What HI Professionals Can Expect in 2024

What HI Professionals Can Expect in 2024

By Elizabeth McElhiney, MHA, CHPS, CPHIMS, CRIS
Director of Compliance and Government Affairs

January 2, 2023

Compliance Connect: Virtual Roundtable

Join us January 17, 2024 for a special interactive discussion on what HI professionals predict for 2024. Seats are limited, so register today!

Privacy gets (more) complicated

We’ve said it before – the US is overdue for a national conversation on privacy. 2023 only increased the stakes with the increased adoption of AI, stark state-level differences on social policies, and the prevalence of cybersecurity threats.  Navigating these conflicts – in the absence of a national privacy framework – will be increasingly time-consuming and high-stakes for privacy and compliance professionals.

Patients will be the primary focus

Healthcare consumerism and patient-centered care have been hot topics in 2023 and will remain so in 2024. One area that hasn’t received as much attention is the emphasis on individual patient factors – for example, what constitutes a burden for some patients when requesting records is not for others.  Information blocking exceptions specifically prioritize individual factors in the preventing harm and content/manner exceptions. It will no longer be enough to have a black-and-white procedure manual; instead, organizations may want to consider a “playbook” of factors to be considered.

Expect regulatory activity, especially in early 2024

The last Congress will be one of the least productive in memory – and there weren’t high hopes given the ideological polarization and thin margins in both chambers. Expect to see regulatory agencies attempt to step in through rulemaking.  Early 2024 will likely see the most activity – agencies will want to publish or enact any rules prior to 60 days before a potential change in administrations.

and as always …

Executing on fundamentals is key

This one goes across all areas – we can’t stop emphasizing fundamentals while we handle increasing complexities. It’s the little things that get you in the end. Keep on top of cybersecurity by emphasizing employee cyberhygiene, patient privacy and safety by verifying patients with two identifiers, and patient access by improving request processes and adding new delivery options.

Verisma Compliance Resources

Get the latest updates written and curated by HIM compliance experts and subscribe to our weekly newsletter.
Recap on Recent Regulatory Announcements

Recap on Recent Regulatory Announcements

By Elizabeth McElhiney, MHA, CHPS, CPHIMS, CRIS
Director of Compliance and Government Affairs

October 30, 2023

Compliance Connect: Virtual Roundtable

Join us November 8, 2023 for a special interactive discussion on these regulatory topics. Seats are limited, so register today!

While there were multiple regulatory announcements in the news this week, we’ll recap the President’s Executive Order on AI and ONC’s proposed rule on appropriate provider disincentives.

White House

The White House announced that President Biden was issuing a new Executive Order (EO) on Safe, Secure, and Trustworthy Artificial Intelligence.  The EO contains several overarching themes, which includes New Standards for AI Safety and Security; Protecting Americans’ Privacy; Standing Up for Consumers, Patients, and Students; Promoting Innovation and Competition.

  • Promote national cybersecurity by ensuring that creating an advanced cybersecurity program to leverage AI to find/fix vulnerabilities in critical software.
  • Promote the responsible use of AI in health care; requires the creation of safety program to intake reports of AI harm/unsafe behaviors as well as remedy these complaints.
  • Evaluate how government agencies collect and use commercially available information – including information obtained through data brokers.
  • Seeks to prioritize federal support for promoting the development/deployment of privacy-preserving techniques. Additionally, establish guidelines for federal agency use in testing the efficacy of privacy-preserving techniques.

You can find the fact sheet at this website: EO on Safe, Secure, and Trustworthy Artificial Intelligence fact sheet


The ONC announced this morning that the long awaited NPRM on appropriate provider disincentives for committing information blocking will be published in the Federal Register on Wednesday, November 1st.  The previously announced disincentives were intended for health information exchanges (HIEs), health information networks (HINs), and developers of Certified EHR Technology (CEHRT).

The identified disincentives would pertain to certain health care providers that also are Medicare-enrolled providers or suppliers.  Consequently, these disincentives are related to qualification as a meaningful EHR user under specific programs.

