Compliant EHR Software for
Behavioral & Mental Health Practices
Improve Compliance
Reduce Documentation Time
Achieving and maintaining compliance with various state and federal regulations is something that every behavioral health practice must be able to do. In 2019, there are a number of organizations and regulations that govern compliance on a variety of levels.
Your electronic health records (EHR) system must be up to date with all applicable regulations if you want your practice to remain in the good graces of the many regulating bodies that demand compliance.
Becoming familiar with the entities that require and demand compliance is the first step to determining the suitability of your EHR for behavioral health services.
Start Free Trial
Laws, Regulations, and Organizations That Impact EHRs
The list of things that affect EHR compliance is long and complex. The following list of seven influential organizations and regulations will help you get a lay of the land and increase your awareness of the most important compliance components.
Why is Compliance So Important for EHR Systems?
There is very little standardization among EHR systems. HIPAA, for example, is the regulation with the most stipulations and the most significant fines for violations, yet there is no legitimate HIPAA certification available for systems. That means it is up to individual vendors to implement the features that will make their EHR compliant with as many applicable regulations as possible.
Despite not having an official "certification process" for HIPAA, Administrative Simplification Regulations have been established to ensure there are "electronic standards for administrative transactions" which help to streamline communication in the healthcare industry. It should also be noted that these regulations apply to all healthcare providers who accept electronic transactions, not just those who accept Medicare and Medicaid.
Failing to comply with regulations can result in your practice becoming ineligible for reimbursement for Medicare or Medicaid as well as being fined under the ADA or HIPAA. With a HIPAA violation, federal fines and prosecution may even be possible. An EHR must be operated by responsible, trained individuals, but one that keeps up with the latest regulations does give you a much stronger foundation for remaining compliant overall.
Who Sets Standards and Regulations in Health Care?
All these rules and regulations were developed and are currently overseen by a variety of organizations. The following are the five most critical organizations to be aware of in the world of health care regulatory compliance.
Centers for Medicare & Medicaid Services (CMS)
CMS provides subsidized medical coverage through Medicare, Medicaid, and the State Children's Health Insurance Program (SCHIP) and implements MACRA. CMS is responsible in part for ensuring payment and transaction compliance with HIPAA. They have a Division of National Standards which has recently launched a Compliance Review Program on behalf of the U.S. Department of Health and Human Services (HHS), which will audit for compliance among entities covered by HIPAA's Administrative Simplification rules for electronic healthcare transactions.
CMS also educates healthcare providers and other HIPAA-covered entities on how to be compliant, while solving complaints related to transaction violations.
The Office for Civil Rights (OCR)
The HHS Office for Civil Rights is the primary enforcer of HIPAA Rules. Whenever a data breach occurs that affects the PHI of more than 500 individuals, the OCR investigates and determines whether the breach was due to a HIPAA violation.
The OCR also directly takes action on violations and implements warnings or suggestions, civil monetary penalties and criminal penalties where appropriate. Recent updates to the interpretation of the HITECH act have resulted in changes to the structure of fines HIPAA violations, tying fines to levels of culpability and lowering the annual maximum penalties the OCR can levy in most cases.
The OCR also investigates reports of HIPAA violations received through the online complaint portal or through paper submissions.
The Office of the National Coordinator for Health Information Technology (ONC)
The ONC is responsible for facilitating the implementation and improvement of EHR and health information exchange (HIE). The goal of this organization is to help make every citizen's health records digitized and fully accessible by the patient. To achieve this goal, the ONC developed the Nationwide Interoperability Roadmap detailing a 10-year plan to bring every healthcare provider up to interoperability standards.
The ONC plays a large role in the development of EHRs, as they are responsible for health IT certification. The ONC Health IT Certification Program only approves technology that has the functionality required for clinicians to qualify for CMS incentive programs.
The ONC will also administer the new EHR Reporting Program that will provide the public with comparative information on various certified health IT products. Criteria for the program will fall into the categories of security, usability, interoperability, conformance to certification testing and other categories that are deemed appropriate.
