AHIMA: HHS must standardize minimum necessary definition
HCPRO Website, June 24, 2016
HHS must provide a clearer definition of the HIPAA minimum necessary standard, AHIMA president Melissa Martin, RHIA, CCS, CHTS-IM, testified at a subcommittee hearing.
The National Committee on Vital and Health Statistics’ subcommittee on privacy, confidentiality, and security held a hearing June 16 to determine how HHS can improve its guidance on the HIPAA minimum necessary standard. The minimum necessary standard requires covered entities (CE) to use, request, and disclose only the minimum amount of protected health information (PHI) necessary for a given transaction. CEs cannot use, request, or disclose an individual’s entire medical record unless it can justify that the whole record is reasonably needed for a specific purpose.
However, HHS does not currently offer specific guidance on how the standard should be defined and leaves it largely up to the discretion of individual CEs. The lack of a clear, official definition leads to inconsistent minimum necessary standards among CEs and may cause the unnecessary release of PHI, leaving CEs vulnerable to litigation, according to Martin’s testimony. HHS should develop a clear, objective definition of minimum necessary and consider creating different levels of minimum necessary based on specific indicators.
Technological and regulatory shifts since the minimum necessary standard was first implemented present additional challenges, Martin said. Many EHRs lack the controls HIM professionals require to properly restrict access to an individual’s PHI to only the specific staff that need access to it. Most EHRs also lack the sophistication to perform the complicated search and data sequestration functions CEs require.
The shift to mandate improved and increased interoperability and data sharing among healthcare providers adds an additional challenge to defining the minimum necessary, she said. The minimum necessary amount of PHI needed for most uses and requests has increased rather than decreased.
AHIMA conducted a survey on minimum necessary standards prior to the hearing. A plurality (38%) of respondents said they did not know if their organization adopted a definition of minimum necessary for access and disclosure of PHI.
Most Popular
- Articles
-
- Differentiate between types of wound debridement
- Don’t forget the three checks in medication administration
- Note similarities and differences between HCPCS, CPT® codes
- Revisions deeming EPs
- OB services: Coding inside and outside of the package
- Reimbursement for Facility and Professional Services in a Provider-Based Department by Gina M. Reese, Esq., RN
- Practice the six rights of medication administration
- Complications from immobility by body system
- What to include on the incident report
- Know guidelines and subtle differences in code descriptions for laceration repairs
- E-mailed
-
- Study: Hospital Bedsheets Could Be Source of C. difficile Contamination
- Joint Commission Revises Scoring for IC Standard
- Q/A: Who must approve change in patient status for condition code 44?
- Revisions deeming EPs
- Coding, billing, and documentation tips for teaching physicians, interns, residents, and students
- Reimbursement for Facility and Professional Services in a Provider-Based Department by Gina M. Reese, Esq., RN
- Egress lighting in the chapel, nurse pull cords, and waste holding rooms
- Dig into the details of wound care documentation
- Critical thinking scenarios for teaching nurses
- CPT Manual moves laparoscopic ablation of uterine fibroid tumors from Category III codes
- Searched