Corporate Compliance Program A Brief Overview of Healthcare

Corporate Compliance Program A Brief Overview of Healthcare Compliance

Corporate Compliance Program Welcome! • • • The “what” and “why” of compliance; Elements of an effective compliance program; Your role in compliance and preventing fraud and abuse; How to recognize, resolve, & report compliance issues; A system designed to promote the prevention, detection and resolution of conduct that does not conform to: • WMC Code of Conduct • Legal & Regulatory Requirements • Ethical Requirements Compliance IS your Responsibility!!

Purpose of the Corporate Compliance Program Promote a healthy environment Ensure compliance with the law Cultivate justice Prevent harassment, disrespect, and a hostile work environment • Identify vulnerabilities and raise concerns • •

Why a Compliance Program? Corporate Good Citizenship Prevent Fraud & Abuse Quality Patient Care Reduces Liability & Penalties

Deficit Reduction Act (DRA) • • • Effective 1/1/07 – Federal & State False Claims Act Providers who receive five (5) million + Medicaid $ Mandates Compliance Program Fraud & Abuse Policy Educate Staff, Vendors, Contractors Whistleblower Protections

Compliance Program Elements • Compliance Officer and Organizational commitment • Written standards and procedures: WMC Code of Conduct • Annual compliance education and training • Open and effective lines of communication • Monitoring and Audit Programs • Investigation and follow-up of actual or suspected compliance violations • Enforcement through disciplinary guidelines

Compliance Risk Areas • • • HIPAA Privacy and Security Documentation, Coding and Billing Theft or misuse of assets Gifts, Entertainment & Gratuities Conflicts of Interest Vendor Relationships

HIPAA • HIPAA’s Privacy and Security Rules regulate the use and disclosure of Protected Health Information (PHI); • HIPAA requires that you only use, disclose, & access PHI for job-related purposes; • Patients expect and have a right to privacy of their protected health information (PHI) that is in: § Verbal § Written, or § Electronic form

What is PHI? All individually identifiable information that relates to a person’s: • Physical or mental health or condition • Billing and payment for healthcare ……and that identifies, or could be used to identify the person who is the subject of the information.

Examples of PHI Patient’s • • Name Address Phone Number Account #, Patient ID, Medical Record# Social Security Number Date of Birth Diagnosis or procedure information AND…. any other information that would identify the patient.

Privacy Tips • Use shredders or privacy bins; • Keep voices to minimum so others do not overhear; • Do not use personal photography equipment inside the facility, ie: cell phone cameras; • Double check fax numbers before hitting SEND; • Always check proper documentation being handed to a patient, ENSURE IT IS THEIRS! • Know the OPT OUT Policy.

Every Employee’s Responsibility • Get educated!! • Know what to do – follow policies and procedures to safeguard PHI • When in doubt…. . ASK your Supervisor or the Compliance Officer • Don’t conduct an investigation, you must report HIPAA problems/issues promptly to the Corporate Office. HOW WILL I KNOW WHEN IT IS OKAY TO ACCESS OR SHARE PATIENT INFORMATION? • When it is for treatment, billing or operations and…. • Ask yourself: Do I need this information to carry out the responsibilities of my job?

Social Media • Do NOT post PHI to Facebook, Twitter, or any accounts unprotected by WMC firewall; • Do NOT use texting that includes PHI; • i-Cloud is an unprotected site; • Do NOT use g-mail, hotmail, etc. as a place to hold or share information.

HIPAA Security • Covers PHI in electronic form only (E-PHI) § Electronic protected health information that our system creates, receives, maintains, and/or transmits electronically • E-PHI is stored on computers, clinical equipment, discs, and software systems §Billing System §Electronic Medical Records

HIPAA Security TIPS • • • Don’t leave your computer unattended Don’t share your password Don’t download unauthorized software Don’t keep PHI in view of visitors or public areas Don’t misdirect email/faxes

Documentation & Reimbursement • Documentation is the written account of a provider’s encounter with a patient § Must be accurate, complete and legible if written § All physician notes MUST be signed and dated, electronically or written • Tens of Billions of Dollars are lost annually to improper payment for: § Services that patients didn’t receive § Up-coding for higher reimbursements § Medically unnecessary services § Separate billing for outpatient/inpatient services for the same period.

What is WMC’s Policy on Retaliation? • WMC has a policy of “zero tolerance” for any form of retaliation against those who report Code of Conduct concerns in good faith • WMC encourages honest discussion about these concerns. Zero tolerance retaliation applies to: § Direct as well as indirect retaliation § Retaliatory actions as well as threats of actions § Retaliation from Supervisors as well as from coworkers

Conflict of Interest Potential Conflict Situations: - A personal interest that compromises your duty of loyalty to WMC When an individual uses his/her position or the knowledge gained from their position for personal benefit § Even the appearance of a conflict can be a problem § Requirement to disclose conflicts § NYS Joint Commission of Public Ethics q State employee q 2 year moratorium q Are you a designated decision maker? o File an annual disclosure o Earnings of >$91, 821 (as of 4/2015)

Gifts, Gratuities & Business Conduct • The Federal Anti-Kickback Statute prohibits the acceptance of an item of value, cash or any kind, in exchange for referral or business. • Staff may not accept cash, gifts, or other items of value to influence with whom we do business or for the referral of patients. • Gifts, cash, or items of value should never be solicited from patients, vendors or business associates.

Gifts, Gratuities & Business Conduct What is Acceptable? • Promotional items that are nominal in value ($10 or less) can be accepted, but are DISCOURAGED § Pens § Notepads • A department or group may accept perishable or consumable gifts § Fruit baskets § Candy, cookies And as long as there is no inference to induce or exchange for referrals.

How does this relate to me? • Treat everyone in a courteous and fair manner • Maintain a health and safe environment • Obey all applicable laws and Hospital Policies and Procedures • Keep all patient information and records confidential • Never knowingly make false or misleading statements Got Compliance? ? ? Let’s Get It!!!

When to Report a Problem How do you know when to report? • Is there a suspected or actual violation of a law or policy? • Is there a questionable practice or unethical act involved? • Does it feel right?

Reporting Where to find help with compliancerelated issues? • First resource is often your direct Supervisor/Manager • If he/she does not know the answer or you are not comfortable asking him/her, then please contact: § Terri Alesandro, Health. Alliance Compliance Director (845) 334 -4711 § Westchester Compliance Office (914)-493 -2600

Helpline Reporting The toll-free Help Line is a confidential, anonymous and nonretaliatory reporting mechanism available 24 hours a day, 7 days a week. • When calling the helpline you will be asked: § Name of your organization § Nature of your concern § Additional questions 1 -844 -863 -1822

Questions?