Collaboration Between Compliance and Risk: What is Permissible?

Compliance departments, generally speaking, guide staff and boards of directors to comply with the requirements, laws and regulations that govern the organization’s business. They also monitor for compliance via internal audits.  Risk departments, on the other hand, address ways to mitigate risk to an organization through such activities as the evaluation and purchase of insurance policies.  Given the broad nature of the scope of these two departments within the organization, when is compliance and risk collaboration permissible?

Possible collaborations

  1. Strategic planning: Collaboration here should include not only compliance and risk but the entire organization and the board of directors, if applicable.
  2. Disaster response and business continuity: As with strategic planning, disaster response and business continuity planning should also involve input and collaboration from all departments in the organization.
  3. General security and privacy : Here the compliance/privacy officer, information technology/security officer, and risk management director should all be included in the planning.
  4. Known security threat and/or breach incident: Compliance, information technology (IT), and risk management would all participate in mitigating a security threat or breach incident on the organization. Each would provide input and guidance on their respective areas of knowledge.
  5. Risk assessments, gap analysis and mitigation plans: Again, the development of these plans should include leaders from the entire organization; moreover, compliance and risk would specifically collaborate on the assessment, analysis and mitigation activities.
  6. General policy development: Compliance and risk staff can collaborate and provide feedback and input for all organization policies.
  7. Record and document retention schedule: Here compliance and risk can collaborate with legal counsel to ensure record and document retention policies comply with state and federal laws.
  8. Staff education: This is an area where compliance and risk can collaborate to provide training, whether it is done in person, virtually, by email or via online course.

Collaborations to vet and evaluate permissibility

  1. Security breach: As noted above, compliance, IT, and risk will work together once a security breach has been identified. It is important to ensure compliance addresses HIPAA related information and potential reporting requirements; IT evaluates the technical aspects of the breach; and risk focuses on reporting to the insurance carrier and mitigation strategies in conjunction with compliance and IT. These collaborative activities will usually take place under a breach coach or law firm to protect the confidential nature of the breach.
  2. Shared work areas: Depending on the confidential nature of discussions, say a lawsuit against the organization, it may or may not be appropriate for compliance staff to be privy to such information. So shared work areas should be closely evaluated.
  3. Shared staff: As with shared work areas, if a staff member such as a registered nurse (RN) is shared between the compliance and risk department, both leaders and the RN must remain in the scope of the job role in which they are working at the time.
  4. Reporting to the board: Typically, compliance reports to the organization’s leader (such as a CEO) but also has direct or dotted line reporting to the board of directors. Make sure any collaborations with other departments do not create potential conflicts of interest with reporting up this chain of command.
  5. Committee membership: As with the analysis discussed above, make sure to vet compliance staff member membership on the risk committee and vice versa to avoid any actual or potential conflicts of interest.

Goal

All organizations should work to develop a culture where permissible collaborations between compliance and risk occur. They should also make certain that staff feel comfortable calling the compliance or risk department with potential concerns while ensuring the staff not crossing any lines when it comes to compliance or risk department confidential matters or conflicts of interest.

PRACTICE TIP:

  1. Evaluate opportunities for the compliance department to collaborate with the risk management team, as noted above.
  2. Access youCompli to find resources which address required document and record retention requirements.

Denise Atwood, RN, JD, CPHRM

District Medical Group (DMG), Inc., Chief Risk Officer and Denise Atwood, PLLC

Disclaimer: The opinions expressed in this article or blog are the author’s and do not represent the opinions of DMG.

Denise Atwood, RN, JD, CPHRM has over 30 years of healthcare experience in compliance, risk management, quality, and clinical areas. She is also a published author and educator on risk, compliance, medical-legal and ethics issues. She is currently the Chief Risk Officer and Associate General Counsel at a nonprofit, multispecialty provider group in Phoenix, Arizona and Vice President of the company’s self-insurance captive.  

Sign-up to never miss a compliance related article!

Manage your healthcare regulatory change process effectively and efficiently

YouCompli enables the compliance officers to assign ownership and oversight of tasks to different department heads, functional leaders, or specialists. The solution prompts users to accept, reject, or reassign the task by a stated deadline. Manage the rollout and accountability of new requirements with the best workflow in the business.

