Complete a case study presentation.

Description

This final project will include material from the modules covered in class. Find a case study on this website https://psnet.ahrq.gov/webmm-case-studies?page=1 that has all the material down below

In your presentation, make sure to include the following information:

Corporate Compliance:

– Describe the case study or problem(s).

– Identify parties responsible

– Identify any ethical or legal issues regarding the case.

– What are protocols are laws currently in place regarding issues such as this?

– Is there a standard of care that should be followed?

– Find 1 or 2 similar cases online. Describe details of those cases. What was done in these scenarios?

Risk Management:

– Identify areas of risk.

– Include a fishbone diagram of the risks identified.

– What domains of risk were affected?

Quality Management:

– Describe how quality of care was/is compromised.

– What could have been done differently to improve the quality of care provided to the patient?

– What can be done to prevent this from happening again?

– Think about what measures are currently in place to prevent this issue. Think about how these measures can be better implemented, measured, and improved upon to prevent this issue from occurring again.

Unformatted Attachment Preview

Quality Management in Healthcare
BSHS 4210: Capstone Project
What is Quality?
The Institute of Medicine (IOM) defines
quality of care as “the degree to which
health services for individuals and
populations increase the likelihood of
desired health outcomes and are consistent
with current professional knowledge”.
What is Quality Management?
The effort we make to continuously improve
our ability to meet or exceed our customers’
needs and expectations.
Note: The definition of quality management is
not confined to a patient’s needs. Patients don’t
always know what they need in healthcare.
However, they know what they expect. (Think
about non-health expectations of a provider).
How do organizations achieve quality?
Achieving quality requires
knowledge of customer
expectations, knowledge of output
performance, knowledge of
process, and management of
employee actions to continuously
improve the processes.
Step 1: Identify your customer
The one you serve
The one that
receives benefits
of your labor
The reason you
have a job
Internal customers vs. External customers
Internal
• Nurses
• Physicians
• Students
• Employees
• Trainees
• Departments
• Committees
External
• Patients
• Patient’s families
• Visitors
• Referring physicians
• Doctor’s offices
• Third-party payers
Step 2: How are you meeting your
customer’s needs?
Don’t just mail out a survey, talk to them.
Break down barriers and communicate
Discuss needs and expectations
Step 3: Measure output performance
Joint Commission Survey
Patient Surveys
Employee Surveys
Six Dimensions of Healthcare Performance
The 2001 Institute of Medicine (IOM) report, Crossing the Quality
Chasm: A New Health System for the 21st Century identified six key
dimensions of health performance that need improving
Healthcare should be:
Safe
Effective
• Unintended
patient
injuries should
be avoided
• Based on
scientific
knowledge,
service should
be provided to
all who could
benefit.
Services
should not be
provided to
people who
are not likely
to benefit. We
should avoid
underuse of
services as
well as
overuse
Patient –
centered
• This means
providing care
that is
respectful of
and
responsive to
individual
patient
preferences,
need, and
values and
ensuring that
patient values
guide all
clinical
decisions
Timely
Efficient
Equitable
• We should
reduce waits
and
sometimes
harmful delays
for those who
receive care
• We should
avoid wastes
of equipment,
supplies, ideas
and energy
• This means
that
healthcare
should not
vary in quality
because of a
patient’s
personal
characteristics
such as
gender,
ethnicity,
geographic
location, and
socioeconomic
status
Quality Improvement Models
LEAN Model
This model defines value by what a
customer (i.e., patient) wants. It maps
how the value flows to the customer (i.e.,
patient), and ensures the competency of
the process by making it cost effective
and time efficient.
Goal: Efficiency – Improve flow and
eliminate waste
Six Sigma Models
Six Sigma: Six Sigma is a measurement-based strategy for process
improvement and problem reduction. It is completed through the application
of the QI project and accomplished with the use of two Six Sigma models:
1) DMAIC (define, measure, analyze, improve, control), which is designed to
examine existing processes, and
2) DMADV (define, measure, analyze, design, verify) which is used to develop
new processes.
Goal: Effectiveness – Eliminate defects and reduce variations
Model for Improvement: PDSA Cycle
Plan a change
Do the change
Study the results
Act on the results
• What changes
are we going
to make based
on our
findings?
• What were
the results?
• What exactly
are we going
to do?
Act
Plan
Study
Do
• When and
how did we do
it?
Model for Improvement: PDSA Cycle
This model focuses on three questions to set the aim or
organizational goal, establish measures, and select changes:
1.
2.
3
• What are we trying to accomplish? (Aim)
• How will we know that change is an improvement? (Measure)
• What change can we make that will result in an improvement?
(Process)
In-class Group Activity
•
•
•
•
•
Get into groups of 2
Choose a healthcare organization
Describe how this healthcare
organization has already or is expected
to contribute to improving
performance in each of the key
dimensions identified by the IOM.
What are some factors that could
inhibit improvements in these areas?
Use publicly available data to measure
performance (Medicare)
References
•

