Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
The Newsletter of the Massachusetts-Rhode Island Chapter Volume XLII • Number 3
MASS MEDIACOMPLIANCE
• Using the OIG Work Plan to Drive Annual Operations Checkup
• Tax Issues for Today’s Tax-Exempt Healthcare Providers
• The Physician Payment Sunshine Act: What Is It and What Is Next?
• Preparing for Phase II HIPAA Audits
MM ISSUE_3r2.cs5.5 .indd 1 4/6/15 2:16 PM
On the Cover
(Front row (from L to R): Keynote panelists David Spackman, GC and SVP for Governmental Affairs, Lahey Health System, Dianne Anderson, President & CEO, Lawrence General Hospital, and Michael Caljouw, VP of Governmental Affairs, BCBSMA; Back row (from L to R): Privacy & Security presenter David Szabo, Partner, Edwards Wildman Palmer LLP, and Matt Smith, Compliance Committee Chair)
THE MASSACHUSETTS - RHODE ISLAND CHAPTER OF HFMAGRATEFULLY ACKNOWLEDGES THE 2014-2015 CORPORATE SPONSORS
PLATINUMPLATINUMARMS, LLC • Bank of America Merrill Lynch • BESLER ConsultingARMS, LLC • Bank of America Merrill Lynch • BESLER ConsultingDubraski & Associates Insurance Services • Feeley & Driscoll, P.C.Dubraski & Associates Insurance Services • Feeley & Driscoll, P.C.
HBCS • LogixHealth • MDS (Medical Data Systems, Inc.) • Medical Bureau/ROIHBCS • LogixHealth • MDS (Medical Data Systems, Inc.) • Medical Bureau/ROIParrishShaw • PwC • TD Bank • Verrill Dana LLPParrishShaw • PwC • TD Bank • Verrill Dana LLP
GOLDGOLDAllscripts • Allscripts • athenahealth, Inc. • athenahealth, Inc. • GE Healthcare • Parallon • Ropes & Gray LLPGE Healthcare • Parallon • Ropes & Gray LLP
SILVERSILVERAccount Recovery ServicAccount Recovery Services • Action Collection Agency of Boston • Alexander Aronson Finning CPAs es • Action Collection Agency of Boston • Alexander Aronson Finning CPAs
Baker Newman Noyes • Citizens Bank • CliftonLarsonAllen, LLP • Commerce Bank* • DeloitteBaker Newman Noyes • Citizens Bank • CliftonLarsonAllen, LLP • Commerce Bank* • Deloittee4e Healthcare Services LLC • Gragil Associates, Inc./Audit Billing Center, Inc. • Health Management Associates, Inc. e4e Healthcare Services LLC • Gragil Associates, Inc./Audit Billing Center, Inc. • Health Management Associates, Inc. e4e Healthcare Services LLC • Gragil Associates, Inc./Audit Billing Center, Inc. • Health Management Associates, Inc. e4e Healthcare Services LLC • Gragil Associates, Inc./Audit Billing Center, Inc. • Health Management Associates, Inc.
Healthcare Financial, Inc. (HFI) • HSM Consulting • Kaufman Hall & Associates, Inc. • KPMG LLP Healthcare Financial, Inc. (HFI) • HSM Consulting • Kaufman Hall & Associates, Inc. • KPMG LLP Marcam Associates • Neighborhood Health Plan • Phillips DiPisa • ProMedical, LLC Marcam Associates • Neighborhood Health Plan • Phillips DiPisa • ProMedical, LLC Marcam Associates • Neighborhood Health Plan • Phillips DiPisa • ProMedical, LLC Marcam Associates • Neighborhood Health Plan • Phillips DiPisa • ProMedical, LLC • Public Financial Management • Public Financial Management • Public Financial Management • Public Financial Management
PV Kent & Associates • The SSI Group* • PV Kent & Associates • The SSI Group* • PV Kent & Associates • The SSI Group* • PV Kent & Associates • The SSI Group* • TriNet Healthcare Consultants, Inc. • Vantagepoint Healthcare AdvisorsTriNet Healthcare Consultants, Inc. • Vantagepoint Healthcare Advisors
*Denotes Half Year Sponsor
Bank of America Merrill Lynch 7
BESLER Consulting 8
Deloitte 26
Dubraski & Associates Insurance Services, LLC 14
Feeley & Driscoll, P.C. 12
GE Healthcare 19
LogixHealth 21
Medical Data Systems (MDS) 5
Phillips DiPisa 23
Ropes & Gray LLP 6
Vantagepoint Healthcare Advisors 18
Verrill Dana LLP 9
MM ISSUE_3r2.cs5.5 .indd 2 4/6/15 2:16 PM
Compliance is a key priority for all of us. The Chief Compliance Officer at my orga-nization always says “Every employee is a compliance officer,” and I agree with him. The culture of an organization is critical to insure that we conduct our activities in a compliant and ethical manner. Do employees believe that they can safely report concerns? Are they remaining quiet or are they using the hotline to report issues? Employees must believe that the organization will take the time to investigate con-cerns and will initiate demonstrable actions, when appropriate.
Once you have a demonstrated leadership commitment towards compliance and ethical conduct, the remainder of our obligations can be effectively deployed. Without such commitment, the organization’s credibility is in jeopardy. As a reminder, the seven requirements of an effective compliance program include:
• Establish Policies, Procedures and Controls
• Exercise Effective Compliance and Ethics Oversight
• Exercise Due Diligence to Avoid Delegation of Authority to Unethical Individuals
• Communicate and Educate Employees on Compliance and Ethics Program
• Monitor and Audit Compliance and Ethics Programs for Effectiveness (i.e. hotline)
• Ensure Consistent Enforcement and Discipline of Violations
• Respond Appropriately to Incidents and Take Steps to Prevent Future Incidents
Compliance is a high-stakes game for all organizations, and risks can be mitigated by having an effective compliance program. I hope you enjoyed the Compliance program on December 12, 2014 and found the content useful and compelling.
On another note, we received our National member satisfaction survey results. Although we exceeded the national target, the Massachusetts and Rhode Island Chapter Board of Directors will continue to pursue ways to provide more value to you through better programming, locations, speakers and network-ing opportunities. If you have any specific recommendations, please don’t hesitate to email me at [email protected].
Time is flying and it makes sense to look forward and check out the education and meeting opportuni-ties. On April 16, 2015 the Chapter is hosting a great educational session at the Basketball Hall of Fame in Springfield, Massachusetts titled “What is Healthcare Innovation”, followed by HFMA Region 1 conference at Mohegan Sun, in May and ANI in Orlando in June. Both events have great speakers and networking opportunities.
Hope to see you there!
Deb WilsonPresident
MM ISSUE_3r2.cs5.5 .indd 3 4/6/15 2:16 PM
2 0 1 4 - 2 0 1 5
MASS MEDIA is a publication of the Massachusetts - Rhode Island Chapter of the Healthcare Financial Management Association devoted to keeping membership current on national & local healthcare financial topics. Opinions and views expressed in the articles and features of the publication are those of the author(s) and do not necessarily reflect the position of the Massachusetts-Rhode Island Chapter or The National Chapter of Healthcare Financial Management Association. Articles submitted are subject to editorial changes made by the committee. Article submissions, comments and requests for further information and advertising rates may be forwarded to: Linda A. Burns, M.H.A., M.B.A., Garrett G. Gillespie, Esq., HFMA Massachusetts-Rhode Island Chapter, 465 Waverley Oaks Road, Suite 421, Waltham, MA 02452, [email protected]
MASS MEDIAHEALTHCARE FINANCIAL MANAGEMENT ASSOCIATION
CONTENTSVolume XLII Number 3
N e w s l e t t e r C o m m i t t e e
Linda A. Burns, MBA, MHA, Consultant, Ambulatory Care & Physician Services, Linda A. Burns, MHA, MBA Consulting & Physician PracticeGarrett G. Gillespie, Esq., Senior Legal Counsel, CVS HealthKate Stewart, Attorney, Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.
President’s MessageI by: Deb WilsonCompliance is a key priority for all of us. The culture of an organization is critical to insure that we conduct our activities in a compliant and ethical manner.
Using the OIG Work Plan to Drive Annual Operations CheckupI by: Robert Freedman, Douglas R. Arrington, MSN, FNP, CMC, CPC, CPC-H, CPMA, CHC, CHRCNearly five billion dollars. According to a report to Congress, that is the amount of federal health care dollars returned to the Government in FY2014 as a result of oversight and investigations conducted this year by the Office of Inspector General (OIG).
