Webinar Duration: 90 minutes

RECORDED: Access recorded version only for one participant; unlimited viewing for 6 months (Access information will be emailed 24 hours after the completion of payment)

SPEAKER: Jim Sheldon-Dean

This teleconference will enable health information professionals to know how to respond to requests to revise closed records, to know what is required for individual rights under HIPAA, and to know what belongs in any organization’s procedures for revising medical records.

– Attendees will also learn about issues pertaining to electronic records and revisions, including the HIPAA Security Rule and recent amendments to HIPAA, regional health information organizations, and other health information communication and storage portals.
– We’ll talk about the reasons for making changes, including the receipt of new information, changes in interpretations, or patient requests. And when revising records, it’s important to know the limits. We will discuss who may make revisions and reasonable time frames for doing so, as well as limitations imposed by HIPAA.
– We’ll go through the process required by HIPAA for allowing individuals to request the amendment of their medical records. The definition of amending, the required steps to go through under HIPAA, and how to handle disputed facts are all areas that need to be defined in your policies so that you can show your compliance in the event of a complaint or audit.
– The procedures you need to put in place for revising records will need clear definition, including how to identify any revisions made, who to notify following revisions, especially those who may have relied upon the older information to make health care decisions, and when not to allow revisions. We will discuss the impacts of electronic exchange of information on the revision process and the steps that must be considered when changing information that is shared.
– With the proposed changes to HIPAA, many policies and procedures now in place will need to be changed, including significant changes to how individuals access their own information, what they can ask you to report about their information, what privacy restrictions they can request, and how you can use their information in several areas. These changes and their impacts on the revision of medical records will be described.
– If you are asked by the US Department of Health and Human Services to show that you are in compliance with the HIPAA security regulation, you will need to show that you have the proper policies and procedures in place as required by the rules and that you have been using them. This teleconference will lay out a structure for the set of records revision policies you need to show your compliance in the event of an audit.

Why you should attend:
– Medical records contain some of the most sensitive and personal information that exists about individuals in modern society, and some records may need revision because of new information received or because of the requests of individuals to correct or modify existing information, but making modifications improperly can lead to health issues for patients and legal issues for the practice.
– Do you know what the effects are of changing information that may have been shared with others and relied upon for making decisions about individuals? Are you sure those records aren’t the subject of a lawsuit and changing them won’t result in an adverse judgment?
– When is it appropriate to make revisions, how and under what circumstances, and at whose request?
– Have you reviewed your records revision policies recently to see if they’re up to date? Has your staff been trained to know what policies apply and how to respond to patient inquiries about making changes to records? Do you know what policies will need to be changed to meet the upcoming HIPAA requirements going into effect in 2012?
– Already there are new, increased penalties for HIPAA violations and a new auditing process being developed so that HIPAA covered entities will be subject to reviews by the US Department of Health and Human Services’ Office for Civil Rights even if no one files a complaint.
– If you haven’t done what’s required under HIPAA, you could be liable for willful neglect penalties that begin at $10,000 minimum and go up from there. You need to protect the integrity of the medical record as well as permit appropriate amendments with documented policies and procedures, as well as documentation of any actions taken pursuant to your policies and procedures.
– And the changes to HIPAA going into effect in 2012 will have a fundamental effect on how patients interact with their health information and how it is used. Your records revision policies and procedures will probably need updates to take into account compliance in areas such as records access by individuals, restrictions on release of information, and accounting of disclosures.

Areas Covered in the Session:
– Find out why it may be necessary to make changes to medical records, and why it may or may not be a good idea.
– Learn what to do if new information is received, or if the provider or the patient wants to see changes in the record.
– Learn about some of the limits that should be placed on any revisions, such as who can request revisions, what are the time limits on revisions, and when revisions should not be allowed at all.
– Find out about the required policies and process for individuals to request revisions to records under HIPAA.
– Learn how to deal with those times when an individual wants to see a change in his or her record and you don’t agree with the change.
– See what policies and procedures need to be in place to define your complete record revision process, including identification of revisions, notification of revisions, and prohibition of revisions.
– Learn about the special issues that electronic medical records present, and how the HIPAA Security Rule can be part of your revision control process.
– Find out what upcoming changes are in store for HIPAA that impact revisions to medical records.

Who Will Benefit:
– Compliance director
– Privacy Officer
– Security Officer
– Information Systems Manager
– HIPAA Officer
– Chief Information Officer
– Health Information Manager
– Healthcare Counsel/lawyer
– Office Manager

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities.

Sheldon-Dean serves on the HIMSS Information Systems Security Workgroup, has co-chaired the Workgroup for Electronic Data Interchange Privacy and Security Workgroup, and is a recipient of the WEDI 2011 Award of Merit. He is a frequent speaker regarding HIPAA and information privacy and security compliance issues at seminars and conferences, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference in Washington, D.C.

Sheldon-Dean has more than 30 years of experience in policy analysis and implementation, business process analysis, information systems and software development. His experience includes leading the development of health care related Web sites; award-winning, best-selling commercial utility software; and mission-critical, fault-tolerant communications satellite control systems. In addition, he has eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.