OCR audits, FY2017 coding updates, and risk-adjustment coding were among the many topics covered during the most recent RIHIMA meeting on October 7 in Warwick, RI. These meetings provide an affordable opportunity to stay abreast of industry changes and network with peers. Another perk: Free coffee and donuts. 🙂

HIPAA branding, OCR audits

Norma Chitvanni, RHIT, CHPS, privacy officer and director of privacy and confidentiality at Beth Israel Deaconess Medical Center, spoke about her efforts to lead an awareness campaign to help employees understand the importance of HIPAA. She reminded attendees that employees are an organization’s biggest vulnerability, and she urged others to consider creative ways to brand an internal privacy and security program.

For example, Chitvanni worked with the hospital’s communications department to create an educational video in which members of a patient/family advisory group spoke about the importance of keeping information private (KIP). She and her team also:

• Created a padlock logo for the program
• Identified internal KIP coaches to help educate staff
• Put KIP labels on salad contains and food wrappers in the cafeteria
• Created a staff portal with resources about how to secure laptops
• Handed out promotional materials about KIP (e.g., pens, phone wipes)

Chitvanni also urged attendees to prepare for upcoming OCR audits. She provided these tips:

• Provide HIPAA education to all staff. Ensure that you have some way to monitor and assess staff member’s understanding along the way (e.g., test-your-knowledge questions or a final exam).
• Use the OCR audit tool as a foundation for compliance. Do your policies and educational materials support each of the 109 elements included in the tool?
• Compile information for your business associates in advance. HHS provides a complete list of necessary information.
• Use technology to monitor and mitigate risk. For example, some applications can identify and flag unencrypted emails that include medical record numbers, patient information, or medical codes.

FY 2017 coding updates

Mary Beth York, CCS, CCS-P, CIC, senior associate at Barry Libman Inc., provided a helpful overview of important coding changes that took effect October 1. She encouraged attendees to review the updated ICD-10-CM guidelines and also pointed out several surprises, including:

• 1.A.19: The assignment of a diagnosis code is based on the provider’s diagnostic statement that the condition exists.  The provider’s statement that the patient has a particular condition is sufficient. Code assignment is not based on clinical criteria used by the provider to establish the diagnosis.

“I think we have to see how this is going to play out,” she said, adding that it remains unclear as to how insurance companies and Recovery Auditors will handle this guideline when a condition doesn’t meet clinical criteria.

• 1.C.12.a(6): If a patient is admitted with a pressure ulcer at one stage and it progresses to a higher stage, two separate codes should be assigned: one code for the site and stage of the ulcer on admission and a second code for the same ulcer site and the highest stage reported during the stay.

She urged HIM professionals to work with members of the quality team to raise awareness of this new guideline.

Risk-adjustment coding

Gerry Petratos, MD, MS, CEO of Hiteks Solutions, Inc. said HCC coding is becoming the “gold standard” in healthcare because of its ability to capture clinical complexity and predict costs.

Many organizations are already using HCC modeling in the outpatient arena, necessitating the need for documentation improvement, he said. “Ambulatory CDI will be the biggest growth area in which there are the fewest people to do the work,” he added.

Accountable Care Organizations can also use HCC data to segment populations and target preventive care.