Tax Issues for Today’s Tax-Exempt Healthcare ProvidersI by: Gwen Spencer Amyn Gillani As tax-exempt healthcare providers (“provid-ers”) find themselves in the midst of change and scrutiny on many fronts, tax-exempt healthcare financial executives (“executives”) should continue to include tax on their long list of business and financial considerations.
CFO InterviewI by: Linda A. Burns, M.H.A., M.B.A.Interview with Sally Mason-Boemer, Senior Vice President for Finance at Massachusetts General Hospital and North Shore Medical Center
The Physician Payment Sunshine Act: What Is It and What Is Next?I by: Jillian A. Watts, Esq. CHOThe Anti-Kickback Statute prohibits the exchange, or offer to exchange, anything of value in an effort to induce the referral of federal healthcare business..
Welcome New Members!New Massachusetts-Rhode Island Chapter Members January 1, 2015 – February 28, 2015
Preparing for Phase II HIPAA AuditsI by: Dianne Bourque, Esq. Kate Stewart, Esq.Providers, health plans, and business as-sociates all need to be aware of and prepare for upcoming Health Insurance Portability and Accountability Act (“HIPAA”) audits con-ducted by the Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“HHS”).
Compliance Update Synopsis
The HFMA Massachusetts-Rhode Island Chapter hosted its annual Compliance Update seminar on Friday, December 12th at the Doubletree Hotel in Westborough, Massachu-setts. We appreciate all those who were able to attend this program.
3
5
10
14
24
22
18
23
The HFMA Massachusetts-Rhode Island
OFFICERS & DIRECTORS
PresidentDeborah Wilson, CPA
President ElectTimothy Hogan, FHFMA
SecretaryBeth O'Toole
TreasurerRosemary Rotty, MHA, FHFMA
Immediate Past PresidentRoger Boucher
DirectorsMarvin Berkowitz, FHFMA
Karen Bowden, RHIALinda Burns, MBA, MHA
Linda Guerra, MBA Umesh Kurpad
Erik LynchKathleen Maher
Laurie Nelle, FHFMA, MBARobert Nelson, FHFMA, CPA
Richard RussoAmes Ryba
Deborah SchoenthalerRosemary Sheehan
David TolleyGerard Vitti
Ex OfficioJeffrey Dykens, CPA
Garrett Gillespie Gerald O’Neill, FHFMAJohn Reardon, FHFMAJeanne Schuster, CPA
Michael Souza, FHFMARichard Wichmann
MM ISSUE_3r2.cs5.5 .indd 4 4/6/15 2:17 PM
Issue 3 5
COMPLIANCE
(continued on page 6)
Using the OIG Work Plan to Drive Annual Operations Checkup
By: Robert Freedman, MDAudit, Director of Market Development,Douglas R. Arrington, MSN, FNP, CMC, CPC, CPC-H, CPMA, CHC, CHRC,
Principal Consultant Products, Hayes Management
the costs of paying back overcharges can dramatically affect the cash flow and bottom line of any organiza-tion. Ensuring that hospitals’, medical groups’, and other providers’ operations are functioning appropri-ately to avoid such paybacks should be a high prior-
Nearly five billion dollars.
According to a report to Congress, that is the amount of federal health care dollars returned to the Govern-ment in FY2014 as a result of oversight and investiga-tions conducted this year by the Office of Inspector General (OIG). The focused areas for OIG audits in-cluded one-day/short inpatient length-of-stays, high severity diagnosis-related groups (DRGs), manufac-turer credits for medical devices, post-acute transfers, and same-day discharges and readmissions.
With the tight margins in the healthcare industry,
(772) 559-8782 Vero Beach, FL
H e a l t h c a r e R e c e i v a b l e s M a n a g e m e n t S p e c i a l i s t s
Estelle WelteSenior Vice President
Celebrating 28 Years of Service |100% Healthcare Exclusive | National Client Base All patient contact and work performed within the United States
Don’t Put-off Until Tomorrow...What we can collect for you today!
Extended Business Office / Early-Out• Self-Pay Recovery & Call Center• Insurance Recovery & Claims ResolutionSelf-Pay Collection & Bad-Debt Recovery ServicesSystem Conversions Assistance & A/R Clean-Up Projects
The 2015 HHS Office of Inspector General Work Plan is available online at:
https://oig.hhs.gov/reports-and-publications/workplan/
MM ISSUE_3r2.cs5.5 .indd 5 4/6/15 2:17 PM
Mass Media6
COMPLIANCE
ity. It is a matter of revenue integrity –keeping what they have been paid!
Each year the OIG releases its Work Plan detailing the areas of emphasis for their compliance audit activ-ities. Providers are encouraged to use this to prepare for potential audits. However, there is knowing the risk areas, and then there is executing the review of the risk areas. A more practical idea is to operational-ize the compliance risk Work Plan - use it as a guide to review the particular risk areas that applies to each organization. Everything in the OIG Work Plan may not apply to every organization, but choosing those risk areas that are most impactful can help create an effective risk-based compliance audit program.
Here are some suggested steps hospitals, medical groups, and other providers should be taking to ensure the ongoing compliance health their organizations.
TriageEvery good examination begins with a thorough assessment. Before defining needs, providers should assess the current risks for the entire organization. The OIG Work Plan provides a good beginning to help guide an organization through the risk assess-ment process.
Having a robust continuous compliance monitoring program is an important first step to identifying the areas at risk. Many compliance programs have key performance indicators or benchmarks that address the recognized OIG target areas. The key is to de-termine which risk areas apply to each organization. From there, providers can begin to track the applica-ble points. This highlights the objectives that require attention and where an organization’s resources ought to be deployed.
(continued on page 7)
(Using the OIG Work Plan - continued from page 5)
MM ISSUE_3r2.cs5.5 .indd 6 4/6/15 2:17 PM
Issue 3 7
COMPLIANCE
After key risk areas have been established, the final step in the Triage Process is setting up the dashboards to track and report continuous monitoring activities. This will identify which areas need more in-depth examination and which ones are performing at or above identified goals. It is important to remain flex-ible during this stage. As data are gathered, new issues can arise at any time so organizations need to be ready to add these to the list of items that will need further exploration.
DiagnosisOnce an organization has determined the OIG Work Plan items most at risk, it is time to define the extent of the potential problem within the institution. This is done by implementing a plan to delineate furhter the issues and help define what corrective actions need to be taken.
Part of the investigation at this point relies on
examining documentation and monitoring reports. Potential problem areas have been identified in the Triage phase, and sampling has reinforced or changed the findings in some areas. Auditing provides a deeper review into the operations to help further analyze the problems.
This is also the point where an organization leverages the data collected from internal systems and compares findings to external benchmarks, rules, and profes-sional standards or outcomes. From the comparison to the benchmark data, an organization can evaluate how it stacks up and which areas need additional fo-cused efforts. This is one of the fundamental activities of the audit process.
Upon final examination, most issues emanate from a failure in one of the following areas: people, process, or technology. The type of action needed to mitigate or implement a resolution will depend on which of the three areas is the actual cause of the problem.
(continued on page 8)
(Using the OIG Work Plan - continued from page 6)
The power of global connections
For marketing disclaimer, visit bankofamerica.com/disclaimer
Moving from paper to electronic with our HealthLogic
revenue cycle solutions helps take the pain out of
patient payments. It’s how forward-thinking hospitals
operate more efficiently every day.
baml.com/healthcare
MM ISSUE_3r2.cs5.5 .indd 7 4/6/15 2:17 PM
Mass Media8
COMPLIANCE
Take steps now to minimize your long term exposure to readmissions penalties.
BESLER Consulting expertly blends clinical and demographic data with your QualityNet hospital-speci�c report, furnishing you with a more detailed picture of provider readmissions and underlying causes a�ecting your unique population. BESLER can also assist you in developing strategies that can ultimately decrease readmissions so you can avoid Medicare penalties.
For more information on reducing your long term exposure to readmissions penalties, visit www.besler.com/readmissions.
Is your hospital one of the 2,225* receiving reduced
Medicare payments this year due to excess readmissions?
*Source: Kaiser Health News
@BeslerDotComEnhancing and protecting Medicare revenue for hospitals (877) 4BESLER | www.besler.com |
(continued on page 9)
TreatmentOnce an organization has identified the difficulties and their causes the final step is to initiate activities to resolve the problem area(s).
If the cause is human error, the organization will need to consider implementing a focused training program. In a time of constrained budgets, funding training programs sometimes falls down on the list of priorities. This can be shortsighted when considering the amount of federal payment and reimbursement at risk from issues affected by inadequately trained or unqualified staff members.
