A National Assessment of Formal Data Acquisition in Healthcare Organizations

Daniel P. Lorence, PhD
Dept. of Health Policy and Administration
Pennsylvania State University
University Park, PA 16801
Email author
Phone: 814.863-2900

Robert Jameson, PhD
CDS Research
Chicago, IL 60654-0311
Email: rjameson33@hotmail.com
Phone: 630.415.0054

Acknowledgements: the authors wish to thank Ms. Lee Hersch for her assistance in editing and compiling this manuscript.

Previous Page


Recent federal regulatory guidelines intended to reduce the administrative costs and burdens associated with health care mandate the standardization and facilitation of electronic transmission of medical data. With the concurrent electronic movement of health information comes concerns over patient privacy and security concerns.
Healthcare managers are thus tasked with identifying management policy or guidelines aimed at establishing a management structure for healthcare delivery in a data-driven, evidence-based system. A required part of this structure involves the identification and implementation of prescribed data management strategies, now mandated by federal law. As such, the quality of data maintained by healthcare organizations becomes a critical factor in the ultimate delivery of care, with a corresponding need for consistent data collection methods. This study examines, on a nation-wide basis, the adoption of a key first step in data quality management, the prescription of data collection methodology within organizations.

(Keywords: Healthcare, Evidence-based, Telemedicine, Informatics, Genomics, Data, Mining, Medical )


In an era of mandated standardized data management, do health information managers uniformly adopt explicit data acquisition practices? If not, how do they differ across organizational and demographic boundaries, and how does this variation affect data quality?

Historically, the acquisition and management of medical information was characterized by provider-specific notes, sketches, and opinions recorded on paper charts, stored in a warehouse-like setting. Today, there are increasing requirements for the acquisition of data in standardized, electronic format, maintained on increasingly sophisticated systems. Often, the act of simply identifying a management policy or simple set of guidelines is a first step in establishing a management structure for such a new process (Lorence, 1999; Wyatt, 2000).

Why the need for standardized information management practices? Congress has mandated a series of regulations, under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), intended to reduce the administrative costs and burden associated with health care by standardizing data and facilitating electronic transmission of many administrative and financial transactions. Because of the belief that the electronic movement of health information creates patient privacy and security concerns, Congress also directed the Secretary of HHS to develop standards to protect the privacy and security of individually identifiable health information (P.L.104-191, 1996)

There are three general types of standards created by HIPAA: privacy, security, and administrative simplification. The privacy and security standards likely pose the most significant effect on hospitals, as they require technical and procedural changes for every use and disclosure of individually identifiable health information. The administrative simplification standards replace the numerous non-standard formats currently used for certain transactions with a single uniform set of electronic formats (P.L.104-191, 1996).

These information systems regulations apply to all health plans, all health care "clearinghouses" and those health care providers who transmit any health information electronically in connection with the transactions listed in the statute. The regulations (other than the privacy standards) supercede most contrary provisions of state laws, unless the Secretary grants the state a waiver. By contrast, the privacy standard would supercede only those state laws that provide less protection for consumers than the federal regulations (HHS, 2000).

Once final regulations are issued, health care entities have two years (three for certain small health plans) to adopt and implement the standards. The law provides for civil penalties for noncompliance with the administrative simplification standards and both civil and criminal penalties for privacy and security breaches (HHS, 2000).

While still being finalized at this writing, the mandate of HIPPA is clear: managers need to devise some type of formal data acquisition strategy to ensure the standardized collection of information within their organizations.

Many healthcare managers have expressed concern about the costs and disruptions that hospitals will face in implementing these broad-based regulations, particularly in an environment of accelerated information system changes and like industry changes needed to implement provisions of the Balanced Budget Act of 1997 (AHA, 2000).

The cost to health care providers to implement these all-encompassing regulations is still a matter of debate, despite adjustments made to Medicare payments to account for the estimated additional costs. An adjustment to the base rates for capital and for inpatient and outpatient services was needed, since these rates do not reflect the additional provider costs imposed by the new information systems regulations. In addition, the American Hospital Preservation Act and the Medicare Hospital Emergency Assistance Legislation Act had also been introduced to provide for reasonable payment increases that reflect the true cost of providing health care services (AHA, 2000).