Some notable disincentives include:

  • An eligible hospital or critical access hospital would not be classified as a meaningful EHR user under the MPI program for the associated reporting period. Financial disincentives differ according to the type of hospital.
  • Similarly, a health care provider or group would not be classified as a meaningful EHR user under the MIPS program.
  • Health care providers who are an ACO, participants in an ACO, or a supplier/provider of an ACO would not be eligible to participate for a minimum of 1 year. Ineligibility may result a provider being ineligible to join an ACO or removal from an ACO.

The Comment Period will be open from November 1st, 2023 to January 2nd, 2024. You can make a comment in a number of different ways; the simplest would be to click the “Submit a Formal Comment” button on the Federal Register page for the proposed rule (link below).

Upon finalization of the proposed rule, OIG would begin enforcing the provider disincentives.

ONC NPRM:  21st Century Cures Act: Establishment of Disincentives for Health Care Providers That Have Committed Information Blocking

ONC Press ReleaseHHS Press Release: Appropriate Disincentives for Providers who Engage in Information Blocking


Additional News

October 2023 OCR Cybersecurity Newsletter: How Sanction Policies Can Support HIPAA Compliance (10/19/23)

FTC Amends Safeguards Rule to Require Non-Banking Financial Institutions to Report Data Security Breaches

Upcoming Events

ONC Tech Forum: Aligning USCDI, FHIR US Core, C-CDA and other Heath IT Standards – November 3, 2023

Information Blocking Disincentives Proposed Rule Information Session – November 15, 2023

Verisma Compliance Resources

Get the latest updates written and curated by HIM compliance experts and subscribe to our weekly newsletter.
Top Reasons to Optimize Payer Audit Management

Top Reasons to Optimize Payer Audit Management

By Barbara Carr, RHIA

In today’s ever-evolving healthcare landscape, navigating the challenges posed by increasing payer audits and denials demands a proactive and expertly crafted approach to claims accuracy and compliance. To effectively tackle these challenges, healthcare organizations must adopt an integrated solution that tracks the entire audit process from initial request receipt to denial and appeal resolution. This comprehensive and systematic approach is vital for mitigating the financial risks associated with payer audits and ensuring sustained success.

Herea are some top reasons you should focus on optimizing your payer audit management process:

Enhanced Efficiency and Organization: The integration of all audit-related information and documents into a centralized system streamlines the entire audit process. This eliminates manual tracking, reduces administrative burdens, and safeguards against missing critical deadlines.

Timely Response to Audits: By diligently tracking audits from the moment of request, Release of Information Specialists (ROIS) can promptly respond to audit inquiries, reducing the likelihood of delayed or incomplete responses that may lead to denials. An integrated system also provides valuable data on the status of audits, ensuring that deadlines are met.

Improved Visibility and Transparency: Payer audits involve multiple steps and stakeholders. A comprehensive system offers real-time visibility into the audit status, empowering coding teams, clinical documentation teams, compliance officers, and management to stay informed about audit progress, denials, and appeals.

Identification of Patterns and Trends: With an effective audit management process, organizations can identify patterns and trends in coding audits and denials. Analyzing this data enables a proactive approach to address root causes and prevent future denials, ultimately leading to improved financial outcomes.

Compliance and Regulatory Adherence: Adherence to coding and billing regulations is critical for healthcare organizations. Your audit tracking solution should be built to ensure systematic compliance with these requirements.

Effective Appeals Management: Tracking audits through the denial and appeal process is essential for efficient appeals management. With proper audit management technology, an audit team can identify common reasons for denials and develop targeted strategies to overturn them.

Data-Driven Decision Making: Comprehensive reporting capabilities (beyond spreadsheets) enables an audit team to gather data on audit outcomes, denials, and appeal success rates. Armed with this critical data, financial teams can make informed decisions regarding coding practices, training needs, and resource allocation.

Proactive Risk Mitigation: Vigilant monitoring of audits and denials allows organizations to proactively address potential compliance risks and coding errors. This approach reduces the financial impact of denials and minimizes the risk of audits leading to legal or regulatory issues.

Verisma Claims Audit Manager

Verisma recently announced the launch of Verisma Claims Audit Manager (VCAM) in collaboration with Office Ally. VCAM connects ROI with business office in an end-to-end solution that offers unmatched enterprise reporting capabilities.

