| By Janet Hibel Ph.D. | Treatment Record Audits: The Practitioner’s Dilemma
Abstract Audits of treatment records by managed care is a new insult to the besieged mental health practitioner. Production of the treatment record places the practitioner in an ethical dilemma regarding confidentiality if the service user has not signed specific informed consent release for the purpose of an audit Practitioners who seek to comply with audit demands by providing files with client identification deleted may still risk breaching service user confidentiality because the client's identity may remain transparent. Developing a set of fictionalized charts for submission to managed care may be the practitioner's best approach to protecting service user confidentiality. Guidelines for the production of fictionalized charts are offered. State and national practitioner organizations should become involved in assisting practitioners in maintaining service user confidentiality. The treatment record is being subjected to scrutiny and audit by managed care organizations (MCO's), placing yet another burden on the back of the practitioner. Weary providers likely view this addition as another in a long onslaught of nonreimbursable paperwork unfairly placed upon them by accountability crazed managed care bureaucrats. Ethical dilemmas regarding the release of confidential information contained in records haunt practitioners as they attempt to submit to the requirements of their contract while maintaining sound ethical practice, and protecting service user confidentiality. How can the independent practitioner safely cope with the requirement to furnish client files on demand? The usual scenario unfolds when the practitioner receives a letter from a major referral source, declaring that their will be an audit of their practice according to NCQA (National Committee of Quality Assurance) record keeping requirements. The practitioner's first response is usually, ìThis is the last straw, I quit!î Upon consideration of from where the client referrals come, the practitioner usually becomes willing to accommodate to the request. Internally, practitioners may experience frustration and anger, and rhetorically ask “Why doesn't someone do something about this?” However, since medical record privacy legislation has been dropped from legislative priorities, no law or code currently exists to shield the practitioner from excessive managed care contract demands. The Practice Audit MCOs desire to audit practice locations and clinical records at will, which challenges the practitioner's ability to maintain control over patient confidentiality. The stated purpose for record audits is to determine if the practitioner's record-keeping practices meet the company's standards, as well as National Committee of Quality Assurance (NCQA) standards intended to monitor the quality of care by affiliated providers. However, the validity of NCQA as a legitimate oversight organization has been questioned by Welsh (1997): The NCQA (is) a transparent whitewashing organization established by the managed care industry itself to create the illusion of standard-setting. The NCQA, while presented as a quality control device, is really a more insidious means of harassing providers and making it more difficult to provide care (p. 15). The quality of care issues that are audited by NCQA and the MCO include file organization, initial assessments, psychological and medical history taking, treatment plans, progress notes, termination and discharge planning, coordination of care with primary care providers, and appropriate referrals for psychotropic medications. Providers and sites who do not “pass” are usually graded and given a corrective action plan to complete within a specified period of time, or are dropped from the MCO's panel of providers. NCQA requirements usually are more extensive than the average standard of care described by most state licensing boards. For example, while NCQA standards dictate that each page in the treatment record must contain patient identifiers and the clinician identifiers, the Florida Board of Psychology rule that defines Standards for Records (64B19-19.0025) only requires basic identification data provided once. For NCQA, each record must indicate what medications have been prescribed, not just psychotropics, the dosages of each medication and the dates of initial prescription or refills. Allergies and adverse reactions must be clearly documented, and a lack of known allergies and sensitivities to pharmaceuticals and other substances is also prominently noted (Pacificare Behavioral Health, 1996). The Florida rule only requires relevant, particularly current medical data and medication. The addition of more comprehensive medical information mandated by NCQA could potentially make practitioners liable for reporting errors of medical information, or failure to verify medical information reported by clients, thus creating an increased risk for complaints. Complying with Audits What then is the most reasonable way for a practitioner to proceed when negotiating a record audit? The first line of defense is to formally request that records be accepted in disguised, rather than identifiable form. Although there is reason to question why MCOs would care whether or not they can identify the chart, up until recently many MCOs, but not all, have refused to accept disguised charts. Most MCOs proclaim entitlement to complete treatment records of their beneficiaries. They often claim proprietorship over the entire chart, even when the service user had been provided services under a different insurance during an earlier time of treatment Commonly, the MCOs do not consider obtaining files as a breach of confidentiality, and the providers are often instructed not to obtain an additional release of information from the service users. MCOs assume that the initial blanket release of information for case management and obtaining treatment authorization signed at intake is sufficient for releasing the complete treatment record and implementing a utilization review of all treatment records. Further, the practitioner has usually signed a vaguely worded provider contract agreeing to participate fully in utilization review. When audited, the service provider is required to prepare a designated set of records for present or past service users, which could involve services