Verisma Achieves HITRUST Risk-based, 2-year Re-certification Demonstrating the Highest Level of Information Protection Assurance

Verisma Achieves HITRUST Risk-based, 2-year Re-certification Demonstrating the Highest Level of Information Protection Assurance

HITRUST Risk-Based, 2-year (r2) Certification validates Verisma® is committed to strong cybersecurity and protecting sensitive data.

Alpharetta, GA, February 9, 2024 – Verisma, a leading provider of health information solutions, today announced its flagship technology, Verisma Release Manager®, has earned its HITRUST Risk-based 2-year (“r2”) re-certification status for information security. This includes the underlying Azure hosting environment as well as supporting features such as Verisma Release Application®, Verisma AnalyticsTM, Verisma SpotlightTM, Verisma InboxTM, Verisma Technology Assisted ReviewTM (TAR), and the ROIS application.

HITRUST Risk-based, 2-year (r2) Certification, first earned by the company in 2021, demonstrates that the organization’s Verisma Release Manager® platform has met demanding regulatory compliance and industry-defined requirements and is appropriately managing risk. This achievement places Verisma in an elite group of organizations worldwide that have earned this certification. By including federal and state regulations, standards, and frameworks and incorporating a risk-based approach, the HITRUST Assurance Program helps organizations address security and data protection challenges through a comprehensive and flexible framework of prescriptive and scalable security controls.

“Organizations like ours are continually under pressure to address current and emerging threats and meet complex compliance, information protection, and privacy requirements,” said Marty McKenna, Chief Executive Officer at Verisma. “We are pleased to demonstrate to our customers the highest standards for data protection and information security by achieving the rigorous HITRUST r2 Certification.”

“Without consistency, transparency, and reliability, an information security assessment can’t provide the requisite level of assurances needed to make important business decisions. That’s why we focus on producing the highest quality reports available,” said Vincent Bennekers, Vice President, Quality at HITRUST. “Achievement of a HITRUST r2 Certification is an assurance that Verisma takes compliance and information risk management seriously.”


About Verisma®

Verisma’s leading technology and solutions empower healthcare providers to streamline the exchange of protected health information that facilitates value-based care programs, bridges gaps in care coordination and supports legal proceedings. Verisma’s HITRUST®-certified technology enhances interoperability to deliver cutting-edge release of information (ROI) and care coordination solutions that adhere to the highest standards in data security and patient protection.

Overcoming Staffing Challenges in Healthcare Information Leadership 

Overcoming Staffing Challenges in Healthcare Information Leadership 

By Connie Renda, MA, RHIA, CHDA
In my role as the CHIA President-elect, I had the privilege of addressing our California members on a pressing topic that resonates with healthcare information leaders across the industry. Every day, managers grapple with a multitude of human resource challenges, and this struggle is particularly pronounced in the healthcare information sector. In this article, we’ll delve into these pain points, offer a comprehensive understanding of the challenges faced, and present innovative solutions to help healthcare information leaders reach their goals. 


Challenges in HI Staffing



Understaffing is a perennial issue that plagues healthcare information management. The demand for skilled professionals often surpasses the available talent pool. A report from the Society for Human Resource Management (SHRM) notes that finding suitable candidates and retaining employees will be paramount for organizations in 2023. However, this search for top talent often collides with budget constraints, creating significant challenges, especially in an era marked by concerns over inflation. Many organizations find themselves handcuffed by hiring freezes or grappling with staff shortages due to employees on FMLA leave, compounding the problem further. The critical HIM duties cannot be deferred and require a dependable workforce, which isn’t always readily accessible when needed.

Skill Gaps

In the ever-evolving healthcare landscape, skill gaps are another major headache for healthcare information leaders. As Forbes aptly points out, the industry is grappling with substantial talent shortages as skill sets struggle to keep pace with rapidly advancing technology. This disconnect between the demands of modern healthcare and the available skill sets places additional pressure on organizations striving to maintain efficiency and compliance in their operations.

Fluctuating Workloads

Fluctuating workloads compound the woes of healthcare information leaders. The volume of work can oscillate dramatically, leading to unexpected spikes in demand that strain an already stretched workforce. Coping with these variations efficiently while maintaining a high standard of service becomes an ongoing challenge.

What Can We Do?


Develop a Flexible Workforce Strategy

Maintaining staff agility is one way to ensure operational continuity and peace of mind. My colleagues had many great ideas to achieve this from cross training to assigning multiple job roles. More experienced staff (or outsourced partners) are motivated by new learning experiences and can help address staff shortages, workload surges, and unique projects. In fact, this is such an effective strategy that Verisma launched a team dedicated for this purpose called Verisma bench.  

