What HIM can expect in 2018 and beyond

The list of topics covered at the recent RIHIMA meeting truly ran the gamut: Medicare payment reform, Office for Civil Rights (OCR) enforcements, the 21st Century Cures Act, FY 2018 ICD-10-CM coding changes, and more. The meeting, which drew approximately 50 people, was held in Warwick on October 20. The theme? Looking ahead to 2018 and beyond.

Health IT updates

Jennifer L. Cox of Cox and Osowiecki, LLC kicked off the morning with an update on health IT, the future of which she said is unclear in light of unprecedented budget cuts to infrastructure. What can HIM professionals expect during the next year and beyond? Cox told attendees to keep their eyes open for the 21st Century Cures Act, which she said is one of the most significant regulations that will affect the HIM profession. The legislation, which was enacted in December 2016, includes a section on health IT interoperability that requires data sharing and prohibits data blocking. A first set of draft rules is due by March 2018.

“This is going to be bigger than HIPAA and Meaningful Use–it will be the biggest thing in our careers that will shift how we use health information,” said Cox.

Cox also touched on the federal government’s efforts to remove Social Security Numbers (SSN) from Medicare cards by 2019. Although this may reduce identity theft, she said it creates an inability for HIM professionals to verify patient identity using this unique identifier. HIM may eventually need to create consistent verification standards in lieu of having access to the SSN, she added. They may also need to retrospectively sanitize records to remove the SSN. Cox encouraged attendees to make a list of all the ways in which they currently rely on the SSN so they can work collaboratively with the legal/compliance department to develop a strategy for how they’ll handle these scenarios once the SSN is no longer available.

Cox also warned of increasing OCR activity, stating that high-dollar settlements have increased over the last year and a half. She encouraged attendees to monitor the OCR’s running list of resolution agreements because she said it’s often a roadmap for potential vulnerabilities. “Learn from your colleagues’ misfortune,” she said. “This is what [the OCR] cares about, and what they care about, we should care about.”

Risk assessments should be a top priority, she said, adding that many independent physician practices are failing Meaningful Use audits because they didn’t conduct an assessment during the year of attestation. Also remember to fix any problems discovered during the assessment, she added.

Staff education is equally as important, said Cox. For example, employees should notify their IT department when a computer is particularly slow, as this could signal an impending cyber attack. “These are very sophisticated attacks,” she added. “It takes minutes–not hours–to infect the entire system.”

FY 2018 coding updates

Mary Beth York, senior associate at Barry Libman, Inc. discussed several important ICD-10-CM coding changes that took effect October 1, 2017. She encouraged attendees to review the FY 2018 ICD-10-CM coding guidelines as well as the 2018 Addendum. When coders rely entirely on the encoder–and don’t review all of the additions, deletions, and revisions–they aren’t as aware of these oftentimes subtle changes, she said.

Third-party release of information

Amy Derlink and Laureen Rimmer, both of MRA Health Information Services, gave an informative presentation on ROI best practices.

Derlink encouraged attendees to create a third-party audit record review policy that addresses these and other questions: Will you ask to see the business associate agreement between the health plan and third-party auditor before releasing information? Will you allow the third-party auditor onsite? What access will you provide to the third-party auditor? Will it include remote access? How will you comply with HIPAA’s minimum necessary requirements? “We need to protect privacy,” she said. “That’s our number one obligation.”

Don’t let auditors bypass HIPAA to access protected health information, said Derlink. Quality audits (e.g., HEDIS) are not included in uses and disclosures for treatment, payment, and operations, she added.

Rimmer said HIM must leverage technology and tap into data analytics to identify compliance risk and prepare for audits. “Understand your data, and know what’s going on so you can be proactive with your own internal audits,” she said. “As you see themes, you need to drill down.”

Embracing leadership qualities

Karen A. Benz of Benz Strategic Group gave an interesting presentation on leading vs. managing. “Management is doing. Leadership is being,” she said. “As a leader, you set the culture and tone of your department.” She described managers as productivity-oriented implementers, and she identified leaders as open-minded agents of transformational change. Managers ask people to follow, but when you’re a leader, people will follow naturally, she explained.

She challenged attendees to embrace leadership qualities and not succumb to negativity. Doing so improves employee retention and satisfaction. And when employees are happy, they’re often willing to go the extra mile for patients as well.

 

 

 

 

OCR audits, risk-adjustment coding discussed at RIHIMA

OCR audits, FY2017 coding updates, and risk-adjustment coding were among the many topics covered during the most recent RIHIMA meeting on October 7 in Warwick, RI. These meetings provide an affordable opportunity to stay abreast of industry changes and network with peers. Another perk: Free coffee and donuts. 🙂

HIPAA branding, OCR audits

Norma Chitvanni, RHIT, CHPS, privacy officer and director of privacy and confidentiality at Beth Israel Deaconess Medical Center, spoke about her efforts to lead an awareness campaign to help employees understand the importance of HIPAA. She reminded attendees that employees are an organization’s biggest vulnerability, and she urged others to consider creative ways to brand an internal privacy and security program.

