Tuesday, August 31, 2021

How to collect patient payments and verify insurance with text messaging

If you bill patients, you know that patient communication about payments and insurance are difficult. Text messaging can make it easier.


A report by McKinsey found that “...provider collection rates run at 50 to 70 percent for small-dollar liabilities for insured patients and fall to about 10 percent for self-pay patients.”

The vast majority of patients are frustrated and confused by the billing process, too. Only 7% can define important health insurance terms such as premium, deductible, coinsurance, and out of pocket max.

These problems will get worse for healthcare practices that do not make changes. If you collect anything from patients, you cannot ignore these trends.

But, the same report from McKinsey estimates that if patients “...had access to more convenient payment mechanisms...only 10 percent of their bad debt would remain uncollectable.”

As mentioned in an our previous article in the series, text messaging is the most convenient way for most people to communicate with those they already know.

Text messaging should not replace other processes for patient collections, but it is a fantastic way to improve cash flow and drop bad debt.




Collect patient payment with text messaging


First, you must sign up with a payment processor that offers HIPAA-compliant, online payments. Vendors like PayGround, InstaMed, Stripe, Braintree, and Square can integrate with your website and offer both online and POS patient payments.

Second, optimize your website for patient payments. You will likely want two prominent buttons on your website’s homepage: “Make Appointment” and “Pay Bill”. Reword these buttons depending on your specialty and the call-to-action (e.g., Schedule Examination, Book Massage, Make Payment).

Third, have the payment button redirect traffic to your vendor’s secure payment gateway. Embedding an iFrame on your webpage or using a reputable API is fine.

Avoid the liability of passing patient and cardholder data through your web server. The healthcare and payment industries are highly regulated. Hackers will target you and a single mistake could result in hefty fees.

Fourth, modify your billing processes to include text message balance notifications. Text patients whenever they have an open balance that meets your criteria (e.g. new, 15 days late, over $50). Text them something like:
You have a new balance of $[amount] with [ABC Medical Care] that you can pay online at https://example.com/make-payment or via [phone number].
[Name], it looks like your balance of $[amount] is past due with [ABC Medical Care]. You can pay at https://example.com/make-payment. Call us if you have any questions at [phone number].
Final courtesy notice. Your open balance is over 60 days past due. You can pay [ABC Medical Care] $[amount] at https://example.com/make-payment or [phone number].

Finally, do not text patients an unencrypted receipt after a payment. Receipts can contain protected health information (PHI), depending on your specialty.

Instead, offer the receipt via a secure email or portal. Ideally, text the patient a receipt link that is password-protected and stored on a HIPAA-compliant server.




Verify insurance with text messaging


Insurance verifications and pre-authorizations are time consuming.

If you accept insurance, you know that failing to verify a patient’s eligibility can lead to a claim denial or non-payment. Historically, you would need to call the patient’s insurance provider to verify their insurance.

Electronic clearinghouses and insurance web portals can make it easier to verify insurance eligibility. They allow your team to quickly determine if a patient has active coverage for the services you will provide. Electronic verification provides a better patient experience, increases time-of-service collections, and mitigates your risk of denial.

You can save your patients and staff time if you verify new patient insurance before the day of their appointment. Text messaging can make this process even faster.

Once again, you should never text protected health information (PHI) via an unencrypted channel. Many unauthorized third parties, including your carrier, have access to these messages.

Instead, schedule simple text message reminders for upcoming new patient appointments. Your messages can contain a link to a secure web form where patients can enter their insurance information.

Here is an example:
Please enter your insurance information for your upcoming appointment on [date] at [time] on our portal at: https://example.com/insurance-verification


Use your patient portal URL for this workflow. It will need to allow a patient or client to update their own insurance information. If the portal does not automatically verify eligibility, your staff can use the entered information to initiate a 270 inquiry.

If your patient portal will not work, you can set up your own web form. Work with a reputable healthcare IT development and marketing partner. You should ensure that all data is encrypted in transmission and at rest to prevent a PHI data breach.

You can set up this web form over TLS using PHP or Node.js to send user inputs to a database that is hosted on a secure server. Or, skip the database and have the form entry sent to a secure, HIPAA compliant email server.