•
http://www.stratishealth.org/documents/QI-Basics-facilitator-guide.pdf
•
http://www.stratishealth.org/expertise/quality/QIBasics.html
•
https://www.hrsa.gov/sites/default/files/quality/toolbox/508pdfs/qualityimprovement.pdf
•
http://www.mass.edu/mcncps/orientation/PowerPoint/Quality.pdf
•
https://www.cms.gov/medicare/provider-enrollment-and-certification/qapi/downloads/pdsacycledebedits.pdf
•
Health Care Quality Management Student Workbook – 4th Edition
Risk Management in Healthcare
Brief Overview
What is Risk and Risk Management
Domains of Risk and Examples of Healthcare Risks
Steps in Risk Management
Risk Identification
Risk Evaluation
Implementing Strategies to Reduce Risk
Healthcare Laws, Regulations, and Programs
What is a Risk?
“Probability or threat of damage,
injury, liability, loss, or any other
negative occurrence that is caused by
external or internal vulnerabilities, and
that may be avoided through
preemptive action.”
Source: http://www.businessdictionary.com/definition/risk.html
What is Risk Management?
“The discipline by which an organization
identifies, assesses, controls, measures and
monitors various risks and opportunities for the
purpose of achieving the entity’s strategic and
financial objectives”
Source: https://www.soa.org/globalassets/assets/Files/Newsroom/news-erm-fact-sheet.pdf
Risk Assessments help answer the following questions:
What can go
wrong?
Is there a need
for action?
How can it go
wrong?
Why does it go
wrong?
Who does it
affect?
How often does it
go wrong? What
is the extent?
Source: http://www.dbhds.virginia.gov/library/quality%20risk%20management/qrm-a%20simple%20approach%20to%20risk%20assessment.pdf
Identify
What? How?
Steps in Risk
Assessment
Review/
Evaluate/
Monitor
Program
Risk
Management
Is it
working?
Evaluate
Why? How
often? Who?
Action
Needed?
Develop
and
Implement
Strategies
Risk
Identification
Why is it important for organizations
to identify issues?
What must organizations do to identify
issues within their system?
Surface
Reality
Methods of Risk Identification
1. Brainstorm
2. SWOT Analysis
3. Eight Risk Domains
4. Root Cause Analysis (RCA)
Source : https://www.ashrm.org/sites/default/files/ashrm/ERM-White-Paper-8-29-14-FINAL.pdf
Brainstorm
• Gather information – Interviews, staff/departmental meetings,
surveys or review quality reports to identify problem areas
• Create a list – List out what issues the organization is facing
SWOT Analysis
• Identifying Strengths,
Weaknesses, Opportunities
and Threats.
• To Remember:
• Strengths and Weaknesses are
usually internal to the organization.
• Opportunities and Threats are
usually external to the organization.
Strengths
Weaknesses
SWOT
Opportunities
Threats
Eight Risk Domains
in
Risk Management
Eight Risk Domains
Can you think of risk examples in
healthcare for each of these
domains?
Root Cause Analysis
The dictionary defines “root cause”
as the fundamental cause, basis, or
essence of something, or the source
from which something derives.
Root cause analysis is a systematic
process for identifying “root causes”
of problems or events and an
approach for responding to them.
Source: https://www.thehealthcompass.org/how-to-guides/how-conduct-root-cause-analysis
Goals of the Root Cause Analysis (RCA) is to identify:
1
2
3
4
• What happened?
• Why it happened?
• How it happened?
• Actions to prevent reoccurrence of problems
Source: https://www.thehealthcompass.org/how-to-guides/how-conduct-root-cause-analysis
Steps to Identify Root Causes
1
2
3
4
5
6
• Define the problem.
• Gather information, data and evidence.
• Identify all issues and events that contributed to the problem.
• Determine root causes.
• Identify recommendations for eliminating or mitigating the reoccurrence of problems
or events.
• Implement the identified solutions
Source: https://www.thehealthcompass.org/how-to-guides/how-conduct-root-cause-analysis
Root Causes Analysis Methods
Fault Tree
Analysis
Five Whys
Tool
Pareto
Analysis
Fishbone
Diagrams
Fault Tree Analysis
• Refer to Video:
https://www.youtube.com/watch?v=aVfMsPOKr
ak
• We will not be using this tool in class and will
not be covering this tool in depth. However, it is
important for you to know what it is and what it
looks like.
• Refer to the image on the right for an example
of what a fault tree analysis looks like:
Source: http://asq.org/quality-progress/2002/03/problem-solving/what-is-a-fault-tree-analysis.html
The Five Whys Method
The Five Whys is a
simple problemsolving technique
that helps to get to
the root of a problem
quickly.
Five Whys strategy
involves looking at
any problem and
drilling down by
asking: “Why?” or
“What caused this
problem?”
The goal of this tool is
to prompt another
“Why” till you get to
the root of the
problem.
