By Don Sadler
Hospitals and ambulatory surgery centers (ASCs) must comply with myriad rules, regulations and laws from an alphabet soup of regulatory entities. These include CMS, OSHA, HHS, the CDC and HIPPA, to name just a few.
Penalties and fines for failure to comply with these entities’ various rules and regs can be severe. This makes compliance a critical issue for every health care organizations.
What is Health Care Compliance?
Beverly Kirchner, BSN, RN, CNOR, CNAMB, has been actively involved in helping hospitals and ASCs understand and meet their compliance responsibilities.
She defines compliance for health care organizations as “an ongoing process undertaken to meet or surpass the legal, principled (ethical and moral) and professional standards that are valid and relate to the health care organization and its departments.”
Kirchner says that CMS regulations for hospitals and ASCs are a major part of compliance. “Each entity has its regulations, but in the case of hospitals ORs, several regulations cross to both departments, such as life safety, construction and HIPAA.”
“OSHA and HIPAA are also a big part of ASC and hospital compliance requirements and responsibilities,” Kirchner adds. “And states have licensure laws with which hospitals and ASCs must comply.”
David Hoffman is the founder of David Hoffman & Associates, PC, a consulting firm that focuses on legal, regulatory and clinical compliance for health care organizations. Before starting his firm, Hoffman was a federal prosecutor specializing in health care fraud.
“Compliance for hospitals and ASCs is a very complex, highly regulated issue,” says Hoffman. “It takes a lot of teamwork among health care staff to make sure that all of the applicable rules and regulations are being followed.”
According to Hoffman, health care organizations are subject to the Federal False Claims Act, which is a federal civil fraud statute. The penalties for filing false medical claims currently range from $11,803 and $23,607 per claim, he says.
But that’s just the beginning – treble damages, or triple this amount, are also added. “Now you’re into some real money,” says Hoffman.
The intent standard under the False Claims Act covers knowledge of false information resulting in submission or causing the submission of a false claim. According to Hoffman, this is defined not only as having actual knowledge of a false claim, but also as deliberate ignorance of the truth or falsity of the information or reckless disregard of the truth or falsity of the information.
“So the ‘ostrich’ defense doesn’t work,” says Hoffman. “Physicians can’t put their heads in the sand and say billing and proper coding are not their responsibility.”
The Main Question
According to J.D. Buchert, MSN, M.Ed., MS, RN, quality & safety manager, surgical services division at Parkland Hospital in Dallas, Texas, the main question when it comes to the consequences of not following laws and regulations is whether the event falls under ordinary non-compliance or gross negligence?
“In other words, did the facility know whether they placed the patient in danger or not?” says Buchert. “Non-compliant facilities tend to be at risk for higher financial losses, license revocation, business disruption, poor patient outcomes, loss of trust from patients and staff, and reputation damage. And this is all in addition to potential fines.”
Loss of Medicare certification is another potential consequence of non-compliance, says Kirchner. “In a worst-case scenario, the facility could actually close,” she says.
According to Kirchner, health care facilities that are found to be non-compliant may be able to avoid closure by working with the Office of Inspector General (OIG).
“The OIG has the authority to enter into an agreement known as a corporate integrity agreement, or CIA, in exchange for not sanctioning an organization,” says Kirchner. “We have learned that these agreements usually last five years and the organization must hire a monitor to oversee the quality of care.”
Role of the Compliance Officer
One of the most important keys to remaining in compliance is formalizing an ethics and compliance program. And this starts with appointing a compliance officer.
“A compliance officer is an employee who ensures the organization is compliant with outside regulatory and legal requirements,” says Kirchner. “The compliance officer also ensures that internal policies, procedures and bylaws are honored and followed while monitoring day-to-day behaviors within the organization.”
A compliance officer will also audit and test processes to ensure compliance, disclose any breaches, and check the compliance hotline regularly, investigating any complaints. Kirchner lists five key tasks of a health care compliance officer:
- Identification of problems or potential problems
- Problem prevention
- Monitoring and detecting problems
- Problem resolution
- Providing advice about compliance
According to Kirchner, there are two kinds of health care compliance officers:
A Corporate Compliance Officer (or Chief Compliance Officer) leads large groups of people toward obeying standards of conduct. These include bylaws, codes of conduct and policies and procedures.
A Regulatory Compliance Officer ensures the organization follows all industry standards, rules and regulations. “He or she is responsible for ensuring the organization has internal controls to manage risks, monitor for compliance, identify potential compliance risk, develop strategies to mitigate risk and oversee policy development,” says Kirchner.