For example, Chitvanni worked with the hospital’s communications department to create an educational video in which members of a patient/family advisory group spoke about the importance of keeping information private (KIP). She and her team also:

  • Created a padlock logo for the program
  • Identified internal KIP coaches to help educate staff
  • Put KIP labels on salad contains and food wrappers in the cafeteria
  • Created a staff portal with resources about how to secure laptops
  • Handed out promotional materials about KIP (e.g., pens, phone wipes)

Chitvanni also urged attendees to prepare for upcoming OCR audits. She provided these tips:

  • Provide HIPAA education to all staff. Ensure that you have some way to monitor and assess staff member’s understanding along the way (e.g., test-your-knowledge questions or a final exam).
  • Use the OCR audit tool as a foundation for compliance. Do your policies and educational materials support each of the 109 elements included in the tool?
  • Compile information for your business associates in advance. HHS provides a complete list of necessary information.
  • Use technology to monitor and mitigate risk. For example, some applications can identify and flag unencrypted emails that include medical record numbers, patient information, or medical codes.

FY 2017 coding updates

Mary Beth York, CCS, CCS-P, CIC, senior associate at Barry Libman Inc., provided a helpful overview of important coding changes that took effect October 1. She encouraged attendees to review the updated ICD-10-CM guidelines and also pointed out several surprises, including:

  • 1.A.19: The assignment of a diagnosis code is based on the provider’s diagnostic statement that the condition exists.  The provider’s statement that the patient has a particular condition is sufficient. Code assignment is not based on clinical criteria used by the provider to establish the diagnosis.

“I think we have to see how this is going to play out,” she said, adding that it remains unclear as to how insurance companies and Recovery Auditors will handle this guideline when a condition doesn’t meet clinical criteria.

  • 1.C.12.a(6): If a patient is admitted with a pressure ulcer at one stage and it progresses to a higher stage, two separate codes should be assigned: one code for the site and stage of the ulcer on admission and a second code for the same ulcer site and the highest stage reported during the stay.

She urged HIM professionals to work with members of the quality team to raise awareness of this new guideline.

Risk-adjustment coding

Gerry Petratos, MD, MS, CEO of Hiteks Solutions, Inc. said HCC coding is becoming the “gold standard” in healthcare because of its ability to capture clinical complexity and predict costs.

Many organizations are already using HCC modeling in the outpatient arena, necessitating the need for documentation improvement, he said. “Ambulatory CDI will be the biggest growth area in which there are the fewest people to do the work,” he added.

Accountable Care Organizations can also use HCC data to segment populations and target preventive care.

Why HIM professionals hold the keys to patient satisfaction

I started writing about medical coding and health information back in 2005. When I stop and think about how many changes HIM professionals have been through during that decade, it’s mind-boggling! First it was MS-DRGs and the dawn of clinical documentation improvement, then the Affordable Care Act and the push for electronic health records, then ICD-10, and now a transition to value-based payments.

As medical records have evolved, HIM professionals’ skills have evolved as well. With their intimate knowledge of data — particularly how data is created, modified, stored, and shared — they bring such value to the table. The sky is the limit when HIM and IT collaborate effectively. Add a hospital executive to the mix, and you’ve got a powerful trio of intelligent minds that can propel process improvement forward. What an exciting thought!

Unfortunately, it’s sometimes difficult to find common ground. And it’s easy to lose valuable ideas in translation. The good news is that everyone seems to speak the language of ‘patient satisfaction.’ Organizations nationwide  continue to focus on the patient experience — especially in light of the important role that both of these plays in CMS’ latest hospital quality star ratings.

This is an opportunity for HIM. Take it.

Meet with a C-suite executive and explain how HIM can engage patients. Here are a few examples:

  1. Portal navigation. Who is most qualified to convey the value of portals and educate patients how to use them? HIM.
  2. Health coverage education. Who is most knowledgeable of complex insurance policies (including copayments, deductibles, coinsurance, etc.) and can thus help patients understand these concepts? HIM.
  3. Digital forms. Who can help digitize forms, integrate EHR data into those forms, reduce duplication, and create opportunities for e-signatures on mobile devices? HIM.
  4. Advocacy for privacy and security. Who can help patients understand their rights to obtain copies of their own medical records? HIM.
  5. Protection against medical identity theft. Who can implement policies and procedures to thwart identity theft and protect patient information? HIM.
  6. EHR best practices. Who can help physicians integrate the EHR into the exam room so it doesn’t disrupt communication? HIM.

In what other ways do you, as an HIM professional, strive to improve the patient experience daily?

 

 

 

Information governance, cybersecurity discussed at RIHIMA

Last week, I attended the annual meeting of the Rhode Island chapter of AHIMA. The event, held in Warwick, drew 70+ people as well as several vendors. It was a day filled with a wide variety of presentations, a delicious breakfast and lunch, and many opportunities for networking. The best part was that I only needed to travel 10 minutes from my home!

The day began with an overview of AHIMA’s strategic goals and initiatives. Tim J. Keough, MPA, RHIA, FAHIMA, of the AHIMA board of directors, spoke about the importance of data in healthcare — and why HIM is well-suited for the role of data analyst. He urged HIM professionals to lead the charge in the current data revolution — that is, to look for ways in which their organizations can turn data into health intelligence that can mitigate risk and improve outcomes.