Source: https://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/QAPI/downloads/FiveWhys.pdf
Example of the Five Whys Method (CMS)
Problem statement – your car gets a flat tire on your way to work.
1. Why did you get a flat tire?
• You ran over nails in your garage
2. Why were there nails on the garage floor?
• The box of nails on the shelf was wet; the box fell apart and
nails fell from the box onto the floor.
3. Why was the box of nails wet?
• There was a leak in the roof and it rained hard last night.
Source: https://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/QAPI/downloads/FiveWhys.pdf
Pareto Analysis
• Is a useful technique for prioritizing problem-solving work, so that the first
piece of work you tackle simultaneously resolves the greatest number of
problems.
• Refer to video: The Pareto Principle
20% Effort
Source: http://www.free-management-ebooks.com/news/pareto-analysis/
80%
Results
Steps to do a Pareto Analysis
1
2
3
4
5
• List problem areas
• Identify root cause for each problem
• Score each problem in terms of importance
• Group those with same root cause
• Fix problems with highest score
Source: http://www.free-management-ebooks.com/news/pareto-analysis/
Fishbone Diagrams
1
2
3
4
• Also known as a cause and effect analysis/ Ishikawa diagram
• Ideal problem solving tool for management
• Helps managers and leaders brainstorm root causes to issues
• Provides a clear visual by grouping organizational issues into
categories
Source: https://www.cms.gov/medicare/provider-enrollment-and-certification/qapi/downloads/fishbonerevised.pdf
Fishbone Diagram Example (CMS)
Source: https://www.cms.gov/medicare/provider-enrollment-and-certification/qapi/downloads/fishbonerevised.pdf
Risk Evaluation
What to look for when evaluating risks:
1
2
3
• Look for repetitions and group them. Have similar risks been
brought up before by multiple units?
• Look for risks that are cost-effective and easy to implement
• Look for risks that already have solutions and strategies in place
and make sure that the ones in place actually WORK.
Source : https://www.ashrm.org/sites/default/files/ashrm/ERM-White-Paper-8-29-14-FINAL.pdf
Risk Score
– Not an exact measure. However, it is still helpful to sort and organize risks.
– Tool used by managers and administrators to gain a better understanding
of the organization’s risk.
– Doing this allows them to better understand which risks need to be
prioritized.
– “A Likert scale ranking of one (1) to five (5) is most often used. With 1
being the lowest, least likely to occur, or least impactful. Using the range of
1 to 5 for both dimensions the highest ranking is 25.”
Sources : https://www.ashrm.org/sites/default/files/ashrm/ERM-White-Paper-8-29-14-FINAL.pd
http://www.dbhds.virginia.gov/library/quality%20risk%20management/qrm-a%20simple%20approach%20to%20risk%20assessment.pdf
Risk Score Formula
– “Likelihood also referred to as frequency or probability, refers to the number
of times an adverse event or occurrence (a risk) will happen. This dimension
is expressed in terms of a number or ratio. “
– “Impact also referred to as severity, refers to the anticipated outcome of the
risk if it occurs. Impact is most often referenced in financial terms (dollars $)
and can also be referred to as “vulnerability”, “consequences”. “
Likelihood
X
Impact
Source : https://www.ashrm.org/sites/default/files/ashrm/ERM-White-Paper-8-29-14-FINAL.pdf
=
Risk Score
Risk Map
– Also known as risk matrix or heat map
– Can also be referred to as a heat map
due to the colors that are used.
– X axis is the likelihood.
– Y axis is the impact.
Source : https://www.ashrm.org/sites/default/files/ashrm/ERM-White-Paper-8-29-14-FINAL.pdf
Risk Map
Low Risk (Green)
• Are usually Quick and easy actions. The can be implemented immediately.
Moderate Risk (Yellow)
• Actions are usually implemented as soon as possible but no later than next 60 – 90 days.
High Risk (Orange)
• Actions are usually implemented as soon as possible but no later than 30 days.
Extreme Risk (Red)
• Requires urgent action. Immediate corrective action needed.
Source: http://www.dbhds.virginia.gov/library/quality%20risk%20management/qrm-a%20simple%20approach%20to%20risk%20assessment.pdf
Implementation
Strategies to
Reduce Risk
Implementation Strategies to Reduce Risk
– Review this website for examples
and definitions of each of these
implementation strategies: Risk
Management Strategies
Source: https://www.theamateurfinancier.com/blog/risk-management-
Low Likelihood
High Likelihood
Low Impact
Retain
Reduce
High Impact
Transfer
Avoid
Healthcare Laws,
Regulations, Programs
and Organizations
Joint Commission on Accreditation of Healthcare
Organization (JCAHO)
– Founded in 1951
– Independent, non-profit organization
