XXXXXXX continued from page 1 - HCCA Official Site · 19 Social Networking By John Falcetano 20 Home health compensation arrangements: Maintaining compliance By Theresamarie Mantese

Health Care Compliance Association • 888-580-8373 • www.hcca-info.orgSeptember 2010

1

XXXXXXX ...continued from page 1

Volume TwelveNumber Nine

September 2010 Published Monthly

Meet

Meet Sharon Taylor Director Risk Management/Accreditation Services Burgess Health Center page 14

Feature Focus:

New Federal Sentencing Guidelines

requirements for an effective compliance

programpage 31

Earn CEU Creditwww.hcca-info.org/quiz – see page 7

Skilled nursing facility deficiencies: Provider rights and practical considerationspage 42


2

TitleBy: Line

C 100M 15Y 0K 25

C 60M 0Y 100K 5

C 0M 0Y 0K 100

R 16G 120B 176

R 99G 185B 70

R 0G 0B 0

SIZE1 inch wide

FONTAdobe Garamond Pro Small Caps, Bold

Global ComplianceGlobal ComplianceGlobal Compliance

Global Compliance: Good for BusinessSM

Expert solutions and insight to protect your organization’s integrity –

helping you avoid costly and potentially devastating ethics

and compliance issues.Learn more about our complete ethics and compliance solutions.Contact us today at 800-876-6023 or [email protected].

www.globalcompliance.com

Hotline Solutions

Training & Education

Expert Advice

Performance & Benchmarking

SCCE Ad 8.5 x 11.indd 1 5/19/10 5:55:21 PM


3


HCCA Officers:

Jennifer O’Brien, JD, CHCHCCA PresidentMedicare Compliance OfficerUnitedHealth Group

Frank Sheeder, JD, CCEPHCCA 1st Vice PresidentPartnerJones Day

Shawn Y. DeGroot, CHC-F, CHRC, CCEPHCCA 2nd Vice PresidentVice President Of Corporate ResponsibilityRegional Health

John C. Falcetano, CHC-F, CIA, CCEP-F, CHRCHCCA Treasurer Chief Audit/Compliance OfficerUniversity Health Systemsof Eastern Carolina

Catherine M. Boerner, JD, CHCHCCA SecretaryPresidentBoerner Consulting, LLC

Daniel Roach, Esq.Non-Officer Board Member to the Executive Committee Vice President Compliance and AuditCatholic Healthcare West

Julene Brown, RN, MSN, BSN, CHC, CPC HCCA Immediate Past PresidentDirector of Corporate ComplianceInnovis Health

CEO/Executive Director: Roy Snell, CHC, CCEP-FHealth Care Compliance Association

Counsel: Keith Halleland, Esq.Halleland Habicht PA

Board of Directors:Urton Anderson, PhD, CCEPChair, Department of Accounting andClark W. Thompson Jr. Professor in Accounting EducationMcCombs School of Business University of TexasMarti Arvin, JD, CPC, CCEP-F, CHC-F, CHRC Chief Compliance Officer UCLA Health SciencesAngelique P. Dorsey, JD, CHRCResearch Compliance Director MedStar Health Brian Flood, JD, CHC, CIG, AHFI, CFSNational Managing DirectorKPMG LLPMargaret Hambleton, MBA, CPHRM, CHCSenior Vice PresidentMinistry Integrity, Chief Compliance OfficerSt. Joseph Health SystemDave HellerVP and Chief Ethics and Compliance Officer Edison InternationalRory Jaffe, MD, MBAExecutive Director, California Hospital Patient Safety Organization (CHPSO) Matthew F. Tormey, JD, CHCVice PresidentCompliance, Internal Audit, and SecurityHealth Management AssociatesDebbie Troklus, CHC-F, CCEP-F, CHRCAssistant Vice President for Health Affairs/Compliance University of LouisvilleSheryl Vacca, CHC-F, CCEP, CHRCSenior Vice President/Chief Complianceand Audit Officer University of CaliforniaSara Kay Wheeler, JDPartner–AttorneyKing & Spalding

Publisher: Health Care Compliance Association, 888-580-8373Executive Editor: Roy Snell, CEO, [email protected] Editor: Gabriel Imperato, Esq., CHCEditor: Margaret R. Dragon, 781-593-4924, [email protected] Editor:Patricia Mees, CHC, CCEP, 888-580-8373, [email protected] and Production Manager:Gary DeVaan, 888-580-8373, [email protected]

Compliance Today (CT) (ISSN 1523-8466) is published by the Health Care Compliance Association (HCCA), 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Periodicals postage-paid at Minneapolis, MN 55435. Postmaster: Send address changes to Compliance Today, 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Copyright 2010 Health Care Compliance Association. All rights reserved. Printed in the USA. Except where specifically encouraged, no part of this publication may be reproduced, in any form or by any means without prior written consent of the HCCA. For Advertising rates, call Margaret Dragon at 781-593-4924. Send press releases to M. Dragon, 41 Valley Road, Nahant, MA 01908. Opinions expressed are not those of this publication or the HCCA. Mention of products and services does not constitute endorsement. Neither the HCCA nor CT is engaged in rendering legal or other professional services. If such assistance is needed, readers should consult professional counsel or other professional advisors for specific legal or ethical questions.

INSIDEINSIDE4 RAC complex review: Target audit issues By Jillian Bower

Now is the time to become familiar with complex reviews that determine the validity of claims and reimbursements.

8 CEU: How much time? Developing a medical records retention policy By K Royal

Federal and state regulations contain many variables that affect how long medical records must be retained.

14 Meet Sharon Taylor, Director Risk Management/Accreditation Services, Burgess Health Center An interview by Jennifer O’Brien

17 Newly Certified CHCs and CHRCs

18 Letter from the CEO By Roy Snell

Being nice to people is not always the nice thing to do to people.

19 Social Networking By John Falcetano

20 Home health compensation arrangements: Maintaining compliance By Theresamarie Mantese and Gregory Nowakowski

Compensation arrangements with employees, contractors, and vendors require special attention to stay within the laws.

23 Quality improvement takes on new importance in health care organizations By Francine Nigrello and Glenn Kaufman

An overview of the provisions of the Patient Protection and Affordable Care Act (PPACA).

30 People On the Move

31 CEU: Feature Focus: New Federal Sentencing Guidelines requirements for an effective compliance program By Michael A. Dowell

As of November, institutions must meet “direct report” requirements and remedy harm to favorably affect sentencing decisions under the revised FSG.

36 Empathic research compliance: The research admin and PI perspectives By Maria B.J. Chun

Tips for using a customer service approach to foster a positive environment for both researchers and administrators.

39 Compliance 101: A recipe to start out right as a compliance officer By Emilie Rayman

The seven elements for an effective compliance program are like ingredients in a recipe for success.

42 CEU: Skilled nursing facility deficiencies: Provider rights and practical considerations By Ari J. Markenson

Responding to deficiencies found during an inspection survey requires a thorough understanding of the appeals process.

50 New HCCA Members


4

Editor’s note: Jillian Bower is an Associate with Strategic Management, headquartered in Alex-andria, VA. She may be reached by telephone at 703/683-9600 ext. 405 and by e-mail at [email protected].

A lthough the Centers for Medicare and Medicaid Services (CMS) implemented the Recovery Audit

Contractor (RAC) as a permanent program over a year ago and has expanded it to all 50 states, few providers have undergone RAC audits so far. Therefore, compliance officers can take advantage of the slower-than-expected rollout to ensure that their organization is ready for a RAC audit. The RAC program is now in full force. In the early stages, the RACs focused exclusively on automated reviews and most providers have become aware of this process. However, now is the time to become familiarized with the complex reviews, especially the approved audit issues. Complex reviews involve the use of clinical judgment by a licensed medi-cal professional or certified coding specialist to evaluate medical records. Complex reviews are initiated by the RACs when they identify a significant probability that the service is not covered or when no Medicare policy, article, or coding guidelines exist. The purpose of coding and diagnosis-related group (DRG) validations is to determine that the principal diagnosis and all secondary diagnoses identi-fied in the medical record are actually present and correctly sequenced and coded.

Complex reviews

In order to conduct a complex review, RACs will request medical records from the selected providers and then manually review the documents to determine the validity of the

claims and corresponding reimbursements. CMS implemented a new record request limit for fiscal year 2010. The number of records the RACs may request is calculated based on the provider’s Tax Identification Number (TIN) and the number of claims submitted during calendar year 2008. Specifically, the request limit will be set at 1% of all Medicare claims submitted in the previous year divided by eight reporting periods (i.e., 45 days). However, a cap of 300 records requested every 45 days applies to providers who bill more than 100,000 Medicare claims.

The approved audit issues include specific MS-DRG codes related to a medical procedure. In auditing these MS-DRG codes, RACs will focus on providers’ compliance with coding rules. Specifically, the DRG vali-dation complex reviews involve an in-depth evaluation of the patient’s medical record in order to determine that the diagnosis and procedures used to establish the Medicare severity (MS) DRG for the claim is correct. Because the MS-DRG code determines the reimbursement amount for the service, it is essential that the correct code is submitted in order to receive the correct reimbursement for the service.

Audit issues

RACs are using complex reviews to target certain DRGs and coding errors. Prior to conducting complex reviews, the RACs must receive approval from CMS on specific audit issues. Currently, on their websites, all four RACs report approved issues for complex and DRG validation reviews. The number of issues approved for review, and even which issues are approved for review, varies among the RACs. Diversified Collection Services

(Region A) has six approved issues, mostly related to inpatient respiratory procedures. Conversely, CGI Federal (Region B) has 58 approved issues related to numerous inpatient and outpatient medical procedures, including respiratory, cardiac, gastroenteritis, kidney, urinary, liver, and operating room procedures. Similarly, Connolly Healthcare (Region C) has over 100 audit issues approved for various inpatient procedures, including respiratory, cardiac, joint and bone, cranial, burn and debridement, organ transplant, gastrointesti-nal, circulatory system, and operating room procedures. Lastly, Health Data Insights (Region D) received approval on 49 DRG validation issues also inclusive of various inpa-tient procedures, such as infection, nervous system, cardiovascular, eye, septicemia, operating room, respiratory, and gastrointes-tinal procedures. Since late 2009, the RACs have received approval from CMS on these various audit issues. As a result, RACs have begun complex reviews and providers can expect more in the coming year.

It is important for providers to stay aware of the audit issues posted by their RACs, especially items and services where the RACs have a particular focus. A specific audit area that has raised much attention regards incor-rect coding for sepsis or septicemia. In many cases, upon review of the medical records, the RAC auditor determines that the diagnosis rendered is urosepsis. Symptoms of sepsis may be present and noted, however, the medical record does not fully support a diagnosis of sepsis. Further review of these medical records reveals that, in some cases, the blood cultures were negative and additional documentation does not meet the coding guidelines for septicemia.

Another instance where RAC auditors have determined that sepsis was wrongly coded is present on admission (POA). After review of

RAC complex review: Target audit issues

By Jillian Bower


5


Continued on page 7

the medical records, the RACs determined that the record does not well document whether sepsis was present when the patient was admitted.

Table 1 is a summarized list of audit issues approved for complex reviews.

Table 1Amputation DRG Codes:

239 240 241 255 256 257

474 475 476 616 617 618

Burn DRG Codes:

927 928 929 933 934 935

Cardiac Procedure DRG Codes:

034 035 036 215 222 223224 226 227 231 232 233234 235 236 242 243 244245 246 247 248 249 258259 260 261 262 265 286287

Eyes, Nose, Mouth & Throat Procedure DRG Codes:

113 114 115 116 117 129130 131 132 133 134 135136 137 138 139

Gastrointestinal Procedure DRG Codes:

326 327 328 329 330 331332 333 334 335 336 337

338 339 340 341 342 343344 345 346 347 348 349350 351 352 353 354 355356 357 358 405 406 407408 409 410 411 412 413414 415 417 418 419 420421 422 423 424 425

Infection DRG Codes:

094 095 096 853 854 855867 868 869

Kidney & Urinary Tract Procedure DRG Codes:

652 653 654 655 656 657658 659 660 661 662 663664 665 666 667 668 669670 671 672 673 674 675691 692 693 694

Nervous System Procedure DRG Codes:

020 021 022 023 024 025026 027 028 029 030 031032 033 037 038 039 040041 042

OR Procedure Unrelated to Principal Diagnosis DRG Codes:

981 982 983 984 985 986987 988 989

Septicemia DRG Codes:

870 871 872

Transplants DRG Codes:

001 002 003 004 005 006007 008 009 010 011 012013

Although correct coding is essential, proper sequencing of the codes is just as important, because it affects MS-DRG assignment and payment. Sequencing is something coders struggle with, because the circumstances of admissions are often somewhat debat-able, leading to questions of the principal diagnosis. On admission, the provider assigns a particular DRG based on a combination of the principal diagnosis, accompanying additional diagnosis such as complications or comorbidities (CC) or major complications or comorbidities (MCC), and the principal procedure. For that reason, if the provider initially reports an incorrect code as the principal diagnosis, the assigned DRG may also be incorrect. According to the ICD-9-CM Guidelines for Coding and Reporting, when

two interrelated conditions both meet the criteria of a principle diagnosis, coders are allowed to sequence either one of the diagnoses first. On the other hand, both diagnoses potentially may appear to meet the definition, but in fact, neither one does.

Even though CMS is moving forward with the permanent RAC program, they have not forgotten the success of the RAC demonstra-tion program. This is evident in the audit issues CMS is approving for the permanent program. Connolly Healthcare (Region C) and Health Data Insights (Region D) were both contractors during the demonstration pro-gram. Audit issues that lead to the identifica-tion of high overpayments and underpayments are issues these contractors are using during the permanent program. For example, DRG codes determined to be incorrectly coded due to wrong diagnosis code or principal assignment or due to wrong procedure code accounted for 26% of overpayments identified. Additionally, audits of inpatient hospitals found two of the highest yielding audits were for incorrectly coded excisional debridement and respiratory system diagnosis—both are areas the RACs are currently auditing.

Additionally, the RACs are also currently auditing items and services that resulted in high amounts of underpayments during the demonstration program. These items and services include wound debridement, operating room procedures unrelated to the principle diagnosis, respiratory system proce-dures, surgical procedures with an incorrect DRG, circulatory system diagnosis, bowel procedures, respiratory infections, kidney and urinary infections, and pneumonia.

Best practices

By now, providers should know who their RAC auditor is. The RACs are required to


6

TitleBy: Line

The RAC Auditors will soon be calling on your hospital. The RAC appeals process is very complex and missed deadlines can result in the automatic recoupment of your legitimate revenues. To minimize your risk of financial losses, you need to be prepared with practical, reliable processes and controls to ensure that critical appeals deadlines are met, with complete, substantiated information.

Compliance 360 is the leader in compliance and risk management solutions for healthcare. More than 300 hospitals nationwide rely on us every day to ensure compliance with legal and industry regulations. Using our unique software solutions, they are always “audit ready” with both proactive defenses and the audit management tools needed to ensure successful audit response and appeals. We are proud to help these healthcare organizations prevent and contain compliance sanctions and we stand ready to help you as well.

To learn more about the Compliance 360 Claims Auditor™ for managing RAC audits, visit www.compliance360.com/RAC

or call us at 678-992-0262

www.compliance360.com

NEEDS A LOT OF WORK – UNDER CREATIVE LAB Take control with a strong defense

ARE YOUPREPAREDFOR THERAC AUDITOR?


7

RAC complex review: Target audit issues ...continued from page 5

post approved audit issues on their websites. Compliance professionals should visit the RAC’s website to review the approved audit issues and to find an updated list of targeted MS-DRGs. Knowing which MS-DRG codes your RAC will review allows you to conduct an internal audit to verify compliance with billing and coding rules and to establish a process to remediate any identified errors.

After conducting an internal audit, providers should identify their top coding errors. These may or may not be the same MS-DRG codes the RAC is also targeting. Providers should

establish procedures to remediate and prevent further coding errors for these particular MS-DRGs. For example, claims containing specific MS-DRG codes should be sent to a lead coder for a prepayment review to ensure that the correct procedure code assignment, sequencing of principal diagnosis, and CC or MCC code assignment was used.

Next, education should be provided regard-ing vulnerabilities related to the specific MS-DRG codes. Both physicians and coders can contribute to coding errors; therefore, providers must make it essential that all those involved are educated and knowledgeable about the possible errors. For example, the Compliance department, in collaboration with the Billing and Coding department, can develop a one-page education document which highlights the procedures that have high coding errors and how to properly docu-ment medical records involving these issues.

Then, implement a monitoring process to continually review top coding errors, which may

involve pre- and post-payment review of claims. It is equally important to monitor and review the errors reported by the RAC in the demand letter. The results determined by the RACs and other contractors and government agencies are based upon statistical overpayment extrapola-tions. Providers should not assume that the statistical approaches used by these contractors are always valid. Providers have a right to review the methodology, estimates, and the confidence level of the projected errors. If the method is flawed, it provides immediate grounds for appeal.

The key to successful coding is to get the MS-DRG code correct in the beginning. Therefore, it is essential that the clinical documentation matches the service billed and the physician’s documentation must be precise when a patient is admitted. Moving forward, billing and coding compliance and internal audits must become a routine part of your facility. n

COMPLIANCE REVIEWS, CODING SUPPORT SERVICES,UP-TO-DATE EDUCATION,REAL RESULTS

By working together, we can help

create this picture in your facility.

Call RMC today!

Be Sure to Get Your CHC CEUs

Articles related to the quiz in this issue of Compliance Today:n How much time? Developing a

medical records retention policy— By K Royal, page 8

n Feature Focus: New Federal Sentencing Guidelines requirements for an effective compliance program—By Michael A. Dowell, page 31

n Skilled nursing facility deficiencies: Provider rights and practical considerations —By Ari J. Markenson, page 42

To obtain one CEU per quiz, go to www.hcca-info.org/quiz and select a quiz. Fill in your contact information, read the articles, and take the quiz online. Or, print and fax the completed form to 952/988-0146, or mail it to Compliance Certification Board (CCB), 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Questions? Please call the Compliance Certification Board at 888/580-8373.

Compliance Today readers taking the CEU quiz have ONE yEAR from the published date of the CEU article to submit their completed quiz.


8

Editor’s note: K Royal is the Privacy and Security Officer and Assistant Vice President, Regulatory Affairs for Concentra Inc. She can be reached at 972/725-6675 or via email at [email protected].

M edical record retention is a neces-sary but challenging requirement for health care entities. This

becomes even more challenging if an entity crosses state lines, engages in business with the federal government (i.e., Medicare), or works with employers (i.e., Occupational Safety and Health Act). This article examines the retention of medical records in light of the relevant considerations, not any other type of records that a health care entity may need to retain.

Keep in mind, although there are many con-siderations to take into account—from the federal level down to each state—it is possible to develop a cohesive, reasonable, medical records retention policy for your organization. If your organization only does business in one state, there are only a few authorities to take into account. The process is a little more extensive if your organization does business nationally or in multiple states.

Federal retention requirements

When most people think of medical records, they typically think of the Health Insurance Portability and Accountability Act (HIPAA),1

a federal law that addresses, among other

things, the privacy and security of protected health information. However, HIPAA does not have a record retention requirement for medical records per se. What HIPAA does require is that covered entities retain certain documents for a period of six years, either from the date it was created or last in effect. The documents that must be retained are authorizations for use and disclosure, acknowledgments of receiving notices of privacy practices, certain requirements of an individual’s right to receive access and to request amendments, and accounting for disclosures. Thus, it is prudent (and conve-nient) to retain medical records for the same amount of time, given that patient records typically house these acknowledgements, authorizations, requests, and accountings as required by HIPAA.

Other federal lawsThere are federal laws other than HIPAA that impact medical record retention. For example, the Centers for Medicare and Med-icaid Services (CMS) require that hospitals maintain medical records for five years.2 CMS has other medical record retention require-ments; all are for five or six years, with one exception. Medicare Advantage Organizations (health care plan options that are part of Medicare) are subject to audits covering the current year and the previous 10 years. These audits may include evaluating “the quality, appropriateness and timeliness of services performed under the contract, and the

facilities of the organization.”3 However, the Medicaid portion of CMS is treated a little differently in that state health care agencies administer the programs under basic federal regulations. Thus, the states can, and do, set varying retention periods.

