Marti Arvin, Executive Advisor at CynergisTek, and industry-recognized compliance thought leader joins us for this week’s episode #19, “Compliance Does Not Stop for Covid-19”. In this episode, Marti breaks down the seven elements of an effective compliance program and applies them to the current Public Health Emergency/Coronavirus pandemic. “Covid-19 has created a crisis for every Healthcare organization. How they handle [it] is going to vary, but compliance does not stop for Covid-19” says Marti. Listen to this episode for a high-level, yet informative overview of compliance considerations your organization needs to continue during these trying times.
- Listen to Marti Arvin’s previous podcast episodes CMS Waivers For Hospitals Under COVID-19: An overview of compliance considerations – Part I, Part II, and Part III
- Download our 30/60/90 day checklist, “Planning for Incident Response During the COVID-19 Crisis: Tales on Tackling the Security Debit.”
- For a full repository of COVID-19 crisis resources, visit our CTEK COVID-19 Communications page for news, articles, podcasts, and more.
- Contact us with any questions regarding the regulatory changes during the COVID-19 crisis.
Hello, and welcome to CTEK voices the Risk perspective, I’m your host, Lauren Frickle.
Marti Arvin joins us for today’s episode titled: “Compliance does not stop for COVID-19”.
Marti is an Executive Advisor at CynergisTek. She has extensive experience in building and managing compliance programs and is a nationally recognized contributor to thought leadership around healthcare compliance.
In this episode, Marti will discuss compliance considerations that need to be kept up during this Public Health Emergency.
Hello Marti, welcome back to the show!
Hello, Lauren and hello to all of our listeners. Thank you for joining us for the podcast.
As many of you know, day-to-day challenges that you’re facing are quite extensive and the temptation might be to set aside your compliance program and not focus as heavily on it.
In particular, there might be a temptation for leadership to furlough the compliance staff and not have them engaged in day-to-day compliance activities. As you think about this compliance programs are always around risk and your risks have changed in the last several months. So, you might need to tweak it and adjust it according to that risk analysis and the changing risk, but you should not stop it.
So, let’s go through the seven elements of an effective compliance program and talk a bit about things you might consider under each of those elements.
So, first policies procedures and standards.
Obviously, you’re probably not making substantial policy changes in today’s environment that are going to be permanent, but there may need to be some temporary changes that you consider when you think through what your current policies and procedures say and how you’ve had to adjust your work and how people have had to adjust things like documentation and coding and billing as they work remotely or just as those changes have occurred through some of the CMS waivers.
So, think about putting things out there that might be addressing your workforce and helping them understand what these temporary changes are, and making sure they understand (through your policies and procedures) they are temporary.
When you think about the next element of an effective compliance program your oversight activity. There may be a strong temptation to stop the compliance committee meetings and not engage in some of that activity.
When you think about what you’re going to do around your compliance committee meetings think very strongly about continuing those in some form or fashion.
You may not continue them in exactly the way that you were doing it prior to the Public Health Emergency, but those should still be an ongoing oversight function.
Your senior leadership needs to be aware of what your compliance risks are, what your functionality is, what things you’re investigating, and all the standard metrics that you would routinely report to them and were reporting to them prior to the Public Health Emergency. And again, I reiterate, and I can’t say this strongly enough make sure your senior leadership understands the important role that compliance is going to continue to play throughout the pandemic.
The Temptation in today’s environment is to cut cost and to save money, and that’s fine, but one of the areas they shouldn’t do that is compliance.
In today’s environment, the risk that you have are going to increase the likelihood of non-compliance.
We’re asking staff to do more with less. More with less resources, more with less time.
There are studies that demonstrate when you ask staff to do that, your non-compliance tends to increase. That’s often not intentional but staff are going to try to cut corners to be able to get all of the tasks accomplished and when they do that, they may be cutting out steps that are critical for compliance.