– It is an accrediting body that aims to maintain the highest standards in
healthcare organizations and improve their process and performance.
– Consists of surveyors (including doctors, nurses and other healthcare
workers) who are trained to inspect and survey various healthcare
facilities.
– They look to see if the healthcare organization is maintaining and
following proper protocol in safety and quality.
– In order for an organization to be accredited, they must pass the on-site
survey that is conducted every 3 years. For clinical laboratories, the onsite survey is conducted every 2 years.
– As of 2018, 77% of the nation’s hospitals have been accredited by JCAHO.
Source: https://www.jointcommission.org/
Sentinel Event (JCAHO)
A sentinel event is a patient safety event (not
primarily related to the natural course of the
patient’s illness or underlying condition) that
reaches a patient and results in any of the following:
• Death
• Permanent harm
• Severe temporary harm
Source: https://www.jointcommission.org/
Goals of the Sentinel Event Policy (JCAHO)
1. To have a positive impact in improving patient care, treatment,
and services and in preventing unintended harm
2. To focus the attention of a hospital that has experienced a
sentinel event on understanding the factors that contributed to
the event (such as underlying causes, latent conditions and
active failures in defense systems, or hospital culture), and on
changing the hospital’s culture, systems, and processes to
reduce the probability of such an event in the future
3. To increase the general knowledge about patient safety events,
their contributing factors, and strategies for prevention
4. To maintain the confidence of the public, clinicians, and
hospitals that patient safety is a priority in accredited hospitals
Source: https://www.jointcommission.org/
Centers for Medicare and Medicaid Services (CMS)
– “The Centers for Medicare & Medicaid Services (CMS) is part of the
Department of Health and Human Services (HHS). CMS administers programs
including: Medicare, Medicaid, the Children’s Health Insurance Program
(CHIP), and the Health Insurance Marketplace” (CDS, 2020).
– They service over 100 million people.
– Their goal is to provide high-quality care that is affordable.
– CMS requires healthcare organizations to have proper risk management and
assessment techniques in place. Especially with CMS sensitive material.
– Patient Safety Example: If hospital has a high rate of hospital-acquired
infections compared to 75% of hospitals in the nation, CMS will provide less
reimbursement to this hospital.
– Fact: The Hospital Acquired Condition Program was developed with the aim
to improve patient’s health and quality of care. With this program, Medicare
saves about $350 million per year.
Sources: https://cds.ahrq.gov/cdsconnect/org/centers-medicare-and-medicaid-services, https://www.usa.gov/federal-agencies/centers-for-medicare-and-medicaid-services,
https://www.cms.gov/Research-Statistics-Data-and-Systems/CMS-Information-Technology/InformationSecurity/Downloads/RMH-Chapter-14-Risk-Assessment.pdf
Occupational Safety and Health Administration (OSHA)
– Signed by President Nixon in 1970.
– Was created by Congress to ensure proper and safe
working conditions for workers.
– These are enforced through training, education,
resources, and outreach.
– Through this program and its efforts, deaths and injuries
to workers have significantly decreased by over 65%.
– Workplace injuries and deaths cost American employers
over $59 billion every year (Worker’s Comp).
Sources: https://www.osha.gov/aboutosha
https://www.osha.gov/Publications/all_about_OSHA.pdf
Emergency Medical Treatment and Labor Act (EMTALA)
– Enacted in 1986 by Congress.
– This Act ensures that the public is ensured access to care
and treatment in an emergency regardless of their ability
to pay for the services provided or status of insurance.
– All hospitals with an Emergency Department are
required to follow the policies under EMTALA.
– Hospitals could receive up to a $50,000 penalty for
refusing or not providing service to a patient.
– For hospitals with less than 100 beds, a penalty of
$25,000 can be imposed.
Source: https://www.cms.gov/Regulations-and-Guidance/Legislation/EMTALA/index
https://www.acep.org/life-as-a-physician/ethics–legal/emtala/emtala-fact-sheet/
References
http://www.free-management-ebooks.com/news/six-step-problem-solving-model/
https://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/QAPI/downloads/FiveWhys.pdf
http://www.free-management-ebooks.com/news/cause-and-effect-analysis/
http://www.free-management-ebooks.com/news/cause-and-effect-analysis/
https://conceptdraw.com/a2300c3/preview
https://onlinelibrary.wiley.com/doi/pdf/10.1002/9781118364727.ch29

