On Demand Webinar | Intermediate | Revenue Cycle
In the past decade healthcare organizations have become increasingly inundated by a tidal wave of data from various sources. Processing that data in an efficient and scalable manner has become challenging. One successful approach has been t...
Live Webinar | Revenue Cycle
Emergency departments are healthcare's safety net, but COVID-19 has resulted in tremendous drops in patient volume. Savvy healthcare executives and emergency medicine groups seek out new strategies to drive better outcomes, reduce clinicin ...
Live Webinar | Revenue Cycle
<div>In the past decade healthcare organizations have become increasingly inundated by a tidal wave of data from various sources.&nbsp; Processing that data in an efficient and scalable manner has become challenging.&nbsp; One successful ap...
On Demand Webinar | Overview | Revenue Cycle
A butterfly flaps its wings, causing a hurricane halfway around the world.&nbsp; Learn how to apply the butterfly effect by making minor changes in the front-end of your revenue cycle to eliminate denials, increase POS collections and impro...
Live Webinar | Revenue Cycle
The COVID-19 pandemic is rapidly impacting the way hospitals and health systems operate and deliver care. Revenue cycle operations must respond in this ever-changing environment and continue to support and ensure financial viability to the ...
Article | Revenue Cycle

St. Luke’s Health System decides to allow carefully monitored, specific-payer access to its EHR after buy-in from all internal stakeholders

Article | Revenue Cycle

St. Luke’s Health System decides to allow carefully monitored, specific-payer access to its EHR after buy-in from all internal stakeholders

The push and pull between providers and payers regarding claims can be frustrating at best, and at worst, result in a denial. To increase both efficiency and payment, St. Luke’s Health System in Boise, Idaho, adopted a strategy some would deem risky: Inviting payers into their EHR system.

Cindy Andreason, director of health information management (HIM) operations at St. Luke’s, said the organization’s process of getting records to their payers was “clunky,” resulting in the payer saying they didn’t get the record they needed or that the record they received didn’t have the information they needed. Allowing payer representatives into their portal creates a more efficient process, she said. 

The internal conversation

The decision to adopt this strategy wasn’t one the health system took lightly. To some, opening the door to patient records could feel more like opening a can of worms.

“That’s kind of scary to some individuals, to allow payer access,” Andreason said.

St. Luke’s started with a comprehensive internal conversation including HIM staff, members of the revenue cycle team as well as the vice president of revenue cycle, IT, a privacy and security officer and a payer liaison. 

The risk chain

One critical decision when considering granting EHR access to payers is how much information to provide and how to provide it. Greg Ford, an associate vice president at MRO, a Pennsylvania-based disclosure management firm, recommends healthcare organizations limit payer access to their EHR to manual access by claim-specific encounter. In other words, the payer would request access to a specific document, and a staff member on the provider side would have to manually grant that access. This process would be like the process payers use to request paper records today.

St. Luke’s adopted this level of access for their payer partners, creating a template containing only the information that would have been available via the paper process. The payer must request access to a specific patient record for a specific encounter and then has access only to the elements in that template. 

A little riskier but possibly more convenient for the provider organization, payers could get automated access by claim-specific encounter. This level of access would cost the provider organization some control but could help free up the person responsible for reviewing requests, Ford said.

Moving up the risk chain, which Ford advises against, is automated access to a patient’s entire record (which opens the possibility of the payer using that record for any purpose). Some payers and their vendors can create a database of patient records, trying to mirror what the provider has in its own database. At that point, the provider has no control over what happens to the data, opening the doors for data breaches and loss of trust from patients.

“Having all that data out there is definitely risky,” he said.

Limiting access to necessary requests

There are additional reasons a provider organization would not want to allow payers to grab whatever records they want, Ford said. Payers want to access provider EHRs for three reasons, only one of which works in the provider’s favor, he said.

Claims processing. In this scenario, a payer representative is looking at a specific claim for a specific encounter and wants to ensure the information is correct. Ford said this type of review is a win-win for the payer and provider.

“If [the request] can be limited to that specific data encounter, we think that’s an area that makes sense. That’s going to get the provider paid in a more-timely manner.”

Review of a paid claim, also known as a post-payment audit. These reviews occur after a claim is paid and the payer suspects they’ve overpaid. Ford does not recommend agreeing to this type of review. 

“In those cases, they’re looking to take money back from the provider,” he said. 

Quality and risk adjustment reviews. The payer objective of a quality review is a better star rating. There’s no downside or benefit to  the organization there, Ford said. In a risk- adjustment review, payers aren’t looking to recoup from the provider but might want additional compensation from CMS. In these cases, Ford recommends strong HIM governance to ensure the organization releases only what is appropriate. Most record requests will require some work on the part of staff (making the provider’s cost of sending records higher with no return), and the more patient records that go out, the greater the risk of data leaking out.

“We don’t think it makes sense to open the floodgates for the review requests,” he said.

Results and continued monitoring

Once the system is set up with a payer, the provider’s work isn’t over, Andreason said. Periodic reviews are essential to ensure the arrangement is working as intended. St. Luke’s has been allowing payer access for less than a year and is keeping a close watch on how things are going, she said.

“Maintenance is key. After you set it up, you don’t want to stop reviewing what you’re doing,” she said. Changes to the EHR itself are something else to watch out for. An update might mean unintended changes to the way the payer views the system. 

“You have to make sure that you keep the integrity of what you established in place,” she said.

Response from payers has been positive, and the process seems to be running smoothly, but it’s too early to tell whether St. Luke’s will see denials reduced as a result of the effort, according to Andreason. The hospital is continuously monitoring the process. 

4 questions providers should ask before payer partners get EHR access

Providers should ask several questions of their payer partners when considering a plan that allows those partners EHR access, according to Greg Ford, an associate vice president at MRO.

1. What is the process for managing users on the payer side? If an employee leaves the payer organization, the provider should receive timely notification to discontinue that employee’s access.

2. Does the payer use third-party or offshore vendors or employees?

3. Who has access to the information after it is pulled out of the EHR?

4. What are the payer’s policies around security to ensure patient information is safe?

About the Author

Erika Grotto, CHFP, CRCR,

is a senior editor at HFMA, Westchester, Ill.


Related Articles | Revenue Cycle

News | Revenue Cycle

Nearly 64% more members enrolled in HFMA certification courses during the COVID-19 pandemic compared with the same six-week period last year

HFMA members are putting their work-from-home situations and downtime due to stay-at-home directives to good use: 2,171 members passed HFMA certification exams between March 13 and April 27, 2020.

News | Financial Leadership

Online community value is apparent amid the COVID-19 outbreak

There has been a surge of activity in HFMA's Community groups since the onset of the COVID-19 pandemic, as HFMA members seek to share insights with their peers to help them respond to the crisis.

Article | Consumerism

Don't skip the patient conversation when payer coverage for coronavirus is unclear

Whether holding charges or billing, healthcare organizations should be communicating with patients about their financial responsibility.

News | Staff Development

CRCR certifications surge with Enterprise Membership

Change Health has encourage staff on its provider account management team to obtain HFMA's CRCR certification, with the result that the number of staff members who have achieved the certification has skyrocketed.