Consider Efficiency Gains Through Outsourcing

In addition to ROI, many other administrative HIM tasks can frustrate staff who could be spending more time working at the top of their license. Outside partners can alleviate these burdens and improve efficiency, while eliminating the headaches of hiring and training. Verisma, for instance, can manage tasks like prior authorizations, purge projects, inbound document management, and referral management. so staff can focus on what matters most – patient care. 

Leverage Technology-Enabled Strategic Partnerships

Strategic partnerships are more than supplemental staff. They’re relationships built on experience, consistency, time, and effort. Better yet, technology-enabled service companies do more than complete tasks – they build for the future. Working with a trusted company like Verisma to help with staffing challenges makes sense and allows you to share the burden of finding a qualified, reliable team to address talent shortages. 

Verisma Claims Audit Manager Launches as an End-to-End Release of Information and Audit Management Platform Designed to Protect Revenue Integrity

Verisma Claims Audit Manager Launches as an End-to-End Release of Information and Audit Management Platform Designed to Protect Revenue Integrity

Verisma® announces this latest innovation in collaboration with Office Ally.

Verisma, a leader in health information management (HIM) solutions that simplify release of information (ROI) and compliance complexities, is proud to announce its latest innovation, Verisma Claims Audit Manager (VCAM). Developed in collaboration with Office Ally, a distinguished healthcare technology provider with expertise in revenue cycle support, VCAM revolutionizes the audit and appeal process with advanced automation and analytics, creating a single source of truth to manage and protect reimbursement dollars.

While the timely response to payer audits remains critical, navigating the complexities of Medicare, Medicaid, and commercial audits poses an ever-increasing challenge. Coordinating medical record requests, document submissions, denials, appeals, reporting, and financial adjustments strains providers’ internal resources. Even so, the responsibility to ensure release of information is compliant and secure is non-negotiable.

Leveraging Office Ally’s mature and market-tested audit technology and infusing it with Verisma’s ROI, compliance, and workflow expertise, VCAM presents a holistic answer to pressing industry needs. This expansion of Verisma’s award-winning solutions bridges the gap between HIM and business office, streamlining processes and fostering data connectivity across the enterprise. As a result, providers stand to gain several advantages:

Enhanced Communication: Prevent the risk of communication and audit details getting lost in the maze between audit departments and HIM groups.

Increased Productivity: Eliminate the need for duplicate documentation of record releases, freeing up valuable time and resources.

Insightful Analytics: Gain real-time visibility into denial statuses, including amounts at risk or waiting for appeals. Identify and address enterprise-wide trends such as certain DRGs or release of information specialists affecting revenue loss.

Simplified Vendor Management: Reduce the complexity of managing multiple vendors and build a trusted strategic partnership.

Verisma’s CEO, Marty McKenna stated, “The launch of Verisma Claims Audit Manager represents a monumental step forward in audit management and revenue integrity. This collaboration with Office Ally showcases our commitment to delivering innovative solutions that truly address the evolving needs of the healthcare industry.”

Office Ally’s CEO, Chris Hart, shared, “We are excited to partner with Verisma to bring VCAM to the market. The combination of Office Ally’s revenue cycle expertise and Verisma’s HIM proficiency creates an unparalleled offering that empowers healthcare leaders to streamline their operations and drive financial success.”

Verisma Claims Audit Manager reflects the joint commitment of Verisma and Office Ally in reshaping the health information management landscape and is Verisma’s first product announcement since its recent merger with ScanSTAT Technologies. VCAM product demonstrations will debut at the AHIMA Global Conference, October 8-10 in Baltimore, MD at the Verisma booth, #317

Key Takeaways: HIPAA Update from the OCR

Key Takeaways: HIPAA Update from the OCR

Verisma Academy recently hosted an informative webinar featuring Timothy Noonan, the Deputy Director for Health Information Privacy, Data, and Cybersecurity at the HHS Office for Civil Rights. The session provided attendees with crucial updates on the proposed rulemaking and guidance from OCR (Office for Civil Rights), shedding light on various aspects such as reproductive health, Part 2 records, and the use of tracking technologies. In this blog post, we’ll delve into the key takeaways from the webinar and explore the implications of these developments in the realm of healthcare information management (HIM).