Your organizations are all focused on the bottom line. They have most likely lost revenue because of the public health emergency. So, what you don’t want to have happen is services that you’re providing today being billed for that you’re going to have to repay at some point in the future because someone cut a corner and did something that made that service non-billable.
So, think about that and ensure people understand (particularly your leadership) that compliance really is more important than ever, and that oversight function needs to stay in place (both for your Chief compliance officer and for your leadership).
Now when you think about training and education the temptation, here again, maybe to cut that out during the public health emergency.
I can’t disagree with you if you consider stopping maybe an annual training program that was supposed to occur in the past couple months, but when you think about training and education consider making sure that staff are aware of critical issues that are going to be specific to the public health emergency.
For example, there have been a multitude of CMS waivers for billing and coding and documentation and the provision of services. Make sure staff are aware of what those waivers are if they’re applicable to that specific group.
For example, telemedicine is an area that there have been a substantial amount of changes. So, educating people on what those changes are and again re-emphasize to them that at the moment all of those changes are temporary, and they will go away once the public health emergency has been lifted.
So, people need to be trained on not only what the waivers are but also trained on the fact that there will be a transition back to the pre-COVID-19 environment at some point. How quickly CMS might modify existing regulations, once the public health emergency is over is yet to be seen, and many people anticipate that particularly around Telehealth.
But again, we don’t know what that will be and there will be some span of time where we will go back to the pre-Public Health Emergency rules and regulations until the regulators actually have time to change the existing regulations. And again, thinking through things like documentation requirements.
Some of the documentation requirements are still going to exist and just reminding people that they’re there again going back to ensuring that the services being provided can be billed for, but under the CMS waivers there are some new documentation criteria and think about what may mean to your service providers.
For example, there are some physician supervision criteria that used to require that the supervision be in person. One of the CMS waivers has said that that supervision can now be through some sort of audio-video technology. So again, make sure that that supervision is being documented.
When you transition into another element of an effective compliance program the auditing and monitoring activity – that ties into some of the topics I’ve already discussed telemedicine again, very, very big area that has changed so substantially under the Covid-19 pandemic.
Well, when you consider this, make sure and consider auditing or at least monitoring the people providing the services have the appropriate scope of practice and are engaging in services that are really something that’s appropriate for their particular specialty.
Some of the CMS waivers have tied to this. So, for example physical therapist can now use Physical Therapy Assistants to perform certain services that they couldn’t do pre-COVID-19 crisis.
So that scope of practice might be slightly different, but you always have to consider the rules and regulations that CMS issued are also tied to your state law issues. So, you may need to ensure that while CMS has created a waiver your state law has also been waived.
Every state now has modified their licensure provisions but thinking through telemedicine and the practice of medicine in a particular State most of those waivers are temporary. So, your clinician might be able to get a temporary license in another state to perform actual services if they go to the location and provide them or to perform telemedicine services for patients who are at that other state location.
Once the public health emergency is lifted or even a specific time frame is lifted, they’ll no longer be licensed to practice in that state and people need to be aware of that and stay on top of that. For example, the state of Alabama has issued the waiver of the licensure criteria for up to 60 days. Again, people need to be aware of winds that 60-day ending, and has it been extended because if not, they could be providing services that are not actually billable because they’re not licensed to practice in the state since the waiver has been lifted.
And again, the supervision criteria making sure that the appropriate supervision criteria has been met and monitoring and or auditing whether that’s being properly documented in the record.
I’ve mentioned the CMS waivers and there is a podcast that we’ve done at CynergisTek specific to the CMS waivers for hospitals. That doesn’t even cover all the waivers that CMS has issued, but think about what are the key areas that might create the most risk for your organization and go in and try to audit or monitor what your organization is doing around those waivers to ensure their compliant with the new criteria and they transition back to the old criteria, once the public health emergency is lifted.
