Let’s take a stroll down memory lane. Do you remember when you were the new compliance officer in your organization? Maybe you were reviewing all of the compliance processes and trying to determine what was working well and where things might need a little improvement? At some point, if you’re like me, you began to review the exclusion monitoring process and quickly realized you need some help.
Compliance moves fast these days, with all of us wanting information at our fingertips. As a former Chief Compliance Officer of a very large post-acute care company, I know how much data is available and how difficult it can be to turn that data into something useful or meaningful.
Vendor Database While exclusion monitoring certainly is not the primary purpose for your organization’s vendor database, the accuracy and completeness of the data is crucial for effective vendor compliance. Without complete and accurate vendor information, it is near impossible to be in compliance with the OIG’s guidance. At a minimum, we recommend that your vendor database contains ALL of the following data points for your vendors:
Lack of Cybersecurity Due to the success of previous attacks and the relative lack of sufficient cybersecurity, healthcare is now the most attacked industry by hackers, fraudsters, phishers and ransomware attackers. The problem is the healthcare industry is highly focused at what it does best, providing the best quality healthcare possible. Many of its C-level executives lean towards the healthcare side as well, however only a handful of personnel are tasked with securing the data of the entire company and its patients. Put simply, healthcare data security is not the wheelhouse of the industry. And it shows. "The industry that is supposed to offer everyone reprieve and look after their well being is under attack from cybercriminals." IBM, one of the technology industry's most trusted and longest running companies, has recently released a report which claims that over 100 million healthcare records were breached in 2015. These records were harvested from 8,000 devices located in more than 100 countries. In the USA, and other countries which have implemented and enforced a health data security policy, such breaches can have hefty financial repercussions. Breaches of America’s HIPAA and HITECH acts carry a minimum of $500 per piece of data that was plucked by the fraudsters. Each of the 100 million plus healthcare records can contain numerous pieces of data, which when extrapolated represents billions of dollars in fines.
The same practicality of investing in premium brands can be seen across all industries. How many of you have searched a website that aggregates hotel sites to find the "same room" at a lower cost? I admit I have. But did I actually get what I thought I was bargaining for? Nope – not even close. In fact, the room available was advertised on the web as the same as the hotel site, but for much more. Upon arrival, the “available room" was no longer available. What was available was a room with a view of the loading dock and dumpster in the back corner of the lowest floor. Sometimes lower cost is an indicator of something bigger – or lesser, depending on how you look at it.
“Healthcare is one of the fastest-growing segments of the Digital Universe, growing at 48% per year (compared to 40% per year for the overall Digital Universe),” according to IDC, a global market intelligence firm. The dependance on data is growing in the healthcare industry. The constant change and introduction of new healthcare compliance regulations drives the need for data and metrics. With this growth, the value placed on the quality, cost and outcomes of data is higher now than ever before. How do organizations ensure high quality data? Due to the rapid growth of incoming data, the analyzing tools used in the healthcare industry are a bit behind the times. Efficient analyzation tools help organizations discover specific insights into how to process improvements.
In healthcare, like many large industries, we have access to a mind-boggling amount of data. Data tells us how much money we spend with each vendor, the level of satisfaction of our customers, and how much inventory is on hand. “You can have data without information, but you cannot have information without data,” said Daniel Keys Moran (DKM), an American computer programmer and science fiction writer. To take his quote a step further, you must also have information to gain knowledge, and we know that Sir Francis Bacon taught us that, “Knowledge is power.” In short, taking data, organizing and analyzing it, then using it to tell a story is a powerful tool allowing organizations to make deliberate decisions that effect the organization and ultimately its customers.
The dashboard existed long before companies utilized its capabilities. Believe it or not, it originated during the age of horse-drawn carriages. The term “dashboard” referred to the barrier of wood, or leather, at the front of the carriage to protect the driver from the debris kicked up by the horse’s hooves. Thanks to the automotive industry, the early 1920’s sparked the beginning of the dashboard evolution. In just a century, car dashboards progressed from a protective barrier and translated into a protective communication system. This same term is now adopted in the more modern world across all industries - retail, healthcare, marketing, HR, investment, etc. Businesses now use dashboards to communicate the most important aspects of their work to the entire company in just a glance – imitating how a car dashboard communicates to the driver.
Check out the full compliance risk assessment series here: 1. Integrating basics into your compliance plan2. Integrating tools into your compliance plan3. How reliable data improves your compliance plan4. Preparation and use of action plans This is the third in the “Compliance Risk Assessments” series. The first blog addressed basic definitions and considerations in conducting risk assessments for healthcare providers and organizations. The second blog addressed different types of tools, their pros and cons and methods that can be used in risk assessments. This blog addresses what to do with the information obtained from risk assessments, including reporting results of risk assessments and mitigating identified risks. When risk assessments are done thoroughly, the use of the data derived from them can improve the effectiveness of your overall OIG compliance program and demonstrate your organization’s commitment to healthcare compliance.
There are a multitude of healthcare compliance solutions out there that come in the form of healthcare compliance software. “Healthcare providers face unprecedented amounts of pressure to reduce costs while still improving the quality of care – all in the face of increased government regulation oversight.” – WallerLaw The quality of care is imperative to the success of any healthcare organization, well really any organization, but the costs should not have to play a factor or, really, become an inhibitor. Outsourcing can make that inhibitor become more like a helping hand because utilizing technology really pays off in the long run. Here are 3 benefits to outsourcing healthcare services like OIG exclusion monitoring:
With needs differing from company to company based on size, structure, and resources, it’s eas y to see a list of common complaints pop-up. Here are the most frequent that we witness within the industry:
How to be sure your vendor selection will bring value to your company. Paul McCartney's "Long and Winding Road" seems pretty appropriate when it comes to describing the process of selecting healthcare compliance software for your organization. From budgeting, to organizational buy-in, to contract negotiation, it's often an exhausting journey with more twists and turns than one could ever anticipate. We decided it was time to dive in and do some research to find some useful tips for our readers. To tackle this issue head-on, we spoke with a Director Level HR Executive at a national Long Term Care organization, a customer of ProviderTrust, to discuss the challenges and successes that come with selecting a new compliance vendor.