The Use of Health Information Technology in Physician Practices 2 The Use of Health Information Technology in Physician Practices

Learning Outcomes When you finish this chapter, you will be able to: 2-2 When you finish this chapter, you will be able to: 2.1 Describe the functions of practice management programs. 2.2 Identify the core functions of an electronic health record system. 2.3 Discuss the advantages of electronic health records. 2.4 Describe the impact of health information technology on documentation and coding. 2.5 Discuss how the HIPAA Privacy Rule and Security Rule protect patient health information. 2.6 Explain how the measures put in place by the HITECH Act strengthen HIPAA privacy and security requirements.

Key Terms administrative safeguards audit/edit report audit trail 2-3 administrative safeguards audit/edit report audit trail autoposting breach clearinghouse CMS-1500 (08/05) computer-assisted coding electronic data interchange (EDI) electronic funds transfer (EFT) electronic medical records (EMRs) electronic prescribing evidence-based medicine health information technology (HIT) HIPAA (Health Information Portability and Accountability Act of 1996)

Key Terms (Continued) 2-4 HIPAA Electronic Transaction and Codes Sets standards HIPAA Privacy Rule HIPAA Security Rule HITECH (Health Information Technology for Electronic and Clinical Health Act) National Provider Identifier (NPI) personal health records (PHRs) physical safeguards protected health information (PHI) technical safeguards walkout statement workflow X12-837 Health Care Claim (837P)

2.1 Functions of Practice Management Programs (Continued) 2-6 Most offices use a practice management program (PMP) to complete routine office tasks, including: Patient scheduling Recording patient information Creating and transmitting electronic claims Receiving electronic payments Billing patients Creating financial reports Collecting on overdue accounts Learning Outcome: 2.1 Describe the functions of practice management programs. Pages: 28-32 Many offices now use Electronic Medical Records which merge the front office computer software with the patient treatment information. Stress that an EMR is different from a PMP. If an office has used a PMP, then goes from paper to EMR, the person supervising the change must make sure that the two programs can communicate with each other. Medisoft is a PMP. It is actually used in physician’s offices in the real world. Using a PMP helps save time and eliminate errors. Large corporations usually use the same PMP throughout their system as well as tying that PMP to the computers in the hospital. This allows the physician to access information from hospital admissions. Scheduling is easier, patient information input has less errors. Claims are submitted faster and money received faster. Patients account are easy to track. Financial reports can be pulled to justify purchases, staffing etc.

2.1 Functions of Practice Management Programs (Continued) 2-7 A clearinghouse is a company that collects electronic insurance claims from medical practices and forwards the claims to the appropriate health plans An audit/edit report is sent from the clearinghouse to the practice, after the basic edit is complete Learning Outcome: 2.1 Describe the functions of practice management programs. Pages: 28-32 There is a charge for handling practice management services. There are several companies that a practice can choose. Clearinghouses standardize claims and perform a detailed edit of the information making sure a claim is “clean,” meaning it is free of errors and has no missing information. This facilitates expedited payment from the insurance company. A report, the audit/edit is sent to back to the practice stating the claim is either clean and it will be forwarded to the insurance company or that it contains errors and those errors are identified so the practice can correct them. Once corrected, the claim must be resent to the clearinghouse to be reviewed again.

2.1 Functions of Practice Management Programs (Continued) 2-8 Reimbursement A walkout statement lists the procedures performed, the charges for the procedures, and the amount paid by the patient Autoposting is an automated process for entering information on a remittance advice (RA) into a computer Learning Outcome: 2.1 Describe the functions of practice management programs. Pages: 28-32 Although most offices file insurance for patients, they still need a walkout receipt. They may participate in a flexible spending plan and want to get reimbursed for their copay and/or coinsurance. Autoposting saves time but the RA still needs to be reviewed to identify payments that are not as expected.

2.2 Functions of Electronic Health Record Programs 2-9 Electronic medical records (EMRs) are computerized records of one physician’s encounters with a patient over time Personal health records (PHRs) are private, secure electronic files that are created, maintained, and owned by the patient Electronic prescribing is the use of computers and handheld devices to transmit prescriptions to pharmacies in digital format Learning Outcome: 2.2 Identify the core functions of an electronic health record system. Pages: 32-38 EMR’s are different from a PMP. They can include information from other places where the patient has been seen, such as laboratories, hospitals, pharmacies etc. A lot of hospitals now use hospitalists to take care of patients when they are admitted to the hospital instead of the patient’s primary physician. EMR’s allow the patient’s personal physician to access the information from a hospital visit when the patient is in the office for a follow-up appointment. PHR’s are the information contained in the EMR. This is the information that you must have permission to release from the patient. Information comes from multiple providers and facilities. Electronic prescribing is part of order management. It also helps save time and increase accuracy.

