2013 NPMA Fall Conference Value Through Professional Asset Management Special Considerations and Best Practices for Hospital & Medical Equipment Bob Mahaney, CPPS November 14, 2013

2013 NPMA Fall Conference Value Through Professional Asset Management Who is in the room?  New member this year?  First NPMA educational event?

2013 NPMA Fall Conference Value Through Professional Asset Management Who else is in the room?  Type of business? University/University Hospital Contract Property/Federal State/Local Government Private

2013 NPMA Fall Conference Value Through Professional Asset Management Regulatory Drivers for Hospital Assets  GAAP – Generally Accepted Accounting Principles  Medicare – Center for Medicare & Medicaid Services (CMS)  AHA - American Hospital Association  HIPAA – Health Insurance Portability and Accountability Act

2013 NPMA Fall Conference Value Through Professional Asset Management GAAP  Generally Accepted Accounting Principles Primary guidance  Asset Capitalization  Financial Reporting

2013 NPMA Fall Conference Value Through Professional Asset Management Medicare - One  Medicare Cost Reporting (MCR) Annual report of statistical and financial data  Used to determine the federal governments liability for care provided to Medicare beneficiaries  Provides CMS with data used to set payment rates

2013 NPMA Fall Conference Value Through Professional Asset Management Medicare - Two  Sets Requirements for Capitalization Capitalization Threshold $5,000 – across the board  Does not consider type of asset for threshold  If it lasts more than two years, it must be capital

2013 NPMA Fall Conference Value Through Professional Asset Management Medicare - Three  Sets Requirements for Depreciation AHA Estimated Useful Lives of Depreciable Hospital Assets  Separates fixed assets from moveable equipment  May impact your tagging requirements

2013 NPMA Fall Conference Value Through Professional Asset Management HIPAA  High Level View Privacy Rule Security Rule Breach Notification Rule

2013 NPMA Fall Conference Value Through Professional Asset Management HIPAA – Privacy Rule  Privacy Rule Maintaining the privacy of patient information  Protection of patient data  Not truly asset related  Use screensavers and don’t discuss patient information without a need to know

2013 NPMA Fall Conference Value Through Professional Asset Management HIPAA – Security Rule “implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain electronic protected health information into and out of a facility, and the movement of these items within a facility.” 45 C.F.R. § (d)(1)

2013 NPMA Fall Conference Value Through Professional Asset Management HIPAA – Breach Notification Rule  Breach - ‘‘breach’’ as the ‘‘unauthorized’’ acquisition, access, use, or disclosure of protected health information.  Treated as a “discovery” Date when known or should have been known

2013 NPMA Fall Conference Value Through Professional Asset Management Mitigation After the Breach  Must demonstrate actions being taken to avoid future breaches  If not, the government may offer suggestions based on NIST’s Recommended Security Control for Federal Information Systems and Organizations Could be much more burdensome to meet

2013 NPMA Fall Conference Value Through Professional Asset Management National Institute of Standards and Technology NIST Control -“develop, document, and maintain[ ] an inventory of information system components that (a) accurately reflects the current system; (b) is consistent with the authorization boundary of the information system; (c) is at the level of granularity deemed necessary for tracking and reporting...and (e) is available for review and audit by designated organizational officials.” NIST SP Rev. 3, Recommended Security Controls for Federal Information Systems (2009) at Control CM-8

2013 NPMA Fall Conference Value Through Professional Asset Management Offsite Authorization Before Breach Employee acknowledges that he/she may be financially liable for the loss of or damage to item(s) listed above if the loss or damage results from negligence, intentional act, or failure to exercise reasonable care, safeguards, maintenance, and service (Tex. Gov’t. Code Ann. Sec & ). M. D. Anderson will enforce this restitution requirement in a manner that complies with the Fair labor Standards Act.

