PHI to a Sandwich Shop? It’s Time to Secure Your Post-Acute Network

by Luis Castillo on Jun 28, 2018

Sandwich-ShopI want to tell you a story.

This is something that happened to a customer of ours, but they weren’t a customer at the time this particular story took place. If they were, I would be mortified.

Here’s the deal: a hospital had stopped receiving referral responses from one of their post-acute care (PAC) providers. The nurse would send a referral to this facility but wouldn’t hear anything back. And this happened over and over again.

Still, the nurse didn’t think that anything was terribly wrong, and neither did other nurses or case managers who sent referrals here in an attempt to place their patients. After all, the lack of response could be for any number of reasons: their beds could be full, their staff could be busy, they might not have the infrastructure in place to accept that particular service level.

And then an interesting thing happened. This hospital got a call from a local sandwich shop. The manager of that sandwich shop made a very unusual announcement. It turned out that his fax machine, which typically accepted orders for foot-long hoagies and the like, had been receiving Protected Health Information (PHI) about that hospital’s patients. Reams and reams of paper coming through describing everything there is to know about the patient’s health status.

The referrals were going to the sandwich shop.

That particular post acute facility went out of business. The fax number was repurposed by the fax provider and nobody thought to alert staff at this particular hospital!

If you just got a pit in your stomach (not from hunger pains at the mention of a hoagie), then you’re not alone. As members of the healthcare field, you and I both know the ramifications of such a mistake. This is a PHI breach; if this particular sandwich manager had been less scrupulous, it could have been a serious HIPAA violation that triggered immense financial penalties, not to mention a complete loss of patient trust.

Thankfully, in this instance, everything worked out well. The PHI was destroyed, the hospital was able to fix its problem, and they eventually sought out Ensocare to ensure they had a secure and up-to-date post-acute network.

But it could have gone very differently. And that leads me to what I want to talk to you about today: how critical it is to continually monitor and verify the security of your post-acute network.

PAC Provider on PhoneConstant Flux

The post-acute landscape is never static.

Some of the bigger post-acute providers, particularly those owned by larger health systems, tend to stick around for a while, decades even, but much of the post-acute world is still owned and operated by smaller outfits that can open up shop one day and be closed just a couple years later. Alternately, they may move facilities, get new contact information (as happened in my example above), hire new staff or be bought out.

A lot can change in a relatively short amount of time. It’s a seemingly impossible task, then, for case managers and nurses to know with 100% confidence that the people they communicate with one day will be there the next. They don’t even know if, for instance, the fax where they are sending a patient packet is in a secure place accessible only to those who should be receiving that information.

So, what do you do? You could assign a staff member or, let’s be honest, a whole department, whose sole job is to regularly visit with post-acute care providers to make sure that they’re still in business, that their contact information is up to date and that their clinical capabilities remain the same.

Or, you can turn to an already-established post-acute network where all of this information can be monitored for you and interventions can be scheduled as necessary.

A Post-Acute Network You Can Trust

At Ensocare, we offer a tool called Transition, which is used by health systems around the country to quickly refer patients to post-acute care facilities. Many hospitals have found their response rates drop from hours and days to minutes after implementing Transition. In fact, our aim is to get you a response to your patient referral in around 30 minutes.

One of the ways we do this is by developing a no-cost post-acute provider network that PACs can join at any time. And when I say no cost, I mean no cost. Our customers typically give us a list of their most common and not-so-common providers, and we reach out to those facilities to set them up within our system to receive referrals. They don’t pay anything for this. In fact, we’ll even host your providers at your facility for an on-site, in-person tutorial on the system.

Over the course of years, we’ve developed a reliable post-acute network that we update and validate regularly. Sometimes, PACs will even contact us directly to be added, and we set them up at no cost too.

The key benefit to this no-cost post-acute provider network is we have what amounts to a repository of valuable information on hand at any given time. That means phone numbers, emails, staff, locations, number of beds, accepted insurance, clinical specialties and more. We add to and edit this database all the time, and we do so by reaching out to facilities on a regular basis with an honest-to-goodness human connection, typically over the phone but also via email.

Let me give you an example of how this prevents the sandwich shop scenario I presented before. We monitor reports about PAC response rates so that we can make sure the hospitals we work with are deriving value from using our referral service. We can tell right away if the PAC facility is not hitting their 30-minute response time target we strive for, if it’s taking a facility a little longer or if they’re not responding at all.ensocare-hero-knowledge-center

We take the initiative and call that facility to see what’s going on. It could be a temporary delay that gets addressed, or they could have moved; either way, we’re going to update the system and relay that information on to your users so that you can rely on the information that’s presented.

PHI Should Stay Protected

You may not be sending PHI to a sandwich shop, but it’s still just as important to have confidence in every aspect of your post-acute network. In doing, you’ll provide patients with the best care possible, get them to the facility they need more quickly than ever, reduce readmissions and eliminate the chance of potential security breaches.

The time to reevaluate the status of your post-acute network is now. After you get the hoagie of your choice 8-).

How much can your organization save with automated discharge technology? Calculate your ROI.

Meet the Author

Luis Castillo has more than 30 years of experience in healthcare information technology. Prior to joining Ensocare, Castillo served as senior vice president at Siemens Healthcare, where he was in charge of IT sales, service and marketing. He was responsible for developing alternate markets, sales strategies and sales channels in order to grow the healthcare information technology business. Luis’ broad and deep experience has served to hone his leadership skills and business acumen, and he is a sought-after participant in strategic initiatives and global partnership efforts. He earned his Bachelor of Science degree in political science from Haverford College in Haverford, Penn.