So, your audit could be what you’re doing today that ties back to the waiver criteria or planning an audit for when that waiver criteria is lifted to make sure your organization has transitioned back.
You might consider auditing vendor management. Vendor management has been a key area pre-COVID-19 and it again becomes a significant area during the Covid-19 crisis when you might be modifying your vendor Management program and not going into as much detail or exercising as much due diligence.
So you might think about what you’re going to audit around actually what you’re doing today or consider planning an audit once a public health emergency is lifted to make sure people go back and double-check some of the key things that they might have skipped while the pandemic was occurring.
If you’re thinking about things like an EHR installation (electronic health record installation). I know at least one organization whose has told me they’re starting to come back out of the pandemic crisis and get things back closer to “normal”, but now they’re getting ready to install a new Electronic Health Record.
Well again, you may want to audit some of the functionality there. If people have been focused on COVID for the past couple of months. Things that have been critical to setting up the electronic health record in a compliant way, might have slipped through the cracks. So, thinking through what you might want to audit or monitor around that.
We all know that background checks are a part of the critical elements of an effective compliance program. We don’t want to put people into positions of authority if they’ve got a shady background.
While some of those components might be paused during the COVID crisis. We’ve even seen a CMS waiver around some of the checks they’re going to do for actually credentialing people during the pandemic. So you may consider modifying your background check process to waive some of the criteria during the pandemic, but I would encourage you to continue your exclusion check process because if you hire someone who’s excluded from a federal health care program, and there’s no waiver associated with that, then you might be billing for services that are going to have to be refunded at some point in the future.
And again, we should be focusing on doing everything we can to make sure all the services that are being provided during the pandemic are billable and payable services and you’re not going to be at risk for having to refund those services at some point in the future.
That’s why making sure you continue exclusion checks is so critical because if you have someone excluded not only must you repay the services they personally performed, but you must also repay any services they order. And usually, if you self report that to the office of Inspector General they will do a 1.5 multiplier for whatever those damage costs are. So again, you want to try to avoid that.
Now, the other area of an effective compliance program are ensuring that we investigate reports of non-compliance, and that is something that needs to continue.
You need to continue to monitor your hotline calls.
You need to continue to monitor and investigate the reports that come into the compliance office and make sure there’s some functionality.
Now it may take you a bit longer in the current crisis to complete an investigation. So, if you have metrics around that make sure you’re tracking why that time is extended so that you can explain to leadership and potentially to outside investigators why it might have taken you longer. Many organizations have policies that say things will be investigated within a defined time period. With the added workload that compliance staff has experienced during the COVID crisis that may again require more extended time and just make sure you document why that is.
I don’t think Regulators are going to take as an excuse that you cut your staff and that’s why it takes longer. That’s why again my first point or earlier point in making sure leadership understands why compliance is an essential function for your healthcare organization is going to be very important.
And then, of course, continuing response and prevention is continuing the function that you’re putting in place corrective action when you do find and substantiate non-compliance.
Now again, this may be done in an abbreviated version that’s not really ideal. But don’t ignore this step. You want to demonstrate that even throughout the public health emergency. You have an effective compliance program. And again, you may need to do some follow-up and expand on whatever that corrective action was once the public health emergency is over. So you need to keep a list of all these activities whether it’s training and education auditing and monitoring investigations or response and prevention where you might have done something in an abbreviated fashion so that you can go back once the public health emergency is lifted and run it through your standard process so you can make sure that you’ve done everything you really should be doing for an effective program.
COVID-19 has created a crisis for every Healthcare organization. How they handle that is going to vary but compliance does not stop for COVID-19.
I hope you’ve enjoyed this podcast and thank you for listening.
Thank you so much, Marti.
I will note episodes 15, 16, and 17 of this podcast series do dive into greater detail on CMS waivers for hospitals under COVID-19.
To listen to these episodes and for even more compliance-related resources, please visit www.cynergistek.com/podcasts.
Thanks for listening!