Organization Liability: Impact and Risk Mitigation (Part II)

liability risks in healthcare denise atwood

Impact of Risk Liabilities 

Unmanaged or poorly managed risk can cause devastating effects to the organization from a reputational and financial perspective. 

An extreme example of financial risk, coupled with nationwide reputational risks, was the Tylenol case in the 1980’s. The New York Times describes how, in 1982, Extra-Strength Tylenol capsules were tampered with and laced with potassium cyanide. Seven people in the Chicago area died and copycats caused several more deaths across the U.S. As a result of those incidents, tamper-resistant packaging was created and implemented so over-the-counter products, such as Tylenol, could not unknowingly be laced with a poison which could cause injury or death. 

Despite the fact that the manufacturer had not introduced the poison, this event led to huge financial  and reputational liability for McNeil Consumer Healthcare, the makers of Tylenol. On just the financial side, this cost a considerable amount of money due to decreased sales and increased advertising costs. 

As this example demonstrates, financial and reputational risk for an organization in the healthcare field can have disastrous consequences that threaten to bankrupt or put the organization out of business. If the event or incident is sufficiently egregious, the organization could also face loss of accreditation or state licensure. If this happens, they may also lose Medicare and Medicaid contracts.   

Risk Mitigation 

Proactive risk mitigation strategies include transfer of risk, through such vehicles as contracts and insurance, and early reporting of incidents or events by staff. 

Transfer of risk in contracts in typically done with indemnity or hold harmless clause. Transfer of risk via insurance is done by ensuring the organization has adequate coverages and retentions to meet the organization’s needs.  

The intent of an indemnity clause is to transfer the risk of financial loss from one party to the agreement to another party to the agreement. Generally, this is financial losses or expenses caused by contract breach or default, negligence, or misconduct by one of the parties.  

Hold harmless language in the contract states one party will not hold another party responsible for potential risks or damages. Hold harmless clauses can be unilateral and apply to just one of the parties to the contract or can be bilateral and apply to both parties to the contract. Typically, bilateral hold harmless language is preferred for healthcare organization contracts because each party will assume their own risk and not sue the other party to the contract for the risk which was assumed.   

Early reporting by staff is crucial in order to ensure that appropriate action, discussion, documentation and reporting takes place. Most importantly, this is necessary to ensure that risk mitigation strategies can be implemented to eliminate or decrease risk to the organization.   

PRACTICE TIP 

  1. Develop and conduct risk assessments of insurance policies and large contracts to identify areas for improvement. 
  2. Review contracts to ensure indemnity or hold harmless clauses have been included.  If not, add the clauses on renewal 
  3. Work with Risk Management to conduct a risk assessment to evaluate organization risks and implement mitigation plans.  

Denise Atwood, RN, JD, CPHRM 

District Medical Group (DMG), Inc., Chief Risk Officer and Denise Atwood, PLLC 

Disclaimer: The opinions expressed in this article or blog are the author’s and do not represent the opinions of DMG.  

Denise Atwood, RN, JD, CPHRM has over 30 years of healthcare experience in compliance, risk management, quality, and clinical areas. She is also a published author and educator on risk, compliance, medical-legal and ethics issues. She is currently the Chief Risk Officer and Associate General Counsel at a nonprofit, multispecialty provider group in Phoenix, Arizona and Vice President of the company’s self-insurance captive.  

Sign-up for the YouCompli Blog to Stay Up to Date on Compliance Related News!

 Manage your healthcare regulatory change process effectively and efficiently

YouCompli enables the compliance officers to assign ownership and oversight of tasks to different department heads, functional leaders, or specialists. The solution prompts users to accept, reject, or reassign the task by a stated deadline. Manage the rollout and accountability of new requirements with the best workflow in the business.

Organization Liability: Types of Risk (Part I)

liability types of risk denise atwood

Risk is an important concept for compliance professionals working in the healthcare space to understand. After all, there are many times where risk and liability have crossover to compliance.