Strengthening Privacy Protections for Reproductive Health:

One significant aspect discussed during the webinar was the Notice of Proposed Rulemaking (NPRM) regarding reproductive health. The primary objective of this proposal is to enhance privacy protections by restricting the use or disclosure of Protected Health Information (PHI) by regulated entities for investigations related to reproductive health care. To enforce this prohibition, the NPRM suggests that regulated entities obtain a signed attestation ensuring that the requested PHI is not intended for prohibited purposes. This attestation requirement applies to various circumstances, including health oversight activities, judicial and administrative proceedings, law enforcement purposes, and disclosures to coroners and medical examiners. The comment period for this proposal ends on June 16, 2023.

Understanding the Impact on HIM and Release of Information Processing:

From an HIM perspective, numerous questions arise regarding the content of the attestation and its impact on the release of information processing. To gain more insights and details on this matter, interested individuals can refer to the official Federal Register document available here.

Transitioning from COVID-19 Telehealth Measures:

Timothy Noonan also provided updates on the conclusion of the COVID-19 health emergency with regards to telehealth. Attendees were reminded that personal health information (PHI) stored on mobile devices such as cell phones and tablets is not protected under HIPAA. This serves as a critical reminder for healthcare professionals to ensure appropriate safeguards are in place when handling PHI on personal devices.

Enhanced Coordination for Substance Use Treatment:

The webinar covered proposed modifications to 42 CFR Part 2 records, which deal with substance use and disorders. The objective of these modifications is to enhance coordination among providers involved in the treatment of substance use, thus reducing existing challenges. By potentially increasing patient protections regarding the disclosure of records, these changes aim to prevent discrimination in treatment. More information on the proposed modifications can be found here.

Understanding Online Tracking Technologies and Protecting ePHI:

Another crucial topic discussed in the webinar was the use of online tracking technologies, such as Google Analytics and Meta, on entity websites or apps. Attendees were reminded that using tracking technologies in a manner that leads to impermissible disclosures of electronic Protected Health Information (ePHI) to tracking vendors is strictly prohibited. The webinar provided insights into the nature and usage of tracking technologies, as well as the necessary steps that regulated entities must take to safeguard ePHI. For additional information, visit the OCR’s website here.

Escalating Breach Incidents and the Need for Robust HIPAA Security:

The number of PHI breaches has seen a concerning increase, with hacking breaches accounting for a significant portion. In 2022 alone, there were 712 reported breaches, a sharp rise from 369 in 2018. Hacking incidents accounted for 49% of all breaches in 2022, and from January 1 to April 30, 2023, hacking incidents constituted a staggering 67% of all breaches. Moreover, during the same period, there were 559 breaches affecting 400 or more individuals, with 57% being network server-related and 21% related to email. These alarming figures highlight the urgency for organizations to fortify their security measures and conduct regular HIPAA security assessments to identify and mitigate risks.

Looking Ahead and Staying Informed:

While the finalization of the HIPAA NPRM and its potential impact on turnaround times and other significant changes remains uncertain, organizations should stay updated and watch for the upcoming Spring Unified Agenda release, which may offer more clarity. In the meantime, the industry must stay vigilant about evolving areas such as reproductive health, Part 2 records, and HIPAA security to ensure compliance and protect sensitive health information.

Verisma Academy’s webinar featuring Timothy Noonan shed light on the latest proposed rulemaking and guidance from OCR regarding HIPAA. Attendees gained valuable insights into reproductive health privacy protections, substance use records modifications, the usage of online tracking technologies, and the increasing importance of robust HIPAA security measures. In this dynamic healthcare landscape, it is crucial for organizations to stay informed, adapt to changing regulations, and prioritize the protection of patients’ health information.

Verisma Academy

The recording of this event is available on-demand and CEU-eligible through May 2024.

How Leveraging an HIM Partner Helps Decrease Staff Stress

How Leveraging an HIM Partner Helps Decrease Staff Stress

“Everything Everywhere All at Once” isn’t just the title of an award-winning movie that many viewers found quite confusing. It’s how a lot of health information management (HIM) employees feel about their jobs. There aren’t enough hours in the day, and one person can’t do everything at once.

Many providers are exploring HIM support from outside partners to take all or some of the weight off their shoulders. The right Release of Information (ROI) and HIM partner can be a reliable and cost-effective solution for ensuring your quality standards are met without burdening you or your internal staff.

Following our acquisition of ScanSTAT Technologies, Verisma now offers a full suite of outsourced HIM solutions in addition to our industry-leading ROI service:

Prior Authorizations

Inbound Document Management

Chart Abstraction

EHR Conversion

Forms Completion

Document Scanning


Contact us to learn more!

Imagine a world where your team’s health information management responsibilities are supported by industry-leading experts at Verisma. What would that look like?

