I set out trying to do an article on how long hospital and physicians billing offices should retain their records. Once I got into it, I realized it could turn into a major project. It turns out each state gets to determine the length of time medical and billing records are expected to be kept. I learned that state regulations for the retention of billing records range anywhere from 6 to 20 years.

The easiest time period to quote is the recommendation for records pertaining to federal programs; 10 years. It is assumed that this is the safest period of time to cover almost any event that you may ever have to worry about.

Even there, regulations don’t quite say that facilities must specifically keep copies of their bills, as in UB-04s, 1500 forms, or patient bills. Based on what the HIPAA recommendations are regarding privacy, documents relating to uses and disclosures, authorization forms, responses to a patient who wants to amend or correct their information, the patient’s statement of disagreement, and a complaint record, among many other things, must be maintained for 6 years. (64 Fed. Reg. 59994).

This is the federal statute of limitation for civil penalties. (42 CFR Part 1003). This amendment is why hospitals and other health care providers maintain medical records as well as billing records for Medicare (Title XVIII), Medicaid (Title XIX), and Maternal and Child Health (Title V) for at least 6 years.

Records must also be retained for two years after a patient’s death under HIPAA.
After that it goes all over the place. One thing seems pretty clear when you think about it. What’s needed are records retention policies by all health care entities so that all employees tasked with anything financial as it regards to patients (in other words almost everyone) understands what their long term responsibilities are.

It’s acknowledged that hospitals can’t hold onto every piece of information forever. Those who aren’t scanning onto optical disk or copying everything into EHR eventually run out of space. Those that are scanning usually aren’t taking the time to go backwards and scan old records so they can free up space, which might require extra staffing, but depending on which state they’re in it might be something to consider.

This is why a records retention plan is important. It needs to clarify what’s being kept, how, and where. It needs to clarify what you’re keeping for 6 years, 7 years, 10 years, whatever. It needs to clarify how you’re going to destroy the records once you’re allowed to get rid of them. It needs to clarify how you’re keeping the records; is everything scanned, are some records kept on paper, etc.

Records retention policies should be in every department within your facility. It should be a mandatory requirement from every compliance committee at every facility or physician’s office in the country to review, research and approve. Multiple news reports from the past decade or so highlighting corporations that have attempted to hide their indiscretions by shredding records shows how important it is to have a written policy throughout your facilities, signed off by those in the C-Suite.

The following is a possible example of a records retention policy for patient accounting records. This is only a generalized version; use it as a template for creating your own, based on whether your information is scanned or physically stored:

1. The following records will be physically stored for a period of at least 7 years:

patient demographic records; one copy of any billing forms for claims billed on paper; copies of any electronic billing reports; copies of all itemized bills; copies of all monthly aged trail balance reports; copies of any printed reports that detail patient activity after accounts have been closed for X number of days; copies of any outside information that was obtained by the patient or insurance companies to facilitate the payment of claims that is not a part of the patient’s medical record.

2. The following records will be physically stored for a period of at least 10 years:

all physical logs detailing patient or insurance payments; all cash or check folders that contain copies of checks, ledgers, or any other information that details specific payments; all insurance vouchers from Medicare, Medicaid, or any other entity with which the hospital has specific contracts; any contact from patients disputing any portion of their hospital bills for which the billing department has kept the original document.

3. The records above shall be separated by their time periods (weekly or monthly), and the outside of any boxes or other containers which contain these records shall have marked what is inside the particular box or container, the dates of service they consider, and the dates these records may be removed. The records must be in either alphabetical or date order.

4. Any original records determined to be of a nature in which the hospital may have some legal liability or responsibility shall be retained indefinitely within the hospital department of responsibility in an area to be determined for such specific purpose.

5. It shall be the policy of all departments that a review of all stored records be completed on a semi-annual basis to determine which records stored are ready to be destroyed. These records shall be removed and destroyed in accordance with whatever policy the maintenance department has in place and has been approved by administration.

6. All stored records shall be locked and secured, protected from the elements to the best of the ability of those in charge of the area of storage, and be accessible only by those authorized to views those records with the permission of either the director or those the director reports to.

As stated earlier, this is only a sketch of a possible policy. For instance, the above policy doesn’t address whether records will definitively be alphabetized or set up in numerical order. It doesn’t indicate whether records will be separated by insurance type. It doesn’t cover whether records determined to be ready for removal should be approved by either the chief financial officer, the compliance officer, or anyone else.

It didn’t address charges which may be entered by personnel outside of the ancillary department; sometimes those records are retained by patient accounting, sometimes they go back to the department of origin. These, as well as other issues, need to be determined and confirmed, then put into your policy.
It’s hard to stress the importance of having such a plan in place. It’s almost unbelievable that this even has to be stated, yet there are hospitals across the nation that have totally overlooked this important step in handling medical and financial data.

If there’s a common theme that’s been a constant whenever one hears of hospitals having to pay fines for some kind of violation, it’s been the lack of any kind of documentation or policy regarding whatever the offense might be. Records retention, outside of the medical records department, is probably the last thing anyone ever thinks about. It should be one of the first.

Digiprove sealCopyright secured by Digiprove © 2017 Mitch Mitchell