For example, in response to a suspected email or electronic health record breach, compliance and risk professionals will need to work together. This work will include:

  • Evaluating the breach
  • Reporting to the insurance carrier
  • Collaborating with a breach coach or legal team to ensure the investigation meets legal requirements and timelines
  • Collaborating with the information technology team and a forensics firm to ensure risk mitigation strategies are implemented and effective

And so on.

Generally speaking, healthcare compliance professionals should have a good working knowledge of organization risks and liabilities, as well as risk mitigation strategies.

This raises two important questions:

  1. What areas of risk do healthcare organizations face?
  2. What are the potential liabilities related to unmanaged or poorly managed risk?

Areas of Risk for a Healthcare Organization

Areas of risk for a healthcare organization are vast, and can involve injury to persons, property and reputation. Several areas of risk include:

Patient safety risks

These include near misses, which are mistakes which almost make it to the patient, as well as events or incidents that do make it to the patient, causing the patient to experience an unanticipated outcome such as a longer hospital stay, disability or death.
For example, a nurse may realize before giving a vaccine to a child that the adult vaccine and dose was drawn up in the syringe instead of the pediatric vaccine and dosage. This would be a near-miss. Along those same lines, a mistake occurs if the adult vaccine dose is actually administered to the child and an allergic reaction occurs.

Operational risks

These include such things as business interruption or supply chain issues. Business interruption incidents may include fire, flood, or pandemic. If the electronic medical record system goes down, and staff have to chart by hand on paper, this would be a business interruption. Supply chain issues can occur due to higher than normal demand or decrease in output by the manufacturer. If an organization cannot obtain needed supplies – such as hand sanitizer or surgical masks – that would be an example of a supply chain issue.

Legal risks

These typically involve lawsuits filed against the organization. Most commonly, lawsuits result from allegations of inappropriate employment practices or medical negligence or malpractice. For example, if a child had an allergic reaction after receiving an adult dose of a vaccine and unfortunately passed away, the parents may file a lawsuit alleging medical malpractice or negligence on behalf of the organization, the provider or the nurse who administered the incorrect vaccine.

Insurance risks

Insurance risks generally stem from a lack of adequate or appropriate insurance coverage or failure to transfer risk. Insurance risks can also connect to legal risks, which can stem from contracts with inadequate risk transfer or failure to conduct due diligence to vet the vendor. In the case of a pandemic, healthcare and other organizations may not have realized that pandemics and resulting business closures may be excluded from their business interruption insurance policy.

Human capital risks

These encompass the inability to hire, contract or retain appropriately trained staff. A lack of ICU level nurses causing staffing shortages would be an example. Human capital risks can also include professional board or licensing complaints against the organization’s doctors, nurses, therapists, or other licensed staff.

Reputational risks

Reputational risks are often forgotten or invisible to an organization until a bad event happens and it is announced to the public – at which point it is too late.

Reputational risk used to be limited to bad publicity which was published in print or reported on television. However, with the increased acceptance and use of social media, reputational risks are more far-reaching than the local newspaper or evening news program, and could potentially have national reach and negative impact on the organization . A newspaper may not run a story about a child who received an incorrect vaccine, but the child’s mother could post to Facebook or other social media platforms that the organization and providers are terrible and not to be trusted.

Practice Tips:

  1. Schedule a meeting with your insurance broker to evaluate your insurance policies by product line (i.e., general liability, property, cybersecurity, etc.) to ensure the organization is adequately covered to protect against most business losses.
  2. Educate staff to ensure they know how and where to report near-misses and mistakes that occur in the organization.
  3. Work with Risk Management to conduct a risk assessment to evaluate organization risks and implement mitigation plans.

Denise Atwood, RN, JD, CPHRM
District Medical Group (DMG), Inc., Chief Risk Officer and owner of Denise Atwood, PLLC
Disclaimer: The opinions expressed in this article or blog are the author’s and do not represent the opinions of DMG.

Denise Atwood, RN, JD, CPHRM has over 30 years of healthcare experience in compliance, risk management, quality, and clinical areas. She is also a published author and educator on risk, compliance, medical-legal and ethics issues. She is currently the Chief Risk Officer and Associate General Counsel at a nonprofit, multispecialty provider group in Phoenix, Arizona and Vice President of the company’s self-insurance captive.  

