized PHI recipients and lack of authorizations, have been prevented due to redundant quality checks. Moreover, the record integrity technology has helped identify potential comingling of records within charts prior to PHI disclosure.
Offering more than just technical support and expertise, LG Health/Penn Medicine's ROI partner educated both the HIM and IT departments to understand changes with HIPAA and other regulations and offers training programs to help staff stay compliant. The partner also trained LG Health/Penn Medicine's HIM customer service staff after the organization was impressed by the prompt and effective service the partner delivered to ensure requester satisfaction.
With continued guidance and tools, LG Health/Penn Medicine can thrive in a changing and often unpredictable healthcare industry.
Charlotte Walton-Sweeney is director of health information management at Lancaster General Health/Penn Medicine and Anthony Murray is vice president of Information Technology for MRO.