Compliance Training
18
Compliance Training
Sexual Harassment & Discrimination
Objectives:
Compliance Program is a
Conflict of Interest
(COI)
Under the HIPAA Privacy Standards, individuals have the right to:
Privacy Rule
Access to their PHI
A copy of their PHI
A correction to their PHI
a situation in which an employee has a duty to more than one organization, but he/she cannot do justice to the actual or potentially adverse interests of both parties;
In a COI situation, interests or concerns are inconsistent with the welfare of:
Shearwater Health
Shearwater Health Employees
Shearwater Health contracted clients
To simplify, COI occurs when the employee’s personal interests are contrary to his/her loyalty to Shearwater Health business.
An accounting of where their PHI has been disclosed
By the end of this program, you are expected to:
Request not to disclose PHI to a health plan if the individual has paid out of pocket
The costs of harassment and discrimination are the following:
Lower productivity and morale
Lost customers
Lost raises, promotions, and jobs
Any violation in the privacy, status, respect, and dignity of a co-worker. They can be based on the following:
Free speech at work means:
"No one has the right to play music while on the job if a co-worker finds it offensive."
Responsibilities as an employee
PHI Use and Disclosure Compliance
It prohibits a covered entity (health plan, healthcare provider, or healthcare clearinghouse) from using or disclosing an individual’s PHI (Protected Health Information) unless permitted or required by a rule.
Should not join the company without making full disclosure of his/her potential conflicts.
Must avoid commingling funds and business knowledge with the clients of other organizations.
Never take a position adverse to Shearwater Health or its clients.
De-identification
Permissible Uses and Disclosures of PHI
Minimum Necessary Standard
"De-identify" the information by ensuring that all of the individually identifiable information is deleted.
must perform all reasonable efforts not to use or disclose more than the minimum amount of PHI necessary to accomplish the intended purpose of the use or disclosure
covered entities are allowed to use and disclose individuals’ PHI for purposes of TPO (Treatment, Payment, and healthcare Operations)
De-identification
Minimum Necessary Standard
Permissible Uses
and Disclosures of PHI
All employees are expected to disclose all outside activities and financial interests that might be or have the appearance of being conflicts of interest or commitment.
Reporting Violations
series of controls and measures to ensure that an organization is following the applicable laws and regulations that govern the programs in which it participates.
program to prevent, detect and respond to violations of law or policy.
process or act to abide with official requirements and recommendations.
Any employee may report instances of possible illegal or improper conduct or compliance breach to Human Resources or directly to the Compliance Officer.
To facilitate prompt follow-up, reports may be made by telephone.
Such reports may be disclosed anonymously; however, informants are encouraged to provide as much information as possible, including their names, in order to facilitate investigation of all allegations.
Failure to report knowledge of wrongdoing may itself result in disciplinary action.
Security Rule
Examples of Potential Workplace
Conflicts of Interest
Understand the definition of Compliance Program; Conflict of Interest (COI); Fraud, Waste, and Abuse (FWA); Harassment and Discrimination; HIPAA and URAC Standards;
Learn examples of items/situations that constitute COI, FWA, Harassment & Discrimination, HIPAA, and URAC; and
Comprehend responsibilities integrated and resources available to you as an SWH employee.
What is protected by the Privacy Rule?
- Pregnancy
- National Origin
- Ethnicity
- Disability
- Race
- Age
- Gender
- Any other protected status
Its primary objective is...
Protecting the confidentiality, integrity, and availability of individually identifiable health information in electronic form when it is stored, maintained, or transmitted.
An employee starts a company that provides similar services to similar clients as those of his or her full time employer.
A manager provides paid consulting services on the weekend to a company customer or supplier.
An employee works part time in the evening for a company that makes a product that competes with the products of his/her full time employer.
NO RETALIATION POLICY
No adverse action or form of retaliation shall be taken by Shearwater Health against informants because of their good faith reporting of possible illegal/improper conduct or conflict of interest.
Shearwater Health Compliance Officer is Allan Schroeder.
It protects PHI from being improperly communicated in any form or medium. This encompasses electronic medical records, paper medical records, and oral communications.
Examples:
door locks, screen saves/locks, fireproof storage of records, locked cabinets
Physical
Safeguards
password, security logs, firewalls, data encryption
Technical Safeguards
A member of the company's board of directors accepts fees from and provides advice to another company that is a direct competition.
