DMS115-CH 9 medical records and HIPAA

What is CCR

Continuity of care record

What is a CE

Covered entity

What are EMR’s

Electronic medical records

What is an EHR

Electronic health record

What distinguishes EHR’s from EMR’s

EHR’s can be shared and managed across more than one healthcare organization - more comprehensive, EMR’s are within one organization

What information should be on a patient’s medical record

Demographics, insurance information, consent forms, medical history, medications, examination & notes, test results, communications

what information can be found on the patient intake form

demographics, language, household size & income, utilization (hospital or ER visits in year), coverage, navigated conditions (health)

what is on a navigation target form

study data, location, status options, types of service, scheduling notes

What is a secure and efficient method of communicating with patients

Patient portal system

Why are medical records important?

Continuity of care and evidence in malpractice lawsuits, ethics breaches, and/or billing fraud cases

What is the golden rule of maintaining medical records?

If it is not documented, it did not happen

What are the most common standard formats for medical record documentation?

SOAP and CHEDDAR

What does SOAP stand for?

Subjective, objective, assessment, plan

What does CC stand for?

Chief Complaint

What is HPI?

History of present illness

What is PFSH?

Past, family,and social history

What is meant by subjective?

Patient’s health history, Purpose of the visit, Include open ended questions

What is meant by objective?

Information that can be observed or measured ie: test results, vital signs, etc.

What is meant by assessment?

Summation of providers diagnosis including other possible illnesses presenting similarly

What is meant by plan?

Outline next steps. Along with any additional diagnostic treatments, this should also include patient education

What does CHEDDAR stand for

Chief complaint, history, examination, details, drugs and dosages, assessment, return to office

how do you correct a written medical records?

Cross out with a single line, right corrected entry above the mistake, sign and date, Have supervising healthcare provider sign

How are electronic medical records corrected?

Similar to paper records where the correction is flagged to indicate a correction, an entry should be added, stating the error and correction, ‘signed’ & dated

Who owns medical records?

The facility owns the records, the patient owns the data in the record and can request to receive a copy

What exceptions allow release of medical records without patient authorization

Criminal acts, legally ordered, communicable diseases, mandated examinations

What does HIPAA stand for?

Health insurance portability and accountability act

What was HIPAA’s objective?

Privacy protection, combat fraud, simplified administration of health insurance, promote the use of medical savings plans for employees

Which HIPAA’s title has healthcare access, portability, and renewability

Title one

Which HIPAA’s title has preventing healthcare fraud and abuse, administrative simplification, medical liability reform

Title two - most important to us

what is HIPAA’s Title 2 privacy rule

established 1st standards for protecting PHI, limits use and disclosure of PHI, requires electronic info be sent securely (code to de-identify patient)

What is PHI?

Personal health information

What is NPP?

Notice of privacy practices

What are patients provided with through HIPAA privacy rule?

The right to: Obtain A notice of PP, to ask for a copy of their medical records, to ask for an amendment of their records, to appeal for special privacy protection, to an accounting of disclosures (Who they gave PHI to ), to access a minor child’s medical records

What is HIPAA’s title two privacy rule

Requires all CE‘s to have proper protections when submitting electronic information, including guaranteeing compliance by the workforce

What are different types of safeguards HIPAA recommends

Administrative, physical, technical

which safeguard requires written policies and procedures for compliance from CE and utilize employee continuing education

administrative safeguards

what safeguard would a firewall fall under

technical

what safeguard would installing and removing PHI hardware and software fall under

physical

what is the typical statue of limitations on documents

10 years from final entry

active vs. inactive patient files

active used regularly, inactive not - usually inactive after 3 years of not treating

what are the (4) categories of HIPAA violation

(1) CE unaware and could not avoid
(2) CE should have been aware, but could not avoid
(3) result of willfull neglect but they tried to fix it
(4) willfull neglect with no attempt to fix

who administers HIPAA violation penalties

HHS, OCR, State attorney general

which organization establishes standards in privacy, security and electronic healthcare transactions?

FDA

who would one contact if they think their HIPAA rights were violated

Office for civil rights