1. You would spend less time recruiting, hiring, training, retaining and scheduling employees.

Finding and hiring new talent has never been more challenging. HIM partners ensure you have the resources required to meet the demands on your organization. Your employees take time off for vacations, illnesses, and leaves of absence, but Verisma is always ready. We have the people and resources to meet your needs every day.

2. You could finally address your backlog.

When you partner with Verisma, you can breathe. Because Verisma:

  • Allows your in-house staff to focus on patient care
  • Keeps your medical records department current on requests
  • Assumes responsibility for HIPAA compliance
  • Fills the gaps in your department while you still maintain your own processes and standards


A dedicated team of experts can improve turnaround time and thus reduce staff stress while improving patient satisfaction.

3. You would reduce risk and achieve or maintain compliance.

As stewards of data integrity, health information managers understand that Protected Health Information (PHI) responsibilities—from compliance, workflows, training, and coding to document completion—are top priorities. But, realistically, each one of these PHI responsibilities is a full-time job. Recent regulatory changes related to release of information (ROI) are a potentially expensive pitfall as there are steep fines for violations. Verisma has in-house experts dedicated solely to staying on top of compliance and legislative activities. Working with an outsourced team of knowledgeable HIM experts can help you feel confident that your organization meets the new requirements for releasing electronic information. Furthermore, your organization will be compliant with laws regulating strict timeframes under which requests and information must be handled to avoid stiff fines.

4. You would have happier, more focused employees who are more likely to stay with your team.

Additional HIM functions, such as prior authorizations and faxing and scan filing, often fall on staff members with multiple other responsibilities. This necessity to multitask drains staff and contributes to lower job satisfaction.

By working with Verisma, you’ll know dedicated experts are:

  • Completing forms and requests efficiently and accurately
  • Improving your physicians’ satisfaction by eliminating the additional work and stress of tracking down accurate patient information
  • Helping ensure your processes are compliant with current regulations
  • Available to help train internal staff on new technology or processes

Get back to being in one place and thinking about one thing at a time. Reach out to us today to get started.

How to Use a Gap Analysis to Build Your ROI Roadmap

How to Use a Gap Analysis to Build Your ROI Roadmap

One of the best tools for ensuring organization-wide ROI compliance is a gap analysis. A gap analysis looks at the entire disclosure management process to give you a sense of where you are today versus where you need to be to achieve and maintain compliance. In addition to compliance, the benefits of a gap analysis include a full accounting of disclosures, improved productivity, reduced paper processing, increased electronic release, improved turn-around time, and improved requestor satisfaction. This is an especially relevant topic given Information Blocking and the upcoming proposed changes to HIPAA, which are presumed to go into effect this spring.

To begin a gap analysis, you must first assess your current state. We can break this down into six steps.

  1. Determine where the ROI flows into departments, practices, clinics, hospitals, etc.
  2. Layout a flowchart of all “on ramps.”
  3. Document the handling of all requests to include how many people touch a request. For example, does HIM forward a copy to radiology, the business office, sleep center, etc.?
  4. Analyze access to systems. Include all steps required to obtain access and what effort is needed to capture all pertinent information.
  5. Review current delivery method options (print, package, mail, email, fax, etc.)
  6. Determine current turn-around time. Start with the actual received date and remember that the TAT clock doesn’t stop and restart every time a request is forwarded to another department or location.

Once you’ve assessed your current state, it’s time to develop an action plan.

Working with a vendor partner who can automate this process will make this step much easier. Your action plan should involve a committee of location leaders or decision makers. You can use the “on ramp” flowchart from the previous step to make decisions on centralizing intake. Then provide access to all source systems to HIM or one centralized group. To reduce the number of patients wanting to review in-person, expand your delivery method options through automated technology like Verisma Request App®. Finally, establish a one-touch process to accomplish an accurate TAT.

The most difficult part of this process is building a unified ROI plan. Change projects are always challenging, especially within complex health systems, but your gap analysis will help as you move forward. Follow these five steps to build and implement your plan.


  1. Recognize the need for change. Get internal support and lay out your business case with benefits. HIM leadership should usually handle this step.
  2. Craft a vision. Your vendor partner can help you strategize for success.
  3. Implement change.
  4. Embed changes in your culture and practices. Make sure old ways aren’t creeping back in.
  5. Review your progress and analyze the results.

If you’d like to learn more about how Verisma can help you conduct a gap analysis and build an ROI roadmap, contact us.

Learn more about the gap analysis process and earn an AHIMA CEU through Verisma Academy. 
Verisma Academy