1. Documentation in Acute Care
Chapter 5
Accreditation and Regulatory Requirements for Acute Care Documentation

2. Mandatory Requirements for Acute Care
Federal statutes and regulations
State statues and regulations
County and municipal ordinances and codes
State and federal judicial decisions

3. Legal definitions
Statute – a piece of legislation written and approved by a state or federal legislature and then signed into law by the president or the state’s governor
Regulation – a rule established by ad administrative agency of government

4. Legal definitions – cont’d
Municipal ordinance/code – a rule established by a local government
Judicial decision – a ruling handed down by a court to settle a legal dispute.

5. Voluntary Requirements for Acute Care
Accreditation organizations – JCAHO, CARF, etc
Professional certification organizations – AHIMA, AMA, etc
Standards development organizations – ASTM, HL7, etc

6. General Legal Requirements for the Acute Care Record
The use of the health records and confidential healthcare information in legal proceedings
The form and content of health records and confidential healthcare information
The ownership and control of health records and confidential healthcare information

7. Health Records as Legal Documents
The health record is generally considered a business record, and has been admissible as evidence in legal proceedings
To be admissible in court, the health record must represent one of the persons involved in the legal proceedings.

8. Legal requests for records:
Subpoena
Subpoena duces tecum
Court order

9. Form and Content of Health Records
Regulations are usually developed by the state administrative agency responsible for licensing hospitals and other healthcare regulations
Records must be maintained
Records are complete and accurate
Public health reporting, i.e. vital statistics, communicable diseases

10. Ownership and Control of Health Records
Generally considered the property of the hospital or healthcare provider that maintains the records.
Must remain under the facility’s physical control
Patients have the right to control how the personal information in their health records is used to review, copy, and correct the records when necessary

11. Other Health Record Control Issues
Release and disclosure
Redisclosure
Retention/destruction

12. Release and Disclosure of Confidential Health Records
Health Insurance Portability and Accountability Act (HIPAA)
The patient’s formal consent is not required to use health information for therapeutic, reimbursement, operational, and reporting purposes.
Formal consent is required to release or disclose patient information for any other reason.

13. Redisclosure
The process of disclosing health record documentation originally created by a different provider.
Redisclosure guidelines follow the same principles as the release and disclosure guidelines.

14. Retention of Health Records
State laws
Statute of limitations
Several other records of patient care should be maintained permanently:
Master patient index
Register of births
Register of deaths
Register of surgical procedures

15. Destruction of Health Records
Paper documents: burning, shredding, pulping, and pulverizing
Micrographic film: recycling and pulverizing
Optical disks: pulverizing
Electronic documents: magnetic degaussing
Magnetic tapes: magnetic degaussing

16. Certificate of Destruction
Date of destruction
Method of destruction
Description of the record(s) destroyed, including health record numbers
Statement that the record(s) was destroyed during the normal course of business
Signatures of the individuals who authorized and witnessed the destruction

17. State and Local Licensure Requirement
Developing hospital operating standards
Issuing licenses to hospitals that meet the standards
Monitoring hospital compliance with the standard
Sanctioning hospitals that do not comply with the standards

18. Medicare and Medicaid
Established in 1965 by an amendment to the Social Security Act of 1935.
The Centers for Medicare and Medicaid Services (CMS) administers the Medicare program and the federal portion of the Medicaid program.
Local Medicaid programs are administered by agencies within individual state governments.

19. Medicaid Participation
Voluntary for healthcare professionals and organizations
Hospitals that choose to participate must apply to the state agency that administers the Medicaid program in their area.
Annual surveys are conducted by most states to confirm hospital compliance with Medicaid regulations.

20. Medicare Conditions of Participation
Participation is voluntary, however few hospitals would be able to survive economically if they did not provide services to Medicare beneficiaries.
Published under title 42, part 482 of the Code of Federal Regulations.
Current version became effective, 1/1/2003.

21. Medicare Conditions of Participation Standards
Address the organization and staffing of the HIM department.
Address health record format and retention requirements.
Describes content requirements for acute care documentation
Requires hospitals to protect the personal and medical rights of patients.

22. Medicare Conditions of Participation Standards
Other sections that include documentation requirements:
Medical Staff
Nursing Services
Radiology Services
Laboratory Services
Discharge Planning
Surgical Services
Anesthesia Services
Nuclear Medicine Services

23. Deemed Status
Granted by Medicare to hospitals that are accredited by JCAHO or AOA’s accreditation programs.
CMS requires that approximately 10% of the hospital’s with deemed status undergo a Medicare validation survey.