A comprehensive approach to payer audit management supported by advanced technology is essential for healthcare organizations to achieve sustained success in an increasingly complex healthcare landscape. By focusing on optimizing this process, organizations can stay ahead of payer audits and denials, safeguard financial stability, and maintain a commitment to delivering high-quality patient care.

Overcoming Staffing Challenges in Healthcare Information Leadership 

Overcoming Staffing Challenges in Healthcare Information Leadership 

By Connie Renda, MA, RHIA, CHDA

In my role as the CHIA President-elect, I had the privilege of addressing our California members on a pressing topic that resonates with healthcare information leaders across the industry. Every day, managers grapple with a multitude of human resource challenges, and this struggle is particularly pronounced in the healthcare information sector. In this article, we’ll delve into these pain points, offer a comprehensive understanding of the challenges faced, and present innovative solutions to help healthcare information leaders reach their goals. 


Challenges in HI Staffing



Understaffing is a perennial issue that plagues healthcare information management. The demand for skilled professionals often surpasses the available talent pool. A report from the Society for Human Resource Management (SHRM) notes that finding suitable candidates and retaining employees will be paramount for organizations in 2023. However, this search for top talent often collides with budget constraints, creating significant challenges, especially in an era marked by concerns over inflation. Many organizations find themselves handcuffed by hiring freezes or grappling with staff shortages due to employees on FMLA leave, compounding the problem further. The critical HIM duties cannot be deferred and require a dependable workforce, which isn’t always readily accessible when needed.

Skill Gaps

In the ever-evolving healthcare landscape, skill gaps are another major headache for healthcare information leaders. As Forbes aptly points out, the industry is grappling with substantial talent shortages as skill sets struggle to keep pace with rapidly advancing technology. This disconnect between the demands of modern healthcare and the available skill sets places additional pressure on organizations striving to maintain efficiency and compliance in their operations.

Fluctuating Workloads

Fluctuating workloads compound the woes of healthcare information leaders. The volume of work can oscillate dramatically, leading to unexpected spikes in demand that strain an already stretched workforce. Coping with these variations efficiently while maintaining a high standard of service becomes an ongoing challenge.

What Can We Do?


Develop a Flexible Workforce Strategy

Maintaining staff agility is one way to ensure operational continuity and peace of mind. My colleagues had many great ideas to achieve this from cross training to assigning multiple job roles. More experienced staff (or outsourced partners) are motivated by new learning experiences and can help address staff shortages, workload surges, and unique projects. In fact, this is such an effective strategy that Verisma launched a team dedicated for this purpose called Verisma bench.  

Consider Efficiency Gains Through Outsourcing

In addition to ROI, many other administrative HIM tasks can frustrate staff who could be spending more time working at the top of their license. Outside partners can alleviate these burdens and improve efficiency, while eliminating the headaches of hiring and training. Verisma, for instance, can manage tasks like prior authorizations, purge projects, inbound document management, and referral management. so staff can focus on what matters most – patient care. 

Leverage Technology-Enabled Strategic Partnerships

Strategic partnerships are more than supplemental staff. They’re relationships built on experience, consistency, time, and effort. Better yet, technology-enabled service companies do more than complete tasks – they build for the future. Working with a trusted company like Verisma to help with staffing challenges makes sense and allows you to share the burden of finding a qualified, reliable team to address talent shortages. 

Five Ways an FQHC Can Save on Administrative Costs

Five Ways an FQHC Can Save on Administrative Costs

Federally Qualified Health Centers (FQHCs) provide critical care for underserved patients nationwide, but on a limited budget supported mostly by donations and grant funding. By focusing on decreasing administrative costs, FQHCs can make their dollars more impactful to patient care initiatives, improving the lives of millions of people across the United States. The following are five ideas FQHCs can consider to reduce their administrative costs to focus their attention on more impactful care within their communities.


In an ever-changing healthcare industry, all organizations are constantly updating process and operations workflows to meet new requirements. FQHCs can implement regular analysis of all workflows to analyze for operational efficiencies. Reviewing patient activities while in the waiting room, as well as what administrative staff may be able to do prior to the patient visit, can ensure that patients are registered, roomed and seen as quickly as possible.

