/
Compliance and Risk Management Updates Compliance and Risk Management Updates

Compliance and Risk Management Updates - PowerPoint Presentation

liane-varnes
liane-varnes . @liane-varnes
Follow
345 views
Uploaded On 2020-01-05

Compliance and Risk Management Updates - PPT Presentation

Compliance and Risk Management Updates NCAMSS Meeting November 3 2017 JILL Puckett RN BSN MHA Northern Hospital of Surry County Manager Compliance and Risk Objectives Describe what compliance is and what a Compliance Program helps with ID: 772031

risk compliance management family compliance risk family management cms care members patient physician hospitals physicians oig provider facilities based

Share:

Link:

Embed:

Download Presentation from below link

Download Presentation The PPT/PDF document "Compliance and Risk Management Updates" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Compliance and Risk Management Updates NCAMSS Meeting – November 3, 2017 JILL Puckett, RN, BSN, MHA Northern Hospital of Surry County Manager Compliance and Risk

Objectives Describe what compliance is and what a Compliance Program helps with Understand the basic elements of a Compliance Program Discuss what is new for Compliance Discuss what is new for Risk Management Define Enterprise Risk Management Explain your role in Compliance and Risk Management and help engage your physicians

History Compliance Program Guidance for Hospitals – Federal Register Vol. 63 No.35 – 1998 Framework for hospitals to follow when creating a Compliance Program Deficit Reduction Act of 2005 (42 U.S.C.632) Established the Medicaid Integrity Programs and Whistleblower Protections Requires Fraud Waste and Abuse Training and Compliance Programs for entities receiving funds equal to or exceeding 5 million Affordable Care Act (45 U.S.C. 18001) – 2010 Mandates Compliance Programs for all healthcare entities regardless of revenue Establishes many additional regulatory requirement such as 1557 interpreter services availability

What is a Compliance? “Compliance is a dynamic process that helps to ensure that hospitals and other health care providers are better able to fulfill their commitment to ethical behavior, as well as meet the changes and challenges being imposed upon them by Congress and private insurers.” - Federal Register/Vol. 63, No. 35/February 23, 1998

What will a Compliance Program do? Enable hospitals to meet their goals Improve the quality of care Reduce fraud, waste and abuse Reduce cost of health care to Federal, State and private insurers

Elements of a Compliance Program Compliance Officer and oversight Code of Conduct & Policies/Procedures Education and Training Monitoring and Auditing Reporting and Communication Response and Corrective Action Enforcement and Discipline

Compliance Updates

Building Relationships Aim is to build relationship versus working as a silo

Evaluating Compliance Programs Recent guidance to help evaluate Compliance Programs Evaluation of Corporate Compliance Programs Issued by the Department of Justice on February 8, 2017 Measuring Compliance Program Effectiveness Roundtable Meeting on January 17, 2017 Document issued March 27, 2017

OIG Work plan Updated monthly versus once or twice a year as previously done. Summarizes new and ongoing reviews and activities that OIG plans to pursue with respect to HHS programs and operations during the current fiscal year and beyond . Includes projects that span the Department and include the Centers for Medicare & Medicaid Services (CMS), public health agencies such as the Centers for Disease Control and Prevention (CDC) and National Institutes of Health (NIH), and human resources agencies such as Administration for Children and Families (ACF) and the Administration on Aging.

Other Updates Business Associate Agreements Holding subcontractors accountable for breaches Medicare Card Appropriate Use Criteria – imaging Opioid epidemic

CMS Is Taking Steps To Improve Oversight of Provider-Based Facilities, But Vulnerabilities Remain Provider based is Medicare payment designation established by Social Security Act that allows facilities owned by and integrated with a hospital to bill Medicare as a hospital outpatient department. This results in these facilities receiving higher payments than freestanding facilities. https :// www.oig.hhs.gov/oei/reports/oei-04-12-00380.asp

OIG Recommendations – Overall Eliminating the provider based designation Oversight challenges Increased costs to Medicare and its beneficiaries MedPAC (Medicare Payment Advisory Committee ) Equalizing payments for selected services provided in hospitals outpatient departments and physician offices

OIG Recommendations CMS to implement systems and methods to monitor billing by all provider based facilities CMS partially concurs – Place of Service Code helps with this

OIG Recommendations CMS require hospitals to submit attestations for all provider based facilities CMS non-concurs – has take several steps to address such as implementing new modifier place of service code

OIG Recommendations CMS to clarify the documentation that hospitals must submit to demonstrate that their off campus provider based facilities meet requirements CMS concurs – worked with MACs (Medicare Administrative Contractors) to streamline the attestation review process

OIG Recommendations CMS take appropriate actions against hospitals and their off campus provider based facilities that we identified as not meeting requirements CMS concurs – will work with MACs to determine if the providers referred by OIG are out of compliance, if out of compliance will work to recover over payments

EMTALA Enforcement is on the rise Complaints can come from many sources Hospitals Patients Family members Ambulance companies Increased civil monetary penalty amounts for EMTALA violations Encourages providers to self-report EMTALA violations to CMS in order to potentially receive more lenient penalties where there is a violation of the law AnMed – hospital in SC Largest settlement to date ($1.3 million) Resulted due to failing to provide an appropriate MSE and stabilizing treatment to patients presenting to the Emergency Department with psychiatric conditions http ://health.wolterskluwerlb.com/2017/08/kusserow-on-compliance-reminder-to-compliance-officers-emtala-is-a-high-risk-area /

Cybersecurity Penalties Downtime procedures Ensuring Privacy and Security of Information Improving the Flow of Complete, Accurate, and Timely Information Delivering on the Promise of Health IT

Risk Management Updates

Enterprise Risk Management Enterprise risk management (ERM or E.R.M.) in business includes the methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives. ERM provides a framework for risk management , which typically involves identifying particular events or circumstances relevant to the organization's objectives (risks and opportunities), assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring progress. By identifying and proactively addressing risks and opportunities, business enterprises protect and create value for their stakeholders, including owners, employees, customers, regulators, and society overall. ERM can also be described as a risk-based approach to managing an enterprise, integrating concepts of internal control , the Sarbanes–Oxley Act , and strategic planning . ERM is evolving to address the needs of various stakeholders, who want to understand the broad spectrum of risks facing complex organizations to ensure they are appropriately managed. Regulators and debt rating agencies have increased their scrutiny on the risk management processes of companies. According to Thomas Stanton of Johns Hopkins University, the point of enterprise risk management is not to create more bureaucracy, but to facilitate discussion on what the really big risks are. [1] https:// en.wikipedia.org/wiki/Enterprise_risk_management

What is new with Risk Management? Clinical risk management – improving quality and safety of healthcare by identifying and taking action to prevent risks Business risk management – insurance claims

What is new with Risk Management? Risk Manager is involved more with patient safety and quality work Coordinate work with Quality Leaders – overlap Analysis of adverse and sentinel events and trends Accreditation issues Board reports Corrective action plans Patient safety initiatives Provider credentialing Root cause analysis Staff education and training Broader assessment for the organization

Treating family members 1.2.1 Treating Self or Family Treating oneself or a member of one’s own family poses several challenges for physicians, including concerns about professional objectivity, patient autonomy, and informed consent. When the patient is an immediate family member, the physician’s personal feelings may unduly influence his or her professional medical judgment. Or the physician may fail to probe sensitive areas when taking the medical history or to perform intimate parts of the physical examination. Physicians may feel obligated to provide care for family members despite feeling uncomfortable doing so. They may also be inclined to treat problems that are beyond their expertise or training. Similarly, patients may feel uncomfortable receiving care from a family member. A patient may be reluctant to disclose sensitive information or undergo an intimate examination when the physician is an immediate family member. This discomfort may particularly be the case when the patient is a minor child, who may not feel free to refuse care from a parent.

Treating family members In general, physicians should not treat themselves or members of their own families. However, it may be acceptable to do so in limited circumstances: (a) In emergency settings or isolated settings where there is no other qualified physician available. In such situations, physicians should not hesitate to treat themselves or family members until another physician becomes available. (b) For short-term, minor problems. When treating self or family members, physicians have a further responsibility to: (c) Document treatment or care provided and convey relevant information to the patient’s primary care physician.

Treating family members (d) Recognize that if tensions develop in the professional relationship with a family member, perhaps as a result of a negative medical outcome, such difficulties may be carried over into the family member’s personal relationship with the physician. (e) Avoid providing sensitive or intimate care especially for a minor patient who is uncomfortable being treated by a family member. (f) Recognize that family members may be reluctant to state their preference for another physician or decline a recommendation for fear of offending the physician. AMA Principles of Medical Ethics: I,II,IV https ://www.ama-assn.org/sites/default/files/media-browser/code-of-medical-ethics-chapter-1.pdf

Treating family members Does this violate a patient’s right to chose a provider?

Documentation Copying and pasting – beware! Information may be inaccurate or outdated Developing templates – create templates to address pertinent assessments to ensure documentation is present Triage notes/after hours calls – assure clear documentation of the issue and there is appropriate follow up Dictation – review notes prior to signing off Downtime forms Audits

Patients with chronic pain / drug seeking patients Initial evaluation – should be thorough Pain management agreement Pain prescriptions – document and monitor all prescriptions and refills Medication addiction – recognize Drug seekers – differentiate patients in need of effective pain management versus seekers for inappropriate use More to come….

Apologizing to patients/family When and how? Does not guarantee losing a malpractice suit, but it might prevent one Apology Shield Law – Ohio Court ruled that a healthcare provider’s apology to a patient cannot be admitted as evidence in a civil lawsuit Time limit – some laws indicate the apology is inadmissible for 3 to 30 days Intent is to encourage doctors to communicate to patients sooner and more often

Apologizing to patient/family members Clinical outcomes are complex and multifactored Patient/families are looking for words of support, not confession Ounce of comfort spoken might prevent a ton of legal bills Apology versus empathy – conveys the impact of an apology Providers – much of their job is to furnish physical and emotional care and grief counseling at times Apology in a different way – “ empathology” https:// www.medpagetoday.com/practicemanagement/practicemanagement/68780

Cybersecurity / Terrorism Cybersecurity decisions should be driven from a shared understanding of your organization's assets, threats, and vulnerabilities so that security investments address the most significant risks . ... Create a security strategy so that the organization can proactively respond to an evolving threat landscape. https://scadahacker.com/library/Documents/Risk_Management/Crowe%20Horwath%20-% 205%20Critical%20Attributes%20of%20Effective%20Cybersecurity%20Risk%20Management.pdf

Cybersecurity / Terrorism Effective framework Range of scope – all things internet Thorough risk assessment and threat modeling Proactive incident response planning Dedicated cybersecurity resources Cybersecurity / Terrorism insurance policies

What is your role and how to engage physicians? Know your Compliance and Risk culture Build relationships Know what language your physician(s) speaks Encourage communication about policy changes Keep physicians updated around Compliance and Risk issues Ensure physicians do their annual education related to Compliance and Risk Use your Compliance and Risk Manager as a resource

Thank you! Jill Puckett, RN, BSN, MHA Northern Hospital of Surry County jpruckett@nhsc.org