Kusserow on Compliance: Benefits of employing compliance liaisons

Kash Chopra is an MBA and J.D. consultant with Strategic Management, a firm that has built managed evaluated and enhanced hundreds of compliance program. She is a strong advocate for compliance officers making use of Compliance Liaisons (CLs) and notes that many organizations with multiple sites have found them an effective adjunct to the compliance program which can be used to champion the program at outlying or remote facilities or locations.  Among the major benefits of CLs is that they can serve an important role in extending the reach of the compliance office to an organization’s different geographies and businesses. There are many other benefits in that they can be used to develop and expand proactive approaches to regulatory interactions, ensure full visibility regarding what is happening in outlying facilities and locations, and provide the ability to communicate compliance office initiative at their locale while communicating what is happening in their business environment. The CL’s provide an avenue by which to keep organization leadership informed on how shifts in the regulatory landscape are affecting current and—equally important—proposed operational activities. In addition to understanding the organization’s inherent regulatory risks, they should have basic understanding of regulators’ expectations as to how the organization can mitigate risks. However she warns, to be effective, it is very important that they are provided with clear and detailed responsibilities as well as the resources, authority, and independence required to conduct their duties effectively.

 

Compliance Liaison Benefits

  • Raising and maintaining compliance awareness at the local area
  • Providing early identification emerging risks areas and issues
  • Aiding in the investigation and resolution of compliance issues
  • Communicating information on compliance priorities to department faculty and staff
  • Assisting in planning and implementing compliance education/training programs
  • Assisting in development of effective auditing/monitoring plans
  • Providing a channel to refer compliance issues to the compliance office
  • Calling attention to emerging compliance-related issues
  • Assisting in communicating regulatory and legal issues to help ensure compliance
  • Tracking specific metrics for the compliance office
  • Providing a process for responding to regulator requests
  • Assisting in scheduling meetings to discuss compliance matters
  • Providing a process for escalating compliance issues
  • Tracking compliance issues from identification, through investigation to resolution

For more information, Chopra can be reached at KChopra@strategicm.com or (703) 535-1413

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: OIG issues annual report on top management challenges facing HHS

Annually, the OIG prepares a summary of the most significant management and performance challenges facing the Department of Health and Human Services. This summary is referred to as the Top Management Challenges (TMC). The OIG forecasts new and emerging issues HHS will face HHS in the years to come. The current TMCs are identified as follows:

  1. Preventing and Treating Opioid Misuse. The challenges includes (a) reducing inappropriate prescribing and misuse of opioids; (b) combating fraud and diversion of prescription opioids and potentiator drugs; (c) ensuring access to appropriate treatment for opioid use disorder; and (d) ensuring that funding for prevention and treatment is used appropriately

 

  1. Ensuring Program Integrity in Medicare Fee-for-Service and Effective Administration of Medicare. Medicare spending represents over 15 percent of all federal spending and it is estimated that the Trust Fund for Medicare Part A will be depleted by 2026. Challenges include (a) reducing improper payments; (b) combating fraud; (c) fostering prudent payment policies; and (d) maximizing the promise of health information technology.

 

  1. Ensuring Program Integrity and Effective Administration of Medicaid. Medicaid is the largest federal health care program, with 67 million individuals enrolled, and expenditures of $592 billion. Challenges include (a) improving the reliability of national Medicaid data; (b) reducing improper payments; (c) combating fraud; and (d) ensuring appropriate Medicaid eligibility determinations.

 

  1. Ensuring Value and Integrity in Managed Care and Other Innovative Healthcare Payment and Service Delivery Models. Managed care and other innovative models promote innovation and effectiveness. Challenges include (a) ensuring effectiveness and integrity in new models; (b) combating provider fraud and abuse; (c) fostering compliance by managed care organizations.

 

  1. Protecting the Health and Safety of Vulnerable Populations. HHS programs provide critical health and human services to many vulnerable populations in many different settings. Challenges include (a) ensuring the safety and security of unaccompanied children in HHS care; (b) addressing substandard nursing home care; (c) reducing problems in hospice care; (d) mitigating risks to individuals receiving home- and community-based services; (e) ensuring access to safe and appropriate services for children; and (f) addressing serious mental illness.

