The medical referral process is an important part of ambulatory care in the US. Medical referrals have a direct connection to patient health outcome and the provider’s revenue flow. Patient-specific information and the need to keep it safe is even more important.
To protect patient information from falling into the wrong hands, healthcare providers use various procedures and processes to ensure maximum security but when it comes to referral workflow there are no standard procedures nor any secure technology to ensure information safety.
Gigabytes of patient records are compromised each year because providers do not have processes, the required technology or is unaware of HIPAA regulations. Here is how not to share patient information during referral.
Email Is Not What You Think It Is:
Many providers rely on emails to send and receive patient information instantly. Emails are easy and a lot faster than faxes but the problem with emails is that the files sent through with emails are generally un-encrypted when transmitted or when saved leaving patient information sensitive to theft. Using emails to share patient-related data is against HIPAA compliant and according to HIPAA, the provider is held responsible for any breach.
Beware Of Faxes:
Faxes are the most common format to send and receive patient information between practices. Regular faxes are affected by the problem of encryption; since these files are not encrypted, this information could be accessed by an individual with access to phone lines and basic knowledge of the system. Faxes are slow and time-consuming and do not support all type of file formats. Received faxes are usually kept in the machine for some time exposing patient information to unauthorized people. Faxes leave a paper trail of patient information which will practically result in making EMR/EHR systems useless.
Although triplicate forms sound straightforward, practically triplicate forms transfer the process of referring a patient from provider to patient or patient’s skin. The patient is left with the challenge of coordinating between physician offices – calling referral coordinators, faxing files to specialists’ office. Often a patient will have to request an appointment with multiple specialists which means sending sensitive patient information to specialists office who may not be taking care of the patient at all.
Sharing patient information is crucial in the medical referral process, but the systems that the healthcare providers use are incompetent to do a fast transfer of patient file and transfer it securely to authorized providers.
Hospitals need to establish clear-cut procedures in case of sharing patient information. Such a procedure should be able to track the flow of patient data and establish standard norms and practices to minimize the possibilities of compromising data.