7 Steps to a Fishbone Diagram and to Identifying Those Causes

https://www.cms.gov/medicare/provider-enrollment-and-certification/qapi/downloads/fishbonerevised.pdf
http://www.ihi.org/education/IHIOpenSchool/resources/Pages/Activities/AHRQCaseStudyCodeBlue.aspx
http://app.ihi.org/LMS/Content/515875cb-65a5-4f20-911d-3e5aeefeaa4f/Upload/Case%20study.pdf
http://www.businessinsider.com/nine-steps-to-effective-business-problem-solving-2011-7
https://executiveeducation.wharton.upenn.edu/thought-leadership/wharton-at-work/2015/06/identify-the-real-problem
https://www.thehealthcompass.org/how-to-guides/how-conduct-root-cause-analysis
https://des.wa.gov/services/risk-management/about-risk-management/enterprise-risk-management/root-cause-analysis
https://www.cms.gov/Regulations-and-Guidance/Legislation/EMTALA/index
https://www.acep.org/life-as-a-physician/ethics–legal/emtala/emtala-fact-sheet/
https://www.osha.gov/aboutosha
https://www.osha.gov/Publications/all_about_OSHA.pdf
https://cds.ahrq.gov/cdsconnect/org/centers-medicare-and-medicaid-services
https://www.usa.gov/federal-agencies/centers-for-medicare-and-medicaid-services,
https://www.cms.gov/Research-Statistics-Data-and-Systems/CMS-Information-Technology/InformationSecurity/Downloads/RMH-Chapter-14-Risk-Assessment.pdf
https://www.jointcommission.org/
https://www.theamateurfinancier.com/blog/risk-management-strategies
http://www.dbhds.virginia.gov/library/quality%20risk%20management/qrm-a%20simple%20approach%20to%20risk%20assessment.pdf
https://www.ashrm.org/sites/default/files/ashrm/ERM-White-Paper-8-29-14-FINAL.pdf
https://www.cms.gov/medicare/provider-enrollment-and-certification/qapi/downloads/fishbonerevised.pdf
https://www.cms.gov/Medicare/Provider-Enrollment-and-Certification/QAPI/downloads/FiveWhys.pdf
http://asq.org/quality-progress/2002/03/problem-solving/what-is-a-fault-tree-analysis.html
https://www.soa.org/globalassets/assets/Files/Newsroom/news-erm-fact-sheet.pdf
http://www.businessdictionary.com/definition/risk.html
https://www.jointcommissioninternational.org/-/media/jci/idev-imports/sentinel_event_policy1.pdf?db=web&hash=36C66D8155F4FD9AEEF0E22392019284
Corporate Compliance
In Healthcare
What Is Corporate Compliance?
◦ A way for a company to
ensure that it is following the
laws and regulations that
apply to the goods and
services that its supplying.
What types of Organizations have a
compliance program?
• Home Healthcare
• Physician Group Medical Practices
• Hospitals
• Hospice
• Inpatient Rehab
• And more
Corporate Compliance & the Essential Elements of a
compliance program
Leadership
• Senior leadership is committed to compliance and sets the tone for the organization
Risk Assessment
• Designed to provide a big picture of your overall compliance program and helps you identify areas of high risks and conducted
annually. Ongoing process to help mitigate any risk that are a threat to your organization.
Standards and Controls
• Develop programs to set boundaries within the organization.
• Code of Conduct
• Policies and Procedures
• Operate on Best Practices
Training and Communication
• Annual training program administered to staff annually
Oversight
• Also question whether or not staff are following the compliance program.
• Monitoring- identifies gaps and is a commitment
• Auditing- targets a specific business component for review
You think a violation has occurred.
You ask yourself “What do I do”
As a healthcare worker:
◦ Know the following:
◦ Where to find the organizations policies and
procedures
◦ Healthcare Laws that protect Fraud and
Abuse
◦ Your Risk Manager, Ethics & Compliance
Officer, & Privacy Officer
◦ How to file a complaint by using the
Compliance Hotline which makes you
anonymous or contact one of the above
officials
Office of the Inspector General
OIG
Office of Inspector General (OIG)
Who is the Office of Inspector General?
◦ Federal program for Fraud and Abuse
◦ Mission: To protect the integrity of HHS programs as well as the health and welfare of program
beneficiaries (OIG, 2020)
Established in 1976
Forefront of the US’s efforts to fight waste, fraud, and abuse in Medicare, Medicaid
and HHS programs
What is HHS?
◦ Federal program that fosters advances in medicine, public health, and social services.
OIG. (2020, JANUARY 2). COMPARISON OF THE ANTI-KICKBACK STATUTE AND STARK LAW. RETRIEVED FROM HTTP://OIG.HHS.GOV/COMPLIANCE/PROVIDER-COMPLIANCETRAINING/FILES/STARKANDAKSCHARTHANDOUT508.PDF
Office of Inspector General (OIG)
Conducts audits, investigations, evaluations and policy recommendations for decision makers
and the public.
OIG develops and distributes resources to assist the health care industry in its efforts to comply
with the Nation’s fraud and abuse laws and to educate the public about fraudulent schemes so
they can protect themselves and report suspicious activities.
Fraud increases the cost of healthcare and can harm Medicare and Medicaid patients.
Visit the website: https://oig.hhs.gov/
Fraud and Abuse – 3 Components
False Claim
Act
Stark Law
Anti-Kickback
Statute
Fraud and Abuse
Anti-Kickback Law
Anti-Kickback Statute
The AKS is a criminal law that prohibits the knowing and willful payment of “remuneration” to convince or
reward patient referrals or generation of business involving any item or service payable by the Federal health
care programs (e.g., drugs, supplies, or health care services for Medicare or Medicaid patients).
◦ Remuneration- statute defines as anything of value
◦ It is illegal to submit claims for payment to Medicare or Medicaid that you know or should
know are false or fraudulent.
A Physician can be an attractive target for kickback schemes because of the referrals generated from healthcare
providers and suppliers.
◦ What are referrals? Student discussion in class
OIG. (2020, JANUARY 2). COMPARISON OF THE ANTI-KICKBACK STATUTE AND STARK LAW. RETRIEVED FROM HTTP://OIG.HHS.GOV/COMPLIANCE/PROVIDER-COMPLIANCETRAINING/FILES/STARKANDAKSCHARTHANDOUT508.PDF
Anti-Kickback Law
Kickbacks in health care can lead to:
◦ Overutilization- using more resources than necessary
◦ Increased program costs (Medicare & Medicaid)
◦ Corruption of medical decision making
◦ Patient steering- offering lower payments for services
◦ Unfair competition
◦ Anti-Kickback Law- prohibits payment for referrals
◦ Penalty- $25K per violation
OIG. (2020, JANUARY 2). COMPARISON OF THE ANTI-KICKBACK STATUTE AND STARK LAW. RETRIEVED FROM HTTP://OIG.HHS.GOV/COMPLIANCE/PROVIDER-COMPLIANCETRAINING/FILES/STARKANDAKSCHARTHANDOUT508.PDF
Stark Law
What is Stark Law?
The Stark Laws refers to a practice or a physician
referring patients to a medical facility in which the
physician has a financial interest, whether ownership or
other type of investment.
Physician Self Referral
Prohibits a physician from making referrals for certain designated health services (DHS) payable
by Medicare where there is a financial relationship (ownership, investment, or compensation),
unless an exception applies.