Keough also talked about information governance through data transparency, data protection, and data integrity. As the industry continues to tap into big data for precision medicine, he said HIM should be at the forefront managing, using, and improving this data.

Cybersecurity expert, John H. Rogers, CISSP, gave a great presentation on the growing risk that hackers pose to health information privacy and security. “Healthcare information is more valuable than any other information on the market,” he said.

HIM professionals must make cybersecurity a core mission of the organization. This requires ongoing staff education, virus protection/patch updates, and social engineering testing. “It’s not just about the technology. Situational awareness is your power,” he said.

On the coding side, Barry Libman, MS, RHIA, CDIP, CCS, CCS-P, CIC, provided a helpful overview of important ICD-10-CM/PCS changes that will go into effect for FY 2017 on October 1, 2016. In particular, there are 3,651 new PCS codes (many of which are cardio-related) and 1,943 new CM codes, including a new code for the Zika virus (A92.5).

Attorney Jennifer Cox, JD gave an update on the ever-evolving Meaningful Use (MU) program, urging attendees to perform a security risk analysis if they haven’t done so already. Cox said this analysis is the number one reason providers fail to meet MU criteria.

David L. Rousseau, director of cancer information systems at the Hospital Association of Rhode Island, talked about the importance of cancer registries and why this is a good fit for HIM.

Perhaps the most riveting presentation was given by Michael G. Cooley, executive director of Nalari Health. Cooley shared his personal journey to overcome many challenges and hardships to ultimately find success both personally and professionally. His story, which also serves as the basis for his memoir “Rock Bottom: From the Streets To Success,” was extremely inspirational and unexpected. It also serves as a reminder of the strength of the human spirit — a good lesson for all of us.

 

A snapshot of the 24th annual AAPC conference

I was lucky enough to be able to attend the recent HEALTHCON conference sponsored by the American Academy of Professional Coders. The 24th annual event, held in Orlando April 9-13, drew nearly 2,700 attendees — many of them physician practice coders. More than 50 vendors also exhibited at the conference, providing the opportunity for networking and checking out the latest and greatest technology. Plus, there were many fun giveaways and prizes (I always enjoy grabbing some extra pens!).

The schedule was jam packed with sessions touching on EMRs, coding/billing compliance, HIPAA, productivity, practice management, telemedicine, value-based payments, and more. It was a coder’s dream — a smorgasbord of all things coding! Speakers included physicians, consultants, attorneys, and others. Every session I attended was held in a room filled with bright-eyed coders ready and willing to take notes, ask questions, and absorb information like a sponge.

Following are just a few of the noteworthy highlights:

  1. Coders and billers must learn the lingo of denials. Read the EOB carefully. Track and trend denial codes, and implement carrier-specific edits. -Yvonne Dailey
  2. 90%-93% of denials are preventable because they’re due to data entry errors. Design front-end processes that ensure accurate demographic and financial information. -Yvonne Dailey
  3. Physician practices need policies and procedures. Every practice should have these policies in place: Financial policy, bad debt/write offs, financial hardship, compliance, claim correction, refunds. -Yvonne Dailey
  4. Physicians must ensure that their personal mobile devices conform to enterprise-wide policies and procedures for HIPAA compliance. -Steve Spearman
  5. The biggest hurdle in terms of billing for transitional care management is being able to receive discharge notifications. Practices must develop relationships with hospitals to establish this workflow. -Stephen Canon
  6. Wearable devices will improve preventive medicine. That’s because these devices will continuously gather data in real-time, providing much richer health histories. What will this mean for HIM? There are many privacy implications. We’ll need new permission models that must be more sophisticated and perhaps even rely on time-limited boundaries. We’ll also need to be able to filter information based on the end user/recipient of that data. -Scott Klososky
  7. Auto-population in the EMR is risky business because it affects credibility. -Michael Miscoe
  8. Some Medicaid contractors and commercial payers are asking for the EMR audit trail. -Robert Pelaia
  9. When reporting time-based codes, coders need to question whether the payer is using CMS or AMA guidelines. -Michael Strong
  10. Data is becoming the new currency. By 2030, consumers will be able to shop for and compare physicians. We’ll also see more bundled payments, the expansion of telemedicine, and the consolidation of smaller practices into larger integrated practices. -Dan Schwebach
  11. Coders are salespeople — they must “sell” the importance of coding to physicians. -Stephanie Cecchini
  12. As soon as you feel comfortable, it’s time to learn something new. -Stephanie Cecchini
  13. Templates are a tool — not a “be all end all” when it comes to selecting a code. You still need to question/validate the code and ensure that documentation supports code assignment. -Angela Jordan
  14. Coding quality is just as important as coding productivity. -Ann Bina
  15. When setting productivity standards, consider these factors: Page count, access to coding tools, experience, handwritten vs. electronic notes, Internet speed, provider (resident vs. physician), non-coding duties, and more. -Ann Bina