The comprehensive population health program at Northern Arizona Healthcare in Flagstaff didn’t come together overnight. Rather, it evolved over time, relying on trial and error to fill the care gaps that so often result in avoidable hospital readmissions.
Q: We see many assertions that encryption at the right level meets the National Institute of Standards and Technology (NIST)/HIPAA safe harbor provision with no explanation of what is necessary to prove the breached electronic protected health information (PHI) was actually encrypted at the moment of breach. How can a covered entity prove the PHI was actually encrypted at the time of the breach?
Documentation and coding based on time requires knowledge about the general principles of E/M documentation, common sets of codes used to bill for E/M services, and E/M services providers.
Handling requests for information from law enforcement can throw staff for a loop. Most staff are aware of their organization’s policies and the basic HIPAA requirements for disclosing patient information to family members, friends, and other individuals such as legal guardians. But handling requests from law enforcement officials can be a different matter.