Sign-up for the YouCompli Blog to Stay Up to Date on Compliance Related News!

Manage your healthcare regulatory change process effectively and efficiently

YouCompli enables the compliance officers to assign ownership and oversight of tasks to different department heads, functional leaders, or specialists. The solution prompts users to accept, reject, or reassign the task by a stated deadline. Manage the rollout and accountability of new requirements with the best workflow in the business.

LTCs Could Use Some Compliance TLC This Year

You can’t say they didn’t warn us.

For almost four years, since November 2016, the LTC Final Rule for qualifying to receive Medicare and Medicaid payments has been looming like a little dark cloud on the horizon, getting bigger and closer each year.

Now, a streamlined version of the HHS Office of Inspector General’s (OIG) recommendations and guidance have become mandatory. And the Centers for Medicare & Medicaid Services (CMS) is tasked with enforcing them. In full.

To begin with, you’ll need to have a fully detailed, written compliance and ethics program for increasing quality of care and preventing “criminal, civil, and administrative violations” and abuses. Since the OIG recommendations, which you’re familiar with, already cover such programs, that shouldn’t be a huge problem.

You’ll also need to designate your CEO, a board member, an operating division head, or, for smaller LTC facilities, a compliance officer, to be in charge of implementing every aspect of the program. Again, determining which “high-level personnel” to designate shouldn’t be a huge problem either.

Then, you’ll need to actually implement the program and document compliance.

That’s the hard part.

The program will have to include everything from pre-employment screening to person-centered care, special diets, crime and abuse prevention, and a compliance hotline that preserves whistleblowers’ anonymity and prevents retribution.

What’s more, you’ll need to break the program into specific steps and train not only each member of your full- and part-time staff, but also your contractors in the parts of the program that affect their duties.

And then you’ll need to track, audit and report on compliance, every step of the way. Are your current procedures up to the task? Is your IT?

That’s where the TLC comes in.

What if someone could monitor regulatory changes for you, and translate them from legalese into clear business requirements in everyday English?

What if they could give you policies and procedures that comply with the regulations, but that you can tailor to your own facility?

If they could tell you exactly which policies and procedures to follow, which tasks to perform, how, and by whom in your organization, and generate reports on each step towards compliance?

If they gave you the capability to track, audit and report on every step of the compliance process, at any time, with just a few mouse clicks?

Could your LTC use that kind of TLC? If so, click here to learn more.

5 Payer Audit Errors Every Hospital Must Avoid

5 payer audit errors

Revised September 2022

Most healthcare providers, from large hospitals to solo practitioners, experience an external audit at some point. The scrutiny can unveil errors and violations, which can lead to hefty penalties. 

The key to surviving an external audit, with the least amount of frustration, is to avoid these five common mistakes. 

1. Late Responses

Your deadline to submit relevant documentation begins upon receiving that external audit request. 

External audits may be requested by a commercial health insurance payer, or government agencies such as the Centers for Medicare and Medicaid Services (CMS) or Office for Civil Rights (OCR). While the origin of the audit request doesn’t matter, a timely response is essential. 

Take all deadlines seriously. If an extension is needed, ask for one, immediately. Missing deadlines can result in hefty fines and penalties. 

2. The Wrong Documentation

A common trigger for payer audits is improper or lack of necessary documentation.  As a healthcare practitioner, you must prove the medical necessity of each test or procedure used to diagnose and treat your patients. 

Here’s the tricky part. Sometimes payers and providers disagree on what tests or procedures are medically necessary.  Additionally, medically necessary guidelines change frequently. CMS provides local coverage determinations (LCDs) and national coverage determinations (NCDs) to help with your documentation. Be sure you are aware of changes to these coverage determinations.  

The best way to mitigate this problem is to educate your staff on what services the payer considers medically necessary, and what documentation is required to establish medical necessity. 

 Additionally, clearly document the need for a particular procedure to treat or diagnose a patient. Finally, when required, ensure that authorization is received from the payer before rendering services. 

