Marti Arvin

About Marti Arvin

Marti Arvin brings more than three decades of operational and executive leadership experience in the fields of compliance, research and regulatory oversight in academic medical and traditional hospital care settings to her position at CynergisTek. She was most recently the Vice President and Chief Ethics and Compliance Officer for Regional Care Hospital System and before that Vice President and Chief Compliance Officer at UCLA Health System and the David Geffen School of Medicine.

Using the OIG/HCCA Compliance Effectiveness Resource Guide

Compliance officers everywhere want to believe the compliance program they oversee is effective. Some believe it is effective, some hope it will be found effective and some know the program is not effective because of significant gaps in one or more of the seven elements of an effective compliance program. If you are a believer, ask yourself, “What methods have I established to demonstrate effectiveness?” If you are filled with hope – well hope is not a strategy. If you know your program has gaps, what are you doing to address those gaps? An additional resource now exists to help evaluate effectiveness. The OIG/HCCA Measuring Compliance Program Effectiveness: A Resource Guide released March 27, 2017, provides recommendations on what to measure and how to measure it under each of the seven elements.

May 5th, 2017|

Demonstrating an Effective Compliance Program

Most healthcare organizations today have a compliance program, but how many can say the program is effective and more importantly feel confident they could demonstrate effectiveness? It is not uncommon to hear, “I cannot define effectiveness but I know it when I see it.” Why is this important? All compliance professionals know having a paper compliance program (compliance plan that sits on the shelf along with well drafted but not implemented policies and procedures) is not effective. But as one assesses what an organization is doing as it relates to the seven elements of an effective compliance program based on the Federal Sentencing Guidelines and all the various OIG compliance program guidance documents, the process gets more convoluted. How much is enough, and do you just want to do “the bare minimum”?

March 24th, 2017|

Privacy Issues Unique to Research and Research Institutions

Covered entities deal with many complex privacy and information security issues, but institutions that conduct research have an additional level of complexity. Key to understanding the implications of privacy obligations in research is understanding the multiple regulations that could apply to human subject research.

February 27th, 2017|

Designating Hybrid Entity Status Under HIPAA in a University Setting

My colleague David Holtzman recently wrote a blog post on the OCR resolution agreement with the University of Massachusetts at Amherst (UMass). UMass designated itself as a hybrid entity but did not appropriately identify and designate all applicable functions that engaged in health care activities as inside the health care components (HCC) of its hybrid entity structure under HIPAA. Why might this not be as easy as it sounds?

December 6th, 2016|

Pay Now or Pay Later: The Cost of Privacy and Security

For many things in health care, if you don’t spend the energy and resources to reduce risks now you will likely pay for it later. However, if you wait until later it will cost more to take care of the problem than it would have to prevent it. We all know if we eat healthy, exercise and get our routine medical and dental examinations the risk of serious health conditions is reduced. Catching a disease early could mean the difference

September 16th, 2016|