 

  1. Improving Financial and Administrative Management and Reducing Improper Payments. With annual outlays of over $1.1 trillion, HHS must also ensure the completeness, accuracy, and timeliness of any financial and program information provided to other entities. Challenges include (a) addressing weaknesses in financial management systems; (b) addressing Medicare trust fund issues/social insurance; (c) reducing improper payments; (d) improving contract management; and (d) implementing the DATA Act.

 

  1. Protecting the Integrity of HHS Grants. In FY 2017, HHS awarded $101 billion in grants (excluding CMS) that requires additional verification of existing controls and reporting requirements. Challenges include (a) ensuring appropriate and effective use of grant funds; (b) ensuring effective grant management at the department level; (c) ensuring program integrity and financial capability at the grantee level; and (d) combating fraud, waste, and abuse.

 

  1. Ensuring the Safety of Food, Drugs, and Medical Devices. FDA has the challenge of ensuring the safety and security of the nation’s food and medical products (including drugs, biological products, and medical devices), which directly affect the health of every American. Challenges include (a) ensuring food safety; (b) ensuring the safety, effectiveness, and quality of drugs and medical devices; and (c) ensuring the security of drug supply chains.

 

  1. Ensuring Quality and Integrity in Programs Serving American Indian/Alaska Native Populations. Many HHS programs provide health and human services to AI/ANs throughout the U.S. Challenges include (a) addressing deficiencies in IHS management, infrastructure, and quality of care; and (b) preventing fraud and misuse of HHS funds serving AI/AN populations.

 

  1. Protecting HHS Data, Systems, and Beneficiaries from Cybersecurity Threats. Challenges include (a) protecting data on internal systems; (b) overseeing the cybersecurity of data in cloud environments; (c) ensuring that providers, grantees, and contractors are adhering to sound cybersecurity principles; (d) securing HHS’s data and systems; and (e) advancing cybersecurity within the healthcare ecosystem.

 

  1. Ensuring that HHS Prescription Drug Programs Work as Intended. HHS oversees coverage of prescription drugs under various programs operated by the Department. Challenges include (a) protecting the integrity of prescription drug programs; (b) fostering prudent payments for prescription drugs; and (b) ensuring appropriate access to prescription drugs.

 

  1. Ensuring Effective Preparation and Response to Public Health Emergencies. HHS is responsible for ensuring both it and its State and local partners are prepared to respond to, and recover from, public health emergencies efficiently and effectively. Challenges include ensuring (a) access to health and human services during and after emergencies: (b) effective use and oversight of funding; and (c) effective and timely responses to infectious disease threats.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Is outsourcing HIPAA privacy worth considering?

The Ninth Annual Healthcare Compliance Benchmark Survey, conducted by SAI Global and Strategic Management Services, revealed that the highest-ranking priority focus for 2018 was dealing with data breaches. Nearly 75 percent of the 388 responding organizations reported that the compliance office had taken the responsibility for HIPAA Privacy. The Survey also indicated compliance office resources were being strained in meeting all their responsibilities. This was underscored with the reported fact that 75 percent of compliance offices were staffed with five or fewer staff, with one third of offices having only a one person staff.

Kash Chopra, JD, MBA, has outsourced a number of data protection officers (DPOs) in a variety of organizations, as result of the fact that many compliance offices don’t have the experience and knowledge to address the wide range of duties and responsibilities of privacy offices. This is consistent with a growing trend of outsourcing functions that are not at the core of the mission of the organization. When providing outsourced DPOs, they are normally placed under direction of the compliance officer. Most of the DPOs she has provided work at or below an average of 20 hours per week with most of the work being performed remotely.  What makes this possible is that  DPOs already have expertise and are current on state and Federal requirements, as well as what is needed in the development, implementation, and maintenance of privacy policies and key documents that address privacy requirements. The DPO will know how to address and oversee the monitoring of data access and investigations as well as breaches and complaints. Among the advantages of using DPOs are:

  1. Permits compliance officers to focus on other compliance areas
  2. Not paying the loaded cost of a fulltime W-2 employee
  3. DPOs are more efficient with no learning curve on HIPAA
  4. Bring experience and detailed knowledge of federal and state laws/regulations
  5. Experience in dealing with privacy issues
  6. Better risk protection
  7. Lower fixed costs and reduced staff workload
  8. Expertise in HIPAA/HITECH privacy and security compliance

Chopra can be reached at KChopra@strategicm.com or (703) 535-1413 for more information about using HIPAA experts to serve as a DPO.

 

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.

Kusserow on Compliance: Understanding and addressing whistleblowers

The vast majority of the cases resolved by the Civil Division of the Department of Justice (DOJ) were cases brought by “whistleblowers” under the qui tam provision of the False Claims Act (FCA). Whistleblowers are responsible for an even higher percentage of cases resulting in OIG Corporate Integrity Agreements (CIAs). Although most compliance officers are well aware of this program, many remain unclear as to how the process works. Tom Herrmann, J.D., who served over 20 years in the Office of Counsel to the OIG and as an Appellate Judge for the Medicare Appeals Board, explained that Congress permitted a whisltleblower called the “Relator” to file a case with the DOJ under the FCA.  Since this provision of law went into effect in 1986, there have been over 10,000 qui tam cases filed with a current average of one such case being filed every day of the year. The intent was to create incentives for private parties to detect and pursue fraud under the FCA. In return for reporting this information, Relators receive a portion (usually about 15 to 25 percent) of any recovered damages.  Once the lawsuit is filed, it is placed “under seal”, meaning that it is kept secret from everyone but the government, in order to give the DOJ enough time to investigate the allegations in deciding whether to join (“intervene”) in the case. Intervention by the DOJ occurs only in about one in five qui tam lawsuits, leaving whistleblowers the option to pursue cases on their own, however the chances of success are much lower than in cases when the government joins. Most successful qui tam cases are resolved through settlement negotiations rather than a court trial, although trials may occur.

Kash Chopra, J.D., noted that the overwhelming number of cases that result in a CIA, arise from whistleblowers and these, in turn, are based upon violations of the federal Anti-Kickback Statute (AKS). It is the government’s position that all claims arising from a corrupt arrangement violating the AKS or in some cases, the Stark Law, are considered fraudulent. This is even when the services rendered were needed and provided appropriately.  She advises here clients that the best ways to manage the whistleblower risk is to ensure that they are channeled through internal communication channels and their complaints are promptly evaluated, investigated, and resolved.  It is worth considering the following:

  1. Using outside experts to independently audit arrangements with physicians and evaluate compliance communication channel effectiveness.
  2. Ensuring a 24/7 hotline operated externally by experts in recognizing health care compliance issues.
  3. Reviewing/updating hotline-related polices/procedures (confidentiality, anonymity, non-retaliation, duty to report, etc.).
  4. Making sure that the duty to report suspected wrongdoing is explained in the Code, policies and training.
  5. Having trained and competent people on hand to conduct prompt and competent investigations of matters raised through the hotline.
  6. Moving quickly to use CMS and OIG self disclosure protocols when there is credible evidence of violations; and not wait until the DOJ gets involved.

For more information on this subject, Kashish Parikh-Chopra can be reached at kchopra@strategicm.com or via telephone at (703) 535-1413.

Richard P. Kusserow served as DHHS Inspector General for 11 years. He currently is CEO of Strategic Management Services, LLC (SM), a firm that has assisted more than 3,000 organizations and entities with compliance related matters. The SM sister company, CRC, provides a wide range of compliance tools including sanction-screening.

Connect with Richard Kusserow on Google+ or LinkedIn.

Subscribe to the Kusserow on Compliance Newsletter

Copyright © 2018 Strategic Management Services, LLC. Published with permission.