3. Billing the Wrong Codes

Incorrect billing and coding practices can raise suspicion of fraud, failed claims, or delayed reimbursement, and — you guessed it — external payer audits. Providers and patients overpay a whopping $68 billion annually due to incorrect billing. 

 Coding systems developed by the American Medical Association and the Centers for Medicare and Medicaid are designed to streamline the billing process. Every medical procedure and service from ambulance rides to chemotherapy drugs to doctor visits are contained within coding systems such as the ICD-10, CPT, and HCPCS. 

Studies show 80 percent of medical bills in the U.S. contain errors. This percentage can decrease by ensuring appropriate staff stay current with billing and coding updates and communicate those changes to the right clinical and administrative staff to avoid old and outdated codes. 

4. No Self-Audit

One way to prepare for payer audits is to perform regular self-audits within your facility.  Internal audits are great for identifying and eliminating weak spots that can potentially lead to headaches down the road, like rejected claims and costly compliance failures. 

 One drawback is the strain on precious resources like time and personnel. You can get around this problem by hiring a third-party audit service. Make sure you have HIPAA-compliant Business Associate Agreements (BAA) so that you’re allowed to share your patient health information with third parties providing auditing services.  

 Another option is to use software provides 24/7 access to survey compliance data. Ideally, this software will provide automatic tracking of all documentation and decisions involved in the process of running your organization. 

 This ensures that compliance professionals can get immediate reporting on how well their team is doing, conducting audits more efficiently and effectively. It’s a time and cost-effective solution to hiring an outside third-party provider. 

5. No Legal Help

Having a healthcare attorney in your corner can mean the difference between a smooth audit experience and an audit nightmare. 

Here’s how a healthcare legal team can benefit your health practice: 

  • Work intimately with your staff to analyze any risky billing procedures. 
  • Challenge any demands from payers for overpayment. 
  • Challenge any allegations of fraudulent billing practices. 
  • Push back on any denied claims and the overuse of service claims. 

 Again, software is a useful tool to support your attorney’s work. A system that stores all compliance information, including payment practices, and has search capability will provide your legal team with the information they need to fight payer audit discrepancies when the time arrives. 

 External payer audits don’t have to be a nightmare. By being adequately prepared and vigilant, your next audit experience can be more streamlined and less stress-inducing. 

Learn More About YouCompli

The best way to prepare for a payer audit is to carefully manage changes to regulatory changes and coverage determinations. YouCompli can help you establish a scalable, repeatable process so you don’t miss a relevant change and you can equip your clinical colleagues to respond to the change. Then, when the audit does happen, you’ll have an easy way to demonstrate your work to comply with the requirements. Find out more. 

Jerry Shafran is the founder and CEO of YouCompli. He is a serial entrepreneur who builds on a solid foundation of information technology and network solutions. Jerry launches, manages, and sells software and content solutions that simplify complex work. His innovations enable professionals to focus on their core business priorities.

Never Miss an Article on Healthcare Compliance

Get a 15-minute strategic overview of YouCompli

Privacy vs. Transparency: You’re in the Middle

Since 1996, HIPAA has required hospitals and other providers to strictly maintain the privacy and security of patient and clinical records.

In 2010, the Affordable Care Act (Obamacare) required them to digitize those records for greater transparency.

Today, some 96% of hospitals and 78% of doctors’ offices use electronic health records.

As a result, patients can instantly access the notes from their doctor visits, review their prescriptions, see their lab results, and email questions to the doctor(s) they’ve been seeing. And doctors, whether primary care providers or specialists, can have a patient’s personal information and medical history right at their fingertips.

Unfortunately, so can others.

In 2018, a total of 18 million patient records were hacked and phished. In just the first half of 2019, almost twice as many – 32 million – were.

Clearly, there’s a tug of war between privacy and transparency, and hospitals are the rope.

In 2018, the last year for which complete figures are available, hospitals paid out an average of more than $2.5 million in settlements and civil monetary penalties. That year, the HHS Office of Civil Rights conducted a total of 25,520 complaint and compliance review investigations. And even if the vast majority don’t lead to cash penalties, even the mildest OCR action – resolution after intake and review – can still cost you staff hours and money.