2.2 Functions of Electronic Health Record Programs (Continued) 2-10 Electronic health records (EHRs) may include information from multiple EMRs and have eight core functions: Health information and data elements Results management Order management Decision support Electronic communication and connectivity Patient support Administrative support Population reporting and management Learning Outcome: 2.2 Identify the core functions of an electronic health record system. Pages: 32-38 The following EHR functions are suggested by the Institute of Medicine Key Data-Problem List, procedures, medication lists, allergies, medication list, allergies, demographics, diagnostic test results, health maintenance, advance directives. Clinical and Patient Narrative-signs and symptoms, diagnosis, procedures, level of service, treatment plan. Results reporting, results notification, multiple views of data/presentation, multimedia support (images, scanned documents) Computerized provider order entry(CPOE)-electronic prescribing, laboratory, pathology, x-rays, consultations Access to knowledge sources, drug alerts, reminders, clinical guidelines and pathways, chronic disease management, clinician work list, diagnostic decision support, use of epidermiologic data, automated real-time surveilance Provider-provider, team coordination, patient-provider, medical devices external partners (pharmacy, insurer, laboratory, radiology) integrated medical record (within setting, across settings, inpatient-outpatient Patient education (access to patient education materials), family and informal caregiver education, data entered by patient, family, and/or informal caregiver (home monitoring, questionnaires) Scheduling management (appointments, admissions, surgery and other procedures), eligibility determination (insurance, clinical trials, drug recalls, chronic disease management) Patient safety and quality reporting, public health reporting, disease registries.

2.3 Advantages of Electronic Health Records 2-11 Advantages of EHRs include: Increased patient safety Improved quality of care Greater efficiency Learning Outcome: 2.3 Discuss the advantages of electronic health records. Pages: 39-41 Safety: medication and physician orders (illegible handwriting), electronic alerts allergies and drug reactions, alerts to physicians, record preservation, timely communication of information Quality: reminders for patients for preventative care and screenings, patients w/chronic illnesses can monitor from home via internet Efficiency: retrieval of information is immediate--essential in critical care situations, also increases efficiency of workflow, refilling of prescriptions, receiving payments, organization of the record and prevents loss of records.

2.3 Advantages of Electronic Health Records (Continued) 2-12 Evidence-based medicine refers to medical care that uses the latest and most accurate clinical research in making decisions about the care of patients The Health Information Technology for Economic and Clinical Health Act (HITECH) is intended to promote the use of EHRs in physician practices and hospitals through the use of financial incentives Learning Outcome: 2.3 Discuss the advantages of electronic health records. Pages: 39-41 EHR’s facilitate evidence-based medicine by allowing physicians to share information quickly HITECH is part of the American Reinvestment and Recovery Act of 2009, provider must show “meaningful use” of the EHR to qualify for the incentives.

2.4 The Impact of HIT on Documentation and Coding 2-13 A Workflow is a set of activities designed to produce a specific outcome The process of assigning preliminary diagnosis and procedure codes with a computer is known as computer-assisted coding Learning Outcome: 2.4 Describe the impact of health information technology on documentation and coding. Pages: 41-44 Electronic workflow is most efficient when the PMP and EHR being integrated in an office can easily exchange data with each other. It is always the goal to increase office efficiency. Computer-assisted coding: Some programs assign codes based on keywords in a template, others analyze words, phrases, and sentences in the electronic documentation. They still need to be reviewed for accuracy before filing the claim.

2.4 The Impact of HIT on Documentation and Coding (Continued) 2-14 Impact of HIT on Documentation and Coding Every service must be documented in order to receive reimbursement Incomplete or incorrect documentation may result in claim denials or even a federal investigation All codes should be reviewed to ensure accuracy Learning Outcome: 2.4 Describe the impact of health information technology on documentation and coding. Pages: 41-44 Discuss the importance of accuracy and compliance in documentation and coding.