An HR director decides to investigate a charge of sexual harassment against a fellow corporate executive whom he or she has known and worked with professionally for years using internal resources he or she controls.
Administrative
Safeguards
policies & procedure, training, internal audits
Shearwater Health has established processes and guidelines to comply with the required official rules and regulations.
Sexual Harassment & Discrimination
HIPAA
FWA
URAC
Compliance Program
Examinations
Q: How often do we review the Shearwater Health Policies and Procedures?
A: Policies are reviewed by the Policy & Procedure Committee annually and as needed. The Committee is represented by various departments.
Standardized Transactions
Mandatory Compliance Training
HIPAA has been providing standardized transactions since October 16, 2002 to replace the hundreds of proprietary and local formats used throughout the health insurance industry.
This training is provided upon hire (during Pre-Process Training) and annually thereafter (every June).
Transactions include:
FWA
Updates are provided via memos, emails, newsletters, and/or SWHealth Insight
- Claims submission and encounter information
- Enrollment and disenrollment of a health plan
- Eligibility, coverage, or benefit inquiry and response
- Healthcare payment to provider (with remittance advice)
- Premium payment of health insurance plans
- Claim status request and response
- Referral certification and authorization
Health Insurance Portability and Accountability Act (HIPAA)
Utilization Review Accreditation Commission (URAC) Core Standards
Interdepartmental Communication
Communication may be via email, meetings, new letters, postings on the notice board and/or HC Intranet.
Do report any suspicious activity to your Manager and/or the Privacy and Security Officer.
While at work, wear your identification badge at all times and ensure that it is visible.
Statutes & Regulatory Guidance
No cell phones, flash drives, or electronics are allowed in the production area
Use biometrics appropriately; do not piggy back or tailgate another employee into any area and do not let anyone piggyback or tailgate you into any biometrically secure area.
Benefits of Standardized Electronic Transactions
Safety and Security Role & Responsibility of Employee
Do not send or accept emails unrelated to work
Lock your computer when you are away from your work station.
Do not open attachments unrelated to work or from an unknown sender.
Do not share your password with anyone.
FALSE CLAIM ACT (FCA) - PROHIBITS
- Decreased administrative costs
- Accurate and timely processing
- Reduction in handling and processing time
- Elimination of the inefficiencies of handling paper documents
- Improvement of overall data quality
- Streamlining business to business transactions
- Elimination of the risk of lost paper documents
- Assurance of security and confidentiality of individual data
PHI should be discussed only on a "need to know" basis. Discuss only the minimal information needed for your work.
PHI must not be shared with anyone who's not required to know the information.
PHI and IIHI (Individually Identifiable Health Information) Use and Disclosure
If you overhear someone else discussing PHI, let your supervisor know so that improvements can be made on the privacy practices of the workplace.
Fraud
means an intentional deception or misrepresentation that could result in some unauthorized benefit to himself/herself or to some other person.
False claim for payment or approval
Falsifying record or statement in support of false claim
Concealing or avoiding any obligation to pay government
Conspiring to violate false claim act
Intentionally submitting false information to the government or a government contractor in order to get money or benefit.
Billing for services not furnished
Billing for services at a higher rate than is actually justified
Soliciting offering or receiving a kickback, bribe, or rebate
Its objective is to reform healthcare industry by
Data Security Concern or Compliance Breach
Hotline: +63-720-9665 local 3
Code Sets
Email: compliance@hccahc.com
Insurance Reform
(Portability)
Q: What is URAC?
Administrative
Simplification
(Accountability)
In addition to standardized transaction formats, HIPAA requires that all healthcare organizations utilize standardized code sets within those transactions to describe medical data elements.
Job Description
sections are most relevant to health insurance providers/payers.
These code set standards describe medical data elements such as diseases, injuries, symptoms, and actions taken.
If unsure about an assigned task or the scope of your work then speak to your supervisor or HR.
sections are most relevant to health providers.
HCPCS (HCFA Procedural Coding System)
ICD-10-CM (international Classification of Disease)
Devices used to prevent, diagnose, treat, and manage diseases, injuries, and impairments.
Diseases; injuries; impairments; other health-related problems and their manifestations; causes and management of injuries, diseases, and impairments; and procedures and other actions taken to prevent, diagnose, and treat.
CDT (Current Dental Terminology)
Training
Dental Services used to prevent, diagnose, treat, and manage diseases, injuries, and impairments.