That’s one reason it pays to keep on top of all the latest HIPAA and ePHI changes.

Another is on the horizon for this year. Throughout 2019, OCR has been considering HIPAA regulation changes, and at least some of those should become final this year. Some of those could include easing “aspects of HIPAA Rules that are proving unnecessarily burdensome for HIPAA covered entities and provide little benefit to patients and health plan members.”

Others involve making it easier for hospitals and doctors to coordinate, and requiring instead of just allowing hospitals to share ePHI data with other providers.

That’s why alerts to changes practically as they occur, determining how they apply to you, then implementing and documenting compliance with no wasted time or money makes for good self-defense.

In the battle between privacy and transparency, see how we can keep you out of the crossfire.

Audit Expectations and Challenges

When it comes to hospitals providing best-in-class health care, stress comes with the territory. From stabilizing trauma victims, to accurately distributing medications, to physicians and nurses working long shifts, increased demands are everywhere — including operations not directly involved with patient care. One demand that can turn daily routines completely upside-down and compound stress is an audit. A GRC compliance audit can be conducted internally by various hospital committees or externally, often by government-approved contractors.

Internal Audits

An internal audit seeks to determine if a hospital’s financial and operational controls, and their related policies and procedures, meet compliance and risk management demands.

Based on a hospital’s risk assessment, management develops and reviews the scope and goals of an audit. Running the audit is then delegated to a committee, with the most common committees focusing on:

  • Patient safety
  • Nursing staffing
  • Clinical quality
  • Medical staff

An internal audit involves interviews and evaluating personnel or procedures. Upon the audit’s completion, a report of its findings is prepared by the appropriate committee and shared with management. Corrective recommendations of action to any areas of noncompliance are collaboratively developed, and a finalized report is presented to the hospital’s board of directors, chief compliance officer, and audit and compliance committee.

The ultimate goal of an internal audit is to improve patient care. Who in a hospital wouldn’t want to improve it, right? But the truth is that an audit can diminish quality of care while it’s in progress. That’s because committees are often comprised of physicians, nurses, and technologists who are pulled away from patient-care responsibilities to work on compliance administrative tasks.

External Audits

According to a 2017 AHA report, four federal agencies — the Centers for Medicare & Medicaid Services, the Office of Inspector General, the Office of Civil Rights, and the Office of the National Coordinator for Health Information Technology — are the primary drivers of regulations and compliance costs across eight domains for hospitals:

  • Hospital conditions of participation
  • Billing and coverage verification requirements
  • Meaningful use of electronic health records
  • Quality reporting
  • Privacy and security
  • Fraud and abuse
  • Program integrity
  • New models of care

The frequency and pace of regulatory changes implemented by multiple federal agencies are dizzying. Hospitals are often required to comply with regulations in very short timeframes, requiring a significant investment of staff time and finances. What’s more, responding to multiple external audits increases administrative costs, and funds could be tied up in lengthy appeals processes contesting an auditor’s inappropriate determination.

External audits are conservatively estimated at $100 per hour. For example, consider the total costs of a HIPAA audit:

  • HIPAA Gap Assessment — Identifies gaps and provides remediation plans for those gaps
    (40 hours average, $24,000–34,000)
  • Full HIPAA Audit — Assesses hospitals against all the requirements in the HIPAA Security Rule
    (100 hours average, $30,000–60,000)
  • Validated HITRUST Assessment — Provides the most complete, certifiable framework for HIPAA to mirror PCI compliance (400 hours average, $100,000–160,000 — with costs much higher for larger organizations)

Protect Your Hospital

If your hospital is like most others, it’s spending too much staff time and money dealing with a blizzard of regulations and an avalanche of red tape. Fortunately, there are solutions. youCompli GRC risk management software monitors, reads, and translates complicated regulations into plain English. Our solution enables you to fully understand which rules are pertinent to maintaining compliance, further simplifying the auditing process. And it tracks everything, from end to end, making audits much less painful.