In a process related problem, the resolution will like-ly come from a thorough investigation and modifica-tion of the process by those directly involved. Many times the cause can be the existence of institutional knowledge or even a “that is always the way that we have done it” approach that is not documented and
so inadequately passed down.
Every process should be thoroughly vetted by key staff members, documented in a centrally located repository, and integrated into every orientation and retraining program. For the process to be effective, it needs to accomplish the projected purpose, which is consistently communicated to the entire staff.
For technology issues, many times the problem is the result of faulty or inadequately used informa-tion technology systems. Often there are multiple systems in place that are not integrated and essential data are not correctly transferred between systems. Additionally, there is also often an issue of staff not taking full advantage of all the system capabilities such as automated edits, Electronic Medical Re-cords “Smart” templates, and Charge Description Masters simply because they are not aware of what they have or they have been inadequately trained.
(Using the OIG Work Plan - continued from page 7)
MM ISSUE_3r2.cs5.5 .indd 8 4/6/15 2:17 PM
Issue 3 9
COMPLIANCE
Ensuring that everyone has a comprehensive sys-tems orientation and annual updates on how to use systems can go a long way to eliminating issues that cause problems.
A lack of system integration can also lead to the “silo effect” where different teams and departments become isolated from each other leading to valuable information going unused.
SummaryBecause of the massive financial impact of the annual OIG high-risk Work Plan areas, healthcare organiza-tions must have a sense of urgency and implement comprehensive risk based data improvement pro-cesses.
At over 150 pages, the breadth and depth of the OIG work plan can be overwhelming. It contains more
information than any one organization can easily digest. However, it cannot be ignored, and the wide-ranging nature of it cannot be an excuse for inaction. The key is to parse the report to the relevant portions for each organization and to prioritize issues in a way that minimizes their potential negative impact.
In the end, all problems in the OIG Work Plan are not going to be resolved. However, hospitals, medical groups, and other providers can certainly begin solv-ing the ones that most affect them. That in itself is a worthy goal. ❏
We’re proud to welcome Debra R. Cardinali and Patricia D. Weitzman to Verrill Dana.
As we expand our capacity in Connecticut, we are pleased to welcome these two talented leaders in health care law to our firm. Debbie focuses on health-care-related transactions and reorganizations.
Pat represents health care clients in corporate, regulatory and employment matters.
Based in our new Westport office, Debbie and Pat look forward to working with our clients throughout the Northeast.
D R. C P D. W
Westport, CT | Portland, ME | Boston, MA | Augusta, ME | Providence, RI | Washington, DCwww.verrilldana.com
Contact: Attorney Debra R. Cardinali | (203) 222-3128 | [email protected] Contact: Attorney Patricia D. Weitzman | (203) 222-3116 | [email protected]
33 Riverside Avenue, Westport, CT 06880
(Using the OIG Work Plan - continued from page 8)
About the Authors
Robert Freedman, MDAudit, Director of Market Development, Douglas R. Arrington, MSN, FNP, CMC, CPC, CPC-H, CPMA, CHC, CHRC, Principal Consultant Products, Hayes Management
MM ISSUE_3r2.cs5.5 .indd 9 4/6/15 2:17 PM
Mass Media10
COMPLIANCE
As tax-exempt healthcare providers (“providers”) find themselves in the midst of change and scrutiny on many fronts, tax-exempt healthcare financial ex-ecutives (“executives”) should continue to include tax on their long list of business and financial consider-ations. Aligning with taxable organizations, increased tax regulation, and securing top talent brings greater complexity for providers and the executives who lead them.
A Changing Landscape for ProvidersThe landscape is changing for providers. As the market shifts away from the fee-for-service model, and as providers look to enhance their focus on popula-tion health management, new and complex relation-ships will continue to evolve. Although it is not clear today what the future will hold, it is guaranteed that new models of care will continue to bring parties (for-profit and not-for-profit) together…..and when parties come together, providers should consider the tax implications that result from building these new relationships.
Mergers and acquisitions We continue to see mergers and acquisitions among providers, and acquisitions of physician groups. Per a report published by PwC’s Deals practice, mergers and acquisitions in the healthcare sector have seen a surge in 2014 with the total deal value having increased by 5.7% from $34.6 to $36.5 billion for the quarter end-ing September 30, 2014, compared to the same period in 2013.1
• Tax considerations include:
❍ Tax due diligence performed on the target (income, employment, tax-exempt bond compliance, compliance with hospital tax-exempt status requirements, compliance with the Patient Protection and Affordable Care Act (“ACA”), etc.)
❍ Addressing tax implications to the acquired or the acquirer based on the terms of the transaction. Tax implications on both sides of the transaction can impact the terms of the agreement including the purchase price and should be considered.
Formation of Accountable Care Organizations (“ACOs”)
Since the ACA was implemented more than 360 Medicare ACOs have been established which now serve over 5.6 million people.2
• Tax Considerations include:
❍ Choice of entity: Tax implications should be considered when deciding on a legal struc-ture for the relationship.
❍ Services beyond the Medicare Shared Sav-ings Programs (“MSSP”): The law is not clear on the income tax implications result-ing from non MSSP programs. Where an ACO is offering non MSSP programs the potential tax implications should be consid-ered.3
(continued on page 11)
Tax Issues for Today’s Tax-Exempt Healthcare Providers
By:Gwen Spencer, Partner, and Amyn Gillani, Senior Associate
PricewaterhouseCoopers LLP, Boston
1 PricewaterhouseCoopers, LLP, Q3 2014 US health services deals insights (November 2014).
2 CMS.Gov, “Fact sheets: Medicare ACOs continue to succeed in improving care, lowering cost growth” (November 10, 2014). http://www.cms.gov/Newsroom/MediaReleaseData-base/Fact-sheets/2014-Fact-sheets-items/2014-11-10.html (accessed November 2014).
3 IRS Fact Sheet, FS-2011-11, October 20, 2011.
MM ISSUE_3r2.cs5.5 .indd 10 4/6/15 2:17 PM
Issue 3 11
COMPLIANCE
❍ Private use of tax-exempt bond financed space: Use of bond-financed space by an ACO could be considered private use. Ex-ceeding the private business use limitations could impact the tax exempt status of the bonds.4
❍ Private benefit or private inurement: An ACO often brings for-profit and not-for-profit organizations together. Fair-market value/arm’s length principles should be considered such that the provider receives appropriate value for what they bring to the relationship.5
Other changes or areas of refocus Providers may consider joint arrangements that will involve the participation of a for-profit entity. Provid-ers involved in, or considering, a joint venture should evaluate the relationship for tax concepts similar to those noted above for ACOs including choice of entity, unrelated business income, private benefit, and private use of the tax-exempt bond financed facilities.
Along with merger and acquisition activity, providers are now also becoming insurers. This change is spurred by the cost efficiency incentives contained within the ACA.
• Tax considerations: The business of insurance op-erates with its own set of tax rules and regulations. Having insurance tax specialists at the table is critical to understanding the overall impact of the proposed insurance operations including the ele-ment of tax in the ongoing business operations.
As providers continue to evolve their Population Health Management initiatives and move away from fee-for-service to bundled payments, it is likely that providers will continue to seek new relationships and creative structures to manage their business in this complex environment. As organizations change, tax implications should be considered.
ACA Compliance ConcernsWith the implementation of the ACA, employers are faced with several additional filing requirements and fees. For example, 2015 is a big year for employers. In early 2016 employers are required to prove to the federal government that in 2015 they provided health-
care at or above the mandated level of coverage. This reporting is complex and requires healthcare organiza-tions to evaluate their processes to ensure compliance.
Employer mandate/shared responsibility - in general:Under the mandate, an employer may face penal-ties of up to $2,000 (indexed) for every full-time employee (sometimes referred to as the “A” penalty), if the organization had 100 or more “full-time or full-time equivalent” employees in 2014 (50 or more in 2015 and later) and fails to provide at least 70% of these full time employees with healthcare coverage throughout 2015 (95% in later years).
The provider must also ensure that it provides “mini-mum essential coverage” to its full time employees that is “affordable”6 and provides at least “minimum value”.7 Otherwise, the provider may also face penalties of up to $3,000 (indexed) for each full time employee receiving subsidized health insurance secured through an exchange (this may be referred to as the “B” penalty). Safe harbors and transition rules are available if the organization or its health plans meet certain requirements. Compliance may be particularly difficult for providers with temporary employees, per diem/on call, adjunct or part-time staff since the government’s definition of “full-time” may
(continued on page 12)
(Tax Issues - continued from page 10)
4 The IRS has also now clarified through Notice 2014-16 that healthcare organizations with tax-exempt bond financed facilities, can structure certain arrangements within the ACO context to avoid private business use. Private business use is the use of a tax-exempt bond financed facility by a person or organization other than a 501(c)(3) tax-exempt organization.