24. Health Insurance Portability and Accountability Act (HIPAA)
Implemented April, 2003
Apply to healthcare facilities, professionals, health plans, and health information clearinghouses that transmit healthcare information electronically

25. HIPAA defines health information
Any information that is created or received by a healthcare provider in relation to:
The past, present, or future physical or mental health of an individual
The provision of healthcare services to an individual
The past, present, or future payment for healthcare services provided to the individual

26. HIPAA Privacy Standard – A healthcare organization:
Can use or disclose confidential patient information for purposes related to its own treatment, reimbursement, and healthcare operations.
Can disclose patient information to another healthcare provider for purposes related to the patient’s treatment.
Can disclose patient information to another healthcare provider or covered organization for purposes related to reimbursement for services provided to the patient.

27. HIPAA Privacy Standard – A healthcare organization:
Can disclose patient information to another covered organization for purposes related to the healthcare operations of the other organization when both organizations have or had a relationship with the individual who is the subject of protected information being requested.
That is part of an organized healthcare delivery system can disclose protected health information to another organization within the system for purposes related to the healthcare operations of the system.

28. HIPAA Privacy Standard preempts state laws except when:
An exception is made by the secretary of HHS
A provision in state law is more stringent than the federal standard
The state law relates to public health surveillance and reporting
The state law relates to reporting for the purpose of management or financial audits, program monitoring and evaluation, and licensure or certification of facilities or individuals.

29. Requirements for Release and Disclosure
Hospital policy must identify the uses and disclosures for which authorization is required.
Hospital policy must specify who may authorize disclosure on behalf of an individual patient.
Hospital policy must provide special protections for psychotherapy notes.

30. Requirements for Release and Disclosure
Hospital policy must establish limitations on the use of protected health information for fund-raising and must provide a mechanism that allows individuals to opt out of fund-raising communications.
Hospital policy must establish the requirements for the deidentification of protected health information before it can be released without the patient’s authorization.

31. Requirements for Release and Disclosure
Hospital policy must establish a standard to limit the amount of information used or disclosed to the minimum necessary to accomplish the intended purpose.
Hospital policy must establish classes of personnel who need access to protected health information, the specific categories of information each class needs, and the conditions under which access is appropriate.

32. Minimum necessary standard
Requires the healthcare facility to identify individuals or classes of individuals in its workforce who need access to protected health information.

33. Authorizations for Disclosure must contain:
A specific and meaningful description of the information to be used or disclosed
The name or other specific identification of the person(s) or class of persons authorized to disclose the information
An expiration date or event that relates to the individual or the purpose of the disclosure
A statement of the individual’s right to revoke the authorization

34. Authorizations for Disclosure must contain:
A statement describing the exceptions to the right of revocation
A description of how the individual may revoke the authorization
A statement that information disclosed according to the authorization may be subject to redisclosure by the recipient and so would not longer be protected
The signature of the individual and the date

35. Authorization is considered invalid if:
The expiration date or event has already passed
The authorization has not been filled out completely
The covered party knows that the authorization has been revoked
The authorization lacks one or more of the required elements
The authorization is a prohibited type of authorization or covers more than one request
The covered entity knows that part of all of the information in the authorization is false

36. HIPAA Security Standard
Calls for providers to develop security policies, procedures, contracts, and plans.
Requires the implementation of physical and technical safeguards to protect confidential health records and information.

37. Physical safeguards include:
Environmental safety systems such as fire alarms, smoke detectors, and sprinkler systems
Surveillance systems and other methods of controlling and monitoring access to the facility
Media control systems that prevent unauthorized access to computer equipment and work stations

38. Technical Security Mechanisms and Procedures
Access control technology
Data authentication
Audit trails
Encryption technology

39. HIPAA Administrative Requirements
Every facility must designate a specific individual to manage its privacy program
Every facility must designate a specific to answer requests for privacy information and respond to privacy-related complaints
Every facility must train its employees and medical staff on the provisions of its privacy and security policies

40. HIPAA Administrative Requirements – cont’d
Every facility must establish appropriate administrative, technical, and physical safeguards to protect confidential health information
Every facility must develop contingency plans that address information system backup, disaster recovery, and emergency operating procedures
Every facility must establish health record content and clinical documentation policies and procedures

41. HIPAA Administrative Requirements – cont’d
Every facility must specify policies and procedures related to privacy notifications, authorizations for disclosure, health record corrections and amendments, disclosure documentation, complaint handling, and overall HIPAA compliance
Every facility establish the copying fees to be charged for disclosure

42. Special Protection Requirements
Records of psychiatric care and psychotherapy
Records of substance abuse treatment
Records of HIV/AIDS diagnosis and treatment
Records that contain genetic information

43. Psychiatric Care and Psychotherapy Records
Psychiatric records include two separate records
Official record – that documents the patient’s care and treatment
Personal record – which documents the clinician’s experience and conversations with the patient
Release of psychotherapy notes requires a specific authorization

44. Substance Abuse Treatment Records
The Alcohol Abuse and Alcoholism Prevention, Treatment, and Rehabilitation Act
The Drug Abuse Prevention, Treatment, and Rehabilitation Act
Both passed in 1970, amended in 2000
Apply to programs operated, regulated, or directly or indirectly funded by the federal government.

