Top 6 Mistakes Made When Releasing Medical Records

Releasing medical records may not be one of the favored tasks in the healthcare field, but regardless of how one feels, there is a propensity for human error when processing these requests.  Mistakes can and do happen; perhaps it is because of the mundane nature of the process, or maybe the fact that individuals feel pressured and are rushing to get back to patient care, or possibly because it often boils down to a manual and time-consuming process.  Whatever the reasons, errors do occur, and we want to minimize those as much as possible.

Release of information (ROI) mistakes never result in a favorable outcome.  At the minimum, mistakes turn in to more work needing to be performed.  The worst-case scenario, of course, is that mistakes can result in significant monetary penalties.  The reality is that no one wants to work harder than they need to, and no medical record custodian wants to receive a financial setback due to negligence.  Since liability rests solely with the medical records custodian, finding ways to limit mistakes, and perhaps even limit some human interaction that leads to those mistakes is prudent.

The following is a quick overview of six common mistakes as it relates to ROI.  Keep in mind that there is no intent to provide an exhaustive explanation of each point, but simply to highlight some thoughts in each category.   Each of these relates to some area of compliance: 

  1. Ensure that a valid authorization has been received. Verify the correct information is present (patient’s name, enough information about requestor and what’s being requested, etc.), and ensure that the person making the request has the legal right to do so.  Moreover, check to make sure it has been signed by the appropriate person.
  2. Are you processing the record for the correct person?  Don’t just go by the name.  Leslie Smith can be a male or a female, so use as many patient identifiers (date of birth, dates of service, etc.) as necessary to ensure that you have the correct patient record.  
  3. Process requests in a timely manner.   While medical records must be made available to the requestor within 30 days under the HIPAA requirement, State law may be more stringent (10 Days in Montana, 15 Days in California, 21 Days in Maryland, etc.).  Special consideration should also be given for the type of request being made.  Clearly one shouldn’t push off a continuity of care request for three weeks when the patient has an appointment with another provider in a few days.    Other considerations must be given for unique requirements under Meaningful Use, or with attorney issued subpoena’s and commercial insurers.  
  4. Verify what is being sent.  QA the documents that are being placed in the envelope or on the fax machine and ensure that they are not only correct, but that they contain the minimum necessary information (only the information that was requested and within the dates requested). 
  5. Verify where it is being sent.  Double check you’ve written the correct mailing address or typed in the right fax number. ChartRequest can help mitigate this type of exposure risk by virtually eliminating the need to ever mail or fax records.  
  6. Maintain a log of all disclosures.  The disclosure audit requirement mandates that a disclosure management log be kept for up to 6 years; therefore, be sure to enter every single request along with all the required elements to be recorded.

You may be pleased to know there is a software tool that can help significantly reduce the likelihood that these mistakes will occur.  Here at ChartRequest, our software was designed to help eliminate these top 6 mistakes and put the burden for accuracy more squarely upon the requestor.  We’d love to show you how our software and service can help improve compliance.