Confidentiality, Privacy and Security

Patient Electronic Signatures for ROI

  • 1.  Patient Electronic Signatures for ROI

    Posted 3 days ago
    Good afternoon,
    We just received an authorization signed electronically by the patient. We have never seen this before and we are wondering how you all validate that the electronic signature (which looks nothing like a handwritten signature) was created/generated by the patient. If you have this type of signature addressed in your ROI policy, can you share an excerpt with us? We don't want to deny or postpone delivery of records, so we are wondering about the best practice for validating and fulfilling these types of requests.
    Thank you,
    Katie

    ------------------------------
    Kathryn Wood, RHIA
    Assist Dir of Information Systems/Privacy Officer
    War Memorial Hospital
    ------------------------------


  • 2.  RE: Patient Electronic Signatures for ROI

    Posted yesterday

    I would be interested in knowing what others do too.  We have only had a few but we are getting ready to use e-signature at our facility.  Would like to know best practice.

     

     

    Lynn Boyes, RHIT

    Health Information Management Director,

    HIPAA Privacy Officer

    7010 S. Yale Ave | Tulsa, OK 74136
    lboyes@crsok.org 918.236.4135 direct line

    918.499.1598 fax

    Website Facebook  Twitter LinkedIn | Instagram

     

    A close up of a logo  Description generated with very high confidence

     

     

     






  • 3.  RE: Patient Electronic Signatures for ROI

    Posted 13 hours ago
    Following. I would be interested in seeing any policies or procedures as well.

    ------------------------------
    Lori Black, RHIA, CCS, CHTS-IM
    HIM Director
    INTEGRIS Health
    ------------------------------



  • 4.  RE: Patient Electronic Signatures for ROI

    Posted 12 hours ago

    Each EHR has a different method of electronic signature.  It is very difficult to have a comparison on file.  Our signatures are created from a PIN and result in looking like a typed name with the date and time of e-signature.  Some e-signatures look more similar to handwritten signatures like on e-signature capture pad.  Sometimes the only handwritten signature we have on file is on a driver's license image. 

    My thought is to contact the client and document confirmation of the signature or ask to have it emailed or faxed.  The problem with this is it creating a barrier for timely disclosure.  I would love to hear other opinions or if anyone has obtained legal advice.

     

    Lynn Boyes, RHIT

    Health Information Management Director,

    HIPAA Privacy Officer

    7010 S. Yale Ave | Tulsa, OK 74136
    lboyes@crsok.org 918.236.4135 direct line

    918.499.1598 fax

    Website Facebook  Twitter LinkedIn | Instagram

     

    A close up of a logo  Description generated with very high confidence

     

     

     






  • 5.  RE: Patient Electronic Signatures for ROI

    Posted 13 hours ago
    Hi Kathryn,

    I don't know the answer to this question because I am not a Privacy Officer.

    I was curious to you know how this electronic request originated. Did this come from an outside source like another physician's office. It just seems common sense that if you are going digital, then the medical record request form is sent from the source, your hospital. Then you have better accountability of its authenticity. The patient creates a digital signature through your portal (I believe) where the site has control over the transmission. Then it would be stored in the system for the patient to sign requests with. I'm sure you will find resolve to this. And I didn't mean to confuse you or anyone. I was just thinking here how would you do this.

    In the meantime, if the patient can't come to your office or use a fax or some other delivery beside electronic to get properly signed documents to you, I would suggest let them know that their digital signature does not match signature you have on file.

    I wouldn't ROI to anyone who presents an electronic signature who is in the system without first authenticating we have a digital comparison.



    ------------------------------
    Kelly Randell
    Inpatient Analyst Auditor
    ------------------------------



  • 6.  RE: Patient Electronic Signatures for ROI

    Posted 12 hours ago

    Thank you for your insight. This was a faxed release form from a government agency. Our HIM Clerical Supervisor did call the office that sent the form, and he described the esignature as something military is using. I have seen this in action so I told them that we could honor these types, but we would like to update/include some guidelines in our policy. The military staff will use their ID cards, with the embedded chip, and a personal code to electronically sign documents now.

    Katie

     

    Katie Wood, RHIA

    Assistant Director of Information Systems/Privacy Officer

    War Memorial Hospital

    500 Osborn Blvd

    Sault Ste. Marie, MI  47983

    p: 906-635-4663   khwood@wmhos.org

     

    I will be out of the office Friday 1/17, Monday 1/20 and Tuesday 1/21.

     


    Confidentiality Notice: This is a transmission from The Chippewa County War Memorial Hospital, Inc. This message and any attached documents are confidential and may be protected by legal privilege, furthermore this communication may contain information protected by state and federal medical privacy statutes. They are intended only for the use of the addressee. If you are not the intended recipient, any disclosure, copying, or distribution of this information is strictly prohibited. If you received this transmission in error, please notify the sender and delete/destroy this copy from your system. Thank you.   ­­  





  • 7.  RE: Patient Electronic Signatures for ROI

    Posted 11 hours ago
    Hi Kathryn,

    I wish I knew this in this before the previous reply. Now it makes since. I worked 3 years ago onsite at a gov facility and made a good friend there who is the ROI. The HIPAA officer sat next door to her. So we all collaborated well while I was there. I stayed in touch with my ROI friend. In the past, she would handle each request with reams of paper. Not kidding to the tune of about 100,000 reams a year. People had to personally show up to collect or she would have to mail. She also correlates to other facilities and entities as well. In the last two years, ROI has turned to electronic means, first with a dongle that a person would present for her to transfer their records to. But their is the issue of technology challenged population. They were still coming in to retrieve their boxes of records. When I left, the HIPAA officer was just beginning to use electronic signatures, thus no more need for dongles or reams of paper. You still have the security of info issue. I don't know how they can just email to a person's email their medical record. There needs to be a protected electronic platform that the recipient may use to  retrieve such documents. FYI the DHA is re-vamping the whole health care system. Tricare and Vista. The embedded chip on their IDs is thoroughly encrypted. But the signature it produces might be somewhat different when you see it. I don't know I'm just guessing having not seen one.

    But what you are doing on your end doesn't have anything to do with their end. I wish I could help you with information to apply to your end of business concerning electronic signatures. I would think a policy that bridges the transfer of information would be key in covering accountability and integrity needs by your organization.

    I wish you success in this endeavor. It will take some work, but I am sure you will be able to resolve this to satisfaction for everyone and business entity involved. I'm going to reach out to my friend and see what she may have to say about this. Hopefully, she can provide some guidance on what the other end should have in place before she transfers such sensitive and private information.

    ------------------------------
    Kelly Randell
    Inpatient Analyst Auditor
    ------------------------------