A hospital’s health information management department is responsible for releasing health records per request. This process has a number of complications involved and HIM departments are facing immense amounts of pressures, ranging from the HIPAA Security Rule, which establishes national standards to protect individuals’ electronic personal health information, to government mandated audits, such as the Recovery Audit Contractor program, that must be adhered to.
As such the department has to keep its employees educated and updated in order to properly compile a patient’s medical record. ROI is a complex process with specific provisions to protect a patient’s private medical record. The ROI outsourcing industry was founded more than 34 years ago in order for patients, attorneys, and other authorized requestors to receive medical records in confidence. Every hospital in the US either has an internal or external department that conducts the ROI process, which includes obtaining patient consent, certifying medical records, and determining what information can be released.
New technologies have changed the simpler process of paper records into a more complex progression into a combination of paper, film and electronic information. With more than 32 steps involved in the process to accurately and securely fulfill a request for a health record, it is essential that the individual releasing the information understands the complexity of an EHR. The co-existence of paper and electronic formats increases the margin of error when processing requests, since the likelihood of omitting critical documentation is increased, causing HIM departments to spend more time and resources compiling a HIPAA-compliant health record.