POUDRE VALLEY HEALTH SYSTEM

we’re here for you

Hot Topics in Risk Management

Ellen Stewart, PartnerBerenbaum, Weinshienk & Eason, P.C.

Diane Gross, Associate General CounselPoudre Valley Health SystemMay 21, 2008

Hot Topics

• Enterprise Risk Management

• Present On Admission and Never Events

• HIPAA

• EMTALA

• Conditions of Participation

• Growth/Change

Enterprise Risk Management

(ERM)• Create a process

• Apply across an enterprise

• Identify potential risk events

• Manage that risk

• Help achieve the objectives of the enterprise

ERM Encompasses:• Developing a process

to manage risk-including a process evaluation technique

• Identifying risk• Formulating

alternative risk responses– Risk avoidance– Reduction– Sharing– Acceptance

• Reducing surprises• Recognizing

opportunities• Managing the financial

and resource needs of risk management

• Creating a Corporate insurance program

The Enterprise Nature of ERM

All levels of the organization:• Enterprise level– system wide

• Entity level– hospital/clinic level

• Business level– department or service line level

ERM Process

• Strategic– remove silos

• Operations– communicate, share, include others

across departments, projects, entities

• Compliance– trends, measures, internal and external

Present on Admission and “Never Events”

The rule implements a provision of the Deficit Reduction Act of 2005 (DRA) that takes the first steps toward preventing Medicare from giving hospitals higher payment for the additional costs of treating a patient who acquires a condition during a hospital stay. The DRA requires hospitals to report secondary diagnoses that are present on admission.

Beginning in Fiscal Year 2009 (Oct. 1, 2008), these cases will not be paid at a higher rate unless they conditions were present on admission.

Criteria for inclusion on list:• high cost or high volume or both,

• assigned to a higher paying DRG when present as a secondary diagnosis, and

• reasonably preventable through application of evidence-based guidelines.

Present on Admission-the rule identified certain

conditions:• Pressure ulcers• Catheter

associated urinary tract infections

• Staphylococcus aureus septicemia (bloodstream infection)

• Delirium

• Ventilator-associated pneumonia

• Deep vein thrombosis• Legionnaires’ disease

(a type of pneumonia)• Clostridium difficile

associated disease (a bacterium that causes serious intestinal conditions).

The “Never Events”• Air embolism, or bubbles of air or gas

entering the bloodstream during medical procedures

• Blood incompatibility--giving patients the wrong blood type

• Leaving objects inside surgery patients

How to manage POA and Never Events

Education and implementation throughout organization:– Nursing assessment and

documentation– Billing/coding– Quality– Diagnostic testing on admission-will

this lead to defensive testing?

HIPAA

HIPAA: Stricter enforcement expected in 2008 (Jan 18, 2008 By: Dennis Murray Medical Economics)

In an effort to catch more HIPAA violations, the government has engaged a private consulting firm, PriceWaterhouseCoopers, to conduct security audits of covered entities, including hospitals, pharmacies, health plans, and private practices, according to HealthLeaders News.

27 Suspended for Clooney File Peek

• 27 hospital staff suspended for viewing George Clooney's medical records

• Clooney was treated at medical center after motorcycle accident

• Star says he hope staff involved will not lose their jobs (CNN Oct. 2007)

Dr. Phil, have you heard of HIPAA? News on the street, and by street I mean Internet, is that Dr. Phil paid a

little visit to a certain celebrity (whom I’ll refer to as Ms. S) on Saturday(January 5) at Cedars-Sinai Hospital. She had been there since Thursdayafter her standoff with police. Well after his meeting with Ms. S, Dr. Phil released this statement to

Entertainment Tonight: “My meeting with Britney and some of her family members this morningin her room at Cedars leaves me convinced more than ever that she is indire need of both medical and psychological intervention. She wasreleased moments before my arrival and was packing when I entered theroom. We visited for about an hour before I walked with her to her car. Iam very concerned for her.”I am neither a doctor, nor a HIPAA expert, but I did sign the form andtake a little class about it. Isn’t this situation a breach of doctor-patientconfidentiality? Dr. Phil, shame on you! (Jan. 7, 2008, JeffreyM.D.)