Prohibits the entity from processing claims for those referred services.
Establishes specific exceptions and grants the Secretary authority to create regulatory
exceptions for financial relationships that do not pose a risk or patient abuse.
Designated Health Services (DHS)
The following items or services are DHS:
◦ Clinical laboratory services.
◦ Physical therapy services.
◦ Occupational therapy services.
◦ Outpatient speech-language pathology services.
◦ Radiology and certain other imaging services.
◦ Radiation therapy services and supplies.
◦ Durable medical equipment and supplies.
◦ Parenteral and enteral nutrients, equipment, and supplies.
◦ Prosthetics, orthotics, and prosthetic devices and supplies.
◦ Home health services.
◦ Outpatient prescription drugs.
◦ Inpatient and outpatient hospital services.
OIG, 2020
Healthcare Quality Improvement Act
Developed in 1986
Protects the public from incompetent physicians
Requires the Board of Medical Examiners to report professional competence or conduct to the
Secretary.
Requires hospitals to request information from the Secretary about providers regarding staff
physicians and health care practitioners
◦ Want to Read more about these Laws?
◦ Visit http://www.hcqia.net/ or NAMMS https://www.namss.org/
Medical Identity Theft
Medical Identity Theft
◦ Medical Identity Theft
◦ Red Flag Rules- Registration, financial assistance, and business office will be mostly affected
◦ Background- the federal trade commission adopted the red flag rules to urge creditors to protect sensitive customer information,
watch for the red flags and respond quickly and claims of identity theft.
◦ What is Identity Theft? It is fraud
◦ Medical Identity is a growing problem and can include SSN, account numbers and other personal information.
◦ Riskiest time for identity theft- when a new patient account is opened
◦ Visit IdentityTheft.gov to report identity theft
◦ Federal Trade Commission
◦ Collaborate with law enforcement across the country and around the world to advance consumer protection and competition
missions.
OIG. (2020, JANUARY 2). COMPARISON OF THE ANTI-KICKBACK STATUTE AND STARK LAW. RETRIEVED FROM HTTP://OIG.HHS.GOV/COMPLIANCE/PROVIDER-COMPLIANCETRAINING/FILES/STARKANDAKSCHARTHANDOUT508.PDF
Identity Theft
◦ New requirements for registration
◦ Patients provide a photo ID
◦ Proof of address
◦ Exceptions- Not in ED due to EMTALA
◦ How to help prevent identity theft?
◦ Insurance card appears altered
◦ Photo on license does not look like patient
◦ Signature on driver’s license does not match patients signature on consents
◦ Demographic information does not match
◦ What to do if you discover a Red Flag?
◦ Notify supervisor
◦ If supervisor is not available, contact Risk Management or Compliance officer
OIG. (2020, JANUARY 2). COMPARISON OF THE ANTI-KICKBACK STATUTE AND STARK LAW. RETRIEVED FROM HTTP://OIG.HHS.GOV/COMPLIANCE/PROVIDER-COMPLIANCETRAINING/FILES/STARKANDAKSCHARTHANDOUT508.PDF
HIPAA of 1996
Privacy and Security
HIPAA
Health Insurance Portability and Accountability Act of 1996. HIPAA is a response, by Congress,
to healthcare reform and is a federal law that is mandatory. Protects the privacy and security of
a patient’s health information.
Provides for electronic and physical security of a patient’s health information.
Prevents health care fraud and abuse.
Simplifies billing and other transactions, reducing health care administrative costs.
Privacy
◦ Minimum Necessary- What type of information am I about to share; It’s a need to know