Privacy standards for individually identifiable health information are now the law in the U.S. After much Congressional debate several policies related to privacy were proposed, but a few contentious issues prevented the passage of a bill. In its place, the department of Health and Human Services introduced regulations to protect the privacy and confidentiality of all individually identifiable health information. Generally, the proposed rules require hospitals, doctors, health plans and others to obtain a patient's written consent before they use or disclose identifiable health information for purposes other than treatment, payment, health care operations, or a limited number of public health oversight functions. Providers must inform patients how their health data will be used, establish systems to track disclosure of patient information and to permit patients to inspect and amend their own health information. The rule also creates the first civil and criminal penalties for improper use or disclosure of medical information, with stiffer penalties for intentional disclosure (P.L.104-191, 1996).

The HHS regulations are a complex and lengthy set of rules. They require providers to put in place many new checks and balances on the normal use and disclosure of individually identifiable patient information. They possibly even prohibit some current uses. Within such an environment, it becomes paramount to begin to establish measurable benchmarks that monitor progress of formal information standards implementation and its associated effects. This study seeks to assess, on a nation-wide basis, the prevalence and patterns of adoption of a key first step in data quality management, the prescription of data collection methodology within healthcare organizations


Data and Methodology

Data from a nationwide survey of healthcare information managers, the AHA Annual Survey, the U.S. census, Interstudy publications, state and regional health service departments, and The Market Statistics Report were used to examine the organizational and environmental characteristics of data quality in a variety of healthcare settings. A comparison of selected data quality characteristics was made across practice settings, geographic areas, and selected healthcare demographic characteristics.

The survey data include measures of the quality of data obtained via automated encoders, the impact of organizational mergers and acquisitions on data quality, and the existence of an organizational data quality committee or team. The survey further identify the existence of a data quality manager, the most common methods used for identifying data quality problems, and the use of edit checks in automated data fields. Finally, the data provide measures of the existence of organizational master data dictionaries, the existence of organizational policies and procedures related to the timeliness of data capture, and the existence of an organizational process to identify and prioritize data acquisition. Preliminary findings from the survey were summarized for analysis and are reported elsewhere (Lorence, 1999).

Design and Methodology

The survey, completed in May of 1999, was a response to the need of the healthcare industry for more timely and frequent practice information in the field of health information management No comprehensive study of this kind has been available in the past.

The goal of this undertaking was to establish a source of practical, comparative information that can be used in both strategic planning and day-to-day practice. This project was designed to allow ready access to ideas and innovations that other professionals have used in solving management and technology problems common to many organizations.

This study was designed to provide periodic information on a range of information management topics, such as clinical coding, reimbursement, compliance, health record computerization, and data quality. In addition, a portion of the survey was devoted to collecting information about the professional issues facing practicing managers.

Sample Design

The initial survey was initially fielded in June 1998, with follow-up assessments accomplished through May 1999. It was designed to provide representative information on the population of health information managers. The sample included respondents from a variety of practice settings and job titles and excluded students. The survey obtained data from 16,591 health information managers, for a 50.4 percent gross response rate

Samples for surveys were selected from a database of certified health information managers provided by the Foundation for Record Education (FORE), and contained current and historical information on RRA/ART credentialed information professionals in the United States. The data included on the population surveyed were obtained primarily from membership renewal forms and from an annual member profile mailed to all active members. Preferred mailing address data were obtained from the member population from those members with changes in address or professional status. These changes may be signaled by input from periodic mailings or by other correspondence.

Questions for the main questionnaire were developed from a review of past surveys and focus group results. Questions in the survey were designed so that managers from a variety of practice settings and work roles were asked questions that were generally relevant to the profession overall.

Work settings captured in this study included the following:

Hospitals and medical centers
Group practices
Ambulatory care clinics
Managed care offices
Long-term care and rehabilitation facilities
Colleges and universities
Consulting firms
Government agencies
Software product companies
Pharmaceutical companies
Self-employed HIM professionals
Other work settings

Topics were formulated and pre-tested by convened groups of practicing information managers to represent a broad range of activity areas. Questions that had not been used previously in any known surveys of health information professionals were pre-tested prior to the survey fielding to evaluate the wording and ordering of questions and to determine the ability of respondents to provide the desired information.

Field Procedures

Prior to the survey mailing, announcements were made through professional publications and meetings to inform members of the upcoming survey. A preprinted questionnaire was mailed to all credentialed health information managers who had identifiable mailing addresses. An instruction letter accompanied the form and explained the purpose of the survey and instructions for completion. At the six-week point following the last wave of the initial mailing, a second mailing was sent to those who had not responded. Follow-up on specific issues identified after the second mailing was accomplished as a series of more focused studies, reported elsewhere.