5 Notice 2011-20 continues to reflect the IRS’s expecta-tions with respect to ACOs and lays out five factors as guidance to analyzing the existence or private inure-ment or impermissible private benefit.
6 Employee’s required contribution for the lowest-cost self-only coverage option offered by the employer does not exceed 9.5% of the employee’s household income.
7 The actuarially projected cost of covered benefits is at least 60%.
MM ISSUE_3r2.cs5.5 .indd 11 4/6/15 2:17 PM
Mass Media12
COMPLIANCE
be inconsistent with how your organization defines “full-time”.8 Most health care providers will be at risk for this penalty because they are likely to have at least one full-time employee eligible for subsidized coverage on the basis of low to moderate income if they are not offered employer-sponsored coverage.
IRS and employee reporting Any employer providing self-insured health coverage, and any employer with 50 or more full-time employ-ees in 2014, has reporting obligations covering the 2015 calendar year. Starting January 1, 2015, employ-ers must track monthly information about their “full-time employees,” the health coverage they offer, and who is covered under their self-insured health plans. Reports to IRS and employees are due early in 2016.9
Over 15 data elements must be reported for each cal-endar month, relying on underlying data that includes tracking hours of many employees. Unlike typical wage or other tax information reporting, the informa-tion needed may be housed in different systems (pay-roll, benefits, etc.) and under management of different
internal and external stakeholders/vendors. Systems and processes will need to be developed to capture the needed information. Whether your organization pre-fers to outsource or handle the reporting in-house, the implementation time should not be underestimated, particularly if multiple data sources are involved.
In general, compliance with the ACA requires effec-tive coordination among human resources, payroll, and the finance/tax teams. In many situations, this coordination has been less than optimal as communi-
(continued on page 13)
(Tax Issues - continued from page 11)
8 http://www.irs.gov/Affordable-Care-Act/Employers/Questions-and-Answers-on-Employer-Shared-Re-sponsibility-Provisions-Under-the-Affordable-Care-Act#Liability.
9 Employers will need to provide employees with Form 1095-C and transmit this information to the IRS using Form 1094-C. The forms include information regarding self-insured coverage among other specifics including dependents covered.
MM ISSUE_3r2.cs5.5 .indd 12 4/6/15 2:17 PM
Issue 3 13
COMPLIANCE
reasonableness shifts the burden of proving that compensation is unreasonable to the IRS.12 Tax reform could contain additional requirements around this presumption. It is a good time to revisit this area to be certain that your organiza-tion stacks up.
❍ Does the organization have established poli-cies and procedures in place where the:
• compensation and benefits of executives have been approved by the organization’s board,
• comparable compensation has been used to establish compensation, and the pro-cess of establishing compensation, and
• compensation conclusions have been contemporaneously documented?
• Complying with accountable plan rules and ex-pense report sign-off policies: Are the organiza-tion’s executives following the accountable plan rules by documenting expenses and indicating a business purpose? Does the organization require a sign-off of expense reports submitted by senior management?
• Deferred compensation: Does your organization annually review the one-off deferred compensa-tion arrangements of its executives and other individuals reported on Form 990 to determine whether income tax reporting and reporting on Form 990 is complete and accurate?
(continued on page 17)
cation between these departments is often unnatural due to an organization’s structure. To avoid penalties executives should ensure that the organization has these requirements covered. We have highlighted just one example of the IRS reporting obligations under the ACA above. However, there are others to consider when implementing the ACA requirements.
Executive Compensation – Focus ContinuesComplex organizations seek to hire talented leader-ship and competition in the marketplace may cause providers to pay top dollar to secure these resources. The government and the public seek transparency and, along with that, an understanding that com-pensation is reasonable. Compensation levels paid to executives and other key individuals continue to receive attention by federal and state governments as well as from many other constituencies.
Last spring then House Ways and Means Chairman David Camp (R-MI) introduced the Tax Reform Act of 2014 (“Act”). It includes several provisions focused on compensation. For example, the Act proposes a 25% excise tax on exempt organizations that pay compensation in excess of $1 million to any of its five highest compensated employees (current or former). This Act also includes a new entity level tax of 10% when an organization engages in an excess benefit transaction.4 Although these provisions may never become law, this illustrates a point-of-view on executive compensation as part of possible tax reform.
In addition to federal scrutiny, several state Attorneys’ General offices have focused on CEO compensation practices. For instance, in December 2013 the Mas-sachusetts Attorney General’s office released a report entitled “Massachusetts Public Charities CEO Com-pensation Review”. The study reviewed the com-pensation practices of 25 of the largest charities in Massachusetts, of which 13 were hospital/healthcare systems. The report concluded that more compre-hensive reporting of executive compensation arrange-ments should be required.11
What to consider
• The rebuttable presumption of reasonable-ness: Establishing a rebuttable presumption of
(Tax Issues - continued from page 12)
10 Camp, Dave “Tax Reform Act of 2014”, Committee on Ways and Means. February 26, 2014 http://way-sandmeans.house.gov/uploadedfiles/ways_and_means_section_by_section_summary_final_022614.pdf.
11 Massachusetts Attorney General, Massachusetts Public Charities CEO Compensation Review”. Dec 2013 http://www.mass.gov/ago/docs/nonprofit/ceocomp/ec-review.pdf.
12 Treas. Reg. Section 53.4958-6.
MM ISSUE_3r2.cs5.5 .indd 13 4/6/15 2:17 PM
Mass Media14
COMPLIANCE
Q. HFMA MassMedia Ms. Burns: Besides risks associated with complying with laws and regula-tions related to payment for services, there are many other business risks healthcare organizations face. What are one or two risks that you have identified, and how have you and your organi-zation taken actions to mitigate those risks?
A. Sally Mason-Boemer: Like many organiza-
tions, ours uses a formal, annual process to en-sure risks are systematically identified and man-aged. Two categories of heighted business risk that I would highlight are Information Systems and Payment Reform/Patient Affordability.
The primary drivers for including information systems are related to data security (i.e., highly
By: Linda A. Burns, M.H.A., M.B.A.Board Member, Healthcare Financial Management Association Mass. and Rhode Island, and Co-Editor, HFMA MassMedia
(continued on page 15)
CFO INTERVIEW
HEALTHCARE EXPERTISE
• ManagedCareStopLossInsurance&Reinsurance• ProfessionalLiability,Property,Casualty&ExecutiveLiability• EmployeeBenefits,PharmacyBenefitManagement,Communications
&Enrollment• EquipmentMaintenanceManagementPrograms• HealthCareDataPrivacy&Security
Dubraski & Associates is a Privately-Held, Independent Insurance Brokerage andconsulting company that specializes in
providing unbiased solutions to the healthcare industry across all lines of business.
Tracy Hoffman • Principal 860.927.0995 • [email protected]
Interview with Sally Mason-Boemer Senior Vice President for Finance at Massachusetts General Hospital and North Shore Medical Center
MM ISSUE_3r2.cs5.5 .indd 14 4/6/15 2:17 PM
Issue 3 15
COMPLIANCECFO INTERVIEW
sensitive personal information) and business continuity but also the real-time reporting tools that providers and management need to make informed decisions for patient care and emerg-ing payment methodologies. The magnitude of investment hospitals and health systems are making in business intelligence and integrated electronic medical records warrant careful oversight to ensure smooth implementation and that the proposed benefits are realized. During our phased implementation of Epic at Mass. General Hospital (MGH), we are carefully monitoring the status against project timelines and deliverables and collecting baseline perfor-mance metrics for monitor trends post go-live.
Payment Reform/Patient Affordability is a fairly broad umbrella intended to keep focused attention on the cost of health care to society and efforts to “bend the curve”. The specific actions for addressing this challenge range from utilization initiatives (medical home, man-agement of high risk patients) to alternative payment approaches (risk contracting, bundled payments) to tried and true approaches to cost reduction (supplies, length of stay (LOS), care pathways/redesign). While it may sound cliché, providers do need to show they are part of the solution and not the problem in management of health care costs for society.
Q. HFMA MassMedia Ms. Burns: More physi-cians are engaging in leadership roles for finan-cial management and quality for clinical services and programs, whether as a chief of service or medical director or clinical leader. How would you define financial literacy for a physician who aspires to be an effective chief of service or medi-cal director in an organization such as yours?