The Department of Health and Human Services (HHS)
The HHS is the cabinet-level parent agency of the Office for Civil Rights. Its job is to protect and enhance the well-being of all citizens by improving health and human services. The Office of the Inspector General (OIG) within the HHS helps healthcare providers comply with applicable regulations by compiling a list of compliance resources.
The HHS developed both HIPAA and the HITECH Act and oversees the ONC in its audits and other compliance activities.
The Agency for Healthcare Research and Quality (AHRQ)
AHRQ's mission is to produce evidence to back policies that make health care safer, more accessible, more affordable, and higher quality. The agency works within the HHS and with other partners to build bridges between research and practice. ARQH does not enforce compliance, but they do perform research that informs regulations around patient safety. One of the ways they have done this is by compiling a list of problems with EHR software that helps clinicians choose the best platforms based on safety risks and their potential outcomes.
Notable Health Care Compliance Accreditation
Institutions for Behavioral Health
Unsurprisingly, the task of achieving compliance is difficult for providers to do, and patients need to know their provider is following all the rules. One of the ways providers establish their compliance with the many applicable regulations is to pursue accreditation from a recognized institution. These are five of the leading accreditation institutions behavioral health professionals should know about.
Council on Accreditation (COA)
The COA is an international organization started in 1977. It is an independent nonprofit focused on behavioral health for children and families. Every state recognizes and endorses accreditation from the COA, as do many service organizations on the national and international levels.
The Joint Commission (TJC)
TJC is one of the oldest accreditation bodies in the world, founded in 1951. Its original name was the Joint Commission on Accreditation of Hospitals (JCAH) and later changed to Joint Commission on Accreditation of Healthcare Organizations (JCAHO) before being shortened to TJC. In the past, TJC was focused exclusively on hospitals. Today, they offer behavioral health care accreditation with standards designed to improve patient care and outcomes.
Commission on Accreditation of Rehabilitation Facilities (CARF)
CARF has been accrediting rehabilitation facilities for substance abuse disorders since 1966, and the organization is considered the top accreditation institution for rehabs. Today their offerings have expanded to cover aging services, child and youth services, and behavioral health accreditation. CARF accreditation assures potential patients that the accredited organization is committed to continually improving the quality of care and programs.
National Committee for Quality Assurance (NCQA)
The NCQA is a nonprofit committed to improving the quality of health care by upholding evidence-based standards. The organization's focus is mainly medical, but they do offer accreditation for managed behavioral health care. NCQA accreditation is widely recognized, and thousands of providers participate in the Report Cards program.
Utilization Review Accreditation Commission (URAC)
URAC is another nonprofit that grants accreditation to many different types of healthcare organizations. URAC is unique in that the accreditation may span the whole organization or focus on a specific functional area of the organization. Some states allow URAC accreditation to be used to meet state regulatory requirements, instead of having to report separately to the state. Some companies in some states actually require URAC accreditation as a condition of operation.
ICANotes for Better Compliance
EHRs built to address the many facets of compliance don't always deliver the best experience for behavioral health professionals. Trying to use a platform designed for medical professionals requires significant adjustments to meet the needs of a mental health care setting, and can decrease the accuracy of your records and notes. ICANotes is the only EHR designed by behavioral health professionals to meet the specific needs of clinicians like you.
ICANotes knows the ins and outs of compliance in the mental health care field and strives to stay ahead of the frequent updates to regulations. Our software is ONC-certified and meets all service standards. With a lighter burden of compliance partially shouldered by your EHR, you can save time and money, create more comprehensive notes and protect yourself in the event of an insurance treatment review or other audits.
We work hard to make every aspect of our software compliant, and we're more than happy to work with you to add any additional integrations you need to use ICANotes to its full potential. Just contact our support team, and we'll see what we can do for you. If you're interested in the most robust behavioral health EHR, see its capabilities with a live demo or try it out for yourself by registering for a free trial.
More Resources on Compliance
Intuitive, Accessible, Time-Saving
ICANotes - the only EHR software that actually thinks like a clinician.