Learn how youCompli regulatory compliance management software protects your hospital.

Who Needs an “Easy” Button? Regulatory Compliance for Teaching Hospitals and Academic Medical Centers

Nobody chooses to pursue a career in healthcare at a teaching hospital or academic medical center (AMC) so they could process regulatory compliance paperwork. Right?! Nevertheless, health systems spend $39 billion on admin duties to comply with no fewer than 600 regulatory requirements. Most of the time they are juggling these requirements (and a whole lot more) without an effective compliance management system. It’s anybody’s guess what is truly being done to comply.

The regulatory landscape continues to change. It’s even more complex for teaching hospitals and AMCs that have specialized facilities such as children’s hospitals and cancer centers. And it’s nearly impossible to know for sure what is being done to comply with the regs when students and researchers are added to the mix. Compliance oversight is already challenging enough when it includes only clinical and hospital staff, business associates and contractors.

Ever-increasing regulation ushers in more documentation requirements. Satisfying the reporting requirements steals time away from patient care and contributes to burnout. Plus, more regs and more people equals a big compliance headache.

These healthcare systems not only have the pressure to comply with regulations, improve care and cut costs as other hospitals do, but they have the critical mandate to educate future medical professionals and dedicate resources to research.

According to the Association of American Medical Colleges, academic medical centers in the United States contribute $562 billion in annual economic impact. But, what’s even more significant is the impact these facilities have on the health of our society. Medicine moves forward in teaching hospitals and academic medical centers. When people are faced with a health crisis and grasping for innovative treatment and cures, they flock to these systems. Oftentimes this is their last shot at a healthy future. Teaching hospitals and academic medical centers are the epicenter of first breakthroughs. They are also the last resort for patients who have tried everything else. As a result, teaching hospitals have more costly cases and often bear the brunt of safety-net and charity care.

Shouldn’t there be an “easy” button for them?

Academic medical centers and teaching hospitals have a great need for an effective compliance management system. These systems save valuable time and money. But they also make it easy to see what is being done by whom to comply with regs. No more ad-hoc spreadsheets. Thoughtfully applied technology can make regulatory oversight a piece of cake.

The more effective the compliance management system, the more time is freed up for medical professionals to do what they are passionate about—provide the best patient care and focus on their mission of treatment, research and education. And who couldn’t use an “easy” button for compliance regulation?

Are you ready to explore a compliance management system that is easy to use and effective? If you’re ready to transform your regulatory compliance process, schedule a call today!

Is Your Budget Keeping Pace With Your Workload?

Every admission to a hospital triggers $1,200 in regulatory compliance costs, according to an American Hospital Association (AHA) report.

That’s because each hospital with post-acute care beds has to comply with 629 different federal regulations – plus any and all new ones that come along.

Best practices call for you to be constantly scanning the Federal Register and other sources, not just for new regulations but also for changes to old ones. To translate them from “Regulish” to English, so you can analyze what they mean. To decide which parts of which regulations apply to your hospital. To define and assign compliance tasks. And to update your IT, if needed, to monitor and document compliance.

That doesn’t come cheap.

An average 161-bed community hospital spends more than $7.5 million a year on federal compliance – $9 million if it has PAC beds. Plus an average of $411,000 on IT upgrades each year to monitor and document compliance.

While your compliance department is doing this, compliance departments at another 6,145 US hospitals are doing the exact same thing, the exact same way, running up the same kinds of costs.

No wonder American hospitals and health systems spend more than $38 billion a year duplicating each other’s compliance work.

But what if there were one online expert source that could cut out all that needless duplication? That could tell you what you need to know and let you manage your own hospital’s compliance progress in real time, 24/7/365, with just a few mouse clicks?

There is. And it can cut compliance costs through economies of scale, the way Henry Ford did for cars.

With more regulatory changes in the pipeline every year, you’re going to need more budget, more staff and more other resources. Odds are three-to-one you won’t get them. A 2018 study reported that fully 75% of compliance officers surveyed predicted that their budgets would either stay the same or get cut.

Want to beat those odds? Then you’ll want to learn more about a system that lets your compliance department accomplish more for much less.