A. Ms. Mason-Boemer: An important com-petency for any finance leader is to be able to translate data into meaningful information and communicate the “story” to the clinical and operational leaders of the organization. Clini-cal leaders in particular are hungry to under-stand the drivers of performance and can be an important partner for helping to interpret
“why” certain trends are occurring. The keys to communication are 1) avoiding the techni-cal jargon, 2) using graphs/charts to help with a meaningful visualization of the data, and 3) conveying only the most important points in a few bullets. At MGH and our associated physician organization (MGPO), we do invest in leadership training for promising young to mid-career physicians. The finance section of the course is intentionally kept simple to focus on the incentives associated with the various payment methodologies (e.g., Diagnosis Re-lated Groups, capitation), how costs behave in correlation to volume (fixed, variable), and what questions to ask of their finance/administrative counterparts when evaluating a variance to budget or new program proposal.
Q. HFMA MassMedia Ms. Burns: More hospi-tals, medical groups, and healthcare organizations are employing matrix organizations, flattening hierarchical reporting structures, and employing more team-based and group-based approaches to perform work, resulting in more meetings and cross-functional interaction among people in multiple departments. How can a CFO assure financial accountability for results when teams are used? How is accountability determined?
A. Ms. Mason-Boemer: Many health care or-ganizations like ours are seeing the value of organizing care in ways that make sense from the patient’s perspective. Multi-disciplinary care centers (e.g., Cancer or Heart Center) are great examples of that evolution intended to improve the coordination of care and patient experience. However, the potential downside relates to the cost structure and efficiency as-sociated with layering the center model on top of our existing departmental based structures. Particularly at academic medical centers, there is a strong rationale for the traditional depart-ment structures for faculty appointments which makes it a challenge/risk to further empower the centers/service lines. We’ve utilized a hybrid approach, cross-walking volume to give credit to both the center and depart-
(Interview with Sally Mason-Boemer - continued from page 14)
(continued on page 16)
MM ISSUE_3r2.cs5.5 .indd 15 4/6/15 2:17 PM
Mass Media16
COMPLIANCECFO INTERVIEW
ment and taken care in appointing a leader of the center who has the credibility to manage and motivate in a complex matrix structure.
Q. HFMA MassMedia Ms. Burns: How or in what ways can CFOs restructure data to support strategic financial planning and to improve performance for quality of care?
A. Ms. Mason-Boemer: The finance organization oversees a significant amount of transactional data that can be integrated and leveraged to gain strategic insights and guide improve-ment initiatives. While our cost accounting system is still an important resource tying together patient utilization/billing data with
Sally Mason Boemer is Senior Vice President for Finance, Massachusetts General Hospital, Boston, and North Shore Medical Center, Salem, Mass. As SVP, she has responsi-bility for planning and directing the financial operations and Admitting/Registration services of the hospitals. She is a member of the financial leadership team of Partners HealthCare System, the parent corporation, where she plays a role in establishing fiscal policies and the strategic frame-work for capital, operating, and investment decisions. She has recently taken on a new role in helping the two hospi-tals implement new clinical and revenue cycle information systems using Epic. She has worked for both the MGH and Partners for more than 20 years in a various budgeting, financial analysis and hospital management roles. She has a BS in Human Services from Cornell University and a Masters in Health Administration from the University of Michigan.
Sally Mason Boemer
Massachusetts General Hospital, Boston, andNorth Shore Medical Center, Salem, Mass.
Senior Vice President for Finance
operating costs, it is just one source in a more robust analytical toolkit. In order to improve the cost and efficiency of the care we deliver, we need to improve our understanding of throughput and utilization of key assets like beds, operating rooms, and major equipment like the proton beam. Predictive models have provided some insights into how our internal processes can sub-optimize utilization. Simi-larly in quality, there are ongoing efforts to track timeliness of certain procedures and interventions and correlate the process and outcome measures. Finance can play a key role in advocating for the centralization of data combined with powerful analytic tools and encourage sharing of best practices. ❏
(Interview with Sally Mason-Boemer - continued from page 15)
MM ISSUE_3r2.cs5.5 .indd 16 4/6/15 2:17 PM
Issue 3 17
COMPLIANCE
Tax Exempt Status for HospitalsFinal Hospital RegulationsIn December of 2014 final regulations were issued providing further clarification and solidifying how tax-exempt hospitals must act to maintain their tax-exempt status.7 In general, the final regulations apply for tax years beginning after December 29, 2015.14
Background: In 2010, the ACA added four new requirements for tax-exempt hospitals to comply with in order to retain their exempt status under IRC section 501(c)(3). Prior to this law, tax-exempt hospitals were tax-exempt under general charity provisions.15
In order to maintain tax-exempt status as a hospital, organizations must now meet requirements in the fol-lowing areas under IRC Section 501(r) and the final regulations:
• Financial assistance policies must include particular information and must be publicized, • Charges for care provided to individuals eligible
for financial assistance are subject to specific limitations,
• Billing and collections must be conducted in a particular manner, and
• A Community Health Needs Assessment must be conducted at least once every three years, and hospitals must adopt an implementation strategy to meet the needs identified.
What to consider Since the passage of this law in 2010 several pro-posed regulations have been released. However, now that the final regulations have been released, what a hospital needs to do in order to maintain tax-exempt status has been clarified. Therefore, it is important for hospitals to re-evaluate their approach to compli-ance including a revisit of policies and procedures in the four areas noted above to ensure that the organi-zation maintains its tax-exempt status.
The reporting of expenditures for charity care The federal government does not mandate a level or
percentage of charity care expenditures for provid-ers. Since 2008, the IRS Form 990, Return of Or-ganization Exempt From Income Tax, has included Schedule H, Hospitals, which tax-exempt hospitals are required to complete in order to report the total amount of charity care and community benefit they provide. Ultimately, this enables the IRS (and the public) to see the cost of charity care and community benefit as a percentage of the tax-exempt hospital’s total expenditures. Schedule H also requires tax-exempt hospitals to provide a detailed description of their charity care policies. We see many hospital constituencies utilizing this information to evaluate a hospital’s level of charity care spend. The IRS will use this information in a report that it is scheduled to provide to Congress in 2015.16 The intent of the report is to provide Congress with information that will help them consider whether to impose a mini-mum level of charity care expenditures for providers in order to maintain their tax-exempt status.
Many providers have already started down the path of change and have considered tax issues as their business evolves. This will continue to be important as further industry transformation occurs. In par-ticular, stay tuned for more to come with the ACA. Hospitals should also take a fresh look at what is required to maintain tax-exempt status now that the final regulations have been issued. ❏
13 Treas. Reg. 1.501(r).
14 Prior to this date organizations may rely on a “reasonable, good faith interpretation of section 501(r).” Treas. Reg. Section 1.501(r)-7.
15 Traditionally, compliance has been based on the “community benefit standard” set forth in a 1969 IRS Revenue Ruling (Rev. Rul. 69-545, 1969-2 C.B.117).
16 ACA Section 9007(e)(2).
Gwen Spencer, Partner, and Amyn Gillani, Senior Associate at PricewaterhouseCoopers LLP, Boston
About the Authors
(Tax Issues - continued from page 13)
MM ISSUE_3r2.cs5.5 .indd 17 4/6/15 2:17 PM
Mass Media18
COMPLIANCE
In a not so distant past, physicians were accustomed to sales representatives from pharmaceutical and device manufacturers taking them out to expensive meals and providing them with luxurious trips. Over time, this process has greatly changed. The government started looking into these relationships and determined that some of these expensive meals and trips were actually kickbacks to physicians encouraging them to use certain products. The Anti-Kickback Statute prohibits the ex-change, or offer to exchange, anything of value in an ef-fort to induce the referral of federal healthcare business. Additionally, many teaching hospitals started creating conflict of interest policies. These policies generally prohibit physicians from participating in human subject research involving a product of a company if they also
receive in excess of a certain dollar amount from that same company. As a result of these investigations and policies, Senator Grassley started pushing for federal regulations governing these relationships between manufacturers and physicians.
Sunshine Act BasicsCongress created the Physician Payment Sunshine Act (Sunshine Act) as part of the Affordable Care Act. At a high level, the Sunshine Act requires manufactur-ers of pharmaceutical compounds, devices, biological substances, and medical supplies, also known as appli-cable manufacturers, to track and report to the Centers for Medicare and Medicaid Services (CMS) payments and transfers of value made to licensed physicians and teaching hospitals. Additionally, applicable manufactur-ers and group purchasing organizations must report any ownership or investment interest held in the entity by a licensed physician or a physician’s family member. The first period for tracking payments and transfers of value was from August 1, 2013 through December 31, 2013. Reporting periods will cover a full calendar year in sub-sequent years. Reports are made through CMS’s Open Payments system, another name CMS has provided for the Sunshine Act.
