DOs and DON’Ts of Outsourcing Release of Information
Managing the disclosure of Protected Health Information (PHI) from within a healthcare organization has become increasingly complex. As the volume of medical Release of Information (ROI) continues to rise, multiple disclosure points place organizations at risk for privacy breach. Many have turned to outsourcing Release of Information to promote proper PHI disclosure. Choosing the right vendor can be a challenge if you don’t know where to start. Here are some suggestions to make the process easier.
DO—Use HIM peer feedback
The best way to begin is by seeking feedback from HIM peers who have experience with ROI vendors. Trusted peers can help with steps to identify vendors that offer high levels of service quality, accuracy and compliance.
Ensure the vendor is equipped to handle a health system your size
In today’s environment, there are fewer independent hospitals than in the past. Increased consolidation among hospital groups adds a new level of complexity due to size of the organization. It’s important to conduct a thorough evaluation to ensure the vendor can accommodate the size of your organization.
Over the years, many independent hospitals have used small local ROI companies that served them well at the time. But as these organizations grow to include multiple facilities with hundreds of clinics, ROI becomes a more complicated process. Vendor reassessment involves two critical considerations—scalability and expertise. Does the vendor have the scalability to meet the needs of all facilities and the expertise to conduct the implementation from a proven project management perspective?
Scalability is especially important for organizations acquiring physician practices. For one organization, we are currently hiring 40 people to serve five hospitals and 300 physician practice locations. Few vendors are equipped to manage a project of that size. Organizations should consider the scope of the project and the vendor’s ability to conduct a smooth and seamless implementation. Best practice is to engage a dedicated implementation team of trained specialists to onboard staff and ensure a successful implementation.
Assess the vendor’s ability to offer high levels of service quality, accuracy and compliance
Your organization must have confidence in the vendor’s ability to measure quality and accuracy to ensure compliance. While seeking feedback from peers, review the company’s resources to assess quality standards, documentation processes, areas of priority and methods of measurement. What is the success rate in terms of service delivery and accuracy? What internal quality measures are in place to ensure proper disclosure of PHI and prevent breach? Also, look for independent measures of quality and reputation of a vendor you’re considering. One of those measures is KLAS, a third-party group that rates companies based on customer ratings.
DO—Visit the vendor
As part of the evaluation process, schedule an onsite visit. At MRO, we welcome the opportunity to show and tell what we do. Showing tells a lot about an organization. Take a tour of the workflow to see ROI processes firsthand. That’s where you’ll see those crucial quality checks.
DO—Leverage the latest technology innovations
Advanced technology is essential to provide optimal ROI services. Top priorities include EMR integration, electronic delivery, optical character recognition (OCR) technology for Quality Assurance, and IT expertise and leadership.
Look for technology with the capability to integrate with most EMR systems. Some ROI companies have built interfaces between their ROI platforms and EMRs to enhance workflows through automation. For example, MRO’s MROeLink® interface with Epic’s ROI module has the capability to automate typically manual and redundant steps in the ROI process to improve efficiency and reduce errors.
Organizations today need import and export capabilities that extend beyond extraction of information.
Look for the ability to receive requests and deliver information via electronic interchange. At MRO, we have thousands of portals set up with different organizations around the country to securely receive and deliver information. Additionally, our proprietary interface with SSA’s Disability Determination Services (DDS) and esMD for CMS enables healthcare organizations to enhance revenue, improve efficiency and drive compliance.
OCR technology for Quality Assurance
Quality Assurance requires the right people, processes and technology. The most effective programs offer technology and human intervention to review documents at various points within information management workflows. For example, we suggest a combination of OCR technology and specially trained staff to perform multiple quality checks during the ROI process. MRO’s IdentiScan® OCR validation technology checks for patient identifiers to catch comingled records. Any detected errors are quickly corrected and documented by Quality Assurance experts.
IT expertise and leadership
Finally, consider the vendor’s future plans for investment on the IT side of the ROI process. Many times smaller vendors can’t make large investments required to be on the leading edge of IT. Is the vendor forward thinking regarding IT? What capabilities are in place? Recommended practice is to have extensive internal IT resources backed by plans for future investment. Look for progressive companies with IT knowledge, experience and leadership.
DO—Consider an enterprise-wide approach
A centralized, enterprise-wide approach to PHI disclosure management is the recommended strategy to have complete confidence in achieving compliance. This approach guards a patient’s privacy while also protecting the organization against breach, financial risk and reputational harm. The benefits across the health system include:
- Standardized policies and procedures
- Consistent policy enforcement
- Improved patient and third-party requester experience
- Heightened PHI disclosure accuracy through quality-infused workflows
DON’T—Prioritize low cost over quality
Prioritizing low cost over quality and compliance will cost your organization more in the long run. Everyone wants the most economical deal, but not at the expense of quality. Noncompliance and associated costs are too great a risk. When evaluating a vendor, shop for accuracy and quality.
This article was originally published on the MRO Blog and is republished here with permission.