provided over a span several years. Some companies provide a list of, say, five past service users, and ask the practitioner to choose three to submit. Other companies feel free to demand “random chart audits of our entire individual practitioner network” (PacificCare Behavioral Health, 1998). A few MCOs leave it up to the practitioner to choose which records to submit for critique. Blanket Authorizations The question for the practitioner becomes: Does initial service user blanket release signed at the time of treatment constitutes true informed consent regarding release of a record for the purpose of a provider audit? To answer this question, the practitioner must attempt to determine if a service user's initial blanket release of information for processing insurance billing, obtaining treatment authorization, and communicating with case managers regarding medical necessity is sufficient to constitute adequate informed consent for the present-day practitioner audit. According to Garvey and Braun (1997): “Informed consent refers to the agreement people give to participate in some process or procedure after having had that process explained to them in understandable language” (p. 399). The informed consent doctrine includes the notion that service users have the right to agree to participate, decline to participate, or withdraw at any time, and that their agreement is consistently monitored throughout the process as new requirements for release occur. For example, the ethical code for psychologists (APA, 1992) indicates that in discussing the limits of confidentiality (Standard 5.01), practitioners should inform service users at the beginning of treatment about the possible limitations of confidentiality and privacy, and “the foreseeable uses of the information generated through their services” (p. 1606). Therefore, unless the practitioner had received specific written permission for the service user's file to be submitted for audit, the service user has not given adequate informed consent regarding foreseeable uses of the records. An immediate remedy to the conflict would be to add a statement to the practitioner's initial intake release for managed care, a statement that details the possibility of a practitioner record audit. Timing of Informed Consent Practitioners should be concerned about whether a service user who signs a blanket waiver before beginning treatment can give informed consent to release psychological information that has yet to occur in treatment (i.e. the information does not exist at the time of consent). For example, at the outset, a service user may intend only to discuss work stress, but later reveals instances of familial sexual abuse. Since these problems were not anticipated for discussion at the point that the release of records was signed, it could be reasonably argued that no informed consent had been given. Slovenko (1983) cautions that prospective consent is unlikely to be regarded as valid from a legal perspective, and would offer little or no legal protection to the provider. There is an additional uncertainty with the overbroad language of a blanket authorization, which could invalidate the authorization. Woody (1998) states: “Even if the document such as an insurance policy states all risks or all terms have been explained, it is obvious that this is a falsehood, there is no way to give a thorough and accurate explanation before the data idiosyncratic to the person has emerged” (p. 15). Further, the doctrine of informed consent asserts that the service user is free to withdraw consent at any time: “Informed consent is thus deemed an ongoing condition of therapy, and the patient who has forgotten that consent was once given, remains free to withdraw” (Slovenko, 1983, p. 117). At the time that records are requisitioned, which may be up to two years after the service user has terminated treatment, a release of information may no longer be valid. If the service user were to be asked, he or she might choose to withdraw consent for release at this later date. Problems in Obtaining Informed Consent In the event that the practitioner attempts to obtain an authorized release for records in a record audit after treatment has begun, there is the risk that the service user will construe this act as some form of coercion, based upon the unequal power relationship between practitioner and service user. In fact, the service user could construe possible harm by the efforts of the psychologist to obtain consent. Given the dependent relationship with the practitioner, it is difficult to determine if consent is freely given by a service user. The service user may anticipate negative consequences from declining consent, or withdrawing consent. For example, in the case of Doe v. Roe (1977), a psychiatrist claimed that he had a verbal agreement to publish disguised information about a patient in a case study. The complainant argued that even if consent had been given, it was given under duress because of the patient's dependency on the psychiatrist. Of course, some states require that all authorization to release confidential information be in writing only (Woody, in press). There is the added risk that the service user will experience adverse psychological effects from an audit, such as the service user assuming that he or she is special in some way to the therapist, either favored or considered more disturbed than others. The audit may provoke some service users to become upset and betrayed at the request; some may be prompted to leave therapy prematurely. Service users already worry about who has access to confidential information for the treatment plan reports necessary for authorization of services from their MCO. Further requests for information release can exacerbate the service user's previously established mistrust of the system and increase resistance to treatment. In gathering the records required for an audit, some practitioners may be mandated to present records of past service users. Contacting past service users for consent can bring up bygone emotional issues, initiating an unwelcome intrusion into their present functioning, and inflict potential harm which would conflict with the ethics code that expects the psychologist to “seek to avoid harm where it is foreseeable and unavoidable” (APA, 1992, p. 1601). A service user may be concerned about who will be reading his or her