May 23, 2013
Natural disasters in America are always difficult. Our first concern is about the safety and welfare of the people involved. The buildings, the cars that are tossed around like toys and the personal belongings, while precious to their owners, quickly become meaningless when life and limbs are at risk. Anesthesia Business Consultants' (ABC) prayers are with the victims of the Moore, Oklahoma tornado this past Monday. Catastrophic events like the recent tornado, Hurricane Sandy, and flooding throughout the plains a few months ago, make us all appreciate what is most important to us.
Once the immediate risk of danger is neutralized and the survivors are safe, it becomes a time to analyze what happened, what worked as intended and what needs to be improved? Officials at two hospitals in the region said they were treating more than 140 patients, including around 70 children. Dozens of people were said to be in critical condition. We know from the national news that another hospital was rendered helpless due to damage it sustained from the tornado.
Whether as a first line responder, a surgeon, or a health information management specialist, we use the period after a disaster to review our processes and procedures to make sure that if we are faced with the challenges that Moore, Oklahoma faced, we are as prepared and ready as possible. So how do we get there?
The Joint Commission and the Centers for Medicare & Medicaid Services (CMS) require all facilities to have in place a disaster plan. Hospitals and other facilities work on their plans in a continuous manner. They focus on three components of readiness: planning, training and executing to ensure the plan works. If it doesn’t work despite multiple training exercises, they go back to revise it and practice the new plan. In addition, HIPAA security regulations require all providers (including physician practices) to create a workable disaster recovery plan. The goal: to ensure that the hospital and practice survives any type of interruption and is able to get its doors open to accommodate patients with minimal disruption and cost.
HIPAA rules state that physicians must have a written analysis of the “risks and vulnerabilities to the confidentiality, integrity and availability of electronic protected health information.” Practices also need written plans for creating and maintaining copies of electronic data, a recovery plan to restore lost data, a plan for data protection during “emergency mode,” and procedures for periodic testing to make sure data is protected.1
From a business perspective, the disaster plan addresses the basic operational issues that will allow a provider to keep customers, rebuild a customer base and stay in business. Key aspects of the continuity plan are recovery of data, including medical records and securing systems (including the privacy of former and current patients) to protect their future operation. The national agenda to adopt electronic health records (EHR) is a major step in the right direction to help hospitals in a disaster area to serve their community despite the partial or total destruction of the physical plant. Being able to retrieve or recover records of patients being transferred to facilities outside the danger zone is facilitated through the interoperability of EHRs.
Once the hospital or practice is stabilized and treating patients following a disaster, it is important for their coding and billing staff to review the appropriate use of the DR condition code (disaster recovery) and the CR modifier code (catastrophe/disaster related). These two billing codes were implemented following the 2005 Hurricane Katrina, one of the five deadliest hurricanes in the history of the United States. The insufficient relief effort after Hurricane Katrina made everyone want to proactively prepare, should another disaster occur. The healthcare industry was no exception and in order to help payers understand the whole story behind a claim, the new disaster medical billing codes were implemented.
The DR condition code is “disaster related” and its definition requires it to be “used to identify claims that are or may be impacted by specific payer/health plan policies related to a national or regional disaster.” The DR condition code is used only for institutional billing, i.e., hospitals, ASC's, etc. Use of the DR condition code will be mandatory for any claim for which Medicare payment is conditioned on the presence of a “formal waiver,” as defined below.
The CR modifier means “catastrophe/disaster related.” The CR modifier is used in relation to Part B items and services for both institutional and non-institutional billing. Non-institutional billing, i.e., claims submitted by “physicians and other suppliers,” are submitted either on a professional paper claim form CMS-1500 or in the electronic format. Use of the CR modifier will be mandatory for applicable HCPCS codes on any claim for which Medicare Part B payment is conditioned on the presence of a “formal waiver,” as defined below.
The DR and CR modifiers also may be required for any HCPCS code for which, at the Medicare claims processing contractor’s discretion or as directed by CMS in a particular disaster or emergency, the use of the CR modifier is needed to efficiently and effectively process claims or to otherwise administer the Medicare fee-for-service program.
CMS Instruction from MM6451 states that in the event of a disaster or emergency, CMS will issue specific guidance to Medicare contractors that will contain a summary of the Secretary's declaration (if any); specify the geographic areas affected by any declarations of a disaster or emergency; specify what formal waivers and/or informal waivers, if any, have been authorized; specify the beginning and end dates that apply to the use of the DR condition code and/or the CR modifier; and specify what other uses of the condition code and/or modifier, if any, will be mandatory for the particular disaster/emergency.
A "formal waiver" is a waiver of a program requirement that otherwise would apply by statute or regulation. There are two types of formal waivers. One type is a waiver of a requirement specified in Section 1135(b) of the Social Security Act (Act). Although Medicare payment rules themselves are not "waivable" under this statutory provision, the waiver of a Section 1135(b) requirement may permit Medicare payment in a circumstance where such payment would otherwise be barred. The second type of formal waiver is a waiver based on a provision of Title XVIII of the Act or its implementing regulations. The most commonly employed waiver in this latter category is the waiver of the "3-day qualifying hospital stay" requirement that is a precondition for Medicare payment for skilled nursing facility services. This requirement may be waived under Section 1812(f) of the Social Security Act.2
ABC again wants to express their support and prayers for those suffering from losses of loved ones, personal belongings and facing a long road to recovery from Monday’s disaster. We want to reassure our clients and the healthcare community in general that ABC has an effective recovery plan in place with redundancies to protect all operational data. We would experience very minimal, if any, downtime due to a natural disaster.
With best wishes,
Tony Mira
President and CEO
1The HIPAA Security Rule 164.308(a)(7)(i) identifies Contingency Plan as a standard under Administrative Safeguards. HIPAA Contingency plans address the “availability” security principle. The availability principle addresses threats related to business disruption –so that authorized individuals have access to vital systems and information when required.
2http://www.cms.gov/MLNMattersArticles/downloads/MM6451.pdf