Medical Records

“We received a request for medical records from Qlarant, who apparently is contracted with Medicare to review records for medical (and, of course, payment) necessity. In this case, they’ve asked for chart notes for ten different patients, one date of service for each patient. We’ve never been subjected to this type of review previously and want to do everything possible to make sure that we submit the appropriate and sufficient records and that we submit them in the appropriate manner. Obviously, we’re also concerned that this inquiry is a fishing expedition that could trigger some larger audit. Is there any advice that you can provide that might help us through this process? In our review of the records that were requested we did notice a few minor billing errors, but we believe that the records substantiate payment for all treatment that was performed.”

The Minneapolis Veterans Affairs Medical Center has experienced two distinct and significant data breaches within a seven-month period, revealing multifaceted vulnerabilities in its data protection protocols.

What are the Signature Requirements for Medical Records?

One of the more common causes of Government Investigations into possible HIPAA violations are patient complaints.

When we discuss HIPAA most of the articles have been on security and breaches, but HIPAA goes well beyond privacy and Security.  One aspect of the HIPAA rule is the “Right of Access”.   OCR (The Office for Civil Rights – the branch of HHS the enforces HIPAA) is enforcing this law even more strongly since the 21 Century Cures Act was published.  OCR has begun to levy fines against organizations that are in violation of the “Right of Access” rule.

Universal Health Systems was hit with a ransomware attach this week. Their servers began to fail over the weekend and Hospitals across the country completely lost access to their EHR systems. As a result of this attack many facilities were forced to go to pen and paper for medical record keeping. In many locations the nursing staff did not have access to medication lists and had no way ok knowing which medications patients needed, how much to dose, or even who needed medications.