Saince Inc. Leader in IT and Process Outsourcing Services
Home
About Us
IT Services
Healthcare services
  HIM Services
  Dictation
  Transcription
  Speech   Recognition
  Document Mgmt.
  Coding Services
  Revenue Mgmt.
  Newsletter
Careers
Press
Contact Us
 
Contact Us

888 472 4623
Request more info
  Home | Healthcare ITES |Newsletter | December 2006
 Him Update | June 2006
 

In this Issue

Summary of Joint Position on Adoption of ICD-10
The American Medical Informatics Association (AMIA), American Health Information Management Association (AHIMA), and AdvaMed, have issued a summary of their joint position on the adoption of the International Classification of Diseases, tenth revision (ICD-10). The implementation deadline for ICD-10 is October 2009.

Private Practices Top List of HIPAA Complaints 
Private medical practices top the complaints of HIPAA violations, according to the Health & Human Services’ (HHS) Office of Civil Rights (OCR). As of May 31, 2005, the latest period for which records are available, there were 13,168 complaints nationwide about alleged HIPAA violations. Sixty-five percent of these complaints have already been closed by OCR.

Summary of Joint Position on Adoption of ICD-10 

The American Medical Informatics Association (AMIA), American Health Information Management Association (AHIMA), and AdvaMed, have issued a summary of their joint position on the adoption of the International Classification of Diseases, tenth revision (ICD-10). The implementation deadline for ICD-10 is October 2009.  

The Joint Position on Adoption of ICD-10 includes the following four key points: 

  1. The ICD-9 CM (International Classification of Diseases, ninth revision, clinical modification – a U.S. version of ICD-9 developed by the World Health Organization) is obsolete. It is no longer adequate to support the information requirements of the U.S. healthcare industry. The need to replace ICD-9CM was acknowledged more than 10 years ago. Its continued use with adversely impact the value of healthcare data as well as hinder medical decisions based on imprecise data. Further delay adds to the cost of modification and the investment in electronic medical records (EMRs). 
  2. ICD-10 is needed to improve the quality of health information. It is designed to provide better data to meet the needs of today’s electronic healthcare environment and of an increasingly global healthcare system. ICD-10 will enable more accurate and improved information to be captured. ICD-10 will provide better data to support improved public health and bio-terrorism monitoring, more accurate reimbursement rates, patient safety improvement, medical error reduction, quality measurement, and pay-for-performance initiatives. 
  3. ICD-10 is needed to support interoperable EMRs and a National Health Information Network (NHIN). EMRs and NHIN networks require a modern classification system in order to accurately summarize and report healthcare data. EMR system benefits cannot be achieved fully by utilizing the 30-year-old ICD-9 classification system. ICD-10 must be incorporated into EMR systems with SNOMED-CT in order to realize the benefits of a NHIN and information interoperability. SNOMED-CT and ICD-10 will allow data to be shared between EMR systems in their common medical language. 
  4. An implementation date of October 2009 reflects a compromise between an increased demand for better data and the complexity and size of the transition. Now the industry can dedicate resources in order to complete detailed planning and development.   

Did You Know? 

The transition to ICD-10 has been under consideration for over 10 years.  

Formal testing of ICD-10 was conducted by the Clinical Data Abstractions Centers, AHIMA and AHA. The testing showed that ICD-10 was easier to use than ICD-9 and that it leads to more accurate coding and billing.

ICD-10 is more precise than ICD-9 and it allows coders to select the appropriate code to use more easily, which helps ensure coding accuracy. It is also very user-friendly, enabling coders to avoid unnecessary data sections. 

ICD-10’s benefits outweigh its costs. An independent study conducted by the Rand Corporation estimated that the total costs of implementation will range from $425 million to $1.15 billion, one-time costs for system changes, training and lost productivity for payers, providers and vendors. The estimated benefits of using ICD-10 are between $700 million and $7.7 billion due to more accurate payments, fewer miscoded and rejected claims, better understanding of the value of new procedures and improved disease management. The longer the transition to ICD-10 is delayed, the more it will cost to adopt the system. 

The Johnson-Deal bill eliminates the Notice of Proper Rule Making and Order (NPRM) process for upgrading software versions of ICD-10 as required by HIPAA, to enable adoption by October 1, 2009. A process for public notice and comment for software upgrades to version 5010 and beyond has been ongoing for over a year, allowing public comments.  