2013 NPMA Fall Conference Value Through Professional Asset Management Offsite Authorization After Breach I acknowledge that I may be financially liable for the loss of or damage to the device(s) listed above if the loss or damage results from negligence, intentional act, or failure to exercise reasonable care, safeguards, maintenance, and service (TEX. GOV’T. CODE ANN. §§ & ). MD Anderson will enforce this restitution requirement in a manner that complies with the FAIR LABOR STANDARDS ACT. I have read, understand, and agree to abide by all Information Security and privacy policies concerning the use of MD Anderson computing assets and safeguarding protected health information (PHI). I have read MD Anderson’s Information Resources Acceptable Use Agreement and User Acknowledgement, and I understand that Confidential and Restricted Confidential information, including and especially PHI, must remain on MD Anderson owned or leased devices and is subject to MD Anderson security controls. I attest that if any information on this Agreement changes in any material way (e.g., from Internal Use to Confidential or Restricted Confidential), I will promptly complete a new Agreement.

2013 NPMA Fall Conference Value Through Professional Asset Management HIPAA – Final Comments  Review your asset policies and procedures Are you tracking just assets or data devices also? Are you using one system or multiple systems? Can you identify data devices at the req/PO level?

2013 NPMA Fall Conference Value Through Professional Asset Management X Ray Producing Devices  CT Scanner  Mammography Units  Ultrasound Systems

2013 NPMA Fall Conference Value Through Professional Asset Management CT Scanner – Basic Components  Basic Components Gantry Console (typically located in an adjacent room) Electronics

2013 NPMA Fall Conference Value Through Professional Asset Management CT Scanner - Image

2013 NPMA Fall Conference Value Through Professional Asset Management CT Scanner – Site ID  Site ID Characteristics Never changes Referenced on the FDA Master Device Equipment Record Referenced on all maintenance and vendor work Referenced on all upgrades to original asset

2013 NPMA Fall Conference Value Through Professional Asset Management CT Scanner – Site ID  Forklift Upgrade Site ID does not change Major upgrade to components Magnet is not replaced

2013 NPMA Fall Conference Value Through Professional Asset Management CT Scanner – Asset Record  Parent and Child Parent - Gantry  Child - Console  Child - Electronics

2013 NPMA Fall Conference Value Through Professional Asset Management CT Scanner – Future Upgrades  Partial disposal and add new child  Keeps the Site ID until final disposition of asset  Can use standard useful life for new child  Offers better tracking of cost and depreciation

2013 NPMA Fall Conference Value Through Professional Asset Management Surgical Instruments  Track in asset management system or expense  Budget guidelines are important to AM. Get involved  Surgical kits – easy target for capital/expense games  Guideline Example - A set or case of surgical instruments estimated at $5,000 or greater are a valid capital equipment request provided that at least one item in the set has a minimum unit cost of $5,000.

2013 NPMA Fall Conference Value Through Professional Asset Management Inventory Tracking Improvements  Medical equipment requiring maintenance or calibration Obtain maintenance and calibration records from department responsible for providing this service.  Have them scan asset tags when they scan serial #  Best of both worlds: tag scan for inventory and serial # validation for tag on asset record

2013 NPMA Fall Conference Value Through Professional Asset Management Inventory Tracking Improvements  Hospital Beds Cleaned after each use  Make scanning the asset tag part of their routine  Tag scans can be used to support their documentation and give you a inventory hit

2013 NPMA Fall Conference Value Through Professional Asset Management Inventory Tracking Improvements  Equipment carts with laptops Have maintenance/calibration team scan the asset tags

2013 NPMA Fall Conference Value Through Professional Asset Management Making Tracking Improvements  Identify departments that routinely touch assets  Meet with them frequently  Find a benefit for them to scan and use the asset tag  Bring a scanner Bring enough to go around  Follow up….follow up….follow up

2013 NPMA Fall Conference Value Through Professional Asset Management The Wrap  GAAP and Medicare Consistent application of institutional accounting policies Don’t violate you own policies for any accommodation  It will be selected from a random sample  Never fails to be selected

2013 NPMA Fall Conference Value Through Professional Asset Management The Wrap  More Medicare Be prepared to support differences in capital thresholds Be able to defend useful life assigned to assets Decide how much, if any, building service equipment will be tagged and tracked separately from the building

2013 NPMA Fall Conference Value Through Professional Asset Management The Wrap  HIPAA Don’t have a breach Review all asset and data device tracking policies Get a seat at the table

2013 NPMA Fall Conference Value Through Professional Asset Management Questions Remember – Bring something you learned back to your workplace.