You can also embed a Google Form on your website. Just ensure that you have a Business Associate Agreement (BAA) on file with Google and whoever is running your website.


15% Off Medical Practice Supplies


VIEW ALL



Manual Prescription Pad (Large - Yellow)


Manual Prescription Pad (Large - Pink)

Manual Prescription Pads (Bright Orange)

Manual Prescription Pads (Light Pink)

Manual Prescription Pads (Light Yellow)

Manual Prescription Pad (Large - Blue)

Manual Prescription Pad (Large - White)


VIEW ALL

Friday, August 27, 2021

Breaking Down the Business Associate Agreement

Earlier this month, I wrote an article HIPAA: Back to basics with the BAA, where I promised to write about the nuances of the requisite business associate agreement (BAA). Unless someone is new to the healthcare industry or a business associate (which includes subcontractors) that recently started creating, receiving, maintaining, or transmitting (including storage) protected health information (PHI), by now there should be an awareness that a business associate is directly liable under the HIPAA Rules. Like covered entities, business associates may be subject to civil, and in egregious cases, criminal penalties.


This leads us to the BAA—a written agreement between the parties that serves three primary purposes:
assurances that both parties are adhering to the Privacy Rule and Security Rule’s requirements;
the parties address the steps of a reportable event in accordance with the Breach Notification Rule, which includes notifying the other party within a specified time; and
setting forth how the data will be returned and/or disposed of when the relationship between the parties ends, provided there are no other circumstances such as a legal hold or government investigation.

Notably, after having read and drafted numerous BAAs, one quickly learns that all BAAs contain very similar, if not identical language. That’s because BAAs have certain content requirements, which must be included. Other items, such as particular state law, venue/jurisdiction, and indemnification (just to name a few) are not compulsory but are often seen.


As HHS explains on its website, a BAA is “[a] written contract between a covered entity and a business associate [or a business associate and its subcontractor that] must:
  • establish the permitted and required uses and disclosures of protected health information by the business associate;
  • provide that the business associate will not use or further disclose the information other than as permitted or required by the contract or as required by law;
  • require the business associate to implement appropriate safeguards to prevent unauthorized use or disclosure of the information, including implementing requirements of the HIPAA Security Rule with regard to electronic protected health information;
  • require the business associate to report to the covered entity any use or disclosure of the information not provided for by its contract, including incidents that constitute breaches of unsecured protected health information;
  • require the business associate to disclose protected health information as specified in its contract to satisfy a covered entity’s obligation with respect to individuals' requests for copies of their protected health information, as well as make available protected health information for amendments (and incorporate any amendments, if required) and accountings;
  • to the extent the business associate is to carry out a covered entity’s obligation under the Privacy Rule, require the business associate to comply with the requirements applicable to the obligation;
  • require the business associate to make available to HHS its internal practices, books, and records relating to the use and disclosure of protected health information received from, or created or received by the business associate on behalf of, the covered entity for purposes of HHS determining the covered entity’s compliance with the HIPAA Privacy Rule;
  • at termination of the contract, if feasible, require the business associate to return or destroy all protected health information received from, or created or received by the business associate on behalf of, the covered entity;
  • require the business associate to ensure that any subcontractors it may engage on its behalf that will have access to protected health information agree to the same restrictions and conditions that apply to the business associate with respect to such information; and
  • authorize termination of the contract by the covered entity if the business associate violates a material term of the contract.


Armed with this information (and after reviewing the HHS website link), hopefully it provides a renewed appreciation for what will be included in a BAA and what may be included. It never ceases to amaze me when I receive (often caustic) questions or push back on the compulsory items that HHS has set forth. This article may serve as a basis for a polite way to push back if faced with a similar situation.



15% Off Medical Practice Supplies


VIEW ALL



Manual Prescription Pad (Large - Yellow)


Manual Prescription Pad (Large - Pink)

Manual Prescription Pads (Bright Orange)

Manual Prescription Pads (Light Pink)

Manual Prescription Pads (Light Yellow)

Manual Prescription Pad (Large - Blue)

Manual Prescription Pad (Large - White)


VIEW ALL

Thursday, August 26, 2021

Four best practices for your Annual Wellness Visit (AWV) engagement campaigns


Nearly half (45%) of all Medicare beneficiaries have four or more chronic conditions, making the prevention, management, and treatment of those conditions critical to both health outcomes and healthcare spending. Unfortunately, many Medicare and Medicare Advantage (MA) recipients are not aware that they are eligible for an initial preventive physical exam (IPPE) in their 65th year and an annual wellness visit (AWV) every year thereafter.