The questionnaires were processed by an independent testing and research firm, National Computer Sytems of Minneapolis, MN, which processed forms weekly over the length of the study. Region-specific response rates were tracked to ensure that the mailings were received in a timely manner.

Strict adherence to confidentiality standards was maintained in this study. Data were entered via a computerized scanning system and released only in aggregate form, without individual respondents identified within the reported results.

In addition, a number of data quality control measures were employed to provide the cleanest possible data. A detailed review was made of all sample response dispositions, both pending and final, on a weekly basis. From this evaluation, the time schedule was reviewed and necessary recommendations were made to the contractor to enable the survey to be completed during the allotted field period.

As part of the post-survey program review, the design and methodology were examined to identify areas needing improvement. After data entry was complete, an evaluation was made of the impact of survey and item non-response rates and various potential methods for adjusting results to correct for non-response.

Respondents were asked the following:

Does your facility have a regular process to identify and prioritize data acquisition?

a. yes

b. no



Overall, about 46% of all respondents reported having adopted a regular process to identify and prioritize data acquisition.


YES 45.6
NO 54.4

The data suggest that greater population density is associated with higher adoption of prescribed data acquisition. About four in ten (40%) non-metro respondents with a 25K-49.9K population density report their facilities have a regular process to identify and prioritize data acquisition, a significant difference compared to respondents with a population density of <25K (34%).


  < 25K(B) 25K-49.9K(C) <250K(D) 250K-1MIL.(E) > 1MIL.(F)









Likewise, a significantly higher percentage (49.4%) of metro area respondents with a 250K or more population density report their facilities have a regular process to identify and prioritize data acquisition than respondents with a <250K population density (42.0%).

High managed care penetration is also associated with higher adoption of prescribed data acquisition. About one-half (50.2%) of the respondents with over 30% HMO enrollees are adopters of prescribed data acquisition, compared to respondents with under 30% HMO enrollees (43.8%). Greater average managed care expenditures, as well, were associated with higher adoption rates. About 49% of respondents from areas with per member-per month (PMPM) expenditures of over $150 reported having adopted formal data acquisition practices.



1% -10%


11% -20%


21% -30%


OVER 30%


YES 41.3 46.0G 44.9G 50.2GHI
NO 58.7HIJ 54.0J 55.1J 49.8

Likewise, high inpatient volume, as well as outpatient volume, organizations tend to show greater adoption patterns of formal data acquisition practices.
Respondents with over 98K hospital inpatient visits (50.8%) are more likely to report having a regular data acquisition process than respondents with 1-30K hospital inpatient visits (45.2%). Respondents with 1-10,5K hospital inpatient visits (61%) are more likely to report their facilities do not have a regular process to identify and prioritize data acquisition than respondents with 10,501 or more hospital inpatient visits.


  1-10,5K(K) 10,501-30K(L) 30.1K-98K(M) OVER98K(N) 1-10,5K(O) 10,501-30K(P) 30.1K-98K(Q) OVER98K(R)
YES 39.1 45.3K 48.3K 50.8KL 37.9 44.8O 46.2O 49.9OPQ
NO 60.9LMN 54.7N 51.7 49.2 62.1PQR 55.2R 53.8R 50.1

A significantly higher percentage of respondents with over 98K hospital outpatient visits (49.9%) report their facilities have a regular process to identify and prioritize data acquisition, compared to respondents with 1-98K hospital outpatient visits (43.4%).


  0(S) 1-125(T) 126 -150(U) OVER150(V)
YES 42.3 44.3 47.5S 48.9ST
NO 57.7UV 55.7V 52.5 51.1



As seen here, prescribed data acquisition is still an emerging process, despite federal mandates requiring its practice. Less than half of all organizations still have not adopted a regular process to identify and prioritize data acquisition. Likewise adoption of regular data acquisition practices varied significantly across selected key demographic indicators.

Given the incentives for implementation of data standards under forces such as HIPAA, why are data acquisition practices still varied? Perhaps the costs of implementation in certain areas are seen as too great to be reasonable, while in other areas they are affordable. Perhaps state and local regulatory measures in some areas are in fact more stringent than federal standards, precluding any need for more formal data acquisition standards. Given the lack of enforcement of HIPAA standards since initially proposed in 1996, it could also be that managers do not take HIPAA requirements seriously, believing that enforcement might again be delayed. What are the implications for healthcare managers, as the practice of medicine becomes more reliant on data systems and information management?