45. Records of HIV/AIDS Diagnosis and Treatment
Many states have HIV/AIDS reporting requirements and antidiscrimination laws
HIV Testing
Basically voluntary in US
May be mandatory for specific groups of employees

46. Confidentiality Issues related to HIV/AIDS
Consent for testing
General information on testing
Reporting of test results

47. Records that contain Genetic Information
Protected under state health record regulations
HIPAA addresses health insurance discrimination based on genetic information

48. Accreditation Requirements for Acute Care Hospitals
Accreditation – a systematic quality review process that evaluates the healthcare facility’s performance against preestablished written criteria, or standards.
JACHO, AOA, CARF, AAAHC, NCQA

49. Joint Commission on Accreditation of Healthcare Organizations (JCAHO)
Accredits over 17,000 healthcare organizations in the US
Primary mission:
To continuously improve the safety and quality of care provided to the public through the provision of health care accreditation and related services that support performance improvement in health care organizations.

50. Organizations eligible of JCAHO accreditation:
Acute care hospitals
Critical access hospitals
Children’s hospitals
Psychiatric hospitals
Rehabilitation hospitals
Ambulatory care organizations
Behavioral health organizations
Home care agencies
Long-term for skilled nursing facilities
Healthcare networks
Clinical laboratories

51. JCAHO’s Shared Visions-New Pathways
Implementation began, January, 2004
Focuses on systems critical to the safety and quality of patient care, treatment, and services.
Emphasis in JCAHO accreditation shifted away from triennial survey preparation to continuous improvement philosophy that applies to every area of the facility.

52. Elements of JCAHO accreditation manual
The standard – a concise statement of the goal
The rationale for the standard – explains why achieving the goal in important
The elements of performance (EPs) – the steps to be followed in meeting the goal

53. Scoring method applied to EPs
0 – Insufficient compliance
1 – Partial compliance
2 – Satisfactory compliance
3 – Not applicable

54. JCAHO’s Management of Information
Identification of the hospital’s information needs
Structure of the hospital’s information management system
Processes for capturing, organizing, storing, retrieving, processing, and analyzing clinical data and information
Processes for transmitting, reporting, displaying, integrating, and using clinical data and information
Processes for safeguarding the confidentiality and integrity of clinical data and information

55. JCAHO Sentinel Event Policy
“An unexpected occurrence involving death or serious physical or psychological injury, or the risk thereof”
Hospital’s need processes in place to identify and manage sentinel events

56. JCAHO Survey Process
Periodic performance review (PPR) – an organizational self-assessment to be conducted at the halfway point between triennial on-site surveys.
Followed by a telephone discussion with the hospital’s representative about a plan of action for shortcomings identified in the PPR.

57. JCAHO Survey Process
Application is filed as hospital nears the end of its three-year accreditation cycle
Priority focus process (PFP) – converts presurvey data into information that focuses survey activities, increases consistency in the accreditation process, and customizes the accreditation process to make it specific to the hospital.

58. PFP Sources of Information
Core measure data
Previous survey findings
Sentinel event data
Complaints about the hospital submitted to JCAHO
Data submitted by the hospital
External, publicly available data

59. Priority Focus Areas (PFAs)
Processes, systems and structures that can have a substantial effect on patient care services.

60. JCAHO on-site survey agenda
Opening conferences and orientation to the hospital
Survey planning meeting
Unit visits guided by priority focus information and patient tracers
Assessment of the medical staff credentialing process
Assessment of environments of care

61. JCAHO on-site survey agenda
System tracer conferences
Interviews with staff
Interviews with hospital leaders
Assessment with hospital leaders
Assessment of standards compliance
Environment-of-care issues resolution
Exit conference

62. Tracer Methodology
An evaluation that follows (traces) the hospital experiences of specific patients.
Surveyors are able to evaluate ho well the hospital’s processes and departments work with each other.
Surveyors interview the physicians and staff involved in each patient’s care as well as the patients themselves when possible.

