When it comes to communicating with healthcare leaders about a requirement or a compliance concern, I’ve found that I need to be mindful of what I like to call “knowledge blind spots.” Ultimately, these expose your organization to added compliance risk.
For example, there are requirements under HIPAA for a healthcare provider to have a Business Associates Agreement (BAA) in place with an entity providing an administrative service that requires access to the provider’s PHI (See 45 C.F.R. Part 164). The requirements are very technical, and complying with them is fact-specific and highly nuanced. For that reason, your healthcare leaders may not be as aware of a potential compliance concern as you are—and therein lies the potential knowledge blind spot.
So, how do you overcome these blind spots and mitigate compliance risk? Here are five tips that will help.
Tip #1: Be Aware That a Knowledge Gap May Exist
Keep in mind that your healthcare leaders often will not be as knowledgeable about requirements in regulations or something else as you are. For that reason, what may seem like an obvious concern to you may not be so obvious to them. Be open to the fact a gap may exist, and give them grace if they made a decision that unintentionally creates an issue that needs to be corrected. In my experience, the government expects compliance issues will happen, but also that you will address them once you become aware of them.
Tip #2: Close Gaps When You Find Them
It’s important to recognize that you may need to take a step backward and explain certain terminology or concepts you might otherwise not have to think about. It’s like trying to explain to a four-year-old what the word “anyway” means. There are some words and phrases we get so close to, because we use them all the time, that we never think about actually defining them.
A trick that may help when you’re educating your leaders is to start from an assumption that your healthcare leaders do not know the technicalities or application of the rules to facts. To that end, you want to explain “the why” behind the requirements and give examples that relate to their operations. It will help ensure that your communication logically flows from one point to the next, and everyone is on the same page with what is expected.
Tip #3: Be Clear About What You Need
As you’re removing the blind spot, be very specific about what you need from your audience to comply with the requirements. Relating to the example above, it’s common that a leader won’t realize they need a BAA to share PHI with another contracted party. It may make sense for you to advise the leader (or organization as a whole) to establish a process that always prompts a leader to consult compliance, privacy or legal (as applicable) to review the contractual matter to determine if a BAA is required.
Something that has helped me over the years is to put myself in the position of the leader and ask the question: “So, what do you need for me?” This helps ensure I am being clear with my audience about the regulatory expectations.
Tip #4: Make Information User-Friendly
As you educate your leaders to remove the blind spot, make the information easy to find and access.
For example, let’s say you’re being asked a question about the verification of identity under your organization’s privacy policies. Rather than sending the policy to the leader and telling them the answer can be the policy, show them where it can be found (e.g., “See the bottom of page 6, under Section IIIB(1)(c)”).
Taking this approach will help ensure you’re making compliance easy for them and reducing future blind spots.
Tip #5: Acknowledge the Need to “Rinse and Repeat”
Depending upon the subject matter of the blind spot, and the frequency with which it will occur, you may need to take a “rinse and repeat” approach to conducting education. In other words, don’t assume that your job is done once you’ve educated your colleagues. You may need to go through the process several times to effectively mitigate your compliance risk.
Sometimes, the issue at hand occurs infrequently, so learning and retaining the requirements may take repetition to be hardwired in the leader. In other instances, there could be turnover within the organization and a new leader may need training.
By following these steps, organizations can navigate and effectively close any knowledge blind spots, leading to improved performance, efficiency, and an engagement to a culture of compliance.
Download Jay’s Tip Sheet Below
Jay is a compliance professional and consultant in Colorado. He is a healthcare lawyer with significant industry knowledge of the U.S. healthcare market. Over the past 20 years, he has worked for large for-profit and non-profit health systems and small physician-owned entities. In tackling the countless regulatory and operational issues for these diverse organization types, he has developed a deep understanding of the business of healthcare and the regulations governing the industry.
Qualified compliance professionals do the heavy lifting for you, simplifying regulatory change management
Our in-house team works tirelessly to monitor U.S. regulators, carefully read the regulations in their entirety, and translate the information into simple regulatory intelligence you can use. We deliver model procedures and expert tools that can be used to fulfill your business requirements. Everything is validated by a third-party law firm. Follow the button below to get a tour of our healthcare compliance software.
Get the latest from healthcare compliance experts
Never miss an article from Jay Anstine. Sign up for YouCompli’s weekly email if you haven’t already.