POUDRE VALLEY HEALTH SYSTEM we’re here for you Hot Topics in Risk Management Ellen Stewart, Partner Berenbaum, Weinshienk & Eason, P.C. Diane Gross, Associate General Counsel Poudre Valley Health System May 21, 2008
Hot Topics Enterprise Risk Management Present On Admission and Never Events HIPAA EMTALA Conditions of Participation Growth/Change
Enterprise Risk Management (ERM) Create a process Apply across an enterprise Identify potential risk events Manage that risk Help achieve the objectives of the enterprise
ERM Encompasses: Developing a process to manage risk- including a process evaluation technique Identifying risk Formulating alternative risk responses –Risk avoidance –Reduction –Sharing –Acceptance Reducing surprises Recognizing opportunities Managing the financial and resource needs of risk management Creating a Corporate insurance program
The Enterprise Nature of ERM All levels of the organization: Enterprise level –system wide Entity level –hospital/clinic level Business level –department or service line level
ERM Process Strategic –remove silos Operations –communicate, share, include others across departments, projects, entities Compliance –trends, measures, internal and external
Present on Admission and “Never Events” The rule implements a provision of the Deficit Reduction Act of 2005 (DRA) that takes the first steps toward preventing Medicare from giving hospitals higher payment for the additional costs of treating a patient who acquires a condition during a hospital stay. The DRA requires hospitals to report secondary diagnoses that are present on admission. Beginning in Fiscal Year 2009 (Oct. 1, 2008), these cases will not be paid at a higher rate unless they conditions were present on admission.
Criteria for inclusion on list: high cost or high volume or both, assigned to a higher paying DRG when present as a secondary diagnosis, and reasonably preventable through application of evidence-based guidelines.
Present on Admission-the rule identified certain conditions: Pressure ulcers Catheter associated urinary tract infections Staphylococcus aureus septicemia (bloodstream infection) Delirium Ventilator-associated pneumonia Deep vein thrombosis Legionnaires’ disease (a type of pneumonia) Clostridium difficile associated disease (a bacterium that causes serious intestinal conditions).
The “Never Events” Air embolism, or bubbles of air or gas entering the bloodstream during medical procedures Blood incompatibility--giving patients the wrong blood type Leaving objects inside surgery patients
How to manage POA and Never Events Education and implementation throughout organization: –Nursing assessment and documentation –Billing/coding –Quality –Diagnostic testing on admission-will this lead to defensive testing?
HIPAA HIPAA: Stricter enforcement expected in 2008 (Jan 18, 2008 By: Dennis Murray Medical Economics)Dennis Murray In an effort to catch more HIPAA violations, the government has engaged a private consulting firm, PriceWaterhouseCoopers, to conduct security audits of covered entities, including hospitals, pharmacies, health plans, and private practices, according to HealthLeaders News.
27 Suspended for Clooney File Peek 27 hospital staff suspended for viewing George Clooney's medical records Clooney was treated at medical center after motorcycle accident Star says he hope staff involved will not lose their jobs (CNN Oct. 2007)
Dr. Phil, have you heard of HIPAA? News on the street, and by street I mean Internet, is that Dr. Phil paid a little visit to a certain celebrity (whom I’ll refer to as Ms. S) on Saturday (January 5) at Cedars-Sinai Hospital. She had been there since ThursdayCedars-Sinai Hospital after her standoff with police. Well after his meeting with Ms. S, Dr. Phil released this statement to Entertainment TonightEntertainment Tonight: “My meeting with Britney and some of her family members this morning in her room at Cedars leaves me convinced more than ever that she is in dire need of both medical and psychological intervention. She was released moments before my arrival and was packing when I entered the room. We visited for about an hour before I walked with her to her car. I am very concerned for her.” I am neither a doctor, nor a HIPAA expert, but I did sign the form andHIPAA take a little class about it. Isn’t this situation a breach of doctor-patient confidentiality? Dr. Phil, shame on you! (Jan. 7, 2008, JeffreyM.D.)