Nurse Pleads Guilty to HIPAA Violation

A licensed practical nurse who pled guilty to wrongfully disclosing a patient’s health information for personal gain faces a maximum penalty of 10 years imprisonment, a $250,000 fine or both. Andrea Smith, LPN, 25, of Trumann, Arkansas, and her husband, Justin Smith, were indicted on federal charges of conspiracy to violate and substantive violations of the Health Insurance Portability and Accountability Act (HIPAA) in December. Smith accessed a patient’s private medical information on November 28, 2006, according to the indictment. She then shared that information with her husband, who on that same day, called the patient. Justin Smith reportedly told the patient he intended to use the information against the patient in an upcoming legal proceeding. (April 15, 2008, Dept. of Justice Press Release)

EMTALA

• In 1986, Congress enacted the Emergency Medical Treatment & Active Labor Act (EMTALA) to ensure public access to emergency services regardless of ability to pay. Section 1867 of the Social Security Act imposes specific obligations on Medicare-participating hospitals that offer emergency services to provide a medical screening examination (MSE) when a request is made for examination or treatment for an emergency medical condition (EMC), including active labor, regardless of an individual's ability to pay.

• Hospitals are then required to provide stabilizing treatment for patients with EMCs. If a hospital is unable to stabilize a patient within its capability, or if the patient requests, an appropriate transfer should be implemented.

EMTALAAccepting Emergency Transfers.  

• The FY 2007 IPPS rule added language to the EMTALA rules clarifying that every participating hospital with specialized capabilities, regardless of whether or not it operates an emergency department (ED), must accept an appropriate transfer for which it has capacity and the necessary specialized capabilities to treat the patient.

• CMS is proposing to clarify that a participating hospital with specialized capabilities cannot refuse to accept the appropriate transfer of an individual who had been admitted as an inpatient at another hospital, but remained unstable and needs specialized care only available at the hospital with specialized capabilities, so long as the hospital with specialized capabilities has the capacity to treat the individual. 

• CMS is requesting comment on applying EMTALA to a participating hospital with specialized capabilities when a transferred emergency patient, who was stable after admission and prior to transfer, becomes unstable.

EMTALA• CMS is  proposing to delete the

requirement in the EMTALA regulations that hospitals maintain a list of on-call physicians because the provider agreement regulations already contain a provision addressing this issue.

• CMS is also  proposing to amend its regulations to allow hospitals to comply with the on-call list requirement by participating in a formal community call plan.

Conditions of Participation• Section 1864 of the Act authorizes the use of State

agencies to determine providers’ compliance with Medicare conditions of participation (CoPs).

• Responsibilities of the States in ensuring compliance with the CoPs are set forth in regulations at 42 CFR part 488, Survey, Certification, and Enforcement Procedures.

• Under section 1865 of the Act and § 488.5 of the regulations, hospitals that are accredited by the Joint Commission or the American Osteopathic Association (AOA) are not routinely surveyed by State agency surveyors for compliance with the conditions, but are deemed to meet most of the requirements in the hospital CoPs based on their accreditation.

• When a complaint is filed with the CDPHE state surveyors survey to the Medicare Conditions of Participation and State Licensing Regulations (and not necessarily to the Joint Commission standards).

Growth and Change

• Human capital– cultural issues when there is change

• Financial growth– is more better?

• Regulatory changes– what was once cutting edge is now

risky or maybe even prohibited

Challenges• Both internal and

external factors present risk

• Planning-you can plan responses to risk, but you can’t usually plan timing

• Growth-adding a new hospital

Risk Management Techniques

• Fiscal Accountability– Audit Committee of

BOD– Finance Committee

of BOD– Chargemaster

Committee– Insurance program

• Legal and Compliance– Compliance

Committee• Quarterly meetings• Annual risk

assessment

– Specialized Staff• Corporate Counsel• Compliance Officer• Compliance Coordinators• HIPAA experts

Techniques (continued)

• Audits– Internal billing and

coding– External financial

audits

• Annual Risk assessments

• Other enterprise-wide measures– New employee

orientation– Code of conduct and

compliance training– Constant monitoring

by staff—list serves, conferences, publications

Additional Risk Management Tools

• Training and education to comply with POA rules– admissions examinations and complete

documentation

• EMTALA and HIPAA training and enforcement of policies

• Occurrence (Incident) Report Analysis

Risk Management Controls

• Policies and Procedures• Training and Education• Role overlaps– Risk Management and Patient Safety– Corporate Compliance and Risk Management– Event Management vs. Culture/Policy Change– Legal and Administration– Communication-down, across and up

Effectiveness—how do you know you are managing risk?

• Objective Measures– Bad things do not

happen to patients– Reduce unanticipated

claims– Insurance premium

stability– Regulatory issues– CMS

• Subjective Measures– Judgment – Do risk needs meet

risk tolerance?– Is reporting reliable

and meaningful?– Cultural-how likely is

someone to report an error?

Limitations—To err is human

• Mistakes will happen

• There is variability in the damage that can occur

• Heat-of-the-moment responses

Benefits of Risk Management

• Enhance performance-quality/patient safety

• Financial protection• Achieve

regulatory/legal compliance

• Avoid damage to entity’s reputation– Example-event

response training

• Utilize enterprise-wide knowledge and information sharing