The intent behind the Sunshine Act was to allow patients access to the interactions their physicians may have with industry. This will allow patients to ask their physician questions about these relationships, and better determine if they are truly receiving unbiased treatment.
Payments are broken into three categories: Research Payments, General Payments and Ownership. General Payments are to be categorized within certain Nature of Payment Categories such as travel, food and beverage, consulting, honoraria, gifts, or entertainment. Research Payments must disclose the recipient of the payment and the principal investigator.
(continued on page 19)HEALTHCARE ADVISORS
Our focus: Your net gain.
We make it our business to help clientsin the healthcare industry keep up with:
Certificates of Need (CON)ACA ChallengesRevenue Cycle ImprovementHealthcare ComplianceCredentialingMerger & Acquisition Alignment
Learn how we will work to deliver a netgain for you. Call us at 203 288 6860 orvisit vantagepointconsult.com.
The Physician Payment Sunshine Act: What Is It and What Is Next?
By:Jillian A. Watts, Esq. CHC
MM ISSUE_3r2.cs5.5 .indd 18 4/6/15 2:17 PM
Issue 3 19
COMPLIANCE
Each year manufacturers will be required to submit their payments to CMS in an electronic format and attest to the accuracy of the submitted payments. CMS will then provide physicians and teaching hospitals with a 45-day period to review and dispute any payments that are being reported under their name. However, in order to participate in this process, physicians and teaching hospitals must complete a registration process with CMS. This dispute resolution process will occur strictly between the manufacturer and the physician or teach-ing hospital; CMS will play no role in this process. At the end of the 45-day review period, manufacturers will then have an additional 15-day window to resubmit corrected data to CMS and re-attest to the accuracy of the newly submitted data.
CMS is then required to post this data on a public web-site. For the first short reporting period, this website was made available on September 30, 2014. In subsequent years, the data will be posted by June 30 of the follow-ing calendar year. Any payments that were disputed and not resolved will appear with a note indicating the payment is being disputed. All other payments will ap-pear as is.
One Hospital’s Sunshine Act ExperienceSince the Sunshine Act would have a large impact on physicians, Beth Israel Deaconess Medical Center decided to undergo a large education campaign. The first step taken was to create a communication plan. The Medical Center decided that a webinar would be the proper first step before the final regulations imple-menting the Sunshine Act were released. This would allow interested physicians to begin to understand this new federal regulation. Once the final regulations were released, the Medical Center decided to conduct in per-son educational seminars at faculty meetings through-out the Medical Center. In-person meetings were chosen because of the importance of this regulation to all physicians. An in-house expert from the Compliance Office gave these presentations. Most physicians in at-tendance were quite interested in hearing the details of the Sunshine Act. Although many were not happy with the potential implications, most understood that it was better to understand the regulation and be as prepared as possible for what was to come. Once the registration process opened, the Medical Executive Committee sent
(continued on page 20)
Role: Name: Initials: Date: Order Role: Name: Initials: Date: Order
Proofi ng GCD
Project Mgr. Art Buyer
Writer Account Exec.
Art Director Senior Level AE
ACD Other
Production Lead Jeff H Other
Production Artist Production Mgr.
When insights lower your cost to collect.
That sparks success.
Driving down costs depends on actionable insights. With exception-based task management, you can control every aspect of your health system’s A/R—an approach that’s helped one customer reduce its cost to collect to below 4%*. That’s just part of how Centricity™ Business can help you connect productivity with care.
Visit gehealthcare.com/CentricityBusiness to see how our software and services can help spark your success.
©2014 General Electric Company – All rights reserved. Centricity Business, GE and GE Monogram are trademarks of General Electric Company.GE Healthcare, a division of General Electric Company. *WESTMED case study. Individual results may vary.
ENTERPRISE IMAGING CARE DELIVERY MANAGEMENT POPULATION HEALTH FINANCIAL MANAGEMENT
GEHCHCIT4052_Financial_7_25x4_75_BW.indd 1 9/11/14 2:24 PM
(The Physician Payment Sunshine Act: - continued from page 18)
MM ISSUE_3r2.cs5.5 .indd 19 4/6/15 2:17 PM
Mass Media20
COMPLIANCE
a blast email to all physicians informing them that they could begin registration. The same process was used when the dispute resolution period opened.
The registration process for physicians was quite lengthy. For the first year, it was broken out into two phases. Physicians had to first register with the CMS Enterprise Portal, and then finish registration by requesting access to the Open Payments System. The first part of registration was not too difficult. The second phase was not as easy. The Medical Center quickly discovered that only certain internet browsers were sup-ported by the Open Payments System. Unfortunately, the standard browser at the Medical Center was not one of the supported browsers. As a result, many physicians at the Medical Center were advised to register on their personal computers. Once a physician got into the sys-tem with a supported internet browser, the process did not move along any easier. Directions for registration were buried in a 361-page User Guide. To help ease the registration process, the Compliance Office created step by step instructions with screen shots that were sent to all physicians. Complicating the registration process was a time-out period of only 15-minutes in the system. By the time physicians had gathered all of the information they needed to register, they were timed out and had to start again. These complications led to many physicians throwing their hands up in frustration and not complet-ing the registration process.
If physicians completed registration, they could then participate in the dispute resolution process. One physi-cian reported to the Medical Center that she could see payments that did not belong to her. The details of the payment reflected that the name was correct, but other identifying information such as her address and National Provider Identifier did not match. Physicians throughout the country reported similar errors to CMS. As a result, CMS pulled the entire database down in August. When the system was available again, CMS indicated that about one-third of the data had been pulled down. This data was sent back to manufactur-ers to correct errors and would not be posted with the September 30 public release of the data.
Additionally, there were flaws with the dispute pro-cess. When a physician or teaching hospital initiates a dispute, they are provided with a text box to provide details of their dispute to the manufacturer. Within this text box numbers and certain special characters are not allowed. This initially prevented a user from provid-ing a phone number or email address. Physicians and
teaching hospitals started spelling out phone numbers (six one seven) and using AT (instead of “@”) to com-municate contact information.
Another area of concern for many physicians and hospitals is indirect payments. Under the regulations, manufacturers are required to report payments that were indirectly made to physicians and teaching hospi-tals. Indirect payments occur when a payment is made by a manufacturer to a third party, and that payment is ultimately received by a physician or teaching hospital. This was a problem at the Medical Center because our finance team has payments attributed to the company that actually made the payment. Under the Sunshine Act, the payment may be reported by a manufacturer that is different from the payor tracked by the hospital. This often required lengthy discussions with a manu-facturer to determine where the payment was passed through so the Medical Center could properly identify the payment.
Indirect payments are of concern for physicians for another reason. At the Medical Center, physicians are required to report on an internal database all of their outside personal activities. Some physicians disclose relationships with clinical research organizations (CROs). These relationships are research based and generally require the physician to perform blinded re-search reviews. However, when the Compliance Office did an audit of payments reported under the Sunshine Act as compared to payments reported internally, there were some discrepancies. After discussions with the physician and the Compliance Office, it was deter-mined that the discrepancies were due to these indirect payments and did not pose a conflict. However, it did create extra work for both the physician and the Com-pliance Office.
The data for the first reporting period became avail-able on a public website on September 30, 2014. CMS initially de-identified approximately $2.2 billion worth of data. Some of the de-identified data was still under dispute. CMS has since updated the data publicly available and all disputed data is now available. This data has either been resolved, or appears with a note indicating it is still being disputed. Additionally, some data has been sent back to manufacturers to review and correct. This data will be uploaded with all of the 2014 data and will be available with the upcoming review dispute process.
(continued on page 21)
(The Physician Payment Sunshine Act: - continued from page 19)
MM ISSUE_3r2.cs5.5 .indd 20 4/6/15 2:17 PM
Issue 3 21
COMPLIANCE
Ms. Watts was previously the Conflict of Interest Specialist, Beth Israel Deaconess Medical Center. At the time of this publica-tion, Ms. Watts is no longer with Beth Israel Deaconess Medical Center.