“The corporate compliance officer’s focus is on ensuring that hospital processes and procedures comply with the law,” he says. “The regulatory compliance officer focuses on the internal aspect of controlling and managing risk by integrating standards from outside sources into the practice setting.”
Kirchner says that health care compliance officers should possess a number of key skills including:
- Risk assessment
- Conflict management
- The ability to interpret data
- Detail orientation
“The health care compliance officer reports directly to the facility’s governing board,” says Kirchner. “The compliance officer assures the governing board that the facility’s leadership and team are compliant with all relevant laws, rules and regulations; that there is a compliance plan and code of conduct in place; and that compliance reporting is completed per state, federal and accreditation body requirements.”
Staffing in ASCs usually doesn’t allow for a dedicated compliance officer with no other responsibilities, says Kirchner.
“This is unlike most hospitals, where the compliance officer usually has a whole team helping oversee auditing and compliance,” she says.
“If ASCs can afford to hire a dedicated compliance officer,” Kirchner adds, “I recommend they do so to help ensure the facility remains in compliance.”
Biggest Compliance Challenges
Hospitals and ASCs face a number of challenges when it comes to remaining in compliance. At the top of the list is simply keeping up with all of the laws, rules and regulations they have to follow, along with changes that are made, usually at least annually.
Updating their facilities’ compliance plan and its policies and procedures and performing audits are other big compliance challenges faced by hospitals and ASCs.
Kirchner says that staff education is critical to meeting the biggest compliance challenges. “How can you achieve compliance if the staff doesn’t know what regulations, laws and accrediting standards must be followed?” she says.
Hoffman agrees. “Knowledge and education are key,” he says. “Physicians and billing departments need to be aware of their compliance obligations and know what all the rules and risks are.”
Buchert says high levels of physician and nurse turnover magnify compliance challenges. “The recent mass exodus of health care workers is definitely making compliance more difficult,” he says.
Buchert points to recent changes in filing for Medicare and private insurance reimbursement as an example of how turnover can lead to compliance problems. “If a health care facility improperly files reimbursement by accident, this can be construed as fraud and abuse of the payment system,” he says. “That’s why compliance with proper coding and billing is critical.”
Hoffman believes that the biggest compliance issue facing hospitals and ASCs is medical necessity. “Is there really a need for the surgery?” he says. “Is it medically necessary? Billing for unnecessary procedures is a big compliance concern today.”
Create a Culture of Compliance
According to Hoffman, the most important thing hospitals and ASCs can do to remain in compliance is to create a culture of compliance that starts at the top.
“You’ve got to have buy-in from the C-suite,” he says. “Compliance is everyone’s responsibility, including upper management.”
“HHS OIG guidance calls for hospitals and other health care organizations to create a culture of compliance,” adds Kirchner. “This type of culture endorses preventing, detecting and resolving behavior that does not follow government and state laws, including public and private health care program requirements.”
Buchert stresses the importance of building employee engagement.
“All employees need to understand their obligations and the role they play in keeping the facility compliant,” he says. “This includes identifying areas of weakness and focusing on a plan to rectify potential problems.”
Hospitals and ASCs should also maintain all documentation and data related to their compliance efforts. “This includes audit procedure records from the patients’ first moments in the facility to when they are discharged to determine if policies and procedures were followed,” says Buchert.
“This will provide a foundation for understanding what is happening in the facility,” he adds. “It’s a quality role that can save the facility money in the long run.”
Buchert also recommends forming an interdisciplinary team to focus on compliance. “The compliance officer should chair this team and set forth responsibilities for administration and enforcement of the compliance process,” he says.
Kirchner points out that even with a full-time compliance officer, the officer’s scope is limited.
“It’s hard to keep up with all the different departments and all the rules, regulations and laws that govern health care,” she says. “Department leaders and staff need to be aware of the compliance requirements for their areas and work with the compliance officer to ensure the department is meeting and exceeding them.”
Benefits of Focusing on Compliance
Taking appropriate steps to make sure your hospital or ASC remains in compliance brings benefits beyond minimizing financial losses, business disruption and license and certification revocation.
“As a former military man, I find that compliance brings organization and serenity to a health care facility,” says Buchert. “When a facility is compliant, it runs like a smoothly oiled machine. All parts work well together to move the whole unit forward successfully.”
“A compliant facility can reward its staff and patient population on many levels,” Buchert adds. “But the pride carried by a compliant facility truly does lead to higher employee retention, success as a business and better patient outcomes.”
“Simply put, compliance means safety,” says Kirchner. “It helps ensure that the staff, patients and visitors are in an environment that promotes respect, transparency and quality care. Compliance not only protects the people, but it protects the business as well.”