Federal civil actionsAnother concern that influences the length of time entities should retain medical records is that if a health care provider violates certain federal regulations, the Civil Money Penalties Act (CMP) comes into play.4 This Act does not direct any entity for how long it must keep records, but it does limit any action to within six years “from the date on which the claim was presented, the request for payment was made, or the incident occurred.” This is called a “statute of limitations,” meaning there is a limit on how long after the event someone can seek legal action. In particular, the CMP provides for penalties against certain violations under federal health care programs, Medicare, Medicaid, Health Care Integrity and Protection Data Bank, state health care programs, the Federal Public Health Service Act, and anti-kickback laws.

Another major federal civil action is the False Claims Act (FCA),5 which addresses various actions (including presenting supporting records or statements, conspiring, and buying) related to fraudulent claims presented to members of the Armed Forces or the United States government or its employees. For health care, this would apply to claims involving federal employees or federal pro-grams. The FCA also has a 6-year limitation from when the fraud is committed or three years from when it should have been known. However, this allowance of time from when it should have been known is not unlimited; there is a maximum time limit of ten years from the actual date it occurred. Thus, if an entity or provider is being investigated under

How much time? Developing a

medical records retention policy

By K Royal


9


Continued on page 13

one of these violations, it would be essential to have the pertinent records.

Practical application: This means that if there was a federal grant overpayment in 2010, the government would typically have until 2016 to charge you for it. However, the only way they would ever discover the overpayment is to do an audit. If an audit occurs in 2015, they now have until 2018 (three years from the audit) to make a claim. But what if they don’t do an audit until 2022? Do they get three years to make a claim? No, they are limited to a maximum of 10 years from when it happened, so 2020 would be the latest year to make a claim—not three years afterwards.

OSHAIn addition to the civil actions above, there may be some health care entities that partner with employers for Occupational Safety and Health Act (OSHA)6 compliance. For example, medical facilities may contract with employers for medical surveillance, which is monitoring employees for such injuries as toxic poisoning and exposure to loud noises or dust. OSHA standards require employers to maintain medical records 30 years after the employee’s last employment date and exposure records for 30 years. The standard recognizes that employers are able to vary the process in which they maintain these records (i.e. in-house or fee-for-service). Medical providers who work with employers regarding OSHA compliance may have considerations in addition to other medical record retention requirements. For providers who partner with employers for OSHA require-ments, it is likely these medical records would be retained under different policies than the remaining medical records.

State medical record retention laws

Beyond the federal requirements, health care facilities must consider state requirements

for each state in which they do business. The states have varying record retention require-ments and multiple laws or regulations that pertain to medical records. For example, some states address medical record retention in general health care facility requirements, and other states may have different requirements based on whether the facility is a hospital, clinic, ambulatory surgical center, emergency medical service, affiliated service, or physi-cian office. Hospitals, and to some extent, ambulatory surgical centers, tend to carry either a 10- or 7-year requirement for retain-ing medical records. In contrast, physicians and clinics tend to have a shorter retention requirement ranging from five to seven years. Some states address hospital medical records, but are silent on other types of facilities. By far, the lengthiest medical records retention comes from Massachusetts, with a 20-year requirement for hospitals and licensed clinics. This changed in 2008 from a prior require-ment of thirty years.

Nearly all states have additional requirements for medical records of minors. For minors, the retention time generally starts counting after they reach the age of majority, which is 18 for most states. Each state also has emancipation laws for minors that usually address marriage, among other things.

Practical application: Don Smith is 16 years old, but married. Is he a minor? Most likely not. In most states, marriage serves as emancipation for minors.

State civil actionsIn addition to the obvious record retention laws for the states, there are also state-based statutes of limitations. The four main areas that involve health care facilities are medi-cal malpractice, personal injury, fraud, and injuries to personal property. Similar to the federal actions discussed above, it would be

prudent to retain the records necessary to mount a proper defense. The longest statute of limitations for one of these claims is 10 years (i.e., Missouri, North Carolina, and Virginia). There are only a few states in which the statute of limitations is longer than the state-mandated medical record retention requirement. For example, Wisconsin has a 6-year statute of limitations for both fraud and injury to personal property, but the record retention period for hospitals is only five years.

Practical application: Jane Doe has surgery in your hospital in 2002. you have a 5-year retention policy, so at the end of 2007, you destroy all records from 2002. The next year, Ms. Doe sues you for fraud and you no longer have the records to prepare a defense case. Now you have a problem, which you might have avoided with a more conservative medical records retention policy.

To further complicate matters, statutes of limitations can generally be tolled, meaning that counting time stops, in certain situa-tions. Tolling may occur when the person is not able to seek legal action (i.e. minors, the mentally incompetent) or if the defendant is bankrupt. For example, let’s consider a 5-year statute of limitations for medical malpractice and the malpractice occurs when the patient is 14 years old. The 5-year limitation would not start counting until the patient is 18 years old. Additionally, any records critical to a lawsuit, legal claim, or formal complaint will be placed on a litigation hold and removed from the traditional record retention time frames.

Accreditations

In addition to federal and state require-ments, facilities that carry some form of accreditation must also follow the retention periods required by the accrediting body. The


10

TitleBy: Line

The ComplyTrack Suite can help you navi-gate though the sea of “known” risk areas and help reveal the “unknown.” Comply-Track also contains tools to help organiza-tions track compliance activities, audits, documents and management contracts:

n Risk Assessment Manager™ identifi es risk, proposes remedial action, and creates surveys. Expert- generated question sets cover over 10,000 health care compliance issues and include links to regulatory texts.

n Activity and Event Manager™

centrally manages and stores all communications, investigations, training, audits and interactions

n Contract and Relationship Manager™ consolidates all contractor and contract-related data, including compensation and compliance information

n Document and Policy Manager™ is a powerful new module for coordinating the creation, management, and distribution of corporate and departmental documents

To learn more about The ComplyTrack Suite, visit:

www.MediRegs.com

n Audit Detail Manager™ is designed to handle the high-volume, time- sensitive, complex workfl ow needed to satisfy RAC and Medicare record requests, process determination letters, and navigate the multi-tiered rebuttal and appeal process

n Regulation and Reimbursement Suite (RRS)™ and Coding Suite™

consolidate compliance, coding and reimbursement research for easy, effective access to regulatory, reimbursement and coding data. Plus, you’ll have access to leading expert-generated content from CCH and Aspen Publishers.

ComplyTrack is a leading provider of enter-prise risk management solutions, which is now in use at nearly 1,000 U.S. hospitals and has earned the confi dence of hundreds of thousands of users.

Its turnkey compliance and risk platform is intuitive, rapidly deployable and infused with expert-generated, transparent and actionable content.

The ComplyTrack® SuiteMediRegs®Navigate Your Risks . . .

MediRegs | CCH | Aspen Publishers

MediRegsa Wolters Kluwer brand


11


The ComplyTrack Suite can help you navi-gate though the sea of “known” risk areas and help reveal the “unknown.” Comply-Track also contains tools to help organiza-tions track compliance activities, audits, documents and management contracts:

n Risk Assessment Manager™ identifi es risk, proposes remedial action, and creates surveys. Expert- generated question sets cover over 10,000 health care compliance issues and include links to regulatory texts.

n Activity and Event Manager™

centrally manages and stores all communications, investigations, training, audits and interactions

n Contract and Relationship Manager™ consolidates all contractor and contract-related data, including compensation and compliance information

n Document and Policy Manager™ is a powerful new module for coordinating the creation, management, and distribution of corporate and departmental documents

To learn more about The ComplyTrack Suite, visit:

www.MediRegs.com

n Audit Detail Manager™ is designed to handle the high-volume, time- sensitive, complex workfl ow needed to satisfy RAC and Medicare record requests, process determination letters, and navigate the multi-tiered rebuttal and appeal process

n Regulation and Reimbursement Suite (RRS)™ and Coding Suite™

consolidate compliance, coding and reimbursement research for easy, effective access to regulatory, reimbursement and coding data. Plus, you’ll have access to leading expert-generated content from CCH and Aspen Publishers.

ComplyTrack is a leading provider of enter-prise risk management solutions, which is now in use at nearly 1,000 U.S. hospitals and has earned the confi dence of hundreds of thousands of users.

Its turnkey compliance and risk platform is intuitive, rapidly deployable and infused with expert-generated, transparent and actionable content.

The ComplyTrack® SuiteMediRegs®Navigate Your Risks . . .

MediRegs | CCH | Aspen Publishers

MediRegsa Wolters Kluwer brand

September 2010

12

TitleBy: Line

Audit | Accounting | Tax | Business Advisory Services

ParenteBeard.com 800-267-9405 © ParenteBeard LLC

Diverse Services, Diverse Needs – Proven Results

The needs of healthcare organizations are as diverse as the services

you provide and the populations you serve. ParenteBeard Healthcare

Consulting provides the ideas, guidance and services to help you meet

the new and constantly changing challenges of the healthcare industry.

Our healthcare consulting practice was established to meet the growing

demand for specialized healthcare management services.

Our dedication to seeing your organization through your eyes is one

reason why hundreds of healthcare clients in more than 40 states rely

on ParenteBeard. Our core expertise in accounting and finance keeps

our clients current with solid financial practices. The members of our

Healthcare Consulting practice have proven track records and have

worked through a wide range of complex financial and operational issues,

as well as the regulatory challenges confronting healthcare organizations.

ParenteBeard’s experienced healthcare consulting group will help

you focus on stability, growth and success in one of

our country’s most challenging industries.

The PowertoConnect


13

How much time? Developing a medical records retention policy ...continued from page 9

overwhelming majority of accrediting bodies require entities to adhere to applicable state and federal laws without specifying a certain number of years. Although there may be some accreditation standards that address a specific time frame, it is likely less than the applicable federal or state law requirement.

Resources

There are multiple resources available to address record retention, and many provide their own recommendations for medical records and associated documents.7 Some national groups provide information, such as the Health Care Compliance Association (www.hcca-info.org), the American Health Information Management Association (www.ahima.org), and the American Health Care Association (http://www.ahcancal.org).

Professional practice groups, like the American Medical Association, also provide resources. And each state offers its own resources, such as the medical board, government sites, and universities. Frequently, public universities will publish their own record retention schedules and provide the legal citations for those determinations. Private organizations are also available that address medical records, such as the Privacy Rights Clearinghouse (www.privacyrights.org). An Internet search for “medical records retention” will yield an endless number of resources.

Additional issues

Records storageLast, aside from the requirements for retaining records, some complementary issues should be considered. One of these is the form in which records are stored. Historically, medical records have been in paper format, creating the challenge of allocating space. It was not uncommon for paper records to be reduced to microfiche; now, records can be

converted to electronic documents. All states allow for a converted format of records and/or electronic records. This is ideal, given the cur-rent regulatory climate focusing on electronic health records.

Patient indexesAnother consideration that complements this issue is patient record indexes. Many organizations use computers for records management, such as checking in patients, scheduling appointments, and maintaining contact information, demographics, and pertinent treatment dates. Although not specifically addressed by most states, retaining this index permanently is recommended. It is also not uncommon for records of birth and/or death to require permanent retention.

Practical application: Sue Jones submits a Request for Access for all of her records. Without a permanent patient index, you can only respond to Ms. Jones that you show no records for her for the past six years. With a permanent index, you can inform Ms. Jones that her last treatment date was in 1992, and those records are no longer retained.

Storage and destructionFinally, consider how to store and destroy records. Storage of records must be secure under the HIPAA Security Rule and safe from damage. Records should be destroyed in the normal course of business, and no records should be destroyed on an individual basis. For those states that do address destruction of medical records, shredding and burning are both acceptable methods. In fact, the Health Information Technology for Economic and Clinical Health Act (HITECH) considers all medical records to be unsecured unless they have been destroyed in certain ways.8 For paper records, these methods specify shred-ding or destroying in such a way that the information cannot be read or reconstructed.9

Electronic records must be “cleared, purged, or destroyed” according to specific guidelines. With electronic health records appearing on the scene, expect more regulations to follow.

Conclusion

As stated in the beginning, devising a cohesive medical records retention policy in light of the many requirements may seem daunting. Although comprehensive, it is doable and may have a relatively simple solution. For example, a medical records retention of policy of ten years for adults, and age 18 plus ten years for minors, would fulfill the needs under HIPAA, Medicare Advantage, federal civil actions, state statutes of limitations, and state record require-ments. Even in those few states in which the age of majority is 19 or 21, the record reten-tion requirement is seven years or less. Thus, age 18 plus ten years is the same length of time as age 21 plus seven years. Massachusetts would still be an exception at 20 years.

In conclusion, although many authorities address the retention of medical records, an entity can devise a medical record retention policy that encompasses a variety of needs. n

The information contained herein provides a summary overview of certain statutory and/or regulatory provisions and may contain other material. This summary is not comprehensive and does not in any way constitute legal advice. Review of the full text of referenced statutes and regulations may be necessary.

1 Health Insurance Portability and Accountability Act at 45 C.F.R § 160 and 164

2 42 C.F.R. 428.243 42 C.F.R. 422.5044 42 C.F.R. § 1003 et seq; § 1003.132 provides the time limits5 31 U.S.C. 3729 - 37336 Occupational Safety and Health Act of 1970, specifically referencing 29

C.F.R. 1910.10207 The author does not personally endorse or recommend any particular

resources and lists examples as a courtesy.8 Health Information Technology for Economical and Clinical Health

Act, as it amends 45 C.F.R. 1649 For paper and electronic, see guidance on the U.S. Department of

Health and Human Services website http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/brguidance.html


14

TitleBy: Line

Editor’s note: This interview, conducted by HCCA President Jennifer O’Brien, JD, CHC took place in the Spring of 2010. Jennifer is Vice President, Medicare Compliance Officer with UnitedHealth Group. She may be contacted by telephone in Minnetonka, Minnesota at 951/931-5444 or by e-mail at [email protected]. Sharon Taylor may be contacted in Onawa, Iowa by telephone at 712/423-9248 or by e-mail at [email protected].

JO: you are the Director of Risk Management/Accreditation Services. Please tell us a little about your role with Burgess Health Center and your journey into health care compliance.ST: I have worked at Burgess Health Center for 35 years in a variety of positions, mainly Surgery early in my tenure and then Education, Community/Governmental Affairs, Health Promotion, and Infection Control. During these years, I had spearheaded many programs at the hospital that were intri-cately involved with meeting state and federal regulations, such as swing bed, home health, and Iowa’s Board of Nursing CEU provider to name a few. The hospital was also involved in letting our elected officials know how their regulations impacted us in rural Iowa, so I had had a lot of contact and experience in this area. A number of years ago, when I returned from a sick leave after having surgery, my CEO

approached me about taking on Compliance, Risk Management, and Accreditation. After investigation and discussion, we came to a consensus that I would keep Infection Control and take on Compliance, Risk, and Accreditation. The compliance program at the time had not been active for several years. While there were some policies and proce-dures, there was not an active program. The same was true of Risk Management and there had not been anyone to date responsible for Accreditation. We had recently become a critical access hospital [CAH] and needed to be sure we continued to meet the regula-tory standards of the Medicare Conditions of Participation for CAH. Although I am no different than many managers at most criti-cal access hospitals in wearing many hats, I am fortunate that my duties dovetail so well together. Our journey into compliance began with education for me. In my discussions about my taking on this role, one of my caveats was that I needed to belong to professional orga-nizations. I was all ready a member of APIC [Association of Professional in Infection Control], I joined ASHRM [American Society Healthcare Risk Management] and of course, HCCA. Burgess is a Quorum affiliated hospital and as such, I attended their Compliance 101. Shortly after that, I attended the HCCA

Compliance Institute. Armed with more information than I could absorb, I returned to begin restructuring our compliance program. After establishing a Compliance Steering Committee, I set about updating the polices and procedures we did have and adding nec-essary ones to that list. We instituted basic practices, such as checking the sanction lists prior to hire and on a regular basis thereafter. The committee met monthly for a while and, as we gradually gained ground, the meetings moved to quarterly with work to be accom-plished between the meetings. The next year, the committee established the first work plan. We had learned some about our risk areas during the past year and began by taking on

articleMeet Sharon Taylor, RN, MS, CIC, CPHRM, CHC Director Risk Management /Accreditation Services, Burgess Health Center

feature


15



those. Along with reviewing the OIG Work Plan, we set our own work goals for the next 12 months. This was quite an accomplish-ment for a hospital that previously hadn’t had an active program. Over the next years, our compliance efforts grew and became more focused and targeted. We added issues for our Home Health/Hospice department, based on the guidance published for them, as well as for our lab. I now meet with every manager to determine what they see as their risks. These, along with the OIG Work Plan and risk areas identified during the past year, are all ranked by the committee to help us determine our work plan for the year. The committee now, I believe, feels that as a orga-nization we are truly placing our priorities where they need to be. Of course, education has been a big part of our compliance journey, not only my educa-tion, but educating our staff, the Compliance Committee, and the board. The initial com-pliance education had been completed when our program was initiated in the mid-90s. However, we did not have formal ongoing education, nor did we have it as a part of for-mal orientation, other than signing the Code of Conduct. Both of these were revised and intensified. We now use the Daily Lineup concept for our overall hospital communica-tion, and compliance has become part of this. I knew managers and staff were onboard when I began getting the question “Can we do this?” prior to something new being initiated, rather than my discovering it after the fact. Just like compliance, our program is continually evolving. I am about to revise our Code of Conduct for the third time. The second revision involved adding scenarios and frequently asked questions [FAQ]. This format was well received by staff and is used frequently as a part of the Daily Lineup.

While this format will be retained, some of the scenarios and FAQs will be revised to update HIPAA with new HITECH regulations and include some physician office type scenarios, since we recently acquired a practice in the second largest community in our area.

JO: What are some recent successes you have experienced with your compliance program?ST: As I mentioned, being about asked the compliance considerations of an issue prior to implementation is a huge step forward. When this happens, it really makes me proud of our managers and staff. I see that they “get it.” It’s not that they were doing anything wrong before, but now they really see the reasons behind being proactive with compli-ance, rather than reactive. Just this week I had a manager call me to say, “We are going to contract with so-and-so, and I think we need a Business Associate Agreement.” That wouldn’t have happened before. Thinking about compliance standards had not become part of the culture. Now it is. I am so proud of their growth in this area.

JO: What are some of your greatest challenges?ST: Time. There is only one of me, and each area I am responsible for requires a lot of hands on time, as well as reading and research, to keep up. There are days when I wish I could clone myself. However, this is where HCCA helps tremendously. If I have an issue, it is highly likely that someone else has had that same issue. The listserve forums

on the social network are a tremendous help for research and decision making.

JO: What do you see as the most important traits for a compliance officer to be successful in the role?ST: I think that being detail-oriented,

thorough, inquisitive, and passionate about doing things the right way are extremely important. It also helps if you have the capacity to follow up on that “gut feeling” you get when things just don’t seem to be done correctly. I also remind myself and others that that the vast majority of employees

don’t come to work to make mistakes. They come to do a good job, and the systems and processes that are put in place are what cause them to make mistakes. The ability to gain people’s trust, being accessible, open-minded, and having an open door is essential.

JO: Tell us how you’ve been able to align the work you do for your organization with other organizational priorities/strategies? ST: As I said, I am fortunate that my areas of responsibilities dovetail so well together. They also are a part of every department in the hospital. Burgess’ vision is “to be the best rural health care system in America.” Everything we do works toward that goal. “Be the Best” is part of our daily work ethic. This covers everything that is done at the hospital. It requires team work and communication on everyone’s part. In this type of environment, it is very easy to align your work with the entire organization because everyone is on the same page, working toward the same goal.

JO: What are some strategies you have used to keep your education and training materials fresh and meaningful to employees?ST: In a former life, I taught nursing at a

I knew managers and staff were onboard when I began

getting the question “Can we do this?” prior to something

new being initiated, rather than my discovering it after the fact.


16

TitleBy: Line

Meet Sharon Taylor ...continued from page 15

community college. Our classes had many non-traditional students. This experience really taught me how everyone learns differently and how the best instructors are able to reach students in the way they learn best. I have tried to carry this through in any training that I do. I do the more formal compliance education for orientation using a PowerPoint I have developed, and I use lots of examples. Compliance pieces in our Daily Lineup draw from the frequently asked questions in our Code of Conduct. When doing targeted education for departments, I try to draw on examples from their real life situations. For our Compliance Steering Committee, I often share an article. Our board education involves a presentation about what we are working on in Compliance. In other words, we use a variety of types of education to try to meet the needs of the audience.

JO: How do you keep your senior leadership and board of directors engaged in your compliance efforts?ST: I report to the CEO and work closely with all of the other senior leaders. Our board involvement really intensified a couple of years ago. I had been talking with our CEO and Compliance Steering Committee about getting the board more involved in compliance. HCCA helped by sponsoring the webinar about board involvement in Compliance and Quality. Then our Quality Director and I attended the HCCA confer-ence on Compliance and Quality. During this time, the CEO had been visiting with a board member about becoming more involved in board activities. After the four of us met, he consented to be our Compliance/Quality Liaison. He attends our Quality Steering Council and Compliance Steering Committee meetings, carrying information to and from the board. He has also initiated more intense education of the board by the Quality Director and me. So, in addition to

our annual reports to the board, we each meet six times a year with the board for specific Quality and Compliance education.

JO: you recently attended the HCCA Compliance Institute in Dallas. Please share your experience and why you attend the HCCA conference?ST: Well, I joke with my boss that at least I don’t call him from the Institute anymore saying, “I don’t want this job!” I did that the first time, after one session that was overwhelming when it became apparent how much work we had to do. I had not learned yet that you eat the compliance elephant the same way you eat other elephants—“one bite at a time.” The Compliance Institute presents opportunities for individuals at all levels of compliance experience and in all different areas. That is its greatest asset. This year, because of our recent increase in physician practice exposure, I concentrated on sessions dealing with physician compliance. I have a number of best practices to work out with my committee on implementation. Of course, the networking opportunities are also limitless. Because of the Institute, I have contacts in a number of other states, as well as Iowa, that I routinely contact when I have questions.

JO: What can HCCA do to continue to support the Compliance profession?ST: I have participated in webinars, the Advanced Compliance Academy, the Quality and Compliance program, and Compliance Institutes, as well as using the forums and other website resources and Compliance Today, so I would have to say, “More of the same.” I do wish that a section for CAH could be imple-mented, because at times, small rural programs do have unique circumstances, as well as their own set of regulations, and it would be good to interact with others in a similar situation.

JO: you have earned your Certification in Healthcare Compliance (CHC). How has that helped you in your current role?ST: I am certified in three of the areas of responsibility: Compliance, Infection Control, and Risk Management. While certification is not required at the present time by Burgess, our hospital does encourage the personal growth of its employees. Certification is something I felt I needed to do to prove to myself that I had at least a basic mastery of an area. I believe that it also says to others that you have a certain amount of knowledge, and that helps establish cred-ibility. The need to keep current in order to maintain certification is also critical. I read each issue of Compliance Today cover-to-cover, prior to sharing it with others in my organization and our NW District. I encourage other compliance professionals to work toward becoming certified.

JO: What advice do you have for individ-uals who are interested in a career in health care Compliance?ST: I would say to make sure you love change and constant learning, and are passionate about always doing the right thing. And of course, join HCCA.

JO: What do you enjoy most about your job?ST: That there is always some new issue that requires time and effort to learn how it affects us and what we need to do. I really enjoy constant learning.

JO: Thanks so much, Sharon. n


17

CCBCCB The Compliance Professional’s Certification

Valerie Bennett-LewisApril D. BorgstedtCarrie E. Bryant

Corette ByrdJeanette Campbell

Shelly CarlingElizabeth CeruttiTammy M. ChaddEmma S. Cuenco

Bonnie C. CushmanTama A. DonaldsonTheresa L. DorazioKaren Louise Elliott

Cleaster EwingRobert Logan Fallen

James HainesRoxAnne Yvette Harris

Michael S. HolmesTeresa Maria Jacobs

Ranee JimenezPamela J. Johnson

Stephanie KaulCindy K. Keim

Laura L. KettermanGillian A. Kotun

David Seffers LaneNoelle C. Larsen

Brandy J. Liss

Jose ManaloStephen J. McGuireMichele L. Miller

Jennifer A. MontgomeryShawna MullenElaine S. Nace

Michele A. NihipaliLeanna J. Nishi

Carole M. PrioreJay L. Raftery

Courtney C. RichmondCharles S. Ricks

Rebecca L. RobertsDonna RooneyLysa M. Ross

Matthew W. R. Schwartz

Lori J. ShineLance J. Smith

Cynthia D. SmithRussell A. Smith

Stephen R. Sonnenfeldt-Goddard

Spring C. StricklandPatty ThompsonJaci L. WismarCharles J. Wolf

Judith M. Zuccone

The Compliance Certification Board (CCB) compliance certification examinations are

available in all 50 states. Join your peers and demonstrate your compliance knowledge by becoming certified today.

Kristina BloomquistGayle Everidge White

Trae D. Rohan

Congratulations!! The following individuals have recently successfully completed the CHRC certification exam, earning their certification:

Congratulations!! The following individuals have recently successfully completed the CHC certification exam, earning their certification:

HEALTH CARE COMPLIANCE ASSOCIATION’S 15th Annual

COMPLIANCE I N S T I T U T E April 10–13, 2011 * Orlando, FLThe Walt Disney World Swan and Dolphin Resort

Join your colleagues in Orlando for HCCA’s 2011 Compliance Institute—the single most comprehensive compliance conference designed specifi cally to meet the needs of today’s healthcare compliance professionals and their staff.

LEARN MORE AT WWW.COMPLIANCE-INSTITUTE.ORG


18

TitleBy: Line


Being nice to people is not always the nice thing to do to people

I just returned from speaking to business people in Brazil about compliance/ethics programs. I received my usual feedback about how onerous and negative compliance programs sound. They were very nice about it. I have been considered a hard-line compliance type for some time. I advocate an emphasis on enforcement, discipline, investigations, etc, as opposed to just talking about being ethical, tone at the top, code of conduct, etc. I advocate for avoiding the dark pit of constant and excessive risk analysis, policy analysis, and analysis paralysis in general. I get a lot of feedback and advice about how I should “tone it down” and focus more on building an ethical culture. However, this time I had a revelation. I had the revelation that people who think that compliance programs should be more about talking than acting, so you can avoid looking like “Big Brother,” are more incorrect than I had originally thought.

The Brazilians are a wonderful people, have a wonderful culture, and they are very nice. It was the words they chose (albeit translated from Portuguese) that caused my revelation. They described the alterna-tive to my perspective more clearly than anyone had before. They essentially didn’t want to hurt peoples’ feelings by “not trusting them with an aggressive compliance program.” I think this description is at the heart of the perspective of those who oppose my views.

Some people don’t implement effective compliance programs because they want to avoid the pain of investigations, discipline, and reporting bad news to the leadership. However, many more want ethics, a code of conduct, and tone at the top to work, because they want to be nice to people and want them to feel trusted. They want to get along. They want the carrot, not the stick. This is what was going through my mind when I realized how wrong these people are. The very outcome most people want to avoid (making people feel bad) is exactly what outcome their approach causes.

If you use tools that rely heavily on trust, such as ethics education, a code of conduct, and tone at the top as your focus point, you may fail to find people who are making mistakes. Some believe you must find

wrong doers and be patient with them, because some people think they are being ethical, when in fact, they are breaking the law. We can save “innocent people” with an aggressive compliance program. We need to catch them early and before the problem gets worse.

you can’t find these people without looking for them and sending a strong message. you can’t look without implying (but you can manage this) that you don’t trust them. you can run an effective and aggressive compliance program in a very positive manner. I did it a the Univer-sity of Wisconsin and we are doing it at HCCA and SCCE. I don’t talk about it—I do something about it. I put in a process, a compli-ance program, that lets people know, in no uncertain terms, you will behave ethically or you will not be behaving here. I disagree that this is disappointing to most employees.

If you don’t implement an effective compliance/ethics program, you will hurt more people in the long run. The whole reason so many people disagree with me on this (and there are a lot of you) is because many want to keep it positive. The question I get that really gets me mad is, “How can I keep compliance from looking like Big Brother?” If you are more worried about how people feel about you than finding and fixing problems, you are in the WRONG business. The reason most people don’t want to emphasize the harsher elements of a compli-ance program is the reason they should. In the long run, anger and a lack of trust comes from an ineffective compliance/ethics program. More people (and business cultures) are hurt by companies who employ the “nice guy” approach. Fewer people are hurt in the long run by companies that implement the “harsher elements” of a compliance/ethics program. That is, if you can manage your compliance/ethics program with a degree of grace.

Let me give you an example of finding people who are doing wrong and may need a harsh message. It is an example of finding people with an aggressive compliance program before they get into bigger trouble. There are people paying money or giving gifts to others. They see many other companies doing it and don’t realize they could get into trouble. No one inside the company hunted them down and stopped them. Very nice people just like you and me (well, you anyway) have been brought up on criminal charges for bribery. Some did it knowing they could go to jail, while others had no idea it was “over the line.” Where was the compliance/ethics program? They had had tone at the

ROY

sNE

LL


19


Web 2.0 is about the new, faster, everyone connected Internet.

Each resource is 100% dedicated to compliance and ethics management. So sign up for whichever one works best for you, or for all four if you’re already living the Web 2.0 life.

HCCA is embracing this approach and offers you a number of ways to build out your network, connect with compliance professionals, and leverage this new technology. Take advantage of these online resources; keep abreast of the latest in compliance news; and stay ahead of the curve.

Dozens of discussion groups and more than 6,000 participantshttp://community.hcca-info.org

Profiles of over 3,800 compliance and ethics professionalshttp://www.hcca-info.org/LinkedIn

Follow HCCA_News to keep up with the latest compliance news and eventshttp://twitter.com/HCCA_News

Connect with compliance and ethics professionals on Facebookhttp://www.hcca-info.org/Facebook

HCCASocialNetworking_halfpage_301nK_CTad.indd 1 9/2/2010 9:36:00 AM

Editor’s note: John Falcetano, CHC-F, CHRC, CHPC, CCEP-F, CIA is Chief Audit/Compliance Officer for University Health Systems of Eastern Carolina and Treasurer of the HCCA Board of Directors. John may be contacted at [email protected].

Welcome to the Social Networking column. This column is devoted to providing our readers with a list of topics being discussed this month on the Health Care Compliance Association’s (HCCA) social networking site (HCCAnet). The social networking site is where you can find answers to your questions and network with other readers online. One benefit is the ability for our members to share some of their documents. In fact, below are some of the documents shared in June: 1. Compliance and Ethics Risk Assessments (#3316)2. Compliance and Ethics Risk Assessments (#3315)3. OECD Good Practice Guidance commentary (#3314)4. OECD Good Practice Guidance commentary (#3313)5. Internal Investigation Checklist 6. U of W School of Dentistry dental audit tools 7. Internal Investigation Checklist 8. Background Checks for Volunteer Boards 9. FTC consent decree & imposed compliance program 10. How does the U.S. stack up to the OECD Recommendations?

The social networking site is a great way to make friends, talk with peers, and focus on a specific compliance topic. Here are some recent topics discussed by groups in June:

To participate in the discussion, review the comments, or just talk with your peers, you can access the HCCAnet by going to the link: www.hcca-info.org/sn n

Social NetworkingSocial Networking

JOH

N FA

LCET

ANO

1. Auditing and Monitoring Com-pliance

2. Brazil Community 3. Chicago Regional Business Ethics 4. Chief Compliance Ethics Officer5. Communication Training and

Curriculum6. Competition Law and Antitrust7. Compliance and Ethics in a

Recession

8. Compliance Book Club 9. Ethics Forum 10. FCPA: Foreign Corrupt Practices

Act 11. Nonprofit Network 12. Quantitative Compliance 13. Red Flags Rule 14. Social Responsibility Forum 15. Utilities and Energy Network


20

Editor’s note: Theresamarie Mantese is a Founding Shareholder and Gregory M. Nowakowski is an Associate Attorney at Rogers Mantese in Royal Oak, Michigan. Both specialize in health law. Ms. Mantese may be contacted at [email protected] and Mr. Nowakowski may be contacted at [email protected].

In recent years, the government has closely scrutinized compensation agree-ments that may violate health care regu-

latory laws, and the scrutiny is increasing. Often, the arrangements involve the market-ing functions of health care providers such as home health agencies. Violations can result in serious fines, penalties, exclusion from Medicare, Medicaid, and other government programs, and even criminal prosecution.

The Office of the Inspector General of the Department of Health and Human Services (OIG) released its Work Plan for Fiscal year 2010 on October 1, 2009. The OIG Work Plan outlines the planned reviews for the upcoming year by the OIG. It indicates that home health agencies (HHAs) will be an area of continued focus by the federal government. HHAs should carefully examine their compensation relationships with the various parties necessary for their business. Failing to do so could cause HHAs to face serious penalties, fines, and criminal prosecution.

HHAs have many compensation relationships. Among the more common relationships are:

n employees or independent contractors who provide professional (and sometimes non-professional) services;

n consultants who provide advice to the agency; and

n vendors who supply goods to the agency.

All of these relationships can relate to marketing activities, and may be subject to legal restrictions. Marketing programs, such as giving lunches and other gifts to referring physicians’ offices, also need to be analyzed for legal compliance. Furthermore, HHAs may face questions that raise legal issues involving the Stark Law, the federal Anti-kickback Stat-ute (AKS), and the False Claims Act (FCA). HHA administrators should understand the general legal principles of these statutes, so they do not become involved in fraudulent or otherwise illegal arrangements.

Compensation arrangements

In general, the Stark Law prohibits physicians from referring patients for Medicare-covered designated health services (DHS), including home health services, to an entity with which the physician has a financial relationship.1

The Anti-kickback Statute, as distinct from Stark Law, applies to any person or entity, and not just to health professionals. The federal AKS generally prohibits giving anything of value in exchange for referrals (and applies to all persons, not just

physicians). Unlike the Stark Law, which does not require intent for there to be a violation, the federal AKS requires intent. Most states also have anti-kickback statutes. Even a legitimate payment for services actually rendered can be an illegal kickback if one purpose of the payment is to induce referrals. This is often called the Greber one-purpose rule, named after the first court decision that was based on the rule.2

The FCA prohibits knowingly submitting a false claim to the government. “Know-ingly” requires that the person “have actual knowledge of (or deliberately ignore or act in reckless disregard of ) the truth or falsity of the information”3 in the claim to the govern-ment for payment. The proof of knowingly submitting a false claim to the government turns on whether there is actual knowledge or whether there is deliberate disregard that medical bills submitted to the government would cause the bills to be paid when the services were not provided or billed properly.

Marketing agreements

Marketing presents some of the most critical legal issues for HHAs. In particular, the federal AKS4 has had a significant impact on the structuring of marketing relationships between HHAs and other parties. HHAs’ relationships with marketers generally fall into one of two categories: (1) employees of HHAs; and (2) independent contractors of HHAs. The struc-ture of the compensation relationship with marketers depends on whether the relationship falls in either of these two categories.

In general, the differences between an employee and an independent contractor are:1. Employees have their income taxes, Social

Security tax, and Medicare taxes withheld, and unemployment tax is paid on wages. Employees are issued a W-2 after year-end for tax purposes.

2. Independent contractors do not have their income taxes, Social Security tax,

Home health compensation arrangements: Maintaining compliance

By Theresamarie Mantese and Gregory Nowakowski


21



and Medicare taxes withheld, and no unemployment tax is paid on wages. Independent contractors are issued a 1099 after year-end for tax purposes.

In determining whether the person providing a service is an employee or an independent contractor, the details of the relationship are considered. Details that show the individual is under the direction and control of the HHA tend to show that the individual is an employee of the HHA; the less direction and control, the less likely it’s an employee rela-tionship. Although “employee” is specifically defined in the Internal Revenue Code,5 a summary of the important factors includes:n Behavioral. Does the HHA control or have

the right to control what the worker does, and how the worker does his or her job? Does the HHA control vacation or other time off, or control the person’s work hours?

n Financial. Are the business aspects of the worker’s job controlled by the HHA? These include things like how the worker is paid, whether expenses are reimbursed, who provides tools and supplies, and whether the HHA provides an office or other work area.

n Type of relationship. Are there written contracts or employee benefits (e.g., pen-sion plan, insurance, vacation pay, etc.)?

Compensation arrangements for employee marketersHHAs may take advantage of the bona fide employee provision to the Anti-kickback Statute if the HHA employees engage in marketing.6 Bona fide employees engaged in marketing can be paid on a commission basis, if done carefully. There is a serious concern that volume-related compensation creates an incentive for employees to obtain unnecessary or other prohibited services.

To ensure compliance, HHA marketing employees should have written employment agreements in which there are clear prohibitions

of illegal conduct; for example, prohibiting the employee from giving anything of value to induce referrals. In one case,7 the employee safe harbor exception to the Florida Medicaid Anti-kickback Statute permitted “per head” referral payments made by dental services corporations to bona fide employees for provision of covered services.

However, HHA’s must be constantly reviewing their marketing employees for areas that could be construed under Greber as violating the AKS. Status as an employee does not necessarily cover everything the individual does—just acts within the scope of his or her employment. If the HHA employee is also employed by a hospital as a discharge planner, the individual’s actions as a hospital discharge planner—such as referring to the HHA—are not covered under his or her status as a HHA employee.

Compensation arrangements for indepen-dent contractor marketersThe services of independent contractors may be protected under the safe harbor for personal services and management contracts.8 Unlike employees, independent contractor marketers cannot be paid based on the volume or value of the business they obtain for the HHA.

Independent contractor agreements should comply with the following safe harbor requirements to avoid anti-kickback violations:n The agreement must be in writing and

signed by the HHA and the marketer,n The written agreement must clearly

identify all of the services that are to be performed by the marketer,

n The periodic intervals or the schedule of use of the services must be established in the contract,

n The agreement must be for at least one year,n The payments must be equal to fair market

value and established in advance, andn The amount of services provided under the

agreement is no more than necessary for a reasonable business purpose.

Additionally, the agreement should contain clear prohibitions of illegal conduct (e.g., pro-hibiting the contractor from giving anything of value to induce referrals).

Medical director agreements

Medical director agreements should be analyzed to determine whether the agreements include any financial arrangements involving physicians that violate Stark and anti-kickback laws. Without this scrutiny, the HHA may find itself involved in filing fraudulent or improper Medicare cost reports, and improperly billing Medicare for treatments in violation of the False Claims Act.

In one such case, CoxHealth and Ferrell-Duncan Clinic settled a whistleblower lawsuit involving medical director agreements in the amounts of $60 million and $1 mil-lion, respectively. Each party also signed a Corporate Integrity Agreement, which can be found on the OIG website (See http://www.oig.hhs.gov/fraud/cia/agreements/lester_e_cox_medical_centers_07212008.pdf). This case highlights the importance of verifying that medical director compensation is not calculated (indirectly or directly) based on earnings from DHS (as defined under Stark).

Professional staff agreements

HHAs should avoid compensation arrange-ments that cause conflicts of interest with licensed professionals who may influence referrals to the agency. This is an issue where individuals are both employees of the HHA and of another provider, such as a hospital, where the licensed professional may influence referrals from the other provider to the HHA.

Gifts and non-monetary compensation

Compensation does not have to be money; it can be anything of value, even gifts which are considered non–monetary compensation. The general concern is that a HHA may give gifts of


22

TitleBy: Line

Home health compensation arrangements: Maintaining compliance ...continued from page 21

substantial value to a physician, in return for the physician referring patients to that entity. An HHA cannot give a physician non-monetary gifts valued over $355 in 2010 (this amount is adjusted annually for inflation).9

Compliance hinges on record keeping and is critical. If an HHA gives non-monetary gifts to physicians, it should keep detailed records docu-menting that the gifts fall below the yearly limitation.

Conclusion

It is essential that HHAs have legitimate, bona-fide professional and non-professional relationships that are outlined in a written legal agreement. Failure of HHAs to have contracts containing compensation arrangements that comply with health care laws risks violation of fraud and abuse laws, including the federal AKS (for improperly billing services to third-party payers, Medicaid, Medicare, and other federal health care programs) and the Stark Law (for improper physician referrals). In recent years, the government has heightened scrutiny and aggressive enforcement efforts against providers who engage in illegal kickback practices and violations of the Stark Law by entering into “sham” health care agreements. n

1 Title 42, Code of Federal Regulations (CFR) § 411.351.2 United States v. Greber, 760 F2d 68 (CA 3, 1985)3 31 United States Code (U.S.C.) § 3729(b).4 42 U.S.C. §§ 1320a-7b(b)5 26 U.S. Code Section 3121(d). For further information, see “Independent Contractor (Self-Employed) or

Employee?” Available at http://www.irs.gov/businesses/small/article/0,,id=99921,00.html.6 42 CFR. § 1001.952(i).7 State v. Harden, 938 So.2d 480 (Fla. 2006),8 42 CFR § 1001.952(d).9 The annual limits can be found at: http://www.cms.hhs.gov/PhysicianSelfReferral/10_CPI-U_Updates.asp#TopOfPage.

www.broadandcassel.com

For more information, contact: Gabriel Imperato, Managing Partner | [email protected]

One Financial Plaza, Suite 2700, Fort Lauderdale, FL 33394 | 954.764.7060

We’ve made it a practice to deal with solutions.

Our attorneys are available to handle a full range of services including:

n Health and Hospital Lawn Regulatory and Transactional Work for Hospitals

and Physiciansn Medical Practice Group Formation and Consolidationn White Collar Criminal and Civil Health Fraud Defensen Corporate Liability, Compliance and Governance and

Corporate Investigations and Voluntary Disclosuren Litigation and Administrative Proceedings for

Health Care Organizations and Professionals

BOCA RATON n DESTIN n FT. LAUDERDALE n MIAMI n ORLANDO TALLAHASSEE n TAMPA n WEST PALM BEACH

The Health Care Compliance Professional’s Manual

WITH ANNUAL SUBSCRIPTION SERVICE

• Hard-copy subscribers receive quarterly updates

• Internet subscribers receive updates as soon as they are issued

Published by CCH and HCCA

The Health Care Compliance Professional’s Manual gives you all the tools you need to plan and execute a customized compli-ance program that meets federal stan-dards. Available via print or the Internet, the Manual walks you through the entire process, start to finish, showing you how to draft compliance policies, build a strong compliance infrastructure in your organi-zation, document your efforts, apply self-assessment techniques, create an effective education program, pinpoint areas of risk, conduct internal probes and much more.

Members: $369/year Non-members: $409/year

To order, visit the HCCA website at www.hcca-info.org, or call 888-580-8373.


23


Editor’s note: Francine R. Nigrello is a health care professional located in Westchester, NY. She can be reached by e-mail at [email protected]. Glenn Kaufman is an experienced consultant located in Long Island, NY. He can be reached by e-mail at [email protected].

Improving quality of care could be the key to your hospital’s survival. This article is not meant to present a compre-

hensive recounting of the Patient Protection and Affordable Care Act (PPACA), but to provide an overview that we hope will be a guide to the actions that should and must be taken by institutional health care provid-ers to ensure their financial integrity as they prepare for the changes being brought about by PPACA.

The Institute of Medicine (IOM) report “To Err Is Human: Building a Safer Health System,” released in November 1999, brought the spotlight of attention on and increased awareness of the quality of health care in the United States. The IOM report pointed out that as many as 98,000 people die each year from medical errors that occur in hospitals and estimated that medical errors cost the U.S. $17-$29 billion per year. A 2008 study by HealthGrades1 found that “Patient safety incidents cost the federal Medicare program $8.8 billion and resulted in 238,337 potentially preventable deaths during 2004 through 2006.”

It is not surprising then, that Congressional attention to the issue increased significantly and the House and Senate health care reform bills included critical provisions that addressed improving quality and health care system performance. For example, at hearings of the Senate Finance Committee, testimony centered around “…paying health care providers more to do quality work and insisting they abide by a set of minimum quality standards [that] would go a long way toward improving the quality of medical care that patients receive ….” Finance Committee Chairman Max Baucus (D-MT) said, “We simply cannot afford to continue paying for inappropriate or inadequate medical care. We need to encourage high-quality and high-value care. And we need to reward health care providers who deliver it.” Sen. Charles E. Grassley (R-IA), the Finance Committee’s ranking Republican, said, “We need incen-tives for quality versus quantity.”2

Abortive efforts were made on the federal level when it was announced that Medicare payment and coverage policy changes would curtail reimbursement for hospitals for certain hospital-acquired conditions (HACs), which became known as “never events.” Those pay-ment and coverage changes were scheduled to begin for discharges occurring on or after October 1, 2008. The changes were delayed because the Centers for Medicare and Medicaid (CMS) had difficulty with coding limitations, which do not always recognize

when a claim is classified into a higher payment group, and in defining which HACs are “reasonably preventable” by providers.3

Quality improvement will be driven by health care reform. Although the HAC payment changes did not take effect as scheduled, the efforts continued during the development of health care reform. As a result, PPACA contains numerous measures that seek to improve the quality of medical care and, at the same time, lower the rate of growth of health care expenditures.

Provisions that affect Medicare payments to

institutional providers

Delivery system reforms will save an estimated $13.5 billion to the Medicare program. This will result from the implementation of value-based purchasing (VBP), which will reduce payments to providers with high volume of hospital-acquired conditions and readmissions.

Beginning in fiscal year 2013 (applicable to payments for discharges occurring on or after October 1, 2012), PPACA section 3001 requires the Secretary of Health & Human Services to establish a hospital value-based purchasing program under which value-based incentive payments are made to hospitals that meet performance standards established for each fiscal year. The selected measures are required to cover at least the following five specific conditions or procedures:n Acute myocardial infarction (AMI) n Heart failure n Pneumonia n Surgeries (as measured by the Surgical

Care Improvement Project)n Healthcare-associated infections (as mea-

sured by the prevention metrics and targets established in the HHS Action Plan to Prevent Healthcare-Associated Infections,

Quality improvement takes on new

importance in health care organizations

By Francine Nigrello & Glenn Kaufman


24

or any successor plan, of the Department of Health and Human Services)

Beginning in fiscal year 2014 (Fy2014) and thereafter, the measures selected by the Secretary must include efficiency measures, including measures of Medicare spending per beneficiary. Those measures are required to be adjusted for factors such as age, sex, race, severity of illness, and other factors that the Secretary determines appropriate.

The Secretary is also required to establish VBP demonstration programs for: (1) inpa-tient critical access hospital services; and (2) hospitals excluded from the program because of insufficient numbers of measures and cases.

VBP, which links payment to performance, is a key policy mechanism that will transform Medicare from a passive payer of claims to an active purchaser of care. Under VBP, payments to high performing hospitals would be larger than those to lower performing hospitals, for the first time using the Inpatient Prospective Payment System (IPPS) to provide financial incentives to drive improve-ments in clinical quality, patient-centeredness, and efficiency.

The VBP program goals are to:n Improve clinical qualityn Reduce adverse events and improve patient

safetyn Encourage more patient-centered caren Avoid unnecessary costs in the delivery of

caren Stimulate investments in effective struc-

tural components or systemsn Make performance results transparent and

comprehensible n Empower consumers to make value-based

decisions about their health caren Encourage hospitals and clinicians to

improve quality of care

Medicare views VBP as a tool for promoting better quality, while avoiding unnecessary costs, with explicit payment incentives to achieve identified quality and efficiency goals. Pay for reporting, pay for performance, gain sharing, and competitive bidding are all VBP tools.4

PPACA section 3004 requires long-term care hospitals, inpatient rehabilitation hospitals, and hospices to submit data on specified qual-ity measures, starting in rate year 2014. It also requires reduction of the annual update of entities which do not comply.

Section 3005 directs the Secretary, starting Fy2014, to establish quality reporting pro-grams for inpatient cancer hospitals exempt from the prospective payment system.

Section 3006 (as modified by section 10301) directs the Secretary to develop a plan to implement VBP programs for Medicare payments for skilled nursing facilities (SNFs), home health agencies, and ambulatory surgi-cal centers. These sections also require the Secretary to submit a report to Congress not later than October 1, 2011 which contains the plan developed.

Section 3008 deals with HAC. Beginning in 2015, hospitals will be subjected to a penalty adjustment to payments for high rates of hos-pital-acquired conditions (HACs). Medicare payments will be reduced 99% of the amount that would otherwise apply, for hospitals in the top quartile (25%) of all hospitals relative to the national average of HACs. PPACA directs the Secretary to provide confidential reports to the applicable hospitals with respect to HACs and to make information regarding HACs of each applicable hospital available to the public.

Sec. 3025 (as modified by Sec. 10309) requires the Secretary to establish a hospital readmissions reduction program involving

certain payment adjustments for certain potentially preventable Medicare inpatient hospital readmissions. This becomes effective for discharges on or after October 1, 2012. It directs the Secretary to make available a program for hospitals with a high severity-adjusted readmission rate to improve their readmission rates through the use of patient safety organizations.

Improving the quality of Medicaid for

patients and providers

Section 2701 of PPACA directs the Secretary to identify and publish for comment before January 1, 2011, a recommended core set of adult health quality measures for Medicaid-eligible adults. An initial core set must be published no later than January 1, 2012. Further, by January 1, 2013, the Secretary is required to consult with states to develop a standardized format for reporting information based on the initial core set of adult health quality measures and create procedures to encourage states to use such measures to volun-tarily report information regarding the quality of health care for Medicaid-eligible adults.

Effective July 1, 2011, PPACA section 2702 prohibits Medicaid payment for any medical assistance provided for HACs, although the Secretary’s regulations must ensure that the prohibition of payment for HACs will not result in a loss of access to care or services for Medicaid beneficiaries.

Section 2704 covers integrated care around a hospitalization. This section directs the Sec-retary to establish a demonstration project to evaluate the use of bundled payments for the provision of integrated care for a Medicaid beneficiary: (1) with respect to an episode of care that includes a hospitalization; and (2) for concurrent physicians services provided during a hospitalization.

Quality improvement takes on new importance in health care organizations ...continued from page 23.


25



Section 2705 requires the Secretary to establish a Medicaid Global Payment System Demonstra-tion Project under which a participating state shall adjust payments made to an eligible safety net hospital or network from a fee-for-service payment structure to a global capitated payment model. This section also authorizes appropria-tions necessary to carry out the requirements.

Improving delivery of health care services

These sections of PPACA are forerunners of the future and the pressures that will come to bear on facilities to improve their quality of care. They delineate the various measures and strategies that are required to be developed to improve the delivery of health care services.n National Strategy to Improve Health

Care Quality (Sec. 3011 - 3015)The Secretary is required to identify and annually update national priorities for improvement that will meet specified require-ments and/or goals, for example:q Improving federal payment policy to

emphasize quality and efficiency.q Addressing the health care provided to

patients with high-cost chronic diseases.q Reducing health disparities across popula-

tions and geographic areas.q Improving the health outcomes, efficiency,

and patient-centeredness of health care for all populations, including children and vulnerable populations.

q Consulting with states to develop a stan-dardized format for reporting information based on the initial core set of adult health quality measures and create procedures to encourage states to use such measures to voluntarily report information.

n National Pilot Program on Payment Bundling (Sec. 3023, as modified by Sec. 10308)

In order to improve the coordination, quality, and efficiency of health care services, this

section establishes a national Medicare pilot program by January 1, 2013 to develop and evaluate paying a bundled payment for acute, inpatient hospital services, physician services, outpatient hospital services, and post-acute care services for an episode of care that begins three days prior to a hospitalization and spans 30 days following discharge. The Secretary is required to develop quality measures for use in the pilot program for episodes of care and for post-acute care.

Revenue opportunities

There are revenue opportunities within PPACA “…for hospitals and health systems that are nimble and can demonstrate strong quality and financial performance,” says Catherine Jacobson, FHFMA, CPA, Senior Vice President of Strategic Planning and Finance, CFO, and Treasurer of Rush University Medical Center in Chicago.5

One opportunity is rather obvious: revenues need to exceed costs. There is myriad and compelling evidence that increasing quality actually reduces overall costs. A study by The Healthcare Management Council, Inc. (HMC)6 documented a multiplier effect on overhead costs resulting from poor hospital inpatient care. The HMC research discov-ered that off-quality at the patient bedside has a rippling effect to overhead costs, like malpractice insurance, quality management, case management and utilization review costs. The research showed that the cost of off-quality overall costs grows exponentially as a result. These relationships have been confirmed with comparative hospital data at the system and individual hospital level, according to HMC.6

The emphasis on the third-party reimburse-ment consequences of medical errors may obscure a very important point: Even when the payers do not withhold payment, the

facility still never recoups its full costs in most of these cases. Take, for example, ventilator-associated pneumonia (VAP). If a patient gets VAP, the hospital gets no incremental reimbursement, because most of those patients are already sick enough that their cases have been assigned to the diagnosis-related group (DRG) that provides the highest reimbursement amount, and available outlier reimbursement does not nearly cover the cost of the hospital-acquired VAP. The incremental cost of VAP to the hospital may be as high as $40,000!7

A medication error that results in an adverse drug event (ADE) is costly. According to the IOM report, the increased hospital cost of treating ADEs averaged $4,600 per incident. In other words, a 700-bed teaching hospital would see an annual $2.8 million in increased costs due to these events. One study cited found that the risk of death during a hospital stay doubled for patients experiencing ADEs. Another study8 found that 19% of medica-tions administered in 36 hospitals and skilled nursing facilities were done so erroneously; of which 7% were potentially harmful. These numbers equate to more than 40 potentially serious medication-administration errors occurring every day in a typical 300-patient organization, either acute or long-term care.

Moreover, death and disability resulting from medication error can result in significant legal costs. In 2000, the median compensation award for medication errors was $668,000 per award. Incremental costs are being incurred every day in health care because of ADEs, such as extended patient stays and additional treatments, therapies, and medications needed to overcome the effect of the medication error. Many ADE injuries and resulting hospital costs can be reduced if hospitals make changes to their systems for


26

TitleBy: Line

FORENSIC AND LITIGATION CONSULTING

CORPORATE FINANCE

ECONOMIC CONSULTING

TECHNOLOGY

STRATEGIC COMMUNICATIONS

FLC _Full_pg_B&W_CT_8.5x11_.indd 1 7/14/10 10:26 AM


27


preventing and detecting ADEs. Therefore, improving the quality of care has significant cost avoidance benefits to hospitals, in addi-tion to establishing a reputation for providing quality care and improving patient safety.9

Increase value, increase volumes

In a recent Healthcare Financial Management Association publication, Revenue Opportuni-ties in the Reform Law,5 Rush University Medical Center stated that it “…believes that getting ahead on the value curve—or provid-ing higher-quality, lower-cost care than the average provider—will position their health system for success under health reform.

“Organizations that can demonstrate and communicate ‘their value in their market,’ or how they compare to competitors in quality/cost measures, stand to attract more patients, payers, and employers—and, ultimately, revenues.”

According to the article, by reducing hospital-acquired infections and other “defects in the system,” Rush is seeing a decreased need for costly resources (for example, nurse time involved in caring for patients, additional supplies needed to treat patients) and an increase in efficiency. “We can now focus on how to redeploy our resources to further increase our quality,” says Jacobson. “Reduc-ing operating costs will be crucial to economic survival as hospitals—often viewed as fixed cost enterprises—try to absorb deep cuts in Medicare and DSH payments. It is debatable how much these reimbursement cuts will be offset by the increase in the number of insured patients under health reform.”

According to the Congressional Budget Office, health reform will extend insurance coverage to about 32 million more Americans by 2019, about 16 million of whom will be under Medicaid, which traditionally pays

hospitals less than private insurance cover-age. Once again, Jacobson stresses the need to focus on value. “If you can bring your fixed costs down, your organization stands to benefit from the additional volumes.”

What’s on the horizon?

Many medical errors are rooted in poor care transitions or flawed communications. The reform legislation has the potential to improve safety by fostering greater collabora-tion and teamwork among providers. It pro-motes the development and implementation of Medicare pilot programs that encourage team-based approaches to health care, includ-ing “accountable care organizations” (ACOs), comprising local health care providers such as physicians and the hospitals in which they work. ACO participants would have to agree to and show they can take responsibility for the full continuum of care for their patients—and for the quality, treatment outcomes, and costs of that care. They would coordinate care for their shared Medicare patients with the goal of meeting and improving on benchmark levels of performance. The legislation also establishes a demonstration project to allow pediatric providers to organize as ACOs and gain a share in federal and state cost-savings generated under Medicaid.

A typical Medicare ACO would be an organizational entity encompassing one or more hospitals, primary care physicians, and specialists. Under the shared savings provision of the legislation, each of the ACO provider organizations would be able to receive a share of the savings their services generate, relative to a predetermined cost target.

For example, consider a patient with heart failure who is admitted to the hospital for hip surgery. While hospitalized, he stops tak-ing his heart failure medications and, once discharged, fails to resume taking them and

winds up back in the hospital two weeks later in pulmonary edema. Had medication reconciliation been performed at discharge, or transition planning and patient education handled properly, this readmission might have been avoided. Today, not only would payment cover the cost of the re-hospital-ization, but there would be no incentive for putting in place systems to reduce this pos-sibility. In an ACO operating under a shared savings model, providers would have an incentive to deliver care that could avoid the readmission (because they would share in the resulting savings), and they also would have the organizational capacity to provide it. n The new legislation demands greater trans-

parency and public reporting on hospitals’ performance.

n Later this year, the Centers for Medicare and Medicaid Services (CMS) will begin reporting rates of medical errors and selected hospital-acquired conditions on its website, Hospital Compare.

n Starting in 2011, federal payments for Medicaid services related to hospital-acquired conditions will be prohibited. Beginning in 2015, hospitals that land in the quartile with the highest rates of these hospital-acquired conditions will have their Medicare payments reduced by 1%.

n The new reform law will reward providers not just for reporting, but for achieving, benchmark levels of performance on these care standards, to be set by the Secretary of Health and Human Services (HHS). Starting in October 2012, hospitals that meet or exceed the designated perfor-mance standards will receive enhanced Medicare payments, taken from a pool of money collected from all hospitals. These process-of-care measures were designed to be achievable—the ultimate goal for all hospitals should be 100% performance.

Quality improvement takes on new importance in health care organizations ...continued from page 25


28

TitleBy: Line


n Medicare payments will be reduced for potentially preventable readmissions for certain eligible conditions or procedures, as determined by the HHS secretary, that are high volume or high expenditure.

n The law also provides resources for the development and advancement of quality measures.

n Comparative effectiveness research could improve patient safety by further-ing research into the most reliable and effective clinical processes, which in turn could reduce treatment complications and hospitalizations and lower spending on unnecessary or inappropriate care.

n The 2009 stimulus act is providing $19 billion in incentive payments to encour-age providers to make “meaningful use” of health information technology. This could enhance patient safety by encouraging providers to use decision support tools, automated reminders and alerts, and other safety protocols.

Reimbursement changes

Proposed Revisions to the Inpatient Prospective Payment SystemIn the 2010 Inpatient Prospective Payment System (IPPS) Proposed Rule, CMS has included the addition of ten new quality measures about which hospitals would need to report in order to receive full reimburse-ment for 2012.10

The proposed rule adds eight categories of hospital-acquired conditions that are current-ly listed by the CMS as grounds for nonpay-ment. If the rule is finalized, hospitals will be required to begin reporting on:q Incidences of foreign objects retained after

surgeryq Air embolismsq Blood incompatibilityq Stage III and stage IV pressure ulcersq Falls and trauma

q Vascular catheter-associated infectionsq Catheter-associated urinary tract

infections, andq Manifestations of poor glycemic control

CMS also proposed adding reporting requirements for two more patient safety indicators: postoperative respiratory failure and postoperative pulmonary embolism or deep vein thrombosis.

Hospitals would be required to begin reporting on all 10 of these measures on Jan. 1, 2011, for use in determining the annual payment update for 2012. CMS also proposed another 35 quality measures that hospitals would also be required to begin reporting on in January 2011, but those measures would not be used in determining full reimbursement until 2013. Addition-ally, CMS proposed four more measures, including immunizations for pneumonia and influenza, which hospitals would need to begin reporting on Jan. 1, 2012, for use in determining payment for 2014.

Other payers

Various government and health insurance payers have begun to deny payment for osten-sibly avoidable conditions that have collec-tively become known as “never events.” CMS issued a State Medicaid Director (SMD)11 letter advising that when Medicare does not pay a hospital the higher MS-DRG amount because of an HAC, state Medicaid agencies can coordinate with CMS to similarly avoid payment liability. The letter goes on to say, “A State wishing to avoid Medicaid payment liability on HACs may do so by including a general statement in its section 4.19A of the Medicaid State plan governing inpatient hospital reimbursement indicating the State’s payment policy in such circumstances.” That is, indeed, what New york State has done with its “never events” policy announcement 14

that it would deny reimbursement on “never events” beginning October 1, 2008. Not only has New york Medicaid coordinated with CMS, it has “upped the ante” to include three more “never events” than CMS’ eleven.12 Massachusetts is applying a similar policy across all of its state agencies involved in purchasing of health care services, which include the Office of Medicaid, the Group Insurance Commission, the insurers who are covering care through the Commonwealth Health Insurance Connector Authority, and the Department of Correction.13,14 It is self-evident, then, that state Medicaid plans can set their own policies.

Maine law prohibits a hospital or other facil-ity from charging a patient or the patient’s insurer for never events or the treatments needed to correct them. The legislation lists 28 such events, including operating on the wrong body part or patient, leaving an object behind in a patient’s body or contracting hospital-acquired infections. Facilities must inform patients of this policy.

Cigna, WellPoint, Aetna, and the Blue Cross and Blue Shield Association, among an ever-increasing list of others, announced that they will no longer reimburse providers for certain never events. Cigna’s payment policy directive may well be the model for the payment poli-cies of the other per diem payers.15 Cigna’s directive announced that effective October 1, 2008 Cigna

…will review admissions with identifi-able Never Events and Avoidable Hospital Conditions. If it is determined there were additional hospital inpatient days…which directly and exclusively resulted from an Avoidable Hospital Condition (not pres-ent on admission) [emphasis supplied], reimbursement for such additional inpatient days may be denied…These


29


reimbursement denials will not apply to hospital admissions in which the Avoidable Hospital Condition was present on admission, or where another secondary diagnosis is a major complication/comor-bidity (MCC)/complication/comorbidity (CC) in addition to the POA diagnosis, and potentially impacted the Avoidable Hospital Condition.16

It is logical to ask, if a Medicare patient suffers a never event at one hospital and is subse-quently admitted to a second hospital to repair the never event, how would each hospital be reimbursed? It is certain that the second admitting hospital would be reimbursed as if the patient were a new admission, assigned a present on admission (POA) indicator based upon conditions that developed prior to admission, and paid in accordance with the Medicare reimbursement policy discussed above. We assume that the first hospital would also be reimbursed in accordance with the outlined Medicare policy and, if the HAC were the sole complication or comorbidity that resulted in a higher DRG assignment, the hospital would have been reimbursed at the lower DRG level. We do not know at this point in time if there would be any reim-bursement recoupment made by the hospital where the patient suffered the never event.

The Cigna policy directive has several points of significance. First, the reimbursement implications on per diem payments can be more severe than those on case-based pay-ments. Medicare’s case-based IPPS reimburse-ment depends upon the MS-DRG to which the case is assigned. Certain secondary diagnoses can push the patient into an MS-DRG with a higher associated payment. Under the new rule, Medicare will not pay the higher MS-DRG if it results from a sec-ondary diagnosis that was acquired during the hospitalization and is on their list of HACs.

However, if there is also another secondary diagnosis that would classify the patient into the higher MS-DRG, Medicare will pay the higher rate. In addition, Medicare’s outlier payment system still applies to a stay that becomes extremely costly.

With per diem payments under the Cigna directive, payment for entire days’ stays can be denied. The phrase “If it is determined there were additional hospital inpatient days at a participating provider facility which directly and exclusively resulted from an avoidable hospital condition (not present on admission)” presents several questions, among them are: How will the term “directly and exclusively“ be defined? Who will be respon-sible for determining which cases meet the definition and what are their qualifications to do so? Will there be an appeals mechanism so hospitals can challenge these determina-tions and, if so, who will hear those appeals?

The Cigna directive goes on to say:

These reimbursement denials will not apply to hospital admissions in which the avoidable hospital condition was present on admission, or where another secondary diagnosis is a major complication/comor-bidity (MCC)/complication/comorbidity (CC) in addition to the POA diagnosis, and potentially impacted the avoidable hospital condition.

Obviously, the “present on admission” indica-tor takes on added importance. The evalua-tion of the incoming patient must be accurate and accurately reported and translated to the medical record.

The questions arise: Who determines if another secondary diagnosis is a MCC/CC in addition to the POA diagnosis, and potentially impacted the avoidable hospital

condition? How will that determination be made and how will it be determined how many additional days were required to treat the hospital-acquired condition? To be certain, there are many questions for which answers are yet to be determined and others yet to come.

Transparency and disclosures

Not to be lost in this discussion is the issue of transparency (i.e., disclosing adverse events/outcomes to patients and the growing expectation that health care practitioners or systems disclose unanticipated outcomes to patients and family members). Many ques-tions remain to be answered about disclosure, including: n How to disclose n Medical and legal implications of disclosure n Institutional disclosure support system n Education for health care workers n “Just in time” coaching, andn Emotional support for patient, families,

health care workers

Improving patient safetyFirst, hospitals must create and promote a culture of patient safety. An essential element of a culture of safety is adopting a non-punitive policy for reporting potential and actual errors. Clinical psychologist James Reason,16 who has influenced modern conceptions of human error and medical errors, describes a safety culture as having the following characteristics:1. It is informed. There is an organization-

wide understanding of the technical, or-ganizational, environmental, and human factors that increase the risk of error.

2. It is just. Staff members are unafraid to report safety problems and errors.

3. It values reporting. The importance of accurate data is understood; therefore error reporting is rewarded.

4. It is flexible. Frontline staff members are em-powered to remedy immediate safety risks.


30

TitleBy: Line


5. It values learning. Staff members learn from their safety data and act to make improvements.

Among the other steps hospitals should take are:n Identify and learn from error analysis;n Conduct surveys to target, measure, and

understand caregiver attitudes about safety, and to identify areas of weakness;

n Perform medical records reviews to detect latent and active errors;

n Implement a system-focused strategy to address medication safety and errors in the organization;

n Perform root cause analyses (RCAs) to investigate and analyze incidents;

n Perform failure modes and effects analyses (FMEAs) to identify processes that are most in need of change;

n Engage and educate the board, CEO, administrators, and nursing and medical directors in safety efforts.

n Perform executive walk rounds;n Encourage use of the toll-free centralized

hospital complaint hotline;n Identify system weaknesses and undertake

corrective actions;n Identify trends and best practices, lessons

learned; andn Perform meaningful audits.

Final thoughts

Although this article has been written with a primary focus on hospitals, it is important for providers in all areas of health care to note that the quality provisions of PPACA address improving quality and health care system performance. It is evident, then, that all providers throughout the spectrum of health care services must take steps to improve patient safety.

The implications of quality improvement initiatives, both clinically and financially, are dynamic, but are certain to be significant. Regulations have yet to be written, payment methodologies have yet to be developed, organizations have yet to be formed, reactions by providers and payers have yet to be formu-lated. We do know, however, that the health reform legislation will introduce a range of payment and delivery system changes designed to achieve a significant slowing of health care cost growth. Current estimates are that, on net, the combination of provisions in the new law will reduce health care spending by $590 billion over 2010–2019 and the annual growth rate in national health expenditures could be slowed from 6.3% to 5.7%.17

As we stated at the outset of this article, improving quality of care could be the key to your hospital’s survival and it is imperative that you take the necessary actions to ensure your facility’s financial integrity. We will continue to monitor the evolution of the health reform law and will report as impor-tant developments occur. n

1. HealthGrades: The Eleventh Annual Hospital Quality in America Study, October 2008. Available at http://www.healthgrades.com/media/dms/pdf/HealthGradesEleventhAnnualHospitalQualityStudy2008.pdf.

2. Healthcare Financial Management Association CT Scanner: Summary of Healthcare Reform Legislation. April 2010.

3. Stinneford, M. Kate: “Never say Never Events.” Compliance Today, Health Care Compliance Association, September, 2008.

4. Centers for Medicare & Medicaid Services. Hospital-Acquired Condi-tions and Present on Admission Indicator Reporting Listening Session. December 17, 2007. CMS Office of Public Affairs: CMS Improves Patient Safety For Medicare And Medicaid By Addressing Never Events. August 04, 2008.

5. Healthcare Financial Management Association: Revenue Opportunities in the Reform Law. April 20, 2010.

6. Healthcare Quality Improvement Briefings: HMC Study Shows Quality Problems Impact Overhead Costs Too. December 2007

7. Arizona Hospital and Healthcare Association: Business Case for Ventilator Associated Pneumonia. November 2005

8. Agency for Healthcare Research and Quality: Reducing and Preventing Adverse Drug Events To Decrease Hospital Costs. AHRQ Publication Number 01-0020, March 2001

9. Healthcare Financial Management Association: The Business Case for Medication Safety. February 2004.

10. Updates available at https://www.cms.gov/AcuteInpatientPPS/10FR/list.asp

11. Center for Medicaid and State Operations, SMDL #08-004, July 31, 2008.

12. The Commonwealth Fund: Safe, Reliable Health Care Systems: Will Health Reform Legislation Help Get Us There? April 2010

13. The Commonwealth Fund: The Impact of Health Reform on Health System Spending. May 2010.

14. National Conference of State Legislatures: “Never Events” Become Ever Present as More States Refuse to Pay for Mistakes. July 7, 2008

15. Modern Healthcare’s Daily Dose: Cigna discontinues medical error reimbursement. April 17, 2008.

16. James Reason: Managing the Risks of Organizational Accidents. 1997, Ashgate Publishing

17. The Commonwealth Fund: The Impact of Health Reform on Health System Spending. May 21, 2010.

On the Move PeoplePeopleReceived a Promotion?

New Hire in your Department?Send your job change information to: [email protected]

Cindy Johnston Promoted

Cindy Johnston was recently promoted to Senior Compli-ance Specialist on the Providence WA/MT Region Integrity, Compliance and Audit Services (ICAS) team. She is a Certified Procedural Coder (CPC), is Certified in Healthcare Compliance (CHC) and also holds a certification as a Corporate Compliance & Ethics Professional (CCEP).

Need a quick and cost-effective way to earn CEU credits?

Want the latest news on breaking issues and best practices?

All of this from the convenience of your own office?

Try one of HCCA’s upcoming Web Conferences, and earn 1.2 CEU credits.It doesn’t get any easier.

learn more about upcoming web conferences and register at

www.hcca-info.org/webconferences

TryWebConf_quarterpage_CTad.indd 1 7/8/2010 9:15:55 AM


31


Editor’s note: Michael A. Dowell is a Partner and member of the Health Care Law Group in the Los Angeles office of Hinshaw & Culbertson, LLP. Mr. Dowell counsels hospitals and health systems, managed care plans, governmental entities, and physician organizations on a wide variety of regulatory compliance issues, including anti-kickback, false claims, and whistleblower allegations. He can be reached at [email protected].

H ealth care organizations face a daunting array of statutes and regulations, including the False Claims Act, federal and state anti-kickback statutes, self-referral prohibition, fraud

and abuse laws, federal and state privacy and security laws including the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security requirements, corporate practice of medicine prohibitions, and licensing laws. In order to comply with these laws, most health care organizations have adopted compliance programs designed in accordance with the standards for an “effective” compli-ance program under the Federal Sentencing Guidelines (FSG).

The United States Sentencing Commission’s (USSC’s) recent amend-ments to its FSG Manual will have significant implications for health care organizations that are seeking to obtain leniency based on the maintenance of effective compliance programs. The amendments make important changes to the construct of an “effective” compliance pro-gram, focusing on: (1) board reporting relationships of the compliance officer; and (2) actions health care organizations should take following detection of criminal conduct. Unless overturned by Congress, the new amendments take effect on November 1, 2010.

The FSG requirements

The United States Sentencing Commission was organized in 1985 to develop a national sentencing policy for the courts. The FSG were developed to structure the courts’ sentencing discretion to help ensure that similar offenders who committed similar offenses would receive

similar sentences. The FSG are only advisory and courts are not bound by them; however, courts must take the FSG into account when sentencing, and a sentence within the Guidelines’ recommended range is presumptively valid.

Chapter Eight of the FSG sets forth the procedures for sentenc-ing organization defendants and includes detailed instructions for determining: (1) how an organization should structure its compliance programs to receive credit at sentencing1; (2) how to determine the amount of the organization’s criminal fine2; and (3) the conditions under which it would be appropriate to sentence an organization to a term of probation.3 The recent amendments change aspects of each of the referenced sections of the FSG.

Section 8C of the FSG assigns a culpability score to the organiza-tion based on the size of the company, management level within the company at which the crime took place, and the effectiveness of the compliance program. Under the Guidelines, an organization’s culpabil-ity score is lowered significantly if it has an “effective” compliance program, as defined in the FSG. The Guidelines provide the frame-work for the imposition of criminal punishment—and, as a practical matter, often guide the government and parties in discussions about resolving criminal investigations.

For example, the Justice Department’s corporate charging policies and principles of federal prosecution (both outlined in the U.S. Attorneys’ Manual) instruct federal prosecutors to consider the FSG in decid-ing whether to charge a corporation and which charges to select.4 Three of the nine corporate charging principles set forth in the U.S. Attorneys’ Manual focus on compliance programs. In fact, the manual specifically instructs prosecutors to ask the following questions:n Is the corporation’s compliance program well designed?

focusfeature

New Federal Sentencing Guidelines requirements for an effective compliance program

By Michael A. Dowell, Esq.


32

TitleBy: Line

New Federal Sentencing Guidelines requirements for an effective compliance program ...continued from page 31

n Is the program being applied earnestly and in good faith?n Does the corporation’s compliance program work?5

Currently—that is, before the just-proposed FSG amendments go into effect in November—the Guidelines provide that an effective compli-ance program shall meet the criteria set forth below:

To have an effective compliance and ethics program … an organiza-tion shall: (a) exercise due diligence to prevent and detect criminal conduct; and (b) otherwise promote an organizational culture that encourages ethical conduct and a commitment to compliance with the law.6

To achieve this result, the FSG encourage affirmative measures, such as the conduct of due diligence, reasonable oversight by the organization’s governing authority, delegation of compliance responsibilities to specific individuals who have day-to-day operational responsibility for the com-pliance program, effective training programs, and auditing.7 The FSG further “minimally require” that organizations take the following seven steps to establish an “effective” compliance program:1. Establish standards and procedures to prevent and detect criminal

conduct.2. Governing authority (the board of directors) should be knowledge-

able about the context and operation of the compliance program, and should exercise reasonable oversight with respect to the com-pliance program.

3. Take reasonable efforts to exclude from substantial authority per-sonnel any individual that it knew, or should have known through the exercise of due diligence, has engaged in illegal activities or other conduct inconsistent with an effective compliance program.

4. Take reasonable steps to communicate periodically and in a practi-cal manner to its workforce its standards and procedures and other aspects of the program by conducting effective training programs and disseminating information appropriate to the respective roles/responsibilities of individuals.

5. Take reasonable steps to ensure that the program is followed, including monitoring and auditing to evaluate the effectiveness of the programs, and to detect criminal conduct, and have and pub-licize a system for the workforce to anonymously or confidentially seek guidance regarding potential criminal conduct without fear of retaliation.

6. Promote and enforce the program consistently through appropri-ate incentives to comply, and through appropriate disciplinary measures for engaging in criminal conduct and for failing to take reasonable steps to prevent or detect criminal conduct.

7. After criminal conduct has been detected, take reasonable steps to respond appropriately to the criminal conduct and to prevent further similar criminal conduct, including making any necessary modifications to the compliance program.8

A health care organization that has properly adopted and implemented the seven features noted above has a greater chance of demonstrating that is has established a compliance program which will be deemed “effective” for the purposes of the FSG and will likely reduce its penal-ties in the event of a conviction. Leniency could mean lower fines and penalties or deferred prosecution in which governmental authorities agree to dismiss charges in exchange for certain actions by the health care organization, such as implementing a Corporate Integrity Agree-ment to prevent future wrongdoing.

Direct reporting structure for compliance officers

Generally, a health care organization receives no credit for maintaining an effective compliance program if members of senior management were found to be involved with, condoned, or were willfully ignorant of the criminal activity. The new amendments create an important exception to this general rule if: (1) the compliance officer has a “direct reporting obligation” to the board or a subgroup of the board (e.g., the Compliance or Audit Committee); (2) the compliance program detected the criminal conduct before it was discovered or was reason-ably likely to be discovered by regulators or other persons outside of the organization; (3) the organization promptly reported the offense to the federal government; and (4) no corporate compliance officers were involved with, condoned, or were willfully ignorant of the criminal offense.9

A “direct reporting obligation” is defined as one which provides the compliance officer with express authority to communicate personally with the board promptly on any matter involving criminal or potential criminal conduct, and no less than annually on the implementation and effectiveness of the organization’s compliance plan.10

The new amendment demonstrates that the government considers a “direct report” requirement an important element of a compliance program and will consider its existence when deciding whether to charge organizations in criminal cases or pursue them in civil cases (including those involving breach of fiduciary duty).

Remedial steps for compliance credit

The amendments would also require organizations to take steps to remedy the harm caused by violations, including making restitution to


33


identified victims. The amendment sets up two phases of remediation required in order to receive credit. First, a health care organization must make reasonable efforts to remedy the harm that has taken place and, second, the health care organization must revise its compliance program to prevent similar criminal conduct in the future.

To remedy the harm, the amendment states that a health care organization should take “reasonable steps, as warranted under the circumstances, to remedy the harm resulting from the criminal conduct.” According to the USSC, this “may include, where appropri-ate, providing restitution to identifiable victims, as well as other forms of remediation.”6 The Commission adopted this permissive language in response to concerns raised in the written comments that restitu-tion may not always be appropriate, even when there are identifiable victims—such as when restitution might operate as an admission in a parallel proceeding. The amendment further notes that “[o]ther appro-priate [remediation] responses may include self-reporting, cooperation with authorities, and other forms of remediation.”11

Further, the health care organization should respond appropriately to the criminal conduct and prevent further similar misconduct by making any necessary modifications to the organization’s compliance program and retraining staff with regard thereto. A health care orga-nization may also decide to retain an independent monitor to ensure adequate implementation of such modifications. This amendment is important because it clarifies steps that health care organizations should take after detecting criminal conduct in order to remedy the resulting harm and to prevent future criminal conduct.

Use of outside advisors

The USSC had initially proposed changes that would have increased the use of independent monitors. In response to concerns regarding the potential overuse of monitors, the Commission adopted language stating that the steps an organization takes to prevent future similar criminal conduct “may include the use of an outside professional advisor to ensure adequate assessment and implementation of any modifications [to the compliance and ethics program].”12

In determining when to seek independent advisor review of compliance program modifications, health care organizations should consider: (1) the severity of the compliance violation; (2) the level and number of personnel allegedly involved in the wrongdoing; (3) the magnitude and complexity of the recently imposed compliance program revisions, and whether an outside advisor would add related expertise; and (4) the extent to which the health care organization anticipates staff resistance

to proposed compliance program modifications, and whether or not an independent advisors may be helpful in ensuring implementation.

Conclusion and recommendations

The new amendments highlight the importance of comprehensive and effective compliance programs, and provide written guidance on how to structure compliance programs to favorably affect sentencing decisions. The amendments provide a clear indication that govern-ment regulators consider a “direct report” requirement an important element of a compliance program and will consider its existence when deciding whether to charge health care organizations in criminal or civil cases. The amendments also reflect what the USSC considers to be an appropriate organizational response, once criminal conduct has been detected.

A health care organization can consider a number of practical steps if it decides to structure its compliance program to be consistent with the recent FSG amendments:

n Consider modifications to your compliance officer organiza-tional reporting structure.

In light of the new amendment, health care organizations should re-examine and, if necessary, redefine the role of the compliance officer with respect to board access and reporting relationships, as well as the most appropriate degree of coordination between the compliance officer and other key senior executives. In order to receive favorable consideration, the compliance officer must promptly report allega-tions and must give regular reports directly to the board of directors. A health care organization in which the compliance officer reports to the general counsel or to a corporate officer, rather than the board or a committee of the board will be considered an ineffective structure under the new Guidelines.

n Document the compliance officer reporting structure and duties. Document the compliance officer’s authority to bring matters to the attention of the board or applicable board committee in the compli-ance program policies and procedures and in the compliance officer’s job description.

n Educate the board of directors and define the board’s role in compliance.

The board should be briefed on the implications of the new amend-ments to the FSG. It is also important to define the board’s role in compliance, and to identify a board member or board committee as


34

TitleBy: Line


35



36

Editor’s note: Maria B.J. Chun is Associate Chair, Administration and Finance at the University of Hawaii, Department of Surgery in Honolulu. She may be contacted by telephone at 808/586-2925 or by e-mail at [email protected].

A s with health care administration, compliance is also a critical com-ponent of research administration.

A quick Google© search of the term “health care compliance” yielded 15.2 million results, with “research compliance” following closely behind with 10.3 million results. Much of the work of research administrators, whose responsibility is to oversee the administrative aspects of extramural funding (commonly referred to as grant funding), involves ensur-ing that all relevant guidelines are identified, comprehended, followed, and enforced. To provide an example of the importance of research compliance, one need only refer-ence the Web page of the Division of Grants Compliance and Oversight (DGCO) in the Office of Policy for Extramural Research Administration (OPERA), Office of Extramural Research (OER), at the National Institutes of Health (NIH), which delineates compliance requirements and resources for recipients of federal grant funds.1

Navigating the compliance waters is no simple task for a research administrator. Rules are constantly added and amended, and sometimes their interpretation is not

necessarily straightforward. There are also reams of forms and layers of review to contend with, from both the granting and grant recipient’s institution or agency. But, potentially one of the most challenging aspects of research administration is explain-ing these requirements to the person who is ultimately accountable if there are any viola-tions: the principal investigator (PI). If there is a communication breakdown between the research administrator and the PI, a “battle” of sorts can ensue. The research administrator may express frustration that the PI refuses to follow the rules and cannot imagine that the PI cannot complete the forms correctly. And, the PI may feel stymied, wondering why he or she is faced with mounds of what may appear to be mindless paperwork, which interferes with actually conducting the research. Compliance requirements, particularly those issued by the federal government, will only continue to grow. Recent legislation, such as the American Recovery and Reinvestment Act, is focused on ferreting out fraud and abuse. Therefore, a positive working relation-ship between the research administrator and the PI is critical.

In my position as a faculty administrator in a university Surgery department, I have the opportunity to wear both the research administrator and the PI hats. I have experienced the frustrations of overseeing the paperwork processing and actually having to complete the paperwork—I have empathy for

both sides. Focusing on what typically occurs at a university department level during the pre-award process (i.e. everything that occurs prior to the receipt of grant funds, which is referred to as the post-award process), the goal of this article is to enhance research com-pliance efforts by first providing a glimpse into each side’s perspective. Additionally, tips on how to maintain a positive and collabora-tive relationship are discussed.

Research compliance: The research

administrator’s perspective

A visit to the websites of the Society of Research Administrators International (SRA International) and the National Council of University Research Administrators (NCURA) provides a glimpse into the complexity of the job duties of a research administrator. Research has even been conducted on the stresses of the job.2 The stress has been attributed to such factors as tight deadlines, the sometimes unpredictable nature of the job, and the multiple job duties of most research adminis-trators. Particularly at a departmental level, and usually due to limited resources, one person is responsible for all administrative duties. In a clinical department at a medical school, this can involve oversight and paperwork processing for grants, contracts and procure-ment, faculty practice plan matters, general human resources, various fiscal duties (e.g., budgeting, tracking expenditures), and even engaging in fundraising/philanthropy.3 And, in some instances, the administrator has received little formal training on how to handle this diverse set of duties. And, even more commonly, not many department-level administrators have been PIs on research projects, and may not necessarily understand the relationship between the paperwork and the research itself.

Given the typical tasks of research administra-tors, it is not surprising that when it comes to

Empathic research compliance: The

research admin and PI perspectives

By Maria B.J. Chun, PhD, CHC


37



research compliance, the research administra-tor is focused on one thing: Getting that paperwork done correctly, which includes completing it by the specified deadline. But, this very goal can be a source of much stress and conflict. Grant applications typically originate from a department level and face layers of review. On a most basic level, signatures are needed from the PI, depart-ment chair, then likely several central offices (grants development, fiscal), and then onto the university-wide system oversight office. In order for deadlines to be met, PIs need to cooperate. PIs do not always submit their grant applications/proposals in a timely manner. In fact, if given a deadline, some may choose to work up until the very end. And to make matters worse, the required paperwork that accompanies the applications/proposals may be incomplete, questions may not be answered correctly, or the PI may be attempt-ing to commit (more than likely unknowingly or inadvertently) a compliance violation.

Because many departmental research administrators are often short-staffed and mired with multiple duties, they lack the time to sit with the PI and explain why a form is needed and why a certain individual/entity needs to review it. In some cases, departmental research administrators may expect the PI to know what to do. For example, I developed what I thought was a very simple and straightforward departmental grants administration manual, designed from the PIs’ perspective, providing them with an understanding of the research processes and the entities involved.4 However, I do not know why I was surprised that none of them read it. I have come to appreciate that the PIs, even if they had an interest, are busy and simply lack the time. Therefore, although it is helpful to have the manual to memorialize the process, I now emphasize to PIs that this is a reference tool. I now meet with them on

an individual basis to get an understanding of their project and how I can assist them. This leads us to a discussion of the PI’s perspective on research compliance.

Research compliance: The principal

investigator’s perspective

The above discussion regarding research administrators’ perspectives can be mirrored on the PI side. Unless a faculty member is a dedicated researcher, most times they too, wear multiple hats. For an MD on the faculty, in addition to the standard teaching, research, and service, most engage in clinical activities (i.e., see patients). Tasks related to these duties may involve preparing course materials for classes, typing up medical notes, coding for services rendered, and writing up research manuscripts and proposals for grant funding. If they sit on committees or boards, they are required to attend meetings. Therefore, it is not surprising that completing grants application paperwork is likely the last item on their to-do lists. When it comes to research compliance, PIs are likely focused on one thing: conducting their research, which is the reason why they applied for the grant funding in the first place.

Just as many research administrators lack PI experience, not many PIs have served as research administrators. Therefore, PIs may wonder why there are so many forms to complete, with questions that often appear to defy logic or are repetitive. They may also be puzzled as to how someone without any knowledge of the substance or content of their work could possibly be assisting them with their grant proposal. And, they may question why the administrator cannot just complete the paperwork and have them sign off. Finally, one of the biggest frustrations is likely hearing the research administrator’s favorite word: No.

Given the above, simply stating that the paperwork is required and you will get into trouble if you don’t do it, is not an adequate justification. you need to explain to the PI, in a concise and clear manner, about the compliance implications. This can be done in a collaborative and even “fun” manner. An example of such a positive approach is presented below.

Maintaining a positive and collaborative

relationship

A grants administrator, Brigette Pfister, at Clemson University put together a presen-tation entitled: Perception is Everything! Customer Satisfaction in Research Administration,5 which provided information on her initiative to improve the relation-ship between research administration and PIs. The rationale for the project was that customer service would serve as the focus for the research administrators at her institu-tion. Based on her research, Pfister focused on three areas impacting the relationship between research administrators and PIs: n Process consistency n Paperwork burden, and n Enforcement focus

Some examples of how Pfister addressed the PI concerns are:n streamlining the submission process

by utilizing one e-mail address for submissions;

n developing a queue system; and n providing standard lead-time requirements

for all proposals, with the emphasis that the more lead time the research adminis-trator is given, the more services the PI can receive.

Pfister also started initiatives to get to know the PIs better by visiting them at their labs, inviting them to lunch, and basically getting


38

TitleBy: Line

Empathic research compliance: The research admin and PI perspectives ...continued from page 37

to know what they do. She also emphasized wording bad news in a positive manner and letting them get to know her as a person, as opposed to the “enforcement police.”

The above suggestions provide the perspec-tive of how research administrators can be more empathetic toward PIs by utilizing a “customer service” approach. However, I also believe that the PIs should take the time to understand the role of the research administrator and do their best to assist them with completing paperwork properly and in a timely manner. When I have my PI hat on, my first step is to notify the relevant entities of my intent to submit a grant proposal. I then ask to meet with the research administrative staff and explain what my project is about, so they can understand its purpose and objectives. No matter the topic, it can always be boiled down to very general language so that any lay person can understand it. Because the goal of research is the production and dissemination of knowledge, this is a good place for the PI to start. In other words, if you can explain your project to the research administrator in a clear manner, it will probably help you with writing up your proposal.

Also, more critically from a compliance per-spective, this approach may help to identify which forms will be needed for your project. For example, if you are including human subjects, you will need to obtain approval from an institutional review board (IRB). Or, if you are doing work with biohazard waste, you will need clearance from the appropriate offices. Informing the research administrators of all these factors up front will save a lot of time and pain. Quite often, the research administrators only learn of these needs a few weeks or even a few days prior to the

submission deadline for the grant proposal. The inability to obtain the required approvals and send the paperwork through the review processes may not be done in time to make the granting institution’s deadline.

Although it may seem mind-numbing and pain-ful, take the time to review the forms and what you are completing. Ask the research admin-istrator to help walk you through the form and what each line means. And, if something makes absolutely no sense, I would bring it up as a concern to the appropriate party, possibly the research administrator’s supervisor. Quite possibly, the form can be revised or altered in the future to make the process more painless.

What I also have found helpful is sending drafts of the strictly administrative parts of my proposal for review, so I could obtain feedback. For example, I ask the research administrator to assist me with reviewing the project budget. And, if they have the time and interest, you can encourage them to review the substantive aspects of the proposal. I have done this in the past, and it helped to familiarize the research administrator with my work. Now, whenever I submit a related proposal, the research administrator knows which forms are required and approvals are needed.

Conclusion

Do I actually expect the typical PI to take the initiative to do the above? Actually, no; so, sorry research administrators, the burden

may likely be on you. To enhance research compliance at your institution, you can take the initiative to do the following:1. Send a reminder to potential PIs to

inform you of any intent to submit a proposal.

2. Once the PIs have a general idea, ask them to sit down with you and explain their project, its purpose, general objec-tives/hypotheses, and the needs related to carrying out the project (e.g., personnel, equipment).

3. Go over each form and why it needs to be completed.

4. In addition to any manuals that can be used for future reference, provide

them with Web links and access to resources. 5. Invite PIs to research adminis-tration training. Many institutions provide such training. For example, at my institution, our Office of Research Services provides an in-troduction to the process via a Web presentation.6. Ensure that you keep current

with any changes from both the fund-ing agencies you typically deal with, the federal grants oversight bodies, and with your institution’s internal policies and procedures.

These steps can contribute to a positive research compliance environment for both the research administrator and the principal investigator. n

1. Available at http://grants.nih.gov/grants/compliance/compliance.htm. Accessed April 28, 2010.

2. Shambrook, J. & Minter, O: Results from the 2007 Research Admin-istrator Stress Perception Surgery (RASPers). Research Management Review, 2007;15(2):41-52.

3. Chun, MBJ: Defining the role of the practice administrator in academic medicine. APA Matrix, 2009;23(2):1-3.

4. Available at http://jabsom.hawaii.edu/JABSOM/departments/OFAA/doc/UHDeptOfSurgeryGrantsAdminManual.pdf. Ac-cessed April 29, 2010.

5. Pfister, BS: Perception is Everything! Customer Satisfaction in Research Administration. Available at http://www.ncuraregioniii.com/Hand-outs/2010/Perception_is_everything.pdf. Accessed April 28, 2010.

If you can explain your project to the research

administrator in a clear manner, it will probably help

you with writing up your proposal.


39


A recipe to start out right as a

compliance officerBy Emilie Rayman

Editor’s note: Emilie Rayman is General Counsel and Chief Compliance Officer for Community Memorial Health System located in Ventura, California. Ms. Rayman may be contacted by e-mail at [email protected].

Where a new compliance officer begins depends upon the person and the organization that hires

him or her. Notwithstanding the many vari-ables in how a compliance officer approaches the creation and implementation of a com-pliance program, I believe there is a recipe to achieve success. What follows is a generic checklist of ingredients and techniques for developing as a compliance officer, infused with some of my personal experiences. As with any recipe, there is plenty of room for creativ-ity and, in the end, compliance officers will do what feels right to them for their organization.

When I was new to the organization, my first step was to familiarize myself with all the departments and their work processes. For example, don’t assume that all facility labora-tories operate the same way. Every facility has a little different procedure to accomplish the same goal, and these are the differences that you need to understand for your facility. An example might be that your laboratory does all its own charge auditing, while another will leave it to Internal Audit, while still another will have an outside audit firm complete its audits.

Once I felt comfortable with the organization as a whole, I began an initial risk assessment using the Health and Human Services Office of Inspector General’s (OIG) seven essential ele-ments of a compliance program1,2 as a baseline, followed by implementation of the guidelines.

The OIG seven essential elements

1. Implement written policies and proce-dures that foster an institutional commit-ment to stewardship and compliance.

2. Designate a compliance officer and Com-pliance Committee.

3. Conduct effective training and education.4. Develop effective lines of communication.5. Conduct internal monitoring and auditing.6. Enforce standards through well-publicized

disciplinary guidelines.7. Respond promptly to detected problems:

undertake appropriate corrective action and report to the appropriate federal agency.

Written policies and proceduresWritten policies and procedures are a base ingredient that lays the foundation for what your organization will do in certain situations and is the reference that people will go to for information. your policies and procedures guide employees down the right path. That being said, the employees need to know that the rules exist, so distribution of and educa-tion on these policies and procedures are key principles to successful implementation.

Okay, so now you are committed to writing the policies and procedures, but you don’t know where to begin. Many large health systems publish their policies and procedures on their websites, so go to these sites and read what they have put into place. you will get a sense of what policies and procedures need to be written for your organization. However, don’t just copy what others have done. Because these docu-ments are going to affect many departments and employees, it is best not to write in a vacuum.

So, even though you might create the first draft of the policy and procedure alone, gather a group of people who will be affected by this document to assist you in producing the final draft.

Once the final draft is produced, the organi-zation’s governing body (typically its board of directors) must approve and ratify the policies and procedures. This is because your policies and procedures affect the entire organization and, if you want everyone in the organization to be personally responsible for following them, then individuals need to appreciate that adoption has to come from the top. Remem-ber that every time you change or modify one of these policies and procedures, you must follow the same approval process.

Compliance officer and committeeDesignation of a compliance officer and Compliance Committee is important part of implementing the program. Behind every successful recipe is a capable head chef supported by a team to assist in creating that perfect dish. Similarly, an effective compli-ance program needs someone to lead the way and a crew or committee to manage it.

The compliance officer needs to first create an operational Compliance Committee, which should be representative of all departments of the organization. (This internal Compli-ance Committee is different from the board Audit and Compliance Committee to whom the compliance officer reports.) The first few committee meetings should be educational, that is, you educating the committee on what a compliance program is and what is expected of them. I started with a committee charter written with the input of the committee. The charter is a formal document that sets forth the mission and goals of the Compliance Committee and, when completed and approved, informed the entire hospital what the purpose of the

101 COMPLIANCECOMPLIANCE


40

TitleBy: Line

A recipe to start out right as a compliance officer ...continued from page 39

Compliance Committee was. Once the charter was completed and we had the buy-in of all the committee members, the charter was sent to the board of directors for ratification and approval. The code of conduct and the annual compliance program should be created by this committee yearly and approved by the board of directors.

Compliance training and educationConducting effective education and training is critical, because the ingredients alone do not make a recipe. Compliance education for the entire staff of an organization is no small task. That being said, by now you should have an entire committee to assist you. What I have found effective is a combination of educational methods: online training, paper documentation and testing, take home DVDs and certification, classroom education, and “train the trainer” for interdepartmental training. No one method for our institution will cover all employees. I do know of some entities that require all employees to take online training and take a very proscrip-tive approach, but I have found in my organiza-tion that not everyone learns in the same way. Because my goal was to change culture, not just to meet the regulation, the proscriptive approach did not work. However, if you are truly faced with a large group of employees and a short amount of time, you may find online training is the only way to reach your goal. I think the best approach is to assess your audience and then to go forward with organizing education.

Each employee in our organization is required to read and sign our code of conduct (created and edited each year by the Compliance Committee) and this becomes the basis for the compliance elements of performance in employee evaluations, along with their educational participation each year.

CommunicationDeveloping effective lines of communication can only enhance the effectiveness of a compliance

program. Make sure your have a way to allow people to communicate with you anonymously, such as a hotline. We chose to have a third party maintain our hotline to accommodate different languages and to insure that reporters did so without fear that anyone would recognize them. To keep communication open, you must foster a feeling of trust with all employees, the feeling that whatever is said or asked of you will not be repeated. This level of trust, in my opinion, takes time and is achieved through being available with an open door policy. Try never to be too busy to talk to an employee, make them feel that they are the most important person you know, and that you respect and value their input.

Conducting internal monitoring and auditing is analogous to checking the oven to make sure the recipe is coming out as expected. Our Compliance Committee creates and monitors the internal monitoring and auditing plan each year. We discuss areas and issues that we want to dig deeper into and assign department audits to be conducted by other departments. We also assign sensitive audits to contract auditors. The Compliance Committee reviews some audit results, but other audits are reported directly to the Audit and Compliance Committee of the board of directors. The deciding factor is the sensitivity of the report. Not all reports are so sensitive that they are conducted under attorney-client privilege, but sensitive in that they might embarrass a department director, and therefore, need to be evaluated only by a board committee. All audit results are reported to the Audit and Compliance Committee of the board and ultimately to the board of directors, where the management responses are evaluated.

Enforce standardsEnforcing standards through well-publicized disciplinary guidelines requires coordination with Human Resources. Polices and proce-dures need to be integrated into the employee handbook as well as the code of conduct, so

that there is never any question as to what action will be taken against the employee for specific infractions. We teach the disciplinary guidelines in initial orientation and reinforce such guidelines each year through education. All disciplinary action policies are reviewed by the Human Resources Committee of the board and are approved and ratified by the board of directors.

Prompt responseRespond promptly to detected problems; under-take corrective action, and report, if necessary, to the appropriate federal agency. If you detect smoke coming out of the oven, that is a sign you have a larger problem. The same principle is in operation with compliance problems in your organization. My rule of thumb is to investigate complaints and problems within 48 hours. Facility privacy breaches must be reported in our state within 5 calendar days, so immediately jumping on a problem is not an issue at our facility. We do an initial investigation, followed by a root-cause analysis, immediately followed by corrective action and reporting. However, not all problems will adhere to the aforementioned rapid process and some must be investigated more thoroughly. Also, before we decide to self-report to the federal government, we consult outside counsel and sometimes have a more in-depth investigation.

I continue to reassess our compliance program and adherence to the seven essential elements in relation to our facility. I believe that our compliance program is a living part of our organization and will continue to change as the organization grows. n

The author wishes to acknowledge and thank Tom Jeffry who assisted in the preparation of this article. Mr. Jeffry is a Partner in the Los Angeles Law Office of Arent Fox LLP.

1 Office of Inspector General Compliance Guidances http://oig.hhs.gov/fraud/complianceguidance.asp

2 Seven Elements were originally adopted from USSC Sentencing Guide-lines for Organizations, available at http://www.ussc.gov/guidelin.htm

To learn more and register, visitwww.internalinvestigations.org

How to Conduct Effective Internal Investigations

A TWO-DAY WORKSHOP

November 11–12, 2010 | Orlando, Florida

A well-conducted internal investigation can help compliance and ethics offi cers quickly fi nd and fi x problems. A poorly conducted one can lead to morale issues, lost faith in the company’s integrity, and even litigation. This intensive educational program will cover the critical components that compliance and ethics offi cers need to know to conduct effective internal investigations. The faculty will be made up of experienced internal investigators and outside experts.

Update Your HIPAA Trainingwith Coastal Training Technologies’ employee training DVDS, newly updated to cover mandates of the Health Information for Economic and Clinical Health (HITECH) Act.

Each video is less than 20 minutes, and comes with 10 participant handbooks to test comprehension.

To order, visit the HCCA website at www.hcca-info.org, or call 888-580-8373.


42

Editor’s note: Ari J. Markenson is Of Counsel with Benesch Friedlander Coplan & Aronoff LLP. He is experienced in counseling various health care industry clients, including providers and payers, and has specific expertise in the representation of post-acute care providers. He may be contacted by telephone in White Plains, New York at 914/682-6822 or by e-mail at [email protected].

An understanding of the rights, obli-gations, and issues in the skilled nursing facility/nursing facility

(SNF/NF) survey process is an essential tool for compliance professionals who work for providers with SNF/NF operations. This article is designed to provide a summary of the issues and can be used as a guide for future reference. What follows is an explana-tion of what a survey is, what a deficiency is, how a provider responds to a deficiency, how a provider can dispute a deficiency, and some practical considerations.

Surveys

Surveys are inspections of a provider to verify whether or not it meets the standards set forth in CMS regulations (42 CFR Part §483, Sub-part B Requirements for Long Term Care Facili-ties). SNF/NFs are subject to a survey at least once every 12 months and at other occasions, such as in response to a complaint. Surveys

are conducted by a survey team employed by a state survey agency (SSA) under contract with the Centers for Medicare and Medicaid Services (CMS); although, in some cases, CMS surveyors can and do conduct surveys.

Statutory and regulatory requirements for the conduct of surveys can be found in 42 USC. §1395i-3, 42 USC§1395r, 42 CFR Part §488 and 42 CFR Part §498. Additionally, CMS policy guidance to state agency surveyors can be found in the CMS State Operations Manual (SOM) and more specifically, in Chapters 2 and 7 and Appendices P, PP, and Q of the SOM.1

Deficiencies

The possible negative result of a survey is the citation of a deficiency, which is a failure of the provider to meet a regulatory requirement. If the survey team has determined that a deficiency exists, they will issue a Form CMS-2567 (or Statement of Deficiencies) within 10 days of the completion of the survey. All deficiencies are classified on the CMS-2567 by their regulatory citation, F-tag reference and a scope and severity rating. The F-tag reference corresponds to the regulatory citation and can be found in the Appendix PP of the SOM.

The scope and severity rating of a deficiency is based upon a grid that can be found in the SOM2 and ranges from an A level to an

L level. The scope of a deficiency relates to a general number of residents affected by the alleged deficient practice. Severity relates to the seriousness of the alleged deficient practice. For example, a deficiency with a scope of “Isolated” and a severity of “No actual harm with poten-tial for minimal harm” represents the lowest level of scope and severity, level A. In contrast, a deficiency with a scope of “Widespread” and a severity of “Immediate jeopardy to resident health or safety” represents the highest level of scope and severity, level L. Deficiencies cited at levels A to C are considered so minor in nature that they do not place a provider out of substantial compliance. The deficient practice(s) identified require correction, but there is no follow up survey to verify the corrective action was taken and effective. Additionally, level A deficiencies do not require the submission of a plan of correction. Deficiencies cited at a level D or higher, do constitute a finding that a provider is not in substantial compliance and trigger the formal survey cycle process discussed below.

If a survey team determines that a deficiency exists, the team will inform the provider at an exit conference and then issue a CMS-2567 within 10 days of the team’s exit from the facility. (In practice, the provider may not get the CMS-2567 exactly in that time frame and it may need to be in touch with the SSA to under-stand when it can expect it.) Once received, the provider’s operations and compliance team should critically evaluate the deficiencies and then start the process for making decisions about how to respond. The next two sections of this article talk about those very issues.

Evaluating a Statement of Deficiencies

The CMS-2567 is a 5-column form that is used almost universally in Medicare and Medicaid surveys. SSAs complete the form after a survey and enter the deficiency informa-tion into the Online Survey and Certification and Reporting System (OSCAR) of CMS.

Skilled nursing facility deficiencies:

Provider rights and practical considerations

By Ari J. Markenson, JD, MPH


43



Provider identifying information is in the header and the substantive deficiency infor-mation is structured across the five columns. From right to left: n Column 1 contains the F-tag citation for

the deficiency cited and the scope and severity rating.

n Column 2 contains the text of the regula-tion at issue and the facts and findings.

n Column 3 is where the provider identifies the F-tag corresponding to the plan of cor-rection it places in Column 4.

n Column 4 is where the provider identifies its plan of correction for each deficiency.

n Column 5 is where the provider identifies the dates by which it will have completed its plan of correction.

When the SSA issues a CMS-2567, only the first two columns will be completed. A critical evaluation of the information is important to an understanding of what the provider must do, as well as what it may do next. Providers often anxiously await the CMS-2567, then jump into defense mode when they receive it. In order to achieve an objective evaluation of the issues, more than one member of the management team should independently read the CMS-2567. The management team should then meet to discuss their impressions, issues, conclusions, etc.

Once the team has taken the opportunity to discuss the issues, it should review of the accuracy of the facts and findings. That review should be an independent investigation and determination of the accuracy of the relation-ship of the facts and findings to the regulatory requirements cited. The team should speak with everyone involved in the survey and any staff member who was interviewed for the survey. This process should be undertaken efficiently by making copies of relevant docu-ments and highlighting relevant information, because this material may become part of a submission to the SSA. This substantiation

process should lead the provider to an under-standing of what, if any, corrections need to be made and what, if any, disputes may exist.

Responding to a Statement of Deficiencies

With an in-depth understanding of the issues at stake, provider staff can start responding to the CMS-2567 via a plan of correction (POC), to the extent one is required. A-level deficiencies don’t require the submission of a POC. Any other level requires a POC to be submitted and approved by the SSA.3

Whether or not the provider believes they have a dispute for any of the deficiencies cited, a POC must be submitted to the SSA within 10 days of receiving the CMS-2567. If the provider needs more time to develop and submit a POC, it needs to contact the SSA and make sure that any agreement to extend the time is memorialized in writing.

Submitting a POC requires the facility to respond to four specific issues. A POC must:n Address how corrective action will be

accomplished for those residents found to have been affected by the deficient practice;

n Address how the provider will identify other residents having the potential to be affected by the same deficient practice;

n Address what measures will be put into place or systemic changes made to ensure that the deficient practice will not recur; and

n Indicate how the provider plans to moni-tor its performance to make sure that solu-tions are sustained.

Responding to each of these elements requires the provider to carefully think through how it can accomplish the corrections it is proposing. Additionally, understanding what can be done with the provider’s human, operational, and financial resources is integral to developing the plan. Corrective actions should be tailored to the problem directly. Providers need to be

careful to not over-promise and then be unable to deliver, particularly in cases where the SSA is sure to revisit to verify. A failure to implement the corrections that were initially proposed can prevent the provider from being placed back into compliance and can lead to additional penalties.

Providers are required to transcribe the POC on the CMS-2567 in columns 3, 4 and 5, sign it, and then return it to the SSA for review and approval. Depending upon the severity of the deficiencies, the SSA may accept the POC and place the provider back into compliance without conducting a revisit. The SSA may also reject all or a portion of the POC and ask the provider to resubmit it.

Disputing a deficiency

When a provider believes it has a reason to dispute a deficiency, there are a number of issues to consider. Additionally, it is impor-tant to understand the paths a provider can utilize to pursue a dispute. At the outset, a decision to dispute a deficiency should take into consideration: n the scope and severity of the deficiency,n the consequences of the deficiency being

sustained,n if there is an argument that is supportable

and appropriate,n if the administrative and financial re-

sources are worth it, andn if there are future hearing or litigation

consequences.

The seriousness of the deficiency is a consid-eration in deciding whether to dispute it. A good analogy when thinking about a low-level deficiency is the parking ticket you received for an expired meter, five minutes after it expired. Is it worth the time, energy, and effort to plead not-guilty, take a day off from work and fight with an administrative judge that may be predisposed to ignoring your argument? In


44

TitleBy: Line

Skilled nursing facility deficiencies: Provider rights and practical considerations ...continued from page 43

contrast, a provider should do everything it can to develop an argument relating to serious deficiencies (at a G level or above).

Consumers, lenders, and regulators are increasingly scrutinizing provider deficiencies at a G level or above. A provider’s survey performance is available on the Medicare.gov website and, in many cases, on state websites. Consumers are using this public data to make decisions about where to receive care or where to place family members for care. Serious deficiencies represent a significant marketing negative and can stain the reputation of a provider. Lenders to providers, whether for mortgages or working capital, are increasingly tightening the standards for operating performance that are memorialized in representations, warranties, and covenants in lending documents. Increasingly, these same lenders are stepping up their review of a provider’s survey history and are demanding answers, requiring corrective action, and in some cases, calling loan defaults for survey deficiencies or repeated non-compliance. Providers with U.S. Department of Housing and Urban Development (HUD) insured mortgages are starting to see much more interest at HUD in a provider’s operating and survey performance. A provider should take all this additional scrutiny into account when deciding whether or not to dispute a deficiency.

Any argument relating to a deficiency should have sufficient merit and warrant the resources a provider would utilize pursuing the dispute. If a deficiency is valid, providers should not challenge it because there is a novel argument or the provider didn’t like the way it was cited. Providers can lose credibility with surveyors, the SSA, and CMS. One inappropriate challenge can take away from an argument relating to other deficiencies. A provider doesn’t need a slam dunk before moving forward—it simply needs to be confident with a good argument. Providers should also consider that each of the processes to dispute deficiencies generally provide for a “de novo” or open review of the issues, such that the person reviewing the dispute might find additional deficiencies from the information presented.

The seriousness of a deficiency, the consequences of having it sustained, and being confident in an argument are significant issues in an analysis of whether to move forward. Other issues to consider are: (1) whether or not the resources the provider is going to put into a dispute make sense; and (2) whether or not there are any future hear-ing or litigation consequences. The human, operational, and financial resources the provider is going to utilize aren’t always easy to quantify. The provider, however, should try. Is developing an argument, researching the law, and researching facts on a E-level deficiency going to tie up an otherwise very busy director of nursing for the next five days? Is it going to cost the provider significant dollars to hire a


45


life–safety code expert to give an opinion on an issue? These are just examples of questions the provider team should be asking when making a decision about moving forward with a dispute. Remember, the analogy earlier about a ticket for an expired meter?

In addition to understanding the resources utilized, a provider should consider whether or not there any future consequences in a civil hearing or litigation that relate to the facts or issues raised in the deficiency. If the “expired meter” type of a deficiency is part of issues involved in a current or potential civil litigation, the provider may need to use every avenue available to express its argument or position. Pursuing a dispute through the Informal Dispute Resolution (IDR) process, the U.S. Department of Health and Human Services Departmental Appeal Board (DAB) process, or both, may become a necessity. Additionally, the provider’s position in the IDR or DAB process should be consistent with its position in any hearing or litigation context which recognizes that different standards may be used in those forums. A provider should also be attuned to whether or not it has: (1) been contacted by counsel acting on behalf of the resident or family; (2) received a summons or complaint; or (3) received a threat of litiga-tion from family, a resident, or counsel.

After the provider has weighed the issues and practical considerations discussed above, an understanding of the two paths to dispute deficiencies is important. A provider can use the IDR process and, if it’s available to it, the DAB hearing process. The IDR process is available to dispute almost any type of deficiency, although there are limitations to what can be raised at IDR. The DAB appeals process is only available in certain circum-stances, such as when a “remedy” or penalty has been imposed by CMS. Each of these processes is independent of the other.

Informal Dispute Resolution

IDR is an informal process where the provider has the opportunity to dispute deficiencies after the CMS-2567 has been issued. The federal guidelines for the process are discussed in this article, however, states can differ on how they implement the IDR process. Some states may have face-to-face meetings with providers, while others may only have a written submission process. A discussion of each state’s process, however, is beyond the scope of this article.

The right to IDR is guaranteed by federal regulation, 42 CFR §488.331. A provider must be notified of its rights in the letter from the SSA enclosing the CMS-2567. The letter should explain the IDR process, who will conduct it, and that pursuing IDR will not delay the imposition of CMS penalties.

A request for IDR must be made within 10 days of receipt of the CMS-2567. If the provider needs more time to submit an IDR request, it needs to contact the SSA and make sure that any agreement to extend the time for a filing is memorialized in writing.

IDR is an opportunity to dispute the facts and findings that allegedly support a deficiency and the scope and severity of a deficiency with Substandard Quality of Care (SQC) or Immediate Jeopardy (IJ). The scope and severity of a deficiency cannot be chal-lenged unless they are SQC or IJ. According to CMS, IDR is not a forum for disputes with respect to the survey, the IDR process, or remedies that are imposed.

Providers should evaluate whether they are going to use a staff person or a third party to complete the written IDR submission. A decision to use a consultant or outside counsel should take into consideration: (1) whether or not staff are going to have difficulty objectively

evaluating the issues; (2) the resources available in house; and (3) whether or not there are significant legal and factual issues that require legal assistance to develop.

An IDR submission should set forth the entirety of the legal and factual issues relevant to the provider’s position. The document should address each deficiency and how it pertains to the facts presented. Facts and find-ings provided by the SSA in the CMS-2567 should not be taken for granted. A review of all of the information gathered in the process of evaluating the deficiencies should be under-taken. Where necessary, staff should go back to original charts for supporting documentation.

An IDR submission should be readable, persuasive, concise, based upon the facts and applicable regulations, submitted appropri-ately (following SSA guidelines), and based upon an argument with sufficient merit. The submission should also point the reader to appropriate exhibits, quote exhibits where appropriate, and highlight particularly impor-tant points. Each of the arguments in the sub-mission should explain the provider’s position and be related to the facts. The submission overall should use words and information wisely. The longer the submission, the less likely it will be reviewed appropriately.

Submitting the best possible IDR request is important because providers generally only get one opportunity for IDR. Additional IDR opportunities only arise when; (1) on revisit, the deficiency still exists; (2) a new deficiency is found on revisit or cited at the original IDR; or (3) a new example of a deficiency is found on revisit or as a result of an IDR.

Once the IDR process is concluded, the provider has a right to receive written notifi-cation of the results. If successful at IDR, the


46

TitleBy: Line

Skilled nursing facility deficiencies: Provider rights and practical considerations ...continued from page 45

provider has a right to an new CMS-2567, the state agency must correct information in the OSCAR system, and any enforcement action(s) imposed because of the deficiencies disputed must be rescinded.

Federal appeals

Separate from the IDR process, a provider may have a right to a DAB appeal under cer-tain circumstances. DAB appeals are formal hearings before an administrative law judge (ALJ) and involve formal submissions of writ-ten arguments, evidence, and witnesses.

The right to pursue a DAB appeal usually depends upon whether a provider has received deficiencies that actually resulted in the imposition of a “remedy” or penalty. Providers can’t appeal specific deficiencies, per se. For example, if the provider is cited with a C-level deficiency but no CMS remedy is imposed, there is generally no right to a DAB appeal. Remedies are any of a number of sanctions that CMS has the authority to impose. Some of the remedies that can lead to an appeal include: termination, temporary management, denial of payment for new admissions, denial of payment, and civil monetary penalties (CMPs). In certain cases, providers can appeal the scope and severity of a deficiency if it would result in the change of a level of CMP or a determination of whether SQC existed.

Similar to the IDR process, all remedies, except CMPs,4 will go into effect upon their effective date, irrespective of the provider’s submission of an appeal.

Providers should be on alert for any cor-respondence from CMS following a survey. This correspondence is the provider’s notice of the imposition of a remedy and the rights it may have to an appeal. Too often, providers mistake the correspondence as claims-related and send it off to accounting, or don’t

recognize the importance of the notice. A request for a hearing must be filed within 60 days of the imposition of a remedy with the DAB. In many cases, providers have had their DAB appeals dismissed summarily because of a failure to file within the 60-day time frame. Many of those cases occurred because the provider thought it had to pursue IDR first. As mentioned, IDR and a DAB appeal are two independent processes.

Distinct from IDR, providers should consult counsel to both prepare and file a DAB hear-ing request. There are too many procedural and substantive pitfalls in the process. If the provider believes a DAB appeal is warranted, the engagement of an attorney with experi-ence in DAB appeals is worth the resources.

A DAB appeal request must specify the deficiencies being disputed; the facts and issues surrounding the deficiencies and the imposed remedies; and any relevant legal issues. The language of the CMS notice letter plays a large part in determining which deficiencies a provider must overcome in order to prevail at removing an imposed remedy. If the letter suggests that a remedy is imposed for more than one deficiency or due to the entire survey, a facility might be required to challenge and prevail on all the deficiencies mentioned. As a result, a provider with a weak argument on one of a number of deficiencies may choose not to devote resources to an appeal.

Once an appeal request is filed, the provider (and their counsel) will get an acknowledge-ment of its appeal request and an order from the ALJ. Generally, the ALJ order will require the provider’s attorney to confer with CMS’ attorneys. Within 60 days of the ALJ order, the provider’s attorney and CMS’ attorney either must jointly file readiness papers or file their own opposing papers. Readiness papers must give the ALJ a picture of the factual and legal

issues at stake in the case and explain what evi-dence will be provided. Often, providers and CMS’ counsel will attempt to settle the matter before filing readiness papers. However, similar to most litigation, settlement negotiations can go on even through the hearing process.

After submission of the readiness papers, the ALJ will hold a pre-hearing conference with attorneys for both sides. Following the pre-hearing conference and exchange of information from both sides, a hearing will be held, usually at a location convenient to the provider. At a hearing before the ALJ, both sides will introduce testimony and documen-tary evidence. CMS will often use the state agency surveyors as witnesses.

Following the hearing, the ALJ will render his/her written decision. If the facility is unsatis-fied with the decision, it may seek to further appeal to the DHHS Departmental Appeals Board (DAB). If the provider is additionally unsatisfied with a appeal board decision, it may decide to take the matter to federal court.

Conclusion

The SNF/NF survey process is unique com-pared to the survey and certification process or deemed accreditation process for other providers. An understanding of a provider’s rights and obligations in the process is essential to navigating it and to assisting a provider with its compliance responsibilities. This article was designed to present a broad summary of issues for compliance professionals who assist provid-ers after they have received a CMS-2567 with deficiencies. Understanding the issues should help compliance professionals work through regulatory obligations and business and practi-cal considerations in the process. n

1 A copy of the CMS State Operations Manual can be found on the web at http://www.cms.gov/Manuals/IOM/list.asp

2 CMS State Operations Manual, Section §7400E13 CMS State Operations Manual, Section §7400E34 The Patient Protection and Affordable Care Act of 2010 (or the Health

Reform Bill) includes provisions that require providers to escrow CMP amounts during an appeal in certain circumstances.


47

the responsible board representative for compliance issues. The board should provide reasonable oversight of the compliance program.

n Investigate all compliance issues raised. If a potential problem is brought to the attention of responsible persons, it should be investigated promptly, and the findings related thereto should be reported to the board or its designee.

n Develop and maintain tools to measure the effectiveness of the compliance program.

Periodic risk assessments and review of the compliance program elements should be designed to evaluate and improve compliance program effectiveness, taking into account relevant developments and health care industry standards.

n Take meaningful remedial action. Health care organizations that are currently reviewing or handling

evidence of misconduct should address remediation and future effectiveness. When allegations of wrongdoing arise, the compliance officer should promptly report the conduct to the board of directors or board committee. The board or board committee should then evaluate the involvement of any high-level personnel and address with the compliance officer the proper remedial steps including, under the right circumstances and in consultation with counsel, the merits of self-reporting. Once criminal conduct has been verified, the health care organization should take steps to understand how it occurred and put in place measures to detect or prevent recurrence, which may include use of an independent outside advisor. n

1. U.S. Sentencing Guidelines Manual Section 8B2.12. U.S. Sentencing Guidelines Manual Section 8C.3. U.S. Sentencing Guidelines Manual Section 8D.4. U.S. Attorneys Manual Section 9-28.300(a)(5), (A)(6), www.usdoj.gov/usao/eousa/foia_reading_room/usam/

title9/28mcrm.htm#9-28.300.5. Id. at Section 9-28.800.6. U.S. Sentencing Guidelines Manual Section 8B2.1(a).7. U.S. Sentencing Guidelines Manual Section 8B2.1(b).8. Id.9. U.S. Sentencing Commission, Amendments to the Sentencing Guidelines at 17-18 (April 30, 2010)[hereinafter

referred to as “Amendments”], available at http:/www.ussc.gov/2010guid/finalamend10.pdf. 10. Id.11. Amendments, supra n note 1, at 17.12. Id.

New Federal Sentencing Guidelines requirements for an effective compliance program ...continued from page 33

HCCA’s 2010 RegionAl ConfeRenCesNew eNglaNd | September 13 | Boston, Ma

Upper MidweSt | September 16 | Minneapolis, MN

MidweSt | September 24 | Overland park, KS

NOrth CeNtral | October 1 | indianapolis, iN

eaSt CeNtral | October 8 | pittsburgh, pa

hawaii | October 15 | honolulu, hi

MOUNtaiN | October 22 | denver, CO

Mid CeNtral | November 5 | louisville, KY

SOUth CeNtral | November 12 | Nashville, tN

deSert SOUthweSt | November 19 | phoenix, aZ

HCCA’s regional one‑day conferences provide high‑quality, convenient, inexpensive education and networking opportunities. Don’t miss the opportunity to attend one in 2010!

leARn moRe AnD RegisteR At www.HCCA‑info.oRg


48

TitleBy: Line

Letter from the CEO ...continued from page 18

top, they had ethics training, they had a code of conduct. Everyone felt trusted. What they didn’t have, is a guy like me who would hunt them down, walk in and say, “It’s against the law and you need to stop. If you don’t stop you will be disciplined. If you don’t stop, I will be forced to take it to the Board.” Of course, discipline may be necessary for the infraction, but it depends on the facts. More on discipline later. Anti-bribery is an outdated example but there are many other problems

that aren’t as obviously wrong to employees as anti-bribery. There are people who need you. There are people who need you to be aggressive.(pull quote)

Many white collar criminals said they didn’t start out to commit crimes. They did a little and looked around. Nothing happened. They did more and still nothing happened. Then the government stopped by one day and took your employee away. Ineffective compliance people say “you can’t catch them all.” They say, “Anyone can beat any system.” Me, I would take it personally. I would feel bad because I let my colleague down. If only I had caught them early on, their lives may not have been ruined. Being nice to people is not always a nice thing to do to people.

Under my program, people who break the rules will be mad at me (until they see their colleagues in other companies charged with criminal conduct for the very same activity.) Under the “Here, have a carrot” approach, lives are ruined. I don’t believe for a moment that taking the nice guy approach causes people to be happier or get along any better in the long run. Talking about a positive

culture does not work if you don’t enforce it. The pain you cause from failure to detect and correct wrongdoing is significant. Even if you avoid the “big government investigation,” the harm to your morale and culture can be significant if you don’t address the problems.

The culture in the HCCA office is fairly good. On a monthly basis, I get the stink eye for our zero gift policy, but it sends a message that we are serious. I am thinking about

rewarding people who constantly complain about the zero gift policy for helping me with my compliance education. I don’t have to write a hundred polices for every eventuality. They know

our compliance program is serious. People think, “If he won’t allow that, then what I am considering is way off base.” To some, I am onerous.

To me, well I just smile and let everyone think how tough I am so I can be nice, most of the time. you have to be a lot tougher if you let problems go unresolved and fix them after they have rotted a while. The odd thing about this is that I personally abhor conflict. I look down the road further than some, and I am a bit skeptical. I assume that if I don’t act tough now, I will have much more serious conflict later. Essentially, I am a coward. I am afraid of a bad culture, and I don’t want to have to discipline or fire people.

Every once in a while, someone in the office has a bad day because we have a tough talk. We get to our problems early and often. We make a big stink about the little things so we can avoid the bigger things. We have targeted training, and we are quite clear that we don’t tolerate people who ignore the rules. But we do it with a smile. We explain why.

We treat people equally. People who cheat don’t get away with it. People watching our compliance program address issues rather than ignore them, don’t become bitter. We reward those who find and fix problems. We don’t punish randomly. If you made a mistake you have not made before, you fix it, report it immediately, then you are likely to be just fine. But, we run a very assertive compliance program. We just do it with a little grace.

We have had an independent outside review that involved all our employees in one-on-one interviews. The outcome was that they felt pretty good about their culture. They felt supported. They felt treated fairly. They feel leadership has their back. The assumption that you can’t achieve this with an aggressive compliance program is wrong. The assump-tion, that implementing a program that is all hugs and kisses is the only way to make people feel good about compliance, is wrong. The assumption that those of us who empha-size investigations, discipline, and thorough reporting can’t do so while creating a trusting and positive culture, is just ill informed.

This assumption that all discipline has to be harsh is erroneous. It depends on the facts. Was there intent? Was there clear understand-

ing of the rules? Did someone higher up OK your activity? We have rewarded two employees who had fairly serious compli-ance violations. We rewarded them in an all-staff meeting. We did so because there was no intent, only a mistake, they never did it before, they fixed it immediately, they reported it immediately, and they have not repeated the error. We did it because we want

There are people who need you. There are people who need you to be aggressive.

If you want people beating each other with sticks, go give

them a lot of carrots.


49

people to know that dealing with problems up front is our preferred methodology. However, if you intentionally break serious rules that everyone understands and then try to cover it up, you will be looking for another job. The same is true for those who make the

same mistake repeatedly. This not an all-or-nothing game. We have convinced many of our employees, not only that wrongdoing is wrong, but more importantly, that if you make a mistake and deal with it properly, you have a chance of coming out just fine.

My point is that you can be a hard-line compliance type on the surface, but very rational when the going gets tough. This is a real art form. That is why the compliance/ethics profession is so hard. People see ethics as the “nice guy” approach that will build a positive culture. I have seen many companies that don’t investigate, enforce, and discipline, but talk about ethics a lot. In many of those companies, few employees feel good. They see wrongdoing go unchallenged. Few felt treated equally or fairly. Some become very bitter about the “all talk, no teeth, nice guy” approach. Some people are so bitter they break the rules because they feel, “If they can do it, I can do it. If they can have that, I can have that.” Some run a passive compliance program to keep people happy. It doesn’t always work. Ethics training, a code of conduct, and tone at the top are all impor-tant; however, they will give you a short-term positive culture boost. If you don’t enforce, discipline, and report in the long run, you can create a very negative culture.

I don’t want to hear any more about how the harsher elements of a compliance program make people feel bad or untrusted. Maybe it does in the short run, but not in the long run. I don’t want to hear any more about the-carrot-and-the-stick analogies. If you

want people beating each other with sticks, go give them a lot of carrots. (pull out quote) Tell them to do the right thing and call it a day. Let the problems rot while the employees look

on and wonder why you are still talking and analyzing. However, if you want people happy, jump down off your podium, go find a problem and fix it. (pull quote)

Nothing good ever happens with half an effort. Just talking and writing and analyz-ing rarely gets anything substantial done. Sure compliance is hard. Some people will be frustrated. Why should the Compliance department be any different from other departments? People don’t manage successful companies that way. No one in the finance department ever said, “Well if it will make you feel better, you really don’t need to worry about getting those financials done.” No one ever says, “If it will make you feel better, you don’t have to get your projects done on time.” No business was ever successful without hard work and a little frustration. Every depart-ment has things they must do that bother other people. Few business are successful without hard work from every department. Why should the Compliance/Ethics department be different? Our jobs are tougher in a way; however, every department has their difficult components.

Stop apologizing. Stop being reluctant. Explain the big picture. Tell people why we

need to find and fix our problems. Treat people equally. Tell them looking the other way never works in the long run. Tell them if you don’t do you job, the consequences could be worse. Manage the harsher elements of a compliance program in a way that will convince people it’s the best option. Be proud that you are effective and focus on the long term gain, not the short term pain.

And stop telling me I should emphasize telling people to be ethical, or writing a better code of conduct, or how important tone at the top is. We have people doing this in our homes, our places of worship, our workplace, etc. It’s everywhere you turn, and it’s been going on for centuries. It’s not enough. There are hundreds of thousands of people pushing it. That side of the ledger doesn’t need my help. There are two groups of people that talking doesn’t work for: those that don’t know they are doing wrong, and those who are waiting to get caught. No more preach-ing, paper, or tone from the top, middle, or bottom is ever going to help them. I am going to continue to emphasize the oh-so-unpopular, harsher elements of a compliance

program. I am not going to help the people who take the passive approach, because their perspective outnumbers mine 100,000 to 1. If anyone needs help, it’s me. And I am going to do so, because being nice to people is not always the nice thing to do to people. n

However, if you want people happy, jump down off your podium, go find a problem

and fix it.

Manage the harsher elements of a compliance program in a way that will convince people it’s the best option. Be proud

that you are effective, and focus on the long-term gain,

not the short-term pain.


50

TitleBy: Line

Tennesseen Eugene Gallagher, Vanderbilt University

Medical Centern Barbara Gibson, Vanderbilt Human Research

Protection Programn Randal Meis, Memphis Radiological PCn Tiffany J. Miller, Simplex Healthcaren Denise Roe, Vanderbilt Human Research

Protection Programn Carla Russo, Regional Med Center at Memphisn Cassandra C. Taylor-Wilson, Univ of Tennessee

Medical Group Inc

Texasn Rebecca Bunce, Cenpaticon Vladimir Edmondson, MD Anderson Cancer

Centern Maurilio Garcian Carrie Gregg, MD Anderson Cancer Centern Allyson Kinzel, MD Anderson Cancer Centern Cheryl Krafft, Genentech, Incn Carol E. McMahon, Texas Tech University

Health Sciences Centern Madhu Purewal, MD Anderson Cancer Centern Jessica Quinn, MD Anderson Cancer Centern David Way, Gulf Bend Centern Angele White, MD Anderson Cancer Center

Utahn John Richard Bucher, Intermountain Healthcaren Shanna Luke, Intermountain Healthcare

Vermontn Madeline M. Motta

Virginian Nisha Shajahan, Integrity Management

Services, LLC

Washingtonn Eric Jorgensen, MedData, Inc.n Marcia Vixie, Central Washington Hospital

West Virginian Sherri L. Felix, US Dept of Veteran Affairs

Wisconsinn Catherine DeLairn Katherine A. Kuchan, Hall Render Killian

Heath & Lymann Amy Wolfgram, Group Health Cooperative of

Eau Claire

Alabaman Kristie Didcoct n Sylvia L. Steger, Sequel TSI Holdings LLC

Alaskan Stacey Thorsen, Petersburg Medical Center

Arizonan Shannon Cardea, University Physicians Healthcaren Ruby Chapman, Little Colorado Behavioral

Health Centers

Arkansasn Michelle Bass, Mercy Health System of

Northwest Arkansasn Kathryn H. Henning, Univ of AR Medical Sciences

Californian Robin Bilinski, Santa Clara Family Health Plann Ivana Chang, Kaiser Permanenten Carol Flynn, Genentechn Kathleen Haddock-Gafford, Procare Hospicen Jan Huckins, VNA & Hospice of Southern CAn Marty Knutson, Palomar Pomerado Healthn Susan Marshall n Beth Paige, Santa Clara Family Health Plann Helen Rene Quinones, Sutter Health Support Svcsn Bayley Raiz, Health Servicesn Scott Rhode, Amgenn Chris Schroeder, Deloitten Karen Triest, Kaiser Permanente

Coloradon Michael Meeks, Catholic Health Initiativesn Berna L. Rhodes-Ford, Holland and Hart LLP

Connecticut n Margaret Williams, Carecentrix

Delawaren Lilia Kulmaczewski, Nanticoke Health Services

Floridan Alejandro Mayer, Vohra Health Services PAn Jon Picotte, Consulate Management Companyn Leslie Prizant, Health Management Associates Inc

Illinoisn Mark Albers, Deloitte FAS LLPn Julia Campbell, Rehabilitation Institute of

Chicagon Marsha Liu, Northwestern Memorial Hospitaln Kim McGuire, Carle Foundation Hospitaln Tom Potter, Wolters Kluwer Law & Businessn Kathryn Seifertn Scott Shaffer, Deloitte

Indianan Julie Conrad, Wishard Health Servicesn MaryAnn Northrup, Navigant Consulting

Kansasn Carol Browning-Whiteside, Hospice Care of Kansas

Louisianan Jeanette Toups Chauvin, LHC Group Incn April Walker, LHC Group

Mainen Charlotte Pease

Marylandn Judith A. Geisler, CMSn Cheryl J. Outlaw, Johns Hopkins HealthCare LLC

Massachusettsn Harold Marcus, Harvard Pilgrim Health Care, Inc.n Robin Morris, Sturdy Memorial Hospitaln Carol Whooley, Massachusetts General Hospital

Michigann Janet G. Kelley, Meijern Terence Thomas, St. John Providence Health

System

Minnesotan Tina Marsh, Allina Hospitals and Clinicsn Russell Welch, Associated Anesthesiologists, PA

Missourin Anne Sharamitaro, Health Capital Consultants

Nevadan Chad Stenslie, Delmar Gardens of Green Valley

Operating, LLC

New Jerseyn Debra Martironen Kathleen Quince n Laureen Rimmer, Besler Consulting

New Mexicon Lorraine G. Chavez, Cibola General Hospital

New Yorkn Terri Alesandro, Inspiren Rosemarie M. Ansel, Columbia County

Department of Mental Healthn Sofia Base, Health Plus Management Servicesn Lorraine Breuer, Parker Jewish Instituten Stephanie Corrigan, Mental Health America of DCn Daniel R. Donaldson, Legacy Health Care, LLCn Marcia Garcia, Montefiore Medical Centern Mary Grace Giuliano, Jawonio, Inc.n Kathy Gleason, Episcopal SeniorLife

Communitiesn Ellen Gutmaker, Arc of Onondagan Jose Maldonado, Pitta & Giblin LLPn Brian McGovern, Cadwalader, Wickersham &

Taft LLPn Anthony Mrozik, Gateway-Longviewn Bob Pettit, Aspire of WNyn Carlos Rios, Montefiore Medical Centern Pearlena Robinson, Franciscan Management

Services

North Carolinan Asonia Bell, Carolinas Healthcare Systems n

New HCCA MembersHCCA’s 2011 eventsHCCA offers first-class education, resources, and networking opportunities for everyone in the health care compliance field. Whatever your focus, HCCA has a conference for you.

NatioNal CoNfereNCes

Managed Care Compliance Conference February 6–8 | Scottsdale, AZ

Audit & Compliance Committee ConferenceFebruary 7–8 | Scottsdale, AZ

Compliance InstituteApril 10–13 | Orlando, FL

Research Compliance ConferenceJune 12–15 | Austin, TX

Physician Practice Compliance ConferenceOctober 16–18 | Philadelphia, PA

CompliaNCe aCademies

February 7–10SAn FrAnciScO, cA

March 14–17SAn AnTOniO, TX

June 6–9ScOTTSdALe, AZ

August 8–11new YOrk, nY

september 19–22chicAgO, iL

October 24–27LAS VegAS, nV

november 14–17OrLAndO, FL

December 5–8 SAn diegO, cA

researCH aCademies

January 31—February 3 SAn FrAnciScO, cA

August 15–18 LAS VegAS, nV

privaCy aCademies

Mar 28–31 OrLAndO, FL

October 3–6 SAn FrAnciScO, cA

Web CoNfereNCes explore current hot topics for compliance professionals with instant and up‑to‑date education from the convenience of your own office. new conferences are announced regularly, and prior sessions are available for purchase on cd‑rOM. Visit www.hcca‑info.org for the latest updates.

regioNal CoNfereNCes

southeastJanuary 21 | Atlanta, gA

south Atlantic January 28 | Orlando, FL

southwestFebruary 18 | dallas, TX

AlaskaFebruary 24–25 | Anchorage, Ak

Upper north CentralMay 6 | columbus, Oh

Upper northeastMay 20 | new York, nY

Pacific northwest June 10 | Seattle, wA

West CoastJune 17 | Los Angeles, cA

new englandSeptember 9 • Boston, MA

Upper MidwestSeptember 16 • Minneapolis, MN

Midwest September 23 • Kansas City, KS

north CentralOctober 3 • Indianapolis, IN

east CentralOctober 14 • Pittsburgh, PA

Hawaii October 21 • Honolulu, HI

MountainOctober 28 • Denver, CO

Mid CentralNovember 4 • Louisville, KY

south CentralNovember 11 • Nashville, TN

Desert southwestNovember 18 • Phoenix, A

DAtes AnD loCAtions Are subjeCt to CHAnge. for upDAtes, visit

www.hcca-info.org


51

HCCA’s 2011 eventsHCCA offers first-class education, resources, and networking opportunities for everyone in the health care compliance field. Whatever your focus, HCCA has a conference for you.

NatioNal CoNfereNCes

Managed Care Compliance Conference February 6–8 | Scottsdale, AZ

Audit & Compliance Committee ConferenceFebruary 7–8 | Scottsdale, AZ

Compliance InstituteApril 10–13 | Orlando, FL

Research Compliance ConferenceJune 12–15 | Austin, TX

Physician Practice Compliance ConferenceOctober 16–18 | Philadelphia, PA

CompliaNCe aCademies

February 7–10SAn FrAnciScO, cA

March 14–17SAn AnTOniO, TX

June 6–9ScOTTSdALe, AZ

August 8–11new YOrk, nY

september 19–22chicAgO, iL

October 24–27LAS VegAS, nV

november 14–17OrLAndO, FL

December 5–8 SAn diegO, cA

researCH aCademies

January 31—February 3 SAn FrAnciScO, cA

August 15–18 LAS VegAS, nV

privaCy aCademies

Mar 28–31 OrLAndO, FL

October 3–6 SAn FrAnciScO, cA

Web CoNfereNCes explore current hot topics for compliance professionals with instant and up‑to‑date education from the convenience of your own office. new conferences are announced regularly, and prior sessions are available for purchase on cd‑rOM. Visit www.hcca‑info.org for the latest updates.

regioNal CoNfereNCes

southeastJanuary 21 | Atlanta, gA

south Atlantic January 28 | Orlando, FL

southwestFebruary 18 | dallas, TX

AlaskaFebruary 24–25 | Anchorage, Ak

Upper north CentralMay 6 | columbus, Oh

Upper northeastMay 20 | new York, nY

Pacific northwest June 10 | Seattle, wA

West CoastJune 17 | Los Angeles, cA

new englandSeptember 9 • Boston, MA

Upper MidwestSeptember 16 • Minneapolis, MN

Midwest September 23 • Kansas City, KS

north CentralOctober 3 • Indianapolis, IN

east CentralOctober 14 • Pittsburgh, PA

Hawaii October 21 • Honolulu, HI

MountainOctober 28 • Denver, CO

Mid CentralNovember 4 • Louisville, KY

south CentralNovember 11 • Nashville, TN

Desert southwestNovember 18 • Phoenix, A

DAtes AnD loCAtions Are subjeCt to CHAnge. for upDAtes, visit

www.hcca-info.org

The Health Care Reform law brought many changes for health care providers and their compliance professionals. In this intensive two-day workshop, parti cipants will learn about Health Care Reform from a compliance perspecti ve. Nati onally prominent speakers and high-ranking government offi cials have been invited to provide the latest and most insightf ul informati on to att endees. They will cover topics such as:

• The Economics of Health Care Reform

• Dealing with the Future: New Service Lines and Arrangements

• New and Expanded Fraud and Abuse Provisions

• What to Expect from Payors

• The Expanded Implicati ons of Quality

• Transparency and Data Reporti ng

• Mandatory Compliance Programs

• OIG Enforcement

Parti cipants will receive tools that they can take back to their senior leaders and Boards to help communicate the implicati ons of these issues from a compliance perspecti ve.

Compliance professionals, in-house counsel, senior leaders, risk managers, fi nancial offi cers and revenue cycle personnel should plan to att end.

Compliance in the Post-Reform World An HCCA WorkshopNovember 8–9, 2010 | Baltimore, MD

LEARN MORE AND REGISTER AT � .healthcarereformcompliance.org

Documents

XXXXXXX continued from page 1 - HCCA Official Site · 19 Social Networking By John Falcetano 20 Home health compensation arrangements: Maintaining compliance By Theresamarie Mantese