About the Author
Looking Ahead to 2015 and BeyondThe next set of data is scheduled to become publicly available on June 30, 2015. Since CMS has had time to correct some of the flaws from the first short year, the media will certainly switch their attention to the details of the payments. Additionally, the government will also likely start looking at the data for potential investiga-tions relating to the Anti-Kickback Statute, the False Claims Act, and other regulations. As stated earlier, the Anti-Kickback statute prohibits manufacturers from offering anything of value to a physician or hospital to induce the use of a product that could impact a federal healthcare program. Certain categories of payments will certainly be targeted for review. Under General Payments, Nature of Payment categories such as gifts, entertainment, food and beverage, travel and lodging, and payment for services other than consulting will cer-tainly receive the most scrutiny. Any payments in these categories that seem unusually high will likely trigger a review by the federal government. Additionally, these categories will also likely gain attention from the media.
Since the media and government will likely become
much more interested in the data for the first full reporting year, it is more critical than ever for physi-cians to register with CMS so they can participate in the upcoming review and dispute period for the 2014 data. The Medical Center hopes that its initial educa-tion campaign provided physicians with the tools they needed to successfully register and participate in the dis-pute resolution process. Another round of blast emails will be coming to physician inboxes as the start of the next process begins. Although the vast majority of the relationships that appear on the Sunshine database are beneficial to science, medicine and patients, we can only hope the media does not put a negative twist on the data come June 30, 2015. ❏
(The Physician Payment Sunshine Act: - continued from page 20)
MM ISSUE_3r2.cs5.5 .indd 21 4/6/15 2:17 PM
Mass Media22
COMPLIANCE
The following members recently joined the Massachusetts-Rhode Island Chapter of HFMA. We welcome you to the Chapter and encourage you to take advantage of the many professional development, networking and information resources available to you at HFMA. Other HFMA members are a terrific resource for your everyday professional challenges – we encourage all members, current and new, to get involved with HFMA committees and social activities. And… use the Membership Directory – it’s a great resource! We value your membership, so please send us feedback or questions on your HFMA experiences to [email protected].
Welcome New Members!
Nancy BalianBoston Children’s Hospital
Erin P. CouturePwC
Sheila DestrampLawrence General Hospital
Jennifer Doorly MagazinerPricewaterhouseCoopers LLP
David J. DreherErnst & Young LLP
Robert Michael Hallisey, Jr.HBCS
Michele F. KargHuron Consulting Group
James KennedyMarcum LLP
Barry N. Koslow, JDMKA
Mark B. LewisGragil Associates, Inc./Audit
Billing Center, Inc.
Marie MansfieldPartners HealthCare System, Inc.
Meg McCauleyMassachusetts General Physicians Organization
David MercierAdvanced Patient Advocacy
Andria MuscatielloPwC
Gloria A. PerezLawrence General Hospital
Edwin RuizBrigham & Women’s Hospital
Ankur Sharma
Christina TatroHarvard Vanguard Medical Associates
Joyce WilletteOracle
Jacqueline WrightBoston Heart Diagnostics
Donna M. ZappalaLawrence General Hospital
January 1, 2015 – February 28, 2015
MM ISSUE_3r2.cs5.5 .indd 22 4/6/15 2:17 PM
Issue 3 23
COMPLIANCE
Providers, health plans, and business associates all need to be aware of and prepare for upcoming Health Insurance Portability and Accountability Act (“HIPAA”) audits conducted by the Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“HHS”). Under the Health Informa-tion Technology and Clinical Health Act (“HITECH”) Act, HHS is required to perform audits of the HIPAA compliance of both covered entities and business as-sociates. OCR, through its third party vendor KPMG, conducted Phase I of the HIPAA audit program in November and December of 2011. Phase II audits were scheduled to begin in the fall of 2014, but have been delayed to 2015, giving entities subject to HIPAA a bit of additional time to prepare for a potential audit.
(continued on page 26)
BackgroundThe Phase I audit findings were underwhelming. Only 11% of entities audited in 2011 had no find-ings or observations. Most of the audit findings related to HIPAA Security Rule compliance, but there were also findings related to Privacy Rule and Breach Notification compliance. The findings from Phase I and the Phase I audit protocol (available at www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/protocol.html) are excellent resources for entities as-sessing their own HIPAA compliance and preparing for a Phase II audit. OCR will update the audit tool for its Phase II audits, but the new tool will likely be similar to the Phase I tool. For Phase II, OCR will conduct the audit primarily in-house through docu-ment review using a web-based portal for the sub-mission of documentation. OCR has also indicated that there will be some on-site audits as well. OCR expects to send pre-audit surveys to 550-800 covered entities. Those covered entities will be asked to provide information about their business associates, and from that pool, OCR will select the business as-sociates to be audited. OCR plans to do a full audit of 350 covered entities and 50 business associates.
Be PreparedEntities subject to HIPAA, and therefore potentially subject to audit, should be preparing now.
• Be Aware of HIPAA Requirements – In Phase I, OCR identified that many entities were non-compliant because of a lack of awareness of their obligations under HIPAA. OCR has provided a number of resources for entities to learn about their HIPAA obligations and will not look favorably on any en-tity claiming ignorance of requirements. A number of these resources are available on OCR’s website at http://www.hhs.gov/ocr/privacy/hipaa/understand-ing/training
• Review the Security Risk Assessment (or Conduct an Assessment if Not Previously Done) – In Phase I, and
Preparing for Phase II HIPAA AuditsBy:
Dianne Bourque, Esq. and Kate Stewart, Esq.
MM ISSUE_3r2.cs5.5 .indd 23 4/6/15 2:17 PM
Mass Media24
COMPLIANCE
The HFMA Massachusetts-Rhode Island Chapter hosted its annual Compliance Update seminar on Friday, December 12th at the Doubletree Hotel in Westborough, Massachusetts. We appreciate all those who were able to attend this program.
This year the event kicked off with our keynote panel-ists Dianne Anderson, President & CEO, Lawrence General Hospital, and David Spackman, GC and SVP for Regulatory Affairs, Lahey Health System, discussing the future of the healthcare landscape and the chal-lenges facing our newly elected officials. Fellow panel-ist Michael Caljouw, VP of Government and Regula-tory Affairs, Blue Cross Blue Shield MA, served as the moderator of the discussion. The different types of organizations that were represented by the panelists made for an interesting discussion around the impli-cations of the current issues facing the industry and how their organizations are preparing to address what challenges are expected in the future.
The next session was based on Privacy and Security and touched on a few timely issues. Norma Chitvanni, Privacy Officer and Director of Privacy & Confidential-ity, BIDMC, gave a presentation that provided great examples of how BIDMC has been creative in helping to educate all of their employees about privacy mat-
Compliance Update Synopsis
ters. This was followed by David Szabo, Partner, Edwards Wildman Palmer LLP, presenting information on the latest local HIPAA breaches, the national enforcement trends, and a sobering look at what cyber security risks may be looming on the horizon. The final portion based upon the Payment Card Industry standards and what risks exist beyond HIPAA was presented by Will Nowik, Senior IT Assurance Man-ager, Wolf & Company, P.C..
Keynote panelists (from L to R): David Spackman, GC and SVP for Governmental Affairs, Lahey Health System, Dianne Anderson, President & CEO, Lawrence General Hospital, and Michael Caljouw, VP of Governmental Affairs, BCBSMA; Matt Smith, Compliance Committee Chair
Attendees (L to R) Beth O’Toole, Lynn O’Toole, and Geraldine Geary
(continued on page 25)
Attendees (L to R) Beth O’Toole,Beth O’Toole,Beth O’Toole Lynn O’Toole, and Lynn O’Toole, and Lynn O’TooleGeraldine Geary
(continued on page 25)
MM ISSUE_3r2.cs5.5 .indd 24 4/6/15 2:17 PM
The morning session was completed with the annual OIG Work Plan review presented by Timothy Hogan, FHFMA, Compliance and Privacy Officer, Harvard Vanguard Medical Associates and Atrius Health. In addition, Robert Freedman, Director of Market Devel-opment, Hayes Management, provided ideas on how organizations can take the information from the OIG Work Plan and other data provided by the government (PEPPER reports, as one example) to perform self-audits to identify or reduce potential risk areas.
The first afternoon session presented by Brian French, Partner, Nixon Peabody LLP, and Jillian Watts, Conflict of Interest Specialist, BIDMC, focused on the Sunshine Act and what lessons have been learned with the implementation of the Open Payments system. They
provided information around what the impact has been and how to best prepare and educate your own organization to comply appropriately.
The day concluded with an attendee favorite session that focused on Healthcare Fraud and Enforcement Trends. The audience heard some different perspec-tives from Zachary Cunha, Assistant U.S. Attorney, District of Rhode Island, and Paul Shaw, Partner, Verrill Dana LLP.
