Eliminating Errors In Release Of Information (ROI)

739 Words3 Pages
The release of information have a responsibility of HIM professionals, facilities treatment, payment and healthcare operations. As well as fulfilling legitimate record request from patients, auditors, lawyers, multitude of quality and research entities. Release of information requests have grown in number, but increase in requests brings the opportunity for privacy breaches from human error, system error or other mishaps. Eliminating errors in release of information process is a key HIM opportunity to protect patients and help covered entities avoid breaches, fines, penalities and reputational harm. At the same this large increase in information movement occurs, the regulations around this process have become more restrictive, the costs to…show more content…
Every organization is at risk for breach, but the difference between entities will be reflected in how they implement policies, procedures and corrective actions. For example, changes to the HIPAA rules regarding the accounting of health information disclosures expected this year have the potential to dramatically expand HIM and release of information (ROI) responsibilities and pose operational challenges. Every step within the release of information should be addressed through training, with these particular areas: front desk personnel, document identification and the pre-shipment validation. Finally, just prior to submission to the requester, release of information staff should always validate that only the uniquely authorized information has been included an that the information imported into the release of information process for disclosure belongs exclusively to that patient. If this is the case, the the release of information staff must implement and perform quality control measures to validate that another patient's information was not inadvertently imaged or indexed to the original patient's…show more content…
The second step is to test that workflow and conduct a risk assessment. Once asssessed corrective actions must be taken to close any privacy or security gaps in release of information workflow. As workflow is tightened, a throughout risk assessment can be conducted. Risk assessments are best if they employ a combination of internal and external assessments. With mobile devices giving anytime, anywhere access to virtual HIM departments, the traditional physical access controls are no longer adequate. HIM's technology investment must include data encryption for mobile devices as well as audit logs and log management. Under the federal breach notification law, breach of encrypted data does not require notification, thereby providing a safe harbor if data loss or theft occurs. Common, but risk-inducing behavior includes deactivating encryption functionally due to performance issues; using weak, old or shared passwords; writing passwords on notes stuck to the computer; and failing to log out from computer

More about Eliminating Errors In Release Of Information (ROI)

Open Document