By: Linda Kloss, MA, RHIA, FAHIMA
Historically known as a ‘back office’ HIM function, release of Information (ROI) policies and processes are gaining greater attention for three key reasons:
- The number of requests for information and the volume of information per request continue to increase.
People are more aware of the importance of accessing their own information to be informed and engaged participants in their health care. Third party requests are increasing to support a range of expanding uses. While electronic health records (EHRs) and other information technology have digitized PHI, ROI is not accomplished by pushing a button. Information must be retrieved from a range of source systems and it must be reviewed for accuracy and completeness, while assessing responding to requests with the minimum necessary.
- New federal access and disclosure guidance promotes patient access, shrinks allowable fees and opens back channels to PHI.
We applaud the 2016 Federal Access and Disclosure Guidance[1] for its focus on increasing individual’s access to their health records. An unintended consequence of the guidance, however, has been an increase in the number of third party requests attempting to circumvent required approaches. The guidance also reduces allowable fees to the point that they no longer offset the real costs of release functions.
- Complex health systems have multiple points of PHI disclosure vulnerability that need to be mitigated.
Each physician practice and hospital that is part of a health system can no longer handle ROI in its own way. Today’s health systems must use consistent policies across the enterprise in order to ensure compliance in protecting the privacy rights of individuals. Health systems must also focus on uniform, efficient practices supported by technology to manage in today’s cost constrained environment.
Whether performed by providers’ own staff or outsourced, there is a need for an end-to-end rethinking of ROI. It is a new day for ROI. Today’s release functions require smart technology to support the end-to-end workflow from receipt of a request through fulfillment. All HIM functions have been profoundly impacted by technology. Technology has elevated staffing for ROI from clerical work to skilled knowledge work. Effective ROI today also requires management tools to monitor and improve productivity and accuracy. It needs compliance guidance and safeguards to ensure that it is being performed according to changing requirements and regulations.
ROI transformation is driven by patients—by all of us—who increasingly rely on timely information for care coordination at home and across our personal networks of care providers. ROI has its roots in the Principles of Fair Information Practice that assert the rights of individuals:
- to know what information is maintained about them,
- to obtain a copy in an intelligible form within a reasonable time,
- to challenge if a request for access is denied or delayed,
- to have data amended.
HIPAA baked these principles into law and made protected health information (PHI) part of our vocabulary.
Verisma is launching this blog to explore the changing demands and opportunities of this new day for ROI. Over the coming months, authors will focus on key drivers of ROI change, spotlighting solutions and emerging best-practices in the industry. We hope you will engage with the authors, sharing your thoughts and insights. Together we can accelerate the transformation and modernization of the future of ROI in healthcare.
[1] https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/access/index.html