As the global community continues to adopt evidence-based medicine in the day-to-day delivery of health services, it remains to be seen whether the U.S. healthcare system can integrate such data-driven protocols into practice. Its likely that the continued adoption of computer-based patient records will lead to greater efficiency in sharing ability. A continued lack of a national, integrated system of patient data currently dissuades sample uniformity and representative patient data, however (Chambers, 1999).

Implementation of stringent privacy and coding standards under HIPAA should promote the sharing and use of clinical data, due to increased system security and information protection measures. The growing support for patient rights related to access to care will also encourage the use of clinical evidence, for both providers and consumers, as patients become more active and informed consumers (Kitson, 1999). And, as mergers and acquisitions consolidate healthcare corporations, greater opportunities for economies of scale and distribution of best practice evidence across national corporate networks will likewise provide some competitive advantage.

There still exist a number of barriers to adoption of evidence-based medicine in the U.S., however. Variation in practice settings and other demographic variables suggests inconsistent data quality currently exists across different types of organizations, patient populations, and managed care environments. Variation in regional settings and other demographic variables also suggests inconsistent data quality exists across different geographic areas and different population groups. Likewise, lack of information system standards continues to provide barriers to comprehensive adoption of evidence-based medicine, as does a lack of data standards.

Growing use of the Internet suggests that there may be a perceived increased risk in relying on clinical information, especially when the source is unknown and no safeguards are in place to verify or validate medical information. In future developments, emergence of genomic data applications in medical practice raises the possibility of greater opportunities for intellectual property profits from non-disclosure of genomic-based data applications. With DRG's still being used as payment codes, there also exists strong financial incentives to upcode data in order to maximize reimbursement, and to downcode in order to avoid fraud prosecution, either practice affecting the accuracy of medical evidence. Perhaps more importantly, in a largely for-profit environment there still exists significant financial disincentives for competitors to share clinical information, especially where it provides a strategic business advantage.



Regardless of the specific cause, the data acquisition process remains haphazard at best in many parts of the country, with a little likelihood of achieving true uniformity of data management. This, undoubtedly, will remain a barrier to comprehensive adoption of evidence-based medicine, even as the technology for its deployment comes within reach.

From a more practical perspective, the mandated standardization of information practices under recently imposed national administrative simplification laws may be significantly delayed or made impotent by variations in data quality and integrity.
An appreciable degree of variation in data consistency and quality may, in fact, be perceived as a sign of untrustworthy data. In an interdependent, integrated healthcare system, an unwillingness to rely on even relatively small segments of the data could result in resistance or even non-compliance with data standardization protocols.


American Hospital Association. 2000. AHA Position Paper, Improving Patient Care and Reducing the Regulatory Burden Privacy, Security Administrative Simplification Regulations. American Hospital Association, Chicago, IL

HHS. 2000. ANSI ASC X12N HIPAA, Implementation Guide. U.S. Dept. of Health and Human Services, Washington, DC.

Chambers, L. (1999). The use of guidelines improved the quality of economic analysis. Evidence-based Healthcare Volume 3, Issue 2, June, 48-58

Kitson, A. (1999). Outcome data for hospitals provided useful evidence for choosing priority topics for quality improvement. Evidence-based Healthcare. Volume3, Issue 1, 17-19.

Lorence, D. (1999). National Implementation Patterns of Computer-based
Patient Records, Proceedings of the National Conference on Health Statistics, NCHS, Washington,DC, August 1999.

Lorence, D. (1994). Benchmarking Quality Under Healthcare Reform: The Next Generation. Quality Progress. (April): 52-60.

Lorence, Daniel P. (1999). Compliance & Coding Accuracy in Health Information Management, Journal of the American Health Information Management Association, (April): 42-58 .

P.L. 104-191. 1996. Health Insurance Portability And Accountability Act Of 1996, Public Law 104-191, 104th Congress. 1996.

Wyatt, J. (2000). Personalized computer-based information is preferred to other
sources of information by cancer patients. Evidence-based Healthcare
Volume 4, Issue 3, 71-73

Click on these buttons to visit our journalsSearch for Papers and Articles
Return to Psychiatry On-LineReturn to Dentistry On-LineReturn to Vet On-LineReturn to GP On-LineLink to Pharmacy on-LineReturn to Anaesthesia On-LineReturn to Medicine On-LineReturn to Family Medical Practice On-Line
Chest Medicine
Family Medical
Practice On-Line

All pages copyright ©Priory Lodge Education Ltd 1994-2004.