2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability and Accountability Act of 1996 (HIPAA) contains a number of rules, including: HIPAA Electronic Transaction and Code Sets standards HIPAA Privacy Rule HIPAA Security Rule Final Enforcement Rule Learning Outcome: 2.5 Discuss how the HIPAA Privacy Rule and Security Rule protect patient health information. Pages: 44-51 Have students discuss scenarios that might compromise HIPAA privacy rules. Examples: Talking to friends about patients, talking on the phone to a patient within earshot of other patients.

2.5 HIPAA Legislation and its Impact on Physician Practices (Continued) 2-16 HIPAA Electronic Transaction and Code Sets standards Describe an electronic format that providers and health plans must use to send and receive health care transactions The electronic transmission of data is called electronic data interchange (EDI) Payment may be via electronic funds transfer (EFT) Learning Outcome: 2.5 Discuss how the HIPAA Privacy Rule and Security Rule protect patient health information. Pages: 44-51 HIPAA Electronic Transaction and Code Sets Standards: Purpose is to reduce administrative costs and complexities by requiring use of standardized electronic formats for transmission of data. EDI involves sending information from computer to computer using publicly available communications protocols. EFT puts money directly into a designated bank account

2.5 HIPAA Legislation and its Impact on Physician Practices (Continued) 2-17 Claim Formats The HIPAA-standard X12-837 Health Care Claim, or 837P The CMS-1500 (08/05) paper claim The National Provider Identifier (NPI) is a ten-position numerical identifier consisting of all numbers Learning Outcome: 2.5 Discuss how the HIPAA Privacy Rule and Security Rule protect patient health information. Pages: 44-51 Claim formats 837P professional claim CMS 1500- some small offices are exempt from HIPAA requirement to send electronic claims so they use this paper form NPI-any individual or health care provider must have an NPI

2.5 HIPAA Legislation and its Impact on Physician Practices (Continued) 2-18 HIPAA Privacy Rule Protects individually identifiable health information Mandates rules all covered entities must follow in protecting patients’ privacy Information that can be used to find out a person’s identification, is referred to as protected health information (PHI) Learning Outcome: 2.5 Discuss how the HIPAA Privacy Rule and Security Rule protect patient health information. Pages: 44-51 Covered entities (health plans, health care clearinghouses, and health care providers and their businesses associates) must follow all rules. -adopt a set of privacy practices -notify patients about their privacy rights -train employees so they understand privacy practices -appoint a staff member to be privacy official -secure patient records

2.5 HIPAA Legislation and its Impact on Physician Practices (Continued) 2-19 HIPAA Security Rule Outlines safeguards to protect health information stored on a computer system or transmitted across computer networks Administrative safeguards: the policies and procedures that protect electronic health information Physical safeguards: the mechanisms required to protect electronic systems, equipment, and data Technical safeguards: the automated processes used to protect data and control access to data An audit trail is a report that shows who has accessed information and when Learning Outcome: 2.5 Discuss how the HIPAA Privacy Rule and Security Rule protect patient health information. Pages: 44-51 3 categories of security standards Administrative is assigned to one person Physical threats include hackers, disgruntled employees, or angry patients. Unauthorized intrusion is access by individuals who do not have a “need to know” Technical access is granted on a “need to know” basis. Passwords are designed to allow customized access.

2.5 HIPAA Legislation and its Impact on Physician Practices (Continued) 2-20 HIPAA in the Age of Health Information Technology A breach is the acquisition, access, use, or disclosure of unsecured PHI in a manner not permitted under the HIPAA Privacy Rule Learning Outcome: 2.5 Discuss how the HIPAA Privacy Rule and Security Rule protect patient health information. Pages: 44-51 HIPAA enacted 1996 While the proliferation of health information networks provide many points of access to patient information, it also increases the possibility of unauthorized access.

2.6 The HITECH Act’s Impact on Privacy and Security 2-21 The HITECH Act introduced additional privacy and security regulations, including: Breach notification Monetary penalties Advanced enforcement Learning Outcome: 2.6 Explain how the measures put in place by the HITECH Act strengthen HIPAA privacy and security requirements. Page: 51 Breach notification: Requires notification of patients by covered entities of any breach of information. Also must notify the federal government and the media Monetary penalities: Penalities for breaches ranging from $100-$50,000 Advanced enforcement: Office of Civil Rights is required to conduct audits to ensure compliance with HIPAA rules