Skip to main content

Tag: technology

HIPAA and Mobile Devices: What Your Service Needs to Know

Written by Joe Bilello on . Posted in Operations, Technology.

For ambulance services, HIPAA compliance is a particularly sensitive issue. Because of the sensitive nature of the health data that EMS and EMT professionals deal with on a daily basis, HIPAA Privacy and Security standards must be carefully adhered to.

This issue becomes even more sensitive when you consider that most of the data collected during pre-hospital care will likely be collected, tracked, and documented on a mobile device. Laptops, smartphones, and tablets are indispensable tools for ambulance care. Most of these devices will have access to electronic health records (EHR) platforms, which will in turn be connected to the rest of a hospital’s EHR data.

While mobile devices can provide convenience in life-or-death situations, they are also particularly vulnerable to the risk of a data breach. A data breach of unsecured health information can lead to serious HIPAA violations and put patient privacy at risk.

The kind of health information that these devices have access to is called protected health information, or PHI. PHI is any demographic information that can be used to identify a patient. Common examples of PHI include names, dates of birth, medical information, insurance ID numbers, addresses, full facial photos, and telephone numbers, to name a few.

The HIPAA Rules set specific standards for maintaining the privacy, security, and integrity of PHI. Though the regulation can seem complex, the standards are in place to safeguard PHI. As per HIPAA, ambulance services necessarily fall under the category of Covered Entities, meaning that they are responsible for maintaining compliance with both the HIPAA Privacy Rule and the HIPAA Security Rule.

These two rules set limits for how and when PHI must be stored and accessed. Below, we list a few of the major components of the HIPAA Rules that all ambulance services can implement in order to keep PHI safe and secure on the go.

  • All mobile devices that can access PHI must have full-disc encryption. Additionally, all devices should be routinely backed-up on encrypted servers. In the event that a device is lost or stolen, full-disc encryption will keep hackers or thieves from accessing sensitive health data.
  • Your organization should have HIPAA policies and procedures in place pertaining to mobile devices taken “off-site.” This would necessarily include all laptops, tablets, and smartphones with access to PHI that are used in pre-hospital care in an ambulance. By outlining when devices are permitted to be used, who is permitted to use them, and how they are to be handled in off-site settings, your organization will mitigate the risk to PHI stored on these devices.
  • Keep a full inventory of all devices within your organization that can access or handle PHI in any way. Routine check-ups on the condition and location of devices listed in your inventory will help ensure that devices are not misplaced. And in the event that a device is misplaced or stolen, organization officials will notice as soon as the inventory is reviewed so that action can be taken to remedy the breach.
  • Access to PHI on mobile devices and in pre-hospital settings should be limited only to essential members of the organization’s workforce. This is known as the Minimum Necessary Standard. It’s a part of the HIPAA Privacy Rule that states that access to PHI must be limited based on employees’ roles, and that when access is granted, it should be limited to the minimum access necessary for each employee to perform their role.

These are just a few of the ways that ambulance services can protect PHI and comply with HIPAA mobile device standards.

In addition to the actions listed above, a total compliance program that addresses the full extent of the law must be in place in order to prevent HIPAA violations and data breaches.

Addressing HIPAA compliance can help ambulance services confidently treat their patients without worrying about the risk of data breaches or government fines.

Time to Automate

Written by Wendy Becofsky on . Posted in Finance, Medicare, Operations, Quality, Reimbursement.

Founded in 1964, now nationally recognized, Mohawk Ambulance Service is the largest privately owned ambulance service in upstate New York. Our organization services six emergency centers, makes 56,000 trips annually and employs a team of more than 250 staff members. Eighty percent of our trips are for emergency transports where patients are unknown, in critical condition or have no identifying information. Finding fast, efficient ways to verify demographics and discover insurance coverage for these patients is imperative for our revenue cycle and our bottom line.

We’ve always worked closely with our local hospitals and nursing homes to obtain information. Many standard processes have been refined over the years with checks and balances to verify coverage, screen deductibles and reduce eligibility-related rejections before claims are submitted to a payor. But our billing team knew we could do more to eliminate duplicate data entry and processing lag time.

This article describes our journey to a more streamlined billing process. It includes lessons learned and best-practice recommendations for other EMS providers looking to improve staff efficiency and reduce receivables.

First Stop: Real-Time Insurance Discovery

The first area we tackled was insurance discovery where we had three employees stationed. We focused on our self-pay patients and transports lacking complete demographic or insurance information. The goal was to eliminate manual steps and workflow lags—which we quickly achieved.

The original process involved building a list, submitting it to Payor Logic, waiting three days for feedback, and then re-entering information into our billing system. By bringing our vendors together to meet with our team, a real-time technology solution was developed and implemented.

Now our insurance verification team has immediate access to Payor Logic’s search capabilities. Insurance discovery is an online, real-time process. Lists, batches, searching websites and waiting for results have all been eliminated. Also, the two vendors built a crosswalk that integrates insurance coverage results back into our billing system to eliminate duplicate data entry and rekeying.

The productivity our verification team is now able to achieve is amazing. They now do the work of three staff with only two employees—a 30 percent boost in staff efficiency for insurance verification.

Billing also Gets Tech Boost

At Mohawk, we use a combination of technology solutions to support our revenue cycle. But each company worked independently—creating separate silos. Billers would have to search across several different systems, payor websites and the digital pages to collate all the various demographic and insurance data required to submit a claim. We had technology, but the process remained cumbersome and labor intensive.

By working with our vendors, we built points of integration to increase the number of claims processed without adding billing staff. For example, once a biller pulls up a trip, dozens of data elements from the billing system are uploaded into a single view to eliminate searching and save time.

Everything the biller needs to complete a claim is displayed in a consolidated view, consistent across all Mohawk companies. Billers can easily see patient signature, facility signature, narrative, vital signs, advanced life support and more. This level of integration eliminates the need to look at every page of the system to build the claim—saving dozens of hours every week.

Lessons Learned

Like most EMS providers, our mission is to uphold the highest standard of services with consistent devotion to delivering superior emergency medical care. And through this automation project, we took service excellence one step further—delivering world-class service throughout our billing process. We find more insurance coverage, reduce eligibility-related rejections, convert self-pay accounts and collect more revenue from the right source. Results thus far include:

  1. 30% improvement in staff efficiency for insurance verification
  2. 67% less time needed per case to screen for Medicare deductibles
  3. 100% elimination of wait times to discover billable insurance for self-pay patients

EMS providers looking to streamline the billing process should revisit their existing technology applications and engage in serious discussions with current vendors. New capabilities are out there and should be explored. The automation efforts described above have resulted in an efficiency uptick for Mohawk, despite being short staffed. New workflows for verification are being maintained by our team and next steps for automation expansion are being discussed. By keeping open communications and an ongoing dialogue with all parties involved, this automation experience has been a win-win for our business, our staff and our patients.

Stay In Touch!

By signing up, you agree to the AAA Privacy Policy & Terms of Use