Nurse Pleads Guilty to HIPAA Violation A licensed practical nurse who pled guilty to wrongfully disclosing a patient’s health information for personal gain faces a maximum penalty of 10 years imprisonment, a $250,000 fine or both. Andrea Smith, LPN, 25, of Trumann, Arkansas, and her husband, Justin Smith, were indicted on federal charges of conspiracy to violate and substantive violations of the Health Insurance Portability and Accountability Act (HIPAA) in December. Smith accessed a patient’s private medical information on November 28, 2006, according to the indictment. She then shared that information with her husband, who on that same day, called the patient. Justin Smith reportedly told the patient he intended to use the information against the patient in an upcoming legal proceeding. (April 15, 2008, Dept. of Justice Press Release)
EMTALA In 1986, Congress enacted the Emergency Medical Treatment & Active Labor Act (EMTALA) to ensure public access to emergency services regardless of ability to pay. Section 1867 of the Social Security Act imposes specific obligations on Medicare-participating hospitals that offer emergency services to provide a medical screening examination (MSE) when a request is made for examination or treatment for an emergency medical condition (EMC), including active labor, regardless of an individual's ability to pay. Hospitals are then required to provide stabilizing treatment for patients with EMCs. If a hospital is unable to stabilize a patient within its capability, or if the patient requests, an appropriate transfer should be implemented.
EMTALA Accepting Emergency Transfers. The FY 2007 IPPS rule added language to the EMTALA rules clarifying that every participating hospital with specialized capabilities, regardless of whether or not it operates an emergency department (ED), must accept an appropriate transfer for which it has capacity and the necessary specialized capabilities to treat the patient. CMS is proposing to clarify that a participating hospital with specialized capabilities cannot refuse to accept the appropriate transfer of an individual who had been admitted as an inpatient at another hospital, but remained unstable and needs specialized care only available at the hospital with specialized capabilities, so long as the hospital with specialized capabilities has the capacity to treat the individual. CMS is requesting comment on applying EMTALA to a participating hospital with specialized capabilities when a transferred emergency patient, who was stable after admission and prior to transfer, becomes unstable.
EMTALA CMS is proposing to delete the requirement in the EMTALA regulations that hospitals maintain a list of on-call physicians because the provider agreement regulations already contain a provision addressing this issue. CMS is also proposing to amend its regulations to allow hospitals to comply with the on-call list requirement by participating in a formal community call plan.
Conditions of Participation Section 1864 of the Act authorizes the use of State agencies to determine providers’ compliance with Medicare conditions of participation (CoPs). Responsibilities of the States in ensuring compliance with the CoPs are set forth in regulations at 42 CFR part 488, Survey, Certification, and Enforcement Procedures. Under section 1865 of the Act and § of the regulations, hospitals that are accredited by the Joint Commission or the American Osteopathic Association (AOA) are not routinely surveyed by State agency surveyors for compliance with the conditions, but are deemed to meet most of the requirements in the hospital CoPs based on their accreditation. When a complaint is filed with the CDPHE state surveyors survey to the Medicare Conditions of Participation and State Licensing Regulations (and not necessarily to the Joint Commission standards).
Growth and Change Human capital –cultural issues when there is change Financial growth –is more better? Regulatory changes –what was once cutting edge is now risky or maybe even prohibited
Challenges Both internal and external factors present risk Planning-you can plan responses to risk, but you can’t usually plan timing Growth-adding a new hospital
Risk Management Techniques Fiscal Accountability –Audit Committee of BOD –Finance Committee of BOD –Chargemaster Committee –Insurance program Legal and Compliance –Compliance Committee Quarterly meetings Annual risk assessment –Specialized Staff Corporate Counsel Compliance Officer Compliance Coordinators HIPAA experts
Techniques (continued) Audits –Internal billing and coding –External financial audits Annual Risk assessments Other enterprise- wide measures –New employee orientation –Code of conduct and compliance training –Constant monitoring by staff—list serves, conferences, publications
Additional Risk Management Tools Training and education to comply with POA rules –admissions examinations and complete documentation EMTALA and HIPAA training and enforcement of policies Occurrence (Incident) Report Analysis
Risk Management Controls Policies and Procedures Training and Education Role overlaps –Risk Management and Patient Safety –Corporate Compliance and Risk Management –Event Management vs. Culture/Policy Change –Legal and Administration –Communication-down, across and up
Effectiveness—how do you know you are managing risk? Objective Measures –Bad things do not happen to patients –Reduce unanticipated claims –Insurance premium stability –Regulatory issues –CMS Subjective Measures –Judgment –Do risk needs meet risk tolerance? –Is reporting reliable and meaningful? –Cultural-how likely is someone to report an error?
Limitations—To err is human Mistakes will happen There is variability in the damage that can occur Heat-of-the-moment responses
Benefits of Risk Management Enhance performance- quality/patient safety Financial protection Achieve regulatory/legal compliance Avoid damage to entity’s reputation –Example-event response training Utilize enterprise- wide knowledge and information sharing