63. JCAHO Accreditation Decisions
Accredited
Provisional accreditation
Conditional accreditation
Preliminary denial of accreditation
Denial of accreditation
Preliminary accreditation

64. American Osteopathic Association (AOA)
Primary certification agency for all osteopathic physicians
Accreditation agency for all osteopathic medical colleges and many osteopathic healthcare facilities
Accreditation process initiated in 1945
Healthcare Facilities Accreditation Program (HFAP)

65. Healthcare Facilities Accreditation Program accredits:
Laboratories
Ambulatory care clinics
Ambulatory surgery centers
Behavioral health and substance abuse treatment facilities
Physical rehabilitation facilities
Acute care hospitals
Critical access hospitals

66. Commission on Accreditation of Rehabilitation Facilities (CARF)
Healthcare accreditation programs in the areas of:
Medical rehabilitation
Behavioral health
Adult day care and assisted living
Employment and community services

67. CARF Survey Process Scheduled in advance Opening conference
Document review
Interviews with program staff and patients
Exit interview with organization’s leaders

68. CARF Accreditation Decision Process
Based on an objective assessment of the facility’s performance compared to CARF standards.
Standards Conformance Rating System
0 Nonconformance
1 Partial conformance
2 Conformance
3 Exemplary conformance

69. Other accreditation organizations
Accreditation Association for Ambulatory Healthcare (AAAHC) – establishes standards for outpatient documentation that are similar to acute care documentation practices.
National Committee for Quality Assurance (NCQA) – a private not-for-profit organization dedicated to improving health quality by conducting assessments of managed care and other healthcare programs in the US.

70. Corporate Negligence
Legal doctrine established by a judicial decision in the Darling v. Charleston Community Hospital in 1965.
The hospital’s governing boards have a “duty to establish mechanisms for the medical staff to evaluate, counsel, and when necessary, take action against an unreasonable risk of harm to a patient arising from the patient’s treatment by a personal physician.”

71. Credentialing Process
Verification of the applicant’s undergraduate, medical, and postdoctoral education
Verification of the applicant’s residency and fellowship training as well as continuing medical education
Past and current medical staff appointments at other facilities

72. Credentialing Process
Current state licenses to practice medicine
Current specialty board certifications
Current drug enforcement administration registration
Documentation of professional liability insurance
References and recommendations from the applicant’s professional peers

73. Credentialing Process
Information on the applicant’s health status
Past and current liability status
Inquiries to two national databases:
National Practitioner Data Bank (NPDB)
Healthcare Integrity and Protection Data Bank (HIPDB)

74. Privileging Process Granted by the governing board
Authorize the practitioner to provide patient services in the hospital but only those service that fall within his/her areas of expertise.

75. Risk Management
The process of overseeing the hospital’s internal medical, legal, and administrative operations with the goal of minimizing the hospital’s exposure to liability.
Liability – the legal responsibility to compensate individuals for injuries and losses sustained as the result of negligence.

76. Reportable Incident
An event that is considered to be inconsistent with accepted standards of care.
Incident report – describes the occurrence, its time, date, and location, the identify of the individual or individuals involved, and the current condition of the individual(s) involved in the incident.

77. Health Data Standards
Health care data sets (UHDDS, EMEDS, HEDIS, UACDS)
Health Informatics Standards – uniform methods for collecting, maintaining, and/or transferring healthcare data among computer information systems

78. Standards Development Organizations
Design scientifically based models against which structures, processes, and outcomes can be measured.
American National Standards Institute (ANSI)
United Nations International Standards Organization (ISO)

79. Health Informatics Standards
Vocabulary standards – to establish uniform definitions for clinical terms
Structure and content standards – to establish clear descriptions of the data elements to be collected
Transaction and messaging standards – to facilitate electronic data interchange (EDI) between independent computer information system

80. Health Informatics Standards
Security standards – to ensure the confidentiality of patient-identifiable health information and to protect it from unauthorized disclosure, alteration, and destruction
Identifier standards – to establish methods for assigning unique identifiers to individual patients, healthcare professionals, healthcare provider organizations, and healthcare vendors and suppliers

81. Health Informatics Standards organizations
Health Level Seven (HL7)
EHR Collaborative
American Society for Testing and Materials (ASTM)
SNOMED Clinical Terms (SNOMED CT)

82. Internal Hospital Policies and Procedures
Policies – general written guidelines that dictate behavior or direct and constrain decision making within the organization.
Procedures – written instructions that detail how functions and processes are to be carried out.

83. General categories of hospital policies
Administration, including HIM
Medical staff
Nursing services
Human resources
Safety
Environment of care