Ex­perts talk about what it takes to stay com­pli­ant

Three ex­perts dis­cuss strate­gies to avoid le­gal pit­falls of fed­eral pro­grams


Editor’s note: The fol­low­ing is an edited excerpt of a full tran­script of a Nov. 30, 2011 editorial we­b­cast, “Stay­ing com­pli­ant,” con­ducted by Modern Health­care. The pan­elists were Marti Arvin, chief com­pli­ance of­fi­cer at UCLA Health Sys­tem and the David Gef­fen School of Medicine at UCLA in Los An­ge­les; David Matyas, a health­care com­pli­ance

Joe Carl­son: Marti, is there any­thing mean­ing­ful that a com­pli­ance of­fi­cer can do, say in the first hour, af­ter you hear there’s been a data breach? Do you have some kind of a spe­cific emer­gency call that needs to be made when a data breach has been re­ported?

Marti Arvin: It’s dif­fi­cult to say in the first hour, Joe, what you would ex­actly do be­cause, ob­vi­ously like many com­pli­ance is­sues, it’s go­ing to be based on the na­ture of the is­sue. When you get that phone call that says, “My hard drive has been stolen,” then ob­vi­ously you want to make calls to the ap­pro­pri­ate key lead­ers in the or­ga­ni­za­tion and then very quickly, maybe not within the first hour, you want to get your me­dia re­la­tions folks in­volved be­cause you don’t know who else may learn that in­for­ma­tion. In the par­tic­u­lar case we had re­cently, there was a po­lice re­port and so we didn’t know if oth­ers might ac­quire that po­lice re­port in some way, so it’s mak­ing peo­ple aware and start­ing to an­a­lyze what’s the na­ture of the data and were there pro­tec­tions around it that might help min­i­mize your risk and the risks to the pa­tients whose in­for­ma­tion was on the de­vice? So the key thing for us is no­ti­fy­ing those ap­pro­pri­ate peo­ple in the or­ga­ni­za­tion and very quickly get­ting the process started to an­a­lyze the in­for­ma­tion so that as quickly as pos­si­ble you can no­tify the im­pacted pa­tients, par­tic­u­larly if there’s highly sen­si­tive in­for­ma­tion on the de­vice.

Carl­son: David, you men­tioned Medi­care sus­pen­sion be­ing a pos­si­bil­ity un­der pro­vi­sions in the Pa­tient Pro­tec­tion and Af­ford­able Care Act for cred­i­ble al­le­ga­tions of fraud, and I was think­ing back to that, re­mem­ber­ing when the law came out. When the ini­tial rule­mak­ing came out, I was un­der the im­pres­sion that that had more to do with kind of your fraud hot at­tor­ney with Ep­stein, Becker & Green in Washington; and James Sheehan, the former Med­i­caid in­spec­tor gen­eral for the state of New York. In an ex­change mod­er­ated by reporter Joe Carl­son, the pan­elists dis­cussed strate­gies to ad­dress the new le­gal com­pli­ance chal­lenges cre­ated by the Pa­tient Pro­tec­tion and Af­ford­able Care Act. spots. You know, your Mi­ami durable med­i­cal equip­ment providers and that type of thing. Would that also ap­ply to hos­pi­tals and sort of gen­eral health­care providers?

David Matyas: It ab­so­lutely can and could. One of the prob­lems that we have with a piece of leg­is­la­tion like the Af­ford­able Care Act, which was drafted and passed be­hind closed doors, is there is no leg­isla­tive his­tory as­so­ci­ated with it, so we don’t even have the ben­e­fit of commentary when it was be­ing adopted. While you’re cor­rect, Joe, some of those hot spot ar­eas—i don’t dis­agree that if there is the no­tion of an en­tity that’s en­gaged in fraud, why should the govern­ment con­tinue to dole out any money to them when they be­lieve that there’s fraud there? And, there­fore, we’d be send­ing more money out to some­one who’s cheat­ing the sys­tem. But it is cor­rect, as you said, at how it could be ap­plied to any or­ga­ni­za­tion, and a lack of a def­i­ni­tion of what it means for there to be cred­i­ble ev­i­dence of fraud. There are national in­ves­ti­ga­tions that go on day in and day out on var­i­ous top­ics where the govern­ment takes the po­si­tion that gen­eral prac­tices that have been en­gaged in by many or­ga­ni­za­tions have been the sub­mis­sion of false claims. And they would po­ten­tially ar­gue that they have cred­i­ble al­le­ga­tions of fraud be­cause they see a sys­temic prob­lem even within the whole sys­tem. Does that mean that any and all of those hos­pi­tals other­wise should be sub­ject to hav­ing their pay­ment stopped— sus­pended—for a pe­riod of time? I don’t think so. And I don’t think that the govern­ment would go down that road. It’s just some­where where we need more clar­i­fi­ca­tion.

Carl­son: What additional pres­sures and work­load has the RAC pro­gram placed on com­pli­ance of­fi­cers? And if you could, Marti, please de­fine the RAC pro­gram.

Arvin: The re­cov­ery au­dit con­trac­tors ob­vi­ously have been cre­at­ing closer scrutiny of a num­ber of dif­fer­ent com­pli­ance ar­eas, so it’s a mat­ter of both en­sur­ing that when you get a RAC re­quest that you’re re­spond­ing to it and get­ting all the ap­pli­ca­ble doc­u­men­ta­tion to the re­cov­ery au­dit con­trac­tor, and then also if you note that there’s a par­tic­u­lar is­sue, if a RAC has re­quested 50 records on a par­tic­u­lar is­sue, then it is of­ten the case where you would want to ac­tu­ally eval­u­ate those same records your­self to see if there’s any sort of con­cern or sys­temic is­sue in your or­ga­ni­za­tion. So that adds to the work­load that you may al­ready have, just what I would call your more rou­tine au­dit­ing and mon­i­tor­ing in your com­pli­ance pro­gram. So RACS can def­i­nitely in­crease that work­load, and ob­vi­ously if you hap­pen to find a sub­stan­tial is­sue where your or­ga­ni­za­tion is not do­ing some­thing as well as they should, then





Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.