Part one of a two part series on HIPAA and email.

Email has been widely used by both business and the general public for much of the last twenty years, and reliance on it has found its way into the daily lives of millions.  Recently, email has become even more accessible with the introduction of the smartphone.  However, leave it to healthcare to throw a curve ball to this cozy relationship.  The fact is, HIPAA and email have long been at odds.

HIPAA Privacy and Security rules are concerned with email, and the web in general

Across the board, healthcare providers are increasingly

• using, or
• are considering using, or
• are being asked to use,

email to communicate with patients about their medical conditions.  If you find yourself described here, then  it bears repeating that the Internet, and things like email sent over the Internet, is not secure.  Although it is unlikely, there is a possibility that information included in an email can be intercepted and read by other parties besides the person to whom it is addressed.  And it’s that “possibility” that becomes the area of focus.

HIPAA and email can coexist … it’s a matter of understanding the rules

So what do the Privacy and Security rules allow – or prohibit – when it comes to HIPAA and email?

Under many of the HIPPA regulations, the standards call for reasonable safeguards, reasonable approaches, reasonable policies, etc.  But what is considered reasonable?  The Office of Civil Rights (OCR) of the Department of Health and Human Services includes several statements on its HIPPA FAQs page.  Notably …

“The Privacy Rule allows covered health care providers to communicate electronically, such as through e-mail, with their patients, provided they apply reasonable safeguards when doing so. See 45 C.F.R. § 164.530(c). For example, certain precautions may need to be taken when using e-mail to avoid unintentional disclosures, such as checking the e-mail address for accuracy before sending, or sending an e-mail alert to the patient for address confirmation prior to sending the message.”

What if a patient initiates communications with a provider using email?  The OCR says:

“Patients may initiate communications with a provider using e-mail. If this situation occurs, the health care provider can assume (unless the patient has explicitly stated otherwise) that e-mail communications are acceptable to the individual. If the provider feels the patient may not be aware of the possible risks of using unencrypted e-mail, or has concerns about potential liability, the provider can alert the patient of those risks, and let the patient decide whether to continue e-mail communications.”

Must providers acquiesce to use of email for communications with patients?

Note that an individual has the right under the Privacy Rule to request and have a covered health care provider communicate with him or her by alternative means or at alternative locations, if reasonable. See 45 C.F.R. § 164.522(b). For example, a health care provider should accommodate an individual’s request to receive appointment reminders via e-mail, rather than on a postcard, if e-mail is a reasonable, alternative means for that provider to communicate with the patient. By the same token, however, if the use of unencrypted e-mail is unacceptable to a patient who requests confidential communications, other means of communicating with the patient, such as by more secure electronic methods, or by mail or telephone, should be offered and accommodated.

The OCR also interprets the HIPAA Security Rule to apply to email communications.

“The Security Rule does not expressly prohibit the use of email for sending e-PHI. However, the standards for access control (45 CFR § 164.312(a)), integrity (45 CFR § 164.312(c)(1)), and transmission security (45 CFR § 164.312(e)(1)) require covered entities to implement policies and procedures to restrict access to, protect the integrity of, and guard against unauthorized access to e-PHI.

 The standard for transmission security (§ 164.312(e)) also includes addressable specifications for integrity controls and encryption. This means that the covered entity must assess its use of open networks, identify the available and appropriate means to protect e-PHI as it is transmitted, select a solution, and document the decision. The Security Rule allows for e-PHI to be sent over an electronic open network as long as it is adequately protected.”

To summarize the rules that apply to HIPAA and email …

• Email communications are permitted, but you must take precautions;
• It is a good idea to warn patients about the risks of using email that includes patient health information (PHI);
• Providers should be prepared to use email for certain communications, if requested by the patient, but must ensure they are not exposing information the patient does not want shared; and
• Providers must take steps to protect the integrity of information and protect information shared over open networks.

HIPAA and email continued …

So how should healthcare providers ensure they’re using HIPPA compliant email?  I’ll cover that in Part II of this series.  Stay tuned.

Learn more about HIPAA and Email: there are rules at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

The HITECH Act has brought a huge rush of EHR vendors into the market.  And separating the good from the bad is ultimately found in the details where there’s an intersection of ease of use and advanced functionality.  One such example is with the Meaningful Use Certification Test Criteria procedure §170.302.i regarding the generation of patient lists based on the problem list, medication list, demographics and laboratory test results.  The purpose behind this section of the meaningful use criteria is to be able to follow up on patients having certain diagnoses, risk factors, etc.  While most EHR systems have the ability to generate these lists, very few of them provide a good system for contacting the patients and, most importantly, tracking patient compliance.  It’s just one of those marketable features that are unfortunately too often missed in the EHR software design process.