CPT (Physician Current Procedural Terminology)
NDC (National Drug Codes)
Physician services, physical and occupational therapy, radiology, laboratory tests, and other health services used to treat, prevent, diagnose, and manage diseases, injuries, and impairments.
Drugs and biologics used to prevent, diagnose, treat, or manage disease, injuries, and impairments
Job/Client work specific training is provided by HC Training Specialists and length of training depends on scope and intensity of work.
Performance Evaluation
Unique Identifiers
A: URAC is an independent, non-profit organization, well-known leader in promoting healthcare quality through its accreditation, education, and measurement programs
Waste
Performance evaluation of employees is done prior to becoming regularized (permanent) around their 6th month of employment and around the 1st year of regularization.
Misuse of resources
Providing medically unnecessary services
Providing services that do not meet professionally recognized standards
Unknowingly billing Medicare for services that are the responsibility of another insurer
HIPAA also attempts to create a national standard for the identification of all providers, payers, employers, and patients.
is the unintentional inappropriate or inefficient use of resources that result to unnecessary costs.
There are four types of unique identifiers:
Transactions, Code Sets, and Identifiers
ANTI KICKBACK STATUTE (42 U.S.C. §§ 1320a-7b) - PROHIBITS
Sign the Licensure Attestation upon hire and annually thereafter.
standardization of electronic transactions and data required for healthcare exchange between employers, health insurance payers, and healthcare providers.
Provider ID
Ensure that scope of work is based on job description and within the extent of license.
All licensed staff whether PRC or US license must:
Obtain Continuing Education Units (CEU) as required by the state’s Board of Nursing (BON).
Employer ID
Notify HC in a timely manner if there's an adverse change in licensure or certification status.
Stop and check: Are your licenses active?
If not, contact your supervisor IMMEDIATELY!
Payer ID
Knowingly and willfully soliciting, receiving, offering or paying remuneration to include any kickback, bribe, or rebate for services or referrals paid whether whole or part.
vs SSN (controversial)
Patient ID
Reach out to your supervisor in case of a patient (consumer) or client grievance
All Managers, Operations & QAT Department must be familiar with the Consumer & Client Grievance/Complaint Process and Grievance Form.
Consumer and Client Grievance / Complaint
Formal response letter may only be sent out by Senior Management after discussion with the Account Manager.
reducing costs
simplifying administrative processes and burdens
improving the privacy and security of patient’s information.
Self-Referral Prohibition Statute (STARK STATUTE) - PROHIBITS
Review
Consumer Safety
Physicians from making health referrals to an entity or establishment in which he/she has an ownership or investment interests.
Standard transactions to streamline major health insurance processes.
HIPAA Standardized Transactions
You will keep the caller as long as you can on the line to obtain as much information as you can.
Standard for describing diseases, injuries, symptoms, and management.
Code Sets
Financial Incentive
HCCA HC has no financial incentives for approval or denial of a request, but incentives are only based on performance measurements such as meeting productivity goals, quality goals, and lack of absenteeism/tardiness.
Unintentionally misrepresented facts in order to obtain payment
Over-utilization of services
Charging in excess for services or supplies
Privacy
safeguards for protected health information (PHI) in all forms.
Unique Identifiers
Standard for the identification of all providers, payers, employers, and patients.
means an unintentional act to provide information to the government that results in higher payments than the individual or entity is entitled to receive.
Abuse
PRC and US License Staff Limitation
Q: What is the mission, vision and values of Shearwater?
PRC and US License Nurse may assist in the notification process for non-certifications but cannot at any level of review make a decision that results in non-certification (denial).
PROVISIONS IN THE INSURANCE REFORM SECTION OF HIPAA
Provides limitation on pre-existing condition exclusions and prohibits discrimination against individuals based on health status.
Helps individuals to keep health insurance when they change jobs.
The worker or a representative of the worker
Prevents insurers from imposing pre-existing condition exclusions on new members when they have prior creditable coverage.
Security
The claims adjuster
safeguards for protected health information (PHI) in electronic form (ePHI).
The facility rendering the service
For Utilization Management, client allows any appropriate person to initiate the process as determined by state law or regulation or by workers’ compensation insurer or claims administrator. This may include, but are not limited to:
The provider
Guarantees that once employers or individuals purchase health insurance, those policies will be renewed.
Regulatory Requirements
Federal and/or State jurisdictional regulatory requirements and guidelines take precedence over URAC guidelines in terms of turnaround time, appeals, expedited cases, etc.