Because of the demand for FQHC visits and services, FQHCs need to make every minute a patient is in the office count. Part of the analysis may include whether offsite staff or partners can provide a more focused, cost-effective way to remove burden and time-consuming administrative tasks from patient-facing personnel. Streamlining staff, provider and patient interaction can create more impactful visit time and allow providers to see more patients in a day.

FQHCs can also find efficiencies by analyzing workflows and refining their tasks and best practices. By optimizing everyday functions and administrative tasks, FQHCs can find areas of savings and eliminate waste. Good examples of common culprits are paper and ink/toner, which can be greatly minimized with smarter filing and scanning workflows.

Streamlining staff, provider and patient interaction can create more impactful visit time and allow providers to see more patients in a day.

Information Technology is often seen as an investment and expenditure, but it comes with an upside. In many situations, IT updates can improve and thereby cut administrative costs for the future. Some government incentives like Pay-for-Performance programs also exist to help organizations offset the costs of implementing technologies. Using information technology to capture structured quality data about patient care can be reported to government and commercial entities, in some cases leading to increased reimbursement.

Additionally, as the industry moves from paper to electronic records, converting paper charts to electronic documents stored in the Electronic Health Record (EHR) can reduce administrative spending on chart storage, as well as free up space for FQHCs to pay less rent or utilize space in other ways that support the patient care mission. Ultimately, IT improvements can lead to increased efficiency and functionality and decreased administrative spending in the future.


Compliance doesn’t just mean HIPAA. Other regulatory programs require complying with certain objectives in exchange for funding. As the industry changes, meeting grant requirements and alternative payment model metrics is critical for keeping the doors open. By focusing energy into maintaining compliance protocols, FQHCs can avoid losing invaluable revenue sources. Of course, HIPAA is also important! Ensuring the proper protocols are implemented, staff is periodically trained, and quality assurance is in place in accordance with the HIPAA Privacy and Security rules is critical for preventing threats. Good compliance practices also help FQHCs avoid a costly and unexpected HIPAA breach adding to administrative costs and detracting from the mission.


One of the biggest administrative costs to a FQHC is staffing. These costs not only include payroll, benefits and other overhead expenses but also where the staff expends their time while they are on the clock. As FQHCs have a laundry list of items to achieve throughout the day, many staff members find they have too much on their “to do” list and something has to give.

Ultimately, staff members being tasked with too many duties can cause burnout, distractions and procrastination, all of which lead to costly mistakes, extra expenses and, in some instances, tasks not getting done altogether. Organizations like Verisma can help FQHCs reduce administrative costs by providing focused expertise related to specific administrative functions.

Utilizing a Business Associate can reduce the need for certain admin staff functions, in turn alleviating some payroll costs as well as the management tasks inherent in supervising hourly staff. Where workforce is in short supply, one of the greatest benefits of utilizing a partner for functions like document filing and release of records is the ability to focus or repurpose existing FQHC staff. When a partner is handling the administrative tasks, the FQHC staff can focus on patient needs and care. In an era of patient satisfaction and engagement tying to reimbursement, focusing on patients is of the utmost importance to FQHCs maximizing their dollars and serving the community.


Changing goals means fluctuating costs; by deploying and following a clear mission FQHCs can zero in on their wildly important purpose. Because FQHCs rely heavily on funding sources, planning too far into the future can be challenging. The mission of the organization, though, will remain steadfast and is the ultimate litmus test in financial planning for FQHCs. If an administrative expenditure doesn’t directly support the mission, is it worthy of investment? Administrative costs can often seep out unexpectedly, especially when the goal line is constantly moving. Reviewing the budget with the mission statement in mind can help FQHCs analyze their supportive and detractive administrative spend.

Need help implementing some of these strategies for maximizing your staff and minimizing administrative costs and workloads? Get in touch at verisma.com/contact-sales.

