In the first two blogs in this Information Governance series we talked about the basics of Information Governance and creating an Application Inventory. Today, we’re going to talk just a bit about how geography influences information governance. Patients cross state lines all the time – for work and vacation or to receive medical care.
How easily their healthcare data travels is another story.
Know the Rules
With both federal and state regulations dictating how certain data may be shared across state lines, it can be difficult to get one clear picture of a patient’s health history. For clinicians to effectively provide care to their patients, their organizations must have an Information Governance policy that considers federal and state regulations and, specifically, how to share information across state lines.
At the federal level, the Centers for Medicare & Medicaid Services (CMS) sets the minimum state requirements for information sharing. In addition to the federal requirements, each state – as well as each organization or facility within that state – may set further policies. The myriad of parameters – and there are a lot – include rules for how long data should be stored, what level of access it requires and how it may be shared. One state may require pediatric records be stored for 30 years, while another only requires storage for 25. A number of states have strict rules guiding what and how psychotherapy and custody records may be shared across state lines. The existence of such rules is where the similarity ends, though. Chances are good, none of the actual rules are the same.
Recognizing the varied rules that affect your organization will help you craft a comprehensive information governance policy that takes it all into account. However, for those organizations that operate in multiple states, close to a state line, in a tourist destination, or even just along a busy interstate, it can get very complicated. Unfortunately, no one gets off easy here. That’s why it’s important to have a HIM professional and your organization’s legal team involved when crafting these policies.
End Users and ROI
Two of the main use cases we mentioned in the second blog in this series centered around end users and release of information (ROI). These are also two main considerations for crafting your information governance policy in regard to sharing information across state lines, as well. System end users – i.e., your staff – must have access to the information they need to provide high-quality care. There must be a mechanism in place to quickly, easily and compliantly request information of other entities in other states. On the flipside, your organization must be aware of the regulations for sharing information. Providing patient care doesn’t always happen at your facility, in your organization, or in your state. What paperwork is needed? Could the data being requested also exist in archival or legacy systems?
When crafting your information governance policy, think about the following:
How many patients for whom your organization provides care travel for work?
How close is your facility to a state line?
Do people travel from other states to your facility for certain procedures?
If the answer to any of the above is yes, think about what types of information you may need to request or send and make sure you are intimately aware of the regulations of that neighboring state(s). Ultimately, you’ll need to be aware of the regulations for every state, but you can include specific clauses in your information governance policy to flag certain types of data that are most likely to present an issue.
Patient-Centered Information Governance
The good news is, regulatory agencies both at the state and federal level are moving toward a patient-centered model and recognize the importance of sharing information for patient care. The goal, at least as we understand it today, is giving patients control over and access to their data. Despite the many technical and regulatory barriers ahead, including patient privacy concerns as well as varied state laws, EHR data standards, and patient matching issues, many organizations are already trekking down this path. Additionally, state-wide Health Information Exchanges (HIEs) provide collaboration within state lines – and according to an ONC data brief, about 70% of acute care hospitals participated in at least one HIE network with nationwide scope in 2017.
More change is on the horizon. And while we may not see a clear path yet, putting the patient first is a goal we can all get behind.