file, and if personal identification will be possible. Increasingly, through exposure to current news reports regarding the lack of medical record privacy, service users are becoming concerned about personal information finding its way into a National Medical Data Bank, which could be accessed by employers for hiring or promotion purposes, or by insurance companies for enrollment decisions. Increasing access to medical records have been secured by attorneys in civil cases who have learned to bypass the practitioner and subpoena the records directly from the insurance company. A new concern has arisen involving unanticipated recipients of confidential information. MCOs have been farming out their recredentialing and auditing tasks to third party vendors Complete treatment records are shipped to vendor corporations for scrutiny. At the outset of treatment neither the service user nor practitioner could have anticipated that these vendors would be potential recipients of confidential information. The appearance of a new third party vendor-recipient of confidential information on the scene produces a myriad of potential problems for practitioners who attempt to negotiate the appropriate responses to MCOs. Since the therapeutic alliance in brief therapy can be fragile and tenuous, service users may understandably decide to terminate treatment because of requests for release of confidential information. While it is possible that the service user could be enlisted to develop a disguise for the file, it is likely that this would interfere with the treatment process, and would certainly use up valuable time in a short-term therapy authorization period. Seeking Guidance from Ethics Codes In taking any action with records, practitioners should consult their ethics code for guidance. In searching for guidance regarding the release of disguised files, the APA Ethics Code, Standard 5.05, Use of Confidential Information for Didactic or Other Purposes reads: Psychologists do not disclose in their writings, lectures or other public media confidential, personally identifiable information concerning their patients unless the person has consented in writing or unless there is other ethical or legal authorization for doing so. Ordinarily, in such scientific and professional presentations, psychologists disguise confidential information concerning such persons so that they are not individually identifiable to them and so that discussions do not cause harm to subjects who might identify themselves (p. 1607). According to this standard, practitioners are allowed to disguise information for professional presentations, but release of a file to an MCO representative does not constitute a professional presentation per se. If the practitioner extrapolates from this standard, it would appear that release of disguised information would be permissible, but only as long as no harm is done. Most MCOs will accept sanitized charts but will not accept disguised charts. The difference between the two is that a sanitized chart has name, address and identification number deleted, but the demographic and clinical aspects (age, sex, employer, family constellation, diagnostic classification, treatment plan, etc.) remain. However, sanitized charts are problematic because these demographic and clinical aspects can very well render a record identifiable. A disguised chart has demographic and case related information changed so that only the basic case material and therapeutic process itself is important. Wrestling with the issue of presenting disguised case information, Gavey and Braun (1997) state: This standard (5.08) sidesteps the issue of whether or not informed consent is required from the person about whom the information is presented. One reading of this standard would imply that information about service users may be shared for teaching or scholarly purposes, so long as the information is anonymous and not personally identifiable in any way. One limitation of this strategy is that audiences can and do accurately recognize service users, even from anonymous and disguised presentations (p. 400). Other sources strongly caution practitioners to obtain written informed consent prior to using information. Bollas (1995) states: We think that the analyst should ordinarily secure permission from patients, service users, students, supervisees, or research participants. This point that bears repetition, that patient cannot be identifiable in any way other than to the psychoanalyst himself (p. 187). The bottom line is that current ethical guidelines for most professions fall short in offering direct guidance to practitioners facing audits, as this is a relatively recent affront among the assembly of managed care abuses in the current marketplace. Practitioners seeking further guidance from codes of ethics can consult Standard 5.05 from the APA Code, which cautions practitioners to disclose confidential information without the consent of the individual only as mandated by law, or where permitted by law for a valid purpose, such as protecting the patient or client or others from harm. Also Standard 8.03, Conflicts between Ethics and Organizational Demands offers to the practitioner the following caution: If the demands of an organization with which psychologists are affiliated conflict with this Ethics Code, psychologists clarify the nature of the conflict, make known their commitment to the Ethics Code and to the extend feasible, seek to resolve the conflict in a way that permits the fullest adherence to the Ethics Code (p. 1611). Some practitioners have become so managed care compatible, that they rarely question complying with whatever is necessary to ensure the survival of their practice. The ready compliance with practice audits exists in concert with other questionable practices mandated by managed care, such as mandatory release of records to the client's Primary Care Physician, and the extensive documentation required for medical necessity authorization. Regarding the erosion of confidentiality, Bollas is concerned that this will undermine the public trust in psychotherapy and the privilege doctrine: Instead of questions, we have cooperation, clinicians who comply willingly with the reporting laws and other intrusions, graduate schools that teach students how to comply, and judges who for all their sympathy with the goals of treatment defer to their