The Chapter would like to thank all of the panelists/speakers, Matt Smith and David Tolley, who were the Program Coordinators for this year’s event, and the entire Compliance Committee. We’re already looking forward to our program for next year!
Above: Sunshine Act presenters Brian French, Partner, Nixon Peabody LLP, and Jillian Watts, COI Specialist, BIDMC
Pictured below: Attendees Beth O’Toole & William Wyman, FHFMA
At left: OIG Work Plan presenter Timothy Hogan, FHFMA, Compli-ance & Privacy Officer, HVMA and Atrius Health, and Keynote panelist Dianne Anderson, President & CEO, Lawrence General Hospital
Photos courtesy of Tony Slabacheski, Regional Medical Waste
continued from page 24)
MM ISSUE_3r2.cs5.5 .indd 25 4/6/15 2:17 PM
Mass Media26
COMPLIANCE
in many recent breach investigations, OCR cited the lack of a complete and accurate security risk assessment as a major gap in many organizations’ HIPAA compliance programs. Without perform-ing, and regularly updating, a risk assessment, an entity cannot ensure that the protected health information (“PHI”) it handles is secure. Covered entities and business associates should perform a risk assessment and update it on at least an an-nual basis and whenever there is an operational change with the potential to affect PHI, such as the implementation of a telecommuting program or new software or hardware. Importantly, entities need to perform their own risk assessments; as with all HIPAA requirements, an off-the-shelf, one-size-fits-all approach to a risk assessment will not suffice. OCR has put out a security risk assessment tool (available at http://www.healthit.gov/providers-professionals/security-risk-assessment) that entities can use to assess and document their security risks.
• Demonstrate Compliance with Policies and Procedures – OCR will be examining not only an entity’s written HIPAA Policies and Procedures, but will also be
examining whether those Policies and Procedures have been implemented and will be looking for evi-dence of implementation, such as executed business associate agreements, evidence of staff participation in training, and security incident logs.
• Inventory Business Associates – In Phase II, covered entities will be asked to provide a list of all of their business associates. Covered entities should prepare by having a list of their business associates ready. This is also a good time to confirm that all necessary business associate agreements are in place and that they were updated to be compliant with the Omnibus Rule.
• Address Gaps Now – Entities that identify gaps in their HIPAA compliance program should work to correct them immediately and should not wait for an audit letter to arrive. The OCR audit program has very tight document turnaround times, making it impossible to implement a compliance program in response to an audit notification letter. Even if an entity already has a general security policy that also fulfills a compliance requirement under HIPAA, such as requiring a password for log-on or using a firewall, the entity needs to document its compliance in its HIPAA security risk assessment and its Policies and Procedures; coincidental com-pliance is not sufficient.
• Workforce Training – Good HIPAA compliance requires workforce training. Entities should train workforce members on practical issues that arise in HIPAA compliance rather than focusing on techni-calities of HIPAA. In addition to formal training when workforce members join the organization and annual updates, entities should use and document more informal types of training and education.
• Review the Phase I Audit Findings – OCR has been clear that its Phase II audits will focus on weakness-es uncovered in the Phase I audits. For entities that have not already done so, now is the time to review the Phase I findings, compare them to the entity’s own compliance program and address any gaps. ❏
(Preparing for Phase II HIPAA Audits - continued from page 23)
Ms. Bourque is a Member and Ms. Stewart is an Associate in the Boston office of Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.
About the Authors
As used in this document, “Deloitte” means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.
Copyright © 2015 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limited
The fundamental changes in the Health Care sector will require capital investments, not just to grow, but to survive. The right capital investment in infrastructure and new ventures can help to secure your business for the future. Deloitte has the experience and know-how to help.
Build today and prepare for a stronger tomorrow. Transform your business into tomorrow’s system of care.
www.deloitte.com/us/providers
Building the future
MM ISSUE_3r2.cs5.5 .indd 26 4/6/15 2:17 PM
Issue 3 27
COMPLIANCE
Help the MassMedia Editors Find a Better Name for the HFMA Publication and Win a Complimentary Registration to a 2015 Educational Program Calling all HFMA members – ever wondered how HFMA-Mass. and R.I.’s newsletter MassMedia received its name and what it brings to mind when HFMA members hear the name? So did we, so we asked HFMA members how the name came about and whether we could devise a better name. Members’ memories were vague on the origin of the name; the dictionary tells us the term refers to communica-tions technologies designed to reach a large audience including radio, television, newspapers, billboards, film, and more. We think we can find a better name and proposed to the Board that we engage our members in determining a new name for the bi-monthly publication.
Help us devise a new name by submitting your suggestions to us no later than March 15, 2014. You may submit as many entries as you want. The co-editors will select no less than three semi-finalists and present recommendations to the Board. The Board’s decision will be final.
Please submit entries via email with your complete contact information to co-editors Linda Burns and Garrett Gillespie at:
[email protected] and [email protected].
We appreciate your suggestions.
Linda A. Burns and Garrett Gillespie, Co-Editors, HFMA MassMedia, and Board members
The person with the winning entry will receive a complimentary registration to one of HFMA’s educational programs presented in 2015.
by: Linda A. Burns
MM ISSUE_3r2.cs5.5 .indd 27 4/6/15 2:17 PM
Date Event Location Coordinator(s) 04-16-2015 What is healthcareInnovation Basketball Hall of Fame Karen Kinsellas Springfield, MA
05-14-2015 Annual Social and Awards Night Downtown Harvard Club Kathleen Maher & Boston, MA Beth O'Toole
05-19-2015 - Region 1 Conference Mohegan Sun Region 1 Conference05-21-2015 Uncasville, CT Committee
06-05-2015 Managed Care Program Four Points Sheraton Jan Costa & Norwood, MA James Donohue, MBA
HFMA Massachusetts- Rhode Island Chapter 465 Waverley Oaks Road, Suite 421 Waltham, MA 02452
MASS COMMUNICATIONS, INC. VARIOUS INDICIA’S / PERMIT IMPRINTS
USE THIS INDICIA FOR INTERNATIONAL MAIL
USE THIS INDICIA FOR STRAIGHT FIRST CLASS MAIL – FULL RATE
USE THIS INDICIA FOR PRESORT FIRST CLASS MAIL
USE THIS INDICIA FOR PRESORT STANDARD BULK
USE THIS INDICIA FOR NON-PROFIT
USE THIS INDICIA FOR PRESORT BOUND PRINTED MATTER
OR THIS INDICIA CAN BE USED FOR PRESORT BOUND PRINTED MATTER INSTEAD…EITHER ONE IS ACCEPTABLE BY THE USPS.
FIRST-CLASS MAIL INTERNATIONAL U.S. POSTAGE
PAIDLEOMINSTER, MA
PERMIT NO. 17
FIRST-CLASS MAIL U.S. POSTAGE
PAIDLEOMINSTER, MA
PERMIT NO. 17
PRESORTEDFIRST-CLASS MAIL
U.S. POSTAGE PAID
LEOMINSTER, MA PERMIT NO. 17
PRSRT STD U.S. POSTAGE
PAIDLEOMINSTER, MA
PERMIT NO. 17
NON-PROFIT ORG. U.S. POSTAGE
PAIDLEOMINSTER, MA
PERMIT NO. 17
PRESORTEDBOUND PRINTED MATTER
U.S. POSTAGE PAID
LEOMINSTER, MA PERMIT NO. 17
PRSRT BPMU.S. POSTAGE
PAIDLEOMINSTER, MA
PERMIT NO. 17
Date Event Location Coordinator(s)Coordinator(s)
04-16-2015 What is healthcareInnovation Basketball Hall of Fame Karen KinsellasSpringfield, MA
05-14-2015 Annual Social and Awards Night Downtown Harvard Club Kathleen Maher &Boston, MA Beth O'Toole
05-19-2015 - Region 1 Conference Mohegan Sun Region 1 Conference05-21-2015 Uncasville, CT Committee
06-05-2015 Managed Care Program Four Points Sheraton Jan Costa &Norwood, MA James Donohue, MBA
E d u c a t i o n / P r og r a m A d m i n i s t r a t i o n C o m m i t t e e , C h a i r : T i m o t hy H og a n , J D, F H F M A , C H C , A t r i u s H e a l t h
NOTE: Please keep in mind that the themes listed for the programs are general. The programs themselves address current issues pertaining to these themes.
P r o g r a m & S p e c i a l E v e n t S c h e d u l e
2014
- 20
15
MM ISSUE_3r2.cs5.5 .indd 28 4/6/15 2:17 PM