◦ Covered Entity- Health plans, healthcare clearing houses, healthcare providers, business associate
OIG. (2020, JANUARY 2). COMPARISON OF THE ANTI-KICKBACK STATUTE AND STARK LAW. RETRIEVED FROM HTTP://OIG.HHS.GOV/COMPLIANCE/PROVIDER-COMPLIANCETRAINING/FILES/STARKANDAKSCHARTHANDOUT508.PDF
HIPAA Cont’d
◦ Security- Organizations should conduct both risk analysis and risk management
procedures and provides a baseline for detecting risk and mitigating breeches.
◦ Risk analysis- when you look for vulnerabilities of confidential health information
◦ Risk management- This requires an organization to make decisions and address the security risk
and vulnerabilities and implement policies, procedures, and programs to comply with
compliance programs
OIG. (2020, JANUARY 2). COMPARISON OF THE ANTI-KICKBACK STATUTE AND STARK LAW. RETRIEVED FROM HTTP://OIG.HHS.GOV/COMPLIANCE/PROVIDER-COMPLIANCETRAINING/FILES/STARKANDAKSCHARTHANDOUT508.PDF
HIPAA: Security Standards
Administrative
• Administrative Action
• Policies and Procedures
Technical
• Access controls
• Audit Controls
• Integrity
• Person or Entity
• Authentication
• Transmission Security
Physical
• Facility Access
• Workstation Use
• Workstation Security
• Device and Media Controls
HIPAA
What is PHI? Protected health information
What is EPHI? Electronic health Information
What is an EMR? An electronic medical record
How does HIPAA affect my job?
Do you handle PHI?
If yes, than it’s your job to protect that information.
Health Information Technology for Economic and Clinical
Health Act (HITECH)
– Signed into law by President Obama in 2009.
– Under HIPAA, there were a few grey areas that needed
to fixed. The purpose of HITECH was to eliminate these
grey areas.
– Goal is to promote the use of healthcare technology and
to encourage use of Electronic Health Records (EHR).
– As of 2008, only 10% of physicians had adopted an EHR
system. By 2017, 86% of physicians and 77% of hospitals
adopted an EHR system.
– It provided incentives to providers and healthcare
organizations for proper EMR use. Ex: Meaningful Use.
Source: https://www.hipaajournal.com/what-is-the-hitech-act/
Who can I talk to within the Healthcare
Organization about Privacy and Security
◦ Chief Privacy Official (CPO)- responsible for privacy program implementation, facilitate training and
education, assess compliance, and evaluate complaints and potential breaches.
◦ Facility Information Security Official (FISO)- They are responsible for leading, driving, and helping
facility workforce members appropriately comply with the company’s IPS requirements.
◦ Health Information Management Director (HIM)- Ensure compliance with state and federal laws
and standards related to privacy, security, and record completion
◦ Director of Information Security (IT & S)- lead and direct activities of the Information Technology
department and partner with business partners to deliver technology services that are aligned with
business needs.
◦ Ethics and Compliance Officer- Assist the organization in achieving responsible and effective
corporate (risk management) and compliance programs
WhistleBlower
What is a Whistleblower?
Whistle blower- is someone who reports waste, fraud, abuse, or dangers to public
health and or the safety of others. The individual that is being reported is in question
or position to correct the wrongdoing.
◦ Whistleblower laws are enforced by Occupational Safety and Health Administration
(OSHA)