During the time that I was running Westland Medical Systems, subsequently PracticeOne, I had the opportunity to work with some large OB/GYN and other primary care practices where patient recall and follow-up was a major task of the EHR system.  The importance of having a comprehensive system that can automate this area cannot be overemphasized. 

 §170.302.i directly addresses an EHR system’s ability to manage patient recalls

Consider the example of receiving a laboratory result for a pap smear where the results are abnormal.  There are three categories that describe the abnormality: ASCUS (usually the result of an infection), LGSIL (sometimes called CIN I) and HGSIL (which can be either CIN II or CIN III).  The most important point is that whether the pap result is normal or one of the abnormal results, the follow-up protocol with the patient will be different.  The best EHR Systems will automatically suggest the proper follow-up protocol based on the result.  Other EHR’s will allow you to manually create a tickler or reminder.  Keep in mind that here is where a good EHR follow-up system goes much further than the functionality outlined in§170.302.i in that follow-up ticklers need to be created in real-time, not just generated from data stored in the patient database.

Once a protocol is selected, or a tickler is created, how does the medical practice follow-up to make sure the patient comes back in for the necessary treatment?  Take our pap smear example.  If the result was an ASCUS (result indicates an infection) then the patient would most likely need to come back into the practice right away and be prescribed an antibiotic.  The best EHR systems will route a message to the appointment desk and/or  perhaps create a script for the prescription for the physician to sign.  If the result is a CIN I then a tickler for the patient to return to the practice in three or six months for another pap smear might be appropriate.  In this case the better EHR systems will create a tickler with the proper follow-up date so that the patient will be contacted via either a letter or phone call to schedule the required appointment and follow-up laboratory order.
 

Patient communication via an EHR’s patient access portal can help increase proper follow-up too

Patient Access Portals are also an excellent way of communicating lab results and follow-up recalls to the patients.  The key to making this method of communication effective is to send the patient emails or even text messages telling them to log into the Patient Access Portal to view lab results and to remind the patient to make an appointment.  The Patient Access Portal should allow a patient to either request an appointment or even make one on-line.  Remember, the “old web” was one-way communication.  But today’s, and tomorrow’s web, commonly referred to as “Web 2.0″, is dynamic and interactive.  Patients will more and more expect this method of communication.

Tracking patient compliance via an effective EHR patient recall and follow-up system

How the EHR system tracks the compliance or non-compliance of the patient recall is a final measure of the EHR system’s success on this topic.  What happens if the patient does not return to the medical practice for follow-up care?  A good EHR system will automatically track compliance and funnel the non-compliant recalls into a follow-up tickler list for further action.  There is a wide range of methods marking compliance, based on which EHR system you have implemented.  However, the best EHR systems will have a more automated way of noting the compliance.  For example, in the case of our pap smear recall, the recall should be marked as completed when the follow-up pap smear is performed and the new results received.

Note that, while many EHR Systems may provide various capabilities for patient follow-up and compliance tracking, many times the system implementations fall short of capabilities offered.  §170.302.i on generating patient lists is just one example of a meaningful use criteria that specifies a software function that can be much more user-friendly and useful with some additional thought and effort on the part of the vendor.  Other capabilities such as problem, medication and allergy lists can also be designed to both meet the minimal meaningful use certification criteria and make life easier for users. 

A third-party consultant with experience in practice management and EHR software applications can help vendors improve their application functionality and help practices take full advantage of the capabilities of the software.  In the long run, this will result in improved return on investment on an EHR purchase.

Learn more about §170.302.i … and how EHR vendors can help improve patient follow-up at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

Does your medical record documentation support the codes you’re using?  And why should you care?  Well, one reason is because the Centers for Medicare and Medicaid (CMS) has just announced new efforts to analyze claims submitted for payment by Medicare, utilizing new “cutting edge methods” to identify fraud and abuse.

CMS is attempting to prevent payment of medical claims that may be fraudulent, vs. chasing providers for refunds of claims already paid.  To accomplish this, CMS will use a risk-scoring methodology to identify providers who may then be the target of anti-fraud agencies such as Recovery Audit Contractors (RACs).

Medical record documentation, risk categories, and claim submission patterns

So how will this work its way down to individual providers?  CMS is already assigning providers to risk categories based on past investigations.  For instance, physicians may be in the lowest risk category, while Home Health and DME providers in the highest.  But it doesn’t matter what category you are in if CMS detects a questionable pattern of claims submission, such as a skewed profile of the use of Evaluation & Management (E&M) CPT codes, or submission of a volume of claims that could not be humanly accomplished in a day or a week.

Fraudulent medical claims most often lead to exