Corporate Compliance Program A Brief Overview of Healthcare Compliance
Corporate Compliance Program Welcome! The “what” and “why” of compliance; Elements of an effective compliance program; Your role in compliance and preventing fraud and abuse; How to recognize, resolve, & report compliance issues; A system designed to promote the prevention, detection and resolution of conduct that does not conform to: WMC Code of Conduct Legal & Regulatory Requirements Ethical Requirements Compliance IS your Responsibility!!
Purpose of the Corporate Compliance Program Promote a healthy environment Ensure compliance with the law Cultivate justice Prevent harassment, disrespect, and a hostile work environment Identify vulnerabilities and raise concerns
Why a Compliance Program? Corporate Good Citizenship Prevent Fraud & Abuse Quality Patient Care Reduces Liability & Penalties
Deficit Reduction Act (DRA) Effective 1/1/07 – Federal & State False Claims Act Providers who receive five (5) million + Medicaid $ Mandates Compliance Program Fraud & Abuse Policy Educate Staff, Vendors, Contractors Whistleblower Protections
Compliance Program Elements Compliance Officer and Organizational commitment Written standards and procedures: WMC Code of Conduct Annual compliance education and training Open and effective lines of communication Monitoring and Audit Programs Investigation and follow-up of actual or suspected compliance violations Enforcement through disciplinary guidelines
Compliance Risk Areas HIPAA Privacy and Security Documentation, Coding and Billing Theft or misuse of assets Gifts, Entertainment & Gratuities Conflicts of Interest Vendor Relationships
HIPAA HIPAA’s Privacy and Security Rules regulate the use and disclosure of Protected Health Information (PHI); HIPAA requires that you only use, disclose, & access PHI for job-related purposes; Patients expect and have a right to privacy of their protected health information (PHI) that is in: Verbal Written, or Electronic form
What is PHI? All individually identifiable information that relates to a person’s: Physical or mental health or condition Billing and payment for healthcare ……and that identifies, or could be used to identify the person who is the subject of the information.
Examples of PHI Patient’s Name Address Phone Number Account #, Patient ID, Medical Record# Social Security Number Date of Birth Diagnosis or procedure information AND….any other information that would identify the patient.
Privacy Tips Use shredders or privacy bins; Keep voices to minimum so others do not overhear; Do not use personal photography equipment inside the facility, ie: cell phone cameras; Double check fax numbers before hitting SEND; Always check proper documentation being handed to a patient, ENSURE IT IS THEIRS! Know the OPT OUT Policy.
Every Employee’s Responsibility Get educated!! Know what to do – follow policies and procedures to safeguard PHI When in doubt…..ASK your Supervisor or the Compliance Officer Don’t conduct an investigation, you must report HIPAA problems/issues promptly to the Corporate Office. HOW WILL I KNOW WHEN IT IS OKAY TO ACCESS OR SHARE PATIENT INFORMATION? When it is for treatment, billing or operations and…. Ask yourself: Do I need this information to carry out the responsibilities of my job?
Social Media Do NOT post PHI to Facebook, Twitter, or any accounts unprotected by WMC firewall; Do NOT use texting that includes PHI; i-Cloud is an unprotected site; Do NOT use g-mail, hotmail, etc. as a place to hold or share information.
HIPAA Security Covers PHI in electronic form only (E-PHI) Electronic protected health information that our system creates, receives, maintains, and/or transmits electronically E-PHI is stored on computers, clinical equipment, discs, and software systems Billing System Electronic Medical Records
HIPAA Security TIPS Don’t leave your computer unattended Don’t share your password Don’t download unauthorized software Don’t keep PHI in view of visitors or public areas Don’t misdirect email/faxes
Documentation & Reimbursement Documentation is the written account of a provider’s encounter with a patient Must be accurate, complete and legible if written All physician notes MUST be signed and dated, electronically or written Tens of Billions of Dollars are lost annually to improper payment for: Services that patients didn’t receive Up-coding for higher reimbursements Medically unnecessary services Separate billing for outpatient/inpatient services for the same period.
What is WMC’s Policy on Retaliation? WMC has a policy of “zero tolerance” for any form of retaliation against those who report Code of Conduct concerns in good faith WMC encourages honest discussion about these concerns. Zero tolerance retaliation applies to: Direct as well as indirect retaliation Retaliatory actions as well as threats of actions Retaliation from Supervisors as well as from coworkers
Conflict of Interest Potential Conflict Situations: A personal interest that compromises your duty of loyalty to WMC When an individual uses his/her position or the knowledge gained from their position for personal benefit Even the appearance of a conflict can be a problem Requirement to disclose conflicts NYS Joint Commission of Public Ethics State employee 2 year moratorium Are you a designated decision maker? File an annual disclosure Earnings of >$91,821 (as of 4/2015)
Gifts, Gratuities & Business Conduct The Federal Anti-Kickback Statute prohibits the acceptance of an item of value, cash or any kind, in exchange for referral or business. Staff may not accept cash, gifts, or other items of value to influence with whom we do business or for the referral of patients. Gifts, cash, or items of value should never be solicited from patients, vendors or business associates.
Gifts, Gratuities & Business Conduct What is Acceptable? Promotional items that are nominal in value ($10 or less) can be accepted, but are DISCOURAGED Pens Notepads A department or group may accept perishable or consumable gifts Fruit baskets Candy, cookies And as long as there is no inference to induce or exchange for referrals.
How does this relate to me? Treat everyone in a courteous and fair manner Maintain a health and safe environment Obey all applicable laws and Hospital Policies and Procedures Keep all patient information and records confidential Never knowingly make false or misleading statements Got Compliance??? Let’s Get It!!!
When to Report a Problem How do you know when to report? Is there a suspected or actual violation of a law or policy? Is there a questionable practice or unethical act involved? Does it feel right?
Reporting Where to find help with compliance-related issues? First resource is often your direct Supervisor/Manager If he/she does not know the answer or you are not comfortable asking him/her, then please contact: Terri Alesandro, HealthAlliance Compliance Director (845) 334-4711 Westchester Compliance Office (914)-493-2600
Helpline Reporting The toll-free Help Line is a confidential, anonymous and non-retaliatory reporting mechanism available 24 hours a day, 7 days a week. When calling the helpline you will be asked: Name of your organization Nature of your concern Additional questions 1-844-863-1822
Questions?