Key Takeaways: HIPAA Update from the OCR

Key Takeaways: HIPAA Update from the OCR

Verisma Academy recently hosted an informative webinar featuring Timothy Noonan, the Deputy Director for Health Information Privacy, Data, and Cybersecurity at the HHS Office for Civil Rights. The session provided attendees with crucial updates on the proposed rulemaking and guidance from OCR (Office for Civil Rights), shedding light on various aspects such as reproductive health, Part 2 records, and the use of tracking technologies. In this blog post, we’ll delve into the key takeaways from the webinar and explore the implications of these developments in the realm of healthcare information management (HIM).

Strengthening Privacy Protections for Reproductive Health:

One significant aspect discussed during the webinar was the Notice of Proposed Rulemaking (NPRM) regarding reproductive health. The primary objective of this proposal is to enhance privacy protections by restricting the use or disclosure of Protected Health Information (PHI) by regulated entities for investigations related to reproductive health care. To enforce this prohibition, the NPRM suggests that regulated entities obtain a signed attestation ensuring that the requested PHI is not intended for prohibited purposes. This attestation requirement applies to various circumstances, including health oversight activities, judicial and administrative proceedings, law enforcement purposes, and disclosures to coroners and medical examiners. The comment period for this proposal ends on June 16, 2023.

Understanding the Impact on HIM and Release of Information Processing:

From an HIM perspective, numerous questions arise regarding the content of the attestation and its impact on the release of information processing. To gain more insights and details on this matter, interested individuals can refer to the official Federal Register document available here.

Transitioning from COVID-19 Telehealth Measures:

Timothy Noonan also provided updates on the conclusion of the COVID-19 health emergency with regards to telehealth. Attendees were reminded that personal health information (PHI) stored on mobile devices such as cell phones and tablets is not protected under HIPAA. This serves as a critical reminder for healthcare professionals to ensure appropriate safeguards are in place when handling PHI on personal devices.

Enhanced Coordination for Substance Use Treatment:

The webinar covered proposed modifications to 42 CFR Part 2 records, which deal with substance use and disorders. The objective of these modifications is to enhance coordination among providers involved in the treatment of substance use, thus reducing existing challenges. By potentially increasing patient protections regarding the disclosure of records, these changes aim to prevent discrimination in treatment. More information on the proposed modifications can be found here.

Understanding Online Tracking Technologies and Protecting ePHI:

Another crucial topic discussed in the webinar was the use of online tracking technologies, such as Google Analytics and Meta, on entity websites or apps. Attendees were reminded that using tracking technologies in a manner that leads to impermissible disclosures of electronic Protected Health Information (ePHI) to tracking vendors is strictly prohibited. The webinar provided insights into the nature and usage of tracking technologies, as well as the necessary steps that regulated entities must take to safeguard ePHI. For additional information, visit the OCR’s website here.

Escalating Breach Incidents and the Need for Robust HIPAA Security:

The number of PHI breaches has seen a concerning increase, with hacking breaches accounting for a significant portion. In 2022 alone, there were 712 reported breaches, a sharp rise from 369 in 2018. Hacking incidents accounted for 49% of all breaches in 2022, and from January 1 to April 30, 2023, hacking incidents constituted a staggering 67% of all breaches. Moreover, during the same period, there were 559 breaches affecting 400 or more individuals, with 57% being network server-related and 21% related to email. These alarming figures highlight the urgency for organizations to fortify their security measures and conduct regular HIPAA security assessments to identify and mitigate risks.

Looking Ahead and Staying Informed:

While the finalization of the HIPAA NPRM and its potential impact on turnaround times and other significant changes remains uncertain, organizations should stay updated and watch for the upcoming Spring Unified Agenda release, which may offer more clarity. In the meantime, the industry must stay vigilant about evolving areas such as reproductive health, Part 2 records, and HIPAA security to ensure compliance and protect sensitive health information.

Verisma Academy’s webinar featuring Timothy Noonan shed light on the latest proposed rulemaking and guidance from OCR regarding HIPAA. Attendees gained valuable insights into reproductive health privacy protections, substance use records modifications, the usage of online tracking technologies, and the increasing importance of robust HIPAA security measures. In this dynamic healthcare landscape, it is crucial for organizations to stay informed, adapt to changing regulations, and prioritize the protection of patients’ health information.

Verisma Academy

The recording of this event is available on-demand and CEU-eligible through May 2024.