Changes are needed to our fraud management systems that will require an investment. These fraud management systems, based on the old ICD-9 system, are mostly ineffective, as shown by fraud estimates, which show that only a fraction of healthcare fraud is ever identified or recovered. The Office of the National Coordinator for Health Information (ONCHIT) conducted a study on fraud, which determined that updated classification systems and a standardized reference terminology are essential to the adoption of EMRs and the related electronic healthcare fraud management programs. 

The use of ICD-10-CM and ICD-10-PCS will help reduce the opportunities for fraud and improve fraud detection capabilities. Field testing has shown that ICD-10’s greater specificity results in improved data accuracy. The transition to a revised coding system could present a short-term opportunity for error while people are learning how to use it, but the long-term benefits are much greater. ICD-10 reduces misinterpretation and ambiguity, and it provides the ability to more effectively audit claims and improve coding accuracy. A standardized reference terminology and up-to-date classification systems are essential to the adoption of EMRs, according to an anti-fraud study done by the Office of the National Coordinator for Health Information Technology (ONC). ICD-10 offers improved logic and increased specificity, which will facilitate the development of sophisticated tools for detection of questionable patterns and suspected fraud. 

ICD-9 codes are running out in many important categories, such as orthopedic and cardiac procedures. Centers for Medicare & Medicaid Services (CMS) has been placing these procedures in completely unrelated categories for procedures performed on ears and eyes. 

Private Practices Top List of HIPAA Complaints 

Private medical practices top the complaints of HIPAA violations, according to the Health & Human Services’ (HHS) Office of Civil Rights (OCR). As of May 31, 2005, the latest period for which records are available, there were 13,168 complaints nationwide about alleged HIPAA violations. Sixty-five percent of these complaints have already been closed by OCR.  

Following private practices, other entities most complained against include (in order) general hospitals, pharmacies, outpatient facilities, and group health plans. The most common complaints (as of 5/31/05) were impermissible uses and/or disclosures, inadequate safeguards, denial of access to records or charged excessive fees, failure to adhere to minimum necessary procedures, and failure to obtain a valid authorization where required.  

The most common closure reasons for 65% of the complaints filed include non-jurisdictional (non-covered entity or violation alleged predated 4/14/2003), allegation not prohibited by the Privacy Rule; and matter resolved through voluntary compliance and technical assistance.  

Healthcare entities are permitted to use and/or disclose personal health information (PHI) in order to carry out essential health care functions, such as treatment, payment, and health care operations.  

Civil Monetary Penalties (CMPs) can be imposed by OCR at $100 per violation. The CMPs are capped at $25,000 for each calendar year for each identical requirement or prohibition that is violated. The covered entity has a right to notice and a hearing before a CMP becomes final. Also, the Department of Justice (DOJ), which shares enforcement authority with HHS, can impose criminal penalties if an individual "knowingly" and "wrongfully" discloses health information. Fines and prison time range from $50,000 and one year in jail to $500,000 and 10 years in jail if the intent of the violation was for personal or commercial gain or to cause malicious harm.  

Many violations occur in situations that can be prevented, such as when staff talk among themselves when patients are within hearing, or visits are conducted in open exam rooms. Private practice staff members should concentrate particularly on areas where they have face-to-face interactions with patients, like ensuring that employees are not discussing PHI with those not involved in a patient’s treatment. 

Staff education and preparedness are also important to OCR, and if a patient complains about something, practices should work with them before the patients think of contacting OCR, in order to reduce the chances of being investigated. The best thing they can do is to respond quickly to a patient’s complaint and let the patient know what has been done to change policy to resolve the problem. 

Office staff should ask themselves where they are leaking information, and take steps to plug the leak. This can be done continually, not after a complaint has been filed. One common source of information leaks is phone calls. Staff needs to validate a person’s identity before releasing health care information over the telephone.

Much of HIPAA is common sense and is effective if communicated properly and clearly to all the parties involved, including staff members as well as patients. 

OCR will not consider a PHI disclosure a violation if it is incidental or accidental, as long as a practice has placed reasonable safeguards and adheres to the minimum required standard.  

For more information, please visit the HHS/OCR website at http://www.hhs.gov/ocr/hipaa/ or call the OCR Privacy Toll Free Number at 866-627-7748. 

Want to suggest a topic for us to cover? Please email your ideas and suggestions to editor@saince.com.

Previous Articles

Healthcare Standards and the National Health Information Network
What to look for when selecting an Electronic Health Record (EHR) Vendor?
System Integration and Interoperability Challenges
Electronic Document Management for Physician Practices 

Uniformity Project 
A group of payer and provider organizations has initiated a joint project to bring uniformity to the identification, communication and mitigation of health information technology security vulnerabilities. 

The project is called the eHealth Vulnerability Reporting Program. The group has formed working groups for the areas of communications, legal issues, vulnerability assessment and reporting. Membership is open to other payers and providers, as well as information technology and security vendors. 

Charter board members include:

  • Catherine Peper, vice president of e-medicine at Blue Cross and Blue Shield of Florida in Jacksonville
  • Augusta Kairys, vice president of provider relations at Highmark Blue Cross Blue Shield in Pittsburgh
  • Paul Connelly, vice president and chief information security officer at Hospital Corporation of America in Nashville, TN
  • John Halamka, MD, CIO at CareGroup Health System and Harvard Medical School in Boston
    • Daniel Nutkis, principal at DNI, a Dallas-based consulting firm
  • Robert Mandel, MD, vice president of health care services at Blue Cross Blue Shield of Massachusetts in Boston.
  • Robert Schaich, vice president and CIO at Sierra Health Services Inc. in Las Vegas. 

The goals of the initiative are to enable a dialogue on security issues between vendors and their users, and establish a uniform method for vendors to assess their system security and report findings. 

More information on the eHealth Vulnerability Reporting Program is available at www.ehvrp.org.    

Current Legislation 
House Resolution (HR) 4157 will require the Department of Health and Human Services (HHS) to adopt the ICD-10 coding system for claims transactions occurring on or after Oct. 1, 2009. It will also require adoption of version 5010 of the HIPAA standard for claims by April 1, 2009. The legislation will make major changes in how existing HIPAA transaction standards are updated. It will eliminate the requirement for proposed and final rules in order to speed up the adoption of updated standards. The standards organizations would develop updates and accept public comments before finalizing. The standards organization updating a transaction would be required to explain which recommendations made during the comment period were not accepted and why. Anyone who made a recommendation that was not accepted would have the right to appeal and meet with the standards organization. The text of HR 4157 as amended in subcommittee will be available at http://www.congress.gov

The development of an electronic health records “bank” was recently called for in the Senate. The Independent Health Record Bank Act would call for the “bank” to be modeled on the financial networks that are used by credit card companies and retail banks. The bill will create an electronic records network that will be operated by non-profit groups. Patients would own their medical records and have the option of selling their health record data on a “blind basis” to research firms. Revenue from the information sales would be split between the patients and health record bank, and it would be tax-free. More information is at http://brownback.senate.gov/LIHealthCare.cfm

An upcoming bill would authorize the National Science Foundation (NSF) to award grants to colleges and universities for research on enhancing healthcare informatics. Rep. David Wu (D-Ore.), would like to see the funds used to develop multidisciplinary centers for Health and Medical Informatics Research Centers, and for the NSF to provide funds for students studying healthcare informatics, and support improved technical training and education in that field.   

AFEHCT and HIMSS to Unify 
The Healthcare Information and Management Systems Society (HIMSS) and the Association for Electronic Health Care Transactions (AFEHCT) have agreed to form the HIMSS AFEHCT Business Information Systems Initiative, which will combine the subject matter and expertise of AFEHCT and the organizational strength of HIMSS. The HIMSS AFEHCT Business Information Systems Initiative will become a membership subgroup within HIMSS, whose staff will coordinate and implement activities recommended by AFEHCT leadership. The strengths of both organizations will be combined to promote the best use of information and management systems for the betterment of health care in both administrative and clinical areas.

Quick Links
Medicare Changes to MS-DRGs
Healthcare Information Technology and Management (June 2006)
Healthcare Information Technology and Management (May 2006)
Electronic Health Record (EHR) Vendor(March 2006)
Healthcare Information Technology and Management (Feb 2006)
Sitemap |   Copyright © Saince, Inc. All Rights Reserved