For patients, these visits can be incredibly valuable, as they may uncover or identify areas of concern or risk that need further study or treatment. Early detection of disease not only enables prompt treatment that can prevent disease progression, but costly health outcomes. And yet, only a quarter of Medicare and MA recipients receive an annual wellness visit.

For provider organizations, these visits represent a revenue stream left mostly untouched by those Medicare and MA patients who skip their AWV by choice or because they don’t know it is an option.

Driving AWVs can increase much-needed CMS reimbursement revenue, especially during a time when many providers are recovering from declines in revenue resulting from responses to the COVID-19 pandemic.




AWVs Close Care gaps and Generate Downstream Revenue


We looked at the data across the AWV-focused patient engagement campaigns on the SymphonyRM platform for the past two years and found:

Of the patients who completed an AWV, more than 60% received referrals for follow-up appointments.

Thirty percent (30%) of those [who received referrals] averaged three or more referrals each.

The top 3 referral types from the annual wellness visits include mammography, gastroenterology and cardiology which indicates the AWVs also have significant impact on care gap closure and Quality of Care to also deliver value to Primary Care.


Four Best Practices for AWV Engagement Campaigns


Not every patient engagement campaign is created equal, nor will they deliver the same results. For example, campaigns that cast too broad a net or fail to customize outreach run the risk of high attrition, and therefore less-than-optimal results.

Here are some best practices based on our learnings working with health systems across the U.S.
Leverage data

Within the EHR, provider organizations can identify the patients who fall into several categories, including age. Start by focusing a campaign on those patients who are 64 years old and will be aging into eligibility for an IPPE on their 65th birthday. Once that is underway, design a campaign for those patients who are over 65 years old and eligible for initial and subsequent AWVs.


Customize the message


Most Medicare and Medicare Advantage recipients are either unaware of, or apathetic to, the AWV benefit. Therefore, a campaign should not just be designed around making it easy for an individual to complete their AWV; education should be a core pillar to demonstrate the benefit and value of preventive versus episodic care.


Measure the results


Every campaign should deliver real-time data that demonstrates how well the messages are performing. Are they driving click-throughs? AWV appointments? If the results are below expectations, revisit the criteria to ensure the right patients are targeted and that messaging is specific and clear for the call-to-action. Continue to monitor, measure, and optimize.




Set goals


Since these wellness visits are annual, healthcare organizations see the greatest results when the campaigns run annually as well. Some organizations have launched these campaigns in the New Year, when people are thinking about healthy goals and improving behaviors; others have aligned their launch to Medicare Open Enrollment, to ensure patients get the maximum benefits from their coverage. Most importantly, AWVs gain the most traction when the campaign is “Always-On”.

As the campaigns continue throughout the year, set goals and track progress. With those goals established, find ways to tweak and improve the campaign to meet, and maybe even exceed, your goal.

Goals may include:
  • Book and complete 95%+ of all AWV appointment capacity annually
  • Leverage AWVs to attain HEDIS compliance goals
  • Reach out to every patient aging into Medicare this year
  • Use AWVs to identify opportunities to expand specialty services
  • Identify patients in need of behavioral health or social interventions to improve the health of our senior communities

AWVs can be a significant driver of additional revenue for organizations. They are also a critical tool for helping senior citizens live longer and healthier lives. In order to take advantage of that opportunity, provider organizations need to educate and engage patients on the value those visits deliver. Armed with the right data and plan to execute, AWVs can be turned from a “break-even” line item to one that consistently delivers value for both the health system and patient.


15% Off Medical Practice Supplies


VIEW ALL



Manual Prescription Pad (Large - Yellow)


Manual Prescription Pad (Large - Pink)

Manual Prescription Pads (Bright Orange)

Manual Prescription Pads (Light Pink)

Manual Prescription Pads (Light Yellow)

Manual Prescription Pad (Large - Blue)

Manual Prescription Pad (Large - White)


VIEW ALL