social and legal interests, interests at once more familiar and better defined. Reasons for disclosure and exceptions to privilege multiply in the absence of any coherent protest from psychoanalysis or psychotherapy. It is self evident that as time passes and the public knows more about the destruction of privilege, individuals who might otherwise seek professional help will not do so ( p. 86-87). Acquiescing to the demands of managed care may make it easier to build a practice, yet it ultimately undermines the privacy and trust which is the foundation of psychotherapy. Guidelines for Production of Disguised files Some MCOs can be persuaded to allow presentation of disguised files. The practitioner's best strategy is probably to write a letter in response to the practitioner audit notice, using as a rationale that cites the applicable state law and ethical standards safeguarding confidentiality, and offering to present disguised files instead. Hopefully the MCO will respect the practitioner's diligence in maintaining confidentiality and determination to abide by ethical standards. If disguised files are allowed, practitioners may consider the following guidelines as paraphrased from Clifft (1986, see page 518): Change basic information. For example, change, name, location, dates of service, occupation, number of children, family constellation, educational history. Avoid true specifics. Clifft suggests changing dates of service to dates that are not true dates, or to make the time general in terms of seasons, such as Fall, 1997. Arrange checks on your disguise with colleagues to see whether they can identify the service user. If colleagues can identify the service user, ask what gave away the service user's identity. Do not make assumptions that assuming a few minor changes, such as from specific to general will provide adequate disguise, such as changing “a 63 year old ex-professor in Sarasota” to “a retiree living in South Florida.” Try to anticipate if the reader of the file could have prior contact with the service user, such as in a company EAP program or human resources position. Many former EAP personnel end up working for MCOs at their home office. Summary and Conclusions Requesting the option to provide disguised files is supportive of the ethical responsibilities and legal duties placed on the practitioner. If the request is granted, the clinician can prepare a few fictionalized or disguised files can be prepared to exemplify record keeping and these same files may be used with other companies that request treatment audits, saving time and expense of preparation. Some practitioners have proposed that the MCO should send a payment authorization thereby compensating the provider for the time preparing for the audit. If acceptable to the MCO, the best solution is to offer to provide disguised cases, based upon real cases that may or may not be part of that MCO's consumer base. This approach would minimize ethical dilemmas and eliminate the problems created by not seeking informed consent. The records should be sufficiently disguised so that they could be used in a public forum such as a lecture of teaching situation, with no danger of the service user's identity being discoverable. There is an imperative need to consider revision of ethical guidelines for responding to requests for case charts by third party payors and regulatory bodies in upcoming professional ethics code revisions. Professional associations should demonstrate leadership in this matter by publishing practical and specific guidelines regarding how to present charts when required, and not impose disciplinary sanctions for practitioners who are attempting to survive in the changing marketplace. Further, professional organizations should promote legislative advocacy regarding medical record confidentially, so that MCOs will be held accountable for their policies regarding confidentiality of mental health information. MCO auditors who are members of professional associations and licensed by state boards should be accountable to the ethics code as well, that is, sanctions should be sought against MCO employees who are the recipient of unauthorized confidential information from practitioners. Finally, NCQA record keeping requirements which go beyond those mandated by state licensing or other law should be challenged by practitioner organizations at the state and national level. References American Psychological Association. (1992). Ethical principles of psychologists and code of conduct. American Psychologist, 47, 1597-1611. Bollas, C., & Sundelson, D. (1995). The new informants. Northvale, NJ: Aronson. Florida Board of Psychology, Florida Administrative Code, Chapter 64B-19. (Rev. April, 1999). Gavey, N., & Braun, V. (1997). Ethics and the publication of clinical case material, Professional Psychology Research and Practice, 28 (4), 399-404. PacifiCare Behavioral Health. (1996). PacifiCare behavioral health clinical care manual. Santa Ana, CA. PacifiCare Behavioral Health (1998). Treatment Record and Site Audits..PacificCare Behavioral Health Networknews, March, 4. Slovenko, R. (1983). The hazards of writing or disclosing information in psychiatry. Behavioral Sciences and the Law. 1, 109-127. Slovenko, R., & Usdin, G. (1961). The psychiatrist and privileged communication. Archives of General Psychiatry 4, 431-444. Welch, B. L.(1997). The death of managed care. The New Mexico Psychologist, 14, 16. Woody, R. H. (1998). The payment source as service user. Florida Psychologist, 49 (1), 16-25. Woody, R. H. (in press). Psycholegal information. Madison CT: Psychosocial Press. Wigmore, J. H. (1961). Evidence in trials at common law. Vol. 8. (McNaughton Rev), Boston: Little, Brown. Case Citations Doe v. Roe. 93 Misc.2d 2201, 400 N.Y.S. 2d 668 (1977)
Janet Hibel, Ph.D. is an independent practitioner in Palm Beach Gardens, Florida. She is a voting member of the APA's Ethics Committee, representing the slate of Counseling Psychologist with an expertise in managed care. She is chairperson its Alternative Dispute Resolution subcommittee, which is studying alternative systems for resolving complaints. She is also president of the Palm Chapter of the Florida Psychological Association. She can be reached at: 8259 N. Military Trail #9 Palm Beach Gardens, Florida 33410, (561) 694-6703. FAX (561)694-0391, E-mail: janetdoc@aol.com |
|||||
| Return to Top | ||||||