Privacy Officer's Roundtable

Internal auditing of patient requests

  • 1.  Internal auditing of patient requests

    Posted 12-23-2019 11:06 AM
    Good morning and happy holidays:

    One of the items on our 2020 Privacy Work Plan is to perform audits at our various locations since the OCR is now looking at the timeliness and cooperation on the part of CEs when patients request copies of their records/PHI. Depending on which of our facilities is reviewed, this may be done by either an ROI vendor or staff members. Has anyone ever done this type of internal audit before and if so, do you use any tools, forms or other types of documents for tracking? Any help/advice would be appreciated. I have ideas, but additional input is always nice.

    Thank you,
    Lance Smith

    ------------------------------
    Lance Smith
    Privacy Officer
    St. Peter's Health Partners
    Albany,NY
    ------------------------------
    2020 SCCE Membership


  • 2.  RE: Internal auditing of patient requests

    Posted 12-24-2019 06:59 AM

    I'm in a small facility (less than 100 beds) and ROI is for the most part centralized for the hospital, physician offices, clinics etc.  The ladies doing this job are awesome and have been using an excel spreadsheet to track all releases.  It includes things such as date received, name of requestor, type of requestor i.e. patient, law enforcement, disability, attorney etc., MRN, hospital unit, date completed, type i.e. mail, fax, in person, # pages, charge information if applicable (we don't charge patients for their records), notes.  I added a column to calculate the turnaround time when this became a hot topic. 

     

    I calculated some stats from the spreadsheet last week on patient requests and I am going to love reporting to the Compliance Committee and Board of Directors the findings because they are superb!

     

    Yes, maintaining the spreadsheet takes time however having one place to record, track, analyze and reference makes it well worth it.  It's also available as a read only file for many staff to help callers if possible versus having to transfer them.  Not being transferred is a huge patient satisfier.

     

    This works for us.  We tried to use the ROI tracking processes within the EMR however given we have multiples of those and they don't 'talk' to each other it just didn't work well.

     

    Jan

     

    Jan Walton, MA, RHIA, CHP, CHC

    Director, Corporate Compliance

    200 N. Madison St., Marshall, MI  49068

    Ph:  269.789.4399   Fx:   269. 789.4931

     

    oaklawnhospital.org

     

    Oaklawn_Signature_wDNV

     

     

    Take Pride in how far you have come, have faith in how far you can go.

        --Anonymous

     




    NOTICE: This communication and attachments may contain privileged or other confidential information. If you are not the intended recipient, or believe you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information. Also, please indicate to the sender that you have received this communication in error, and delete the copy you received. Thank you.


    This email has been scanned for email related threats and delivered safely by Mimecast.
    For more information please visit http://www.mimecast.com



    2020 SCCE Membership


  • 3.  RE: Internal auditing of patient requests

    Posted 12-26-2019 10:19 AM
    We have tracking within our EMR but have to have our EMR staff pull a crystal report using the data stored in the EMR.

    ------------------------------
    Savannah Knuettel
    Compliance Officer
    Galen Medical Group
    Hixson,TN

    The views expressed herein are my own and do not represent those of my employer or clients. They are not meant to constitute legal advice or create an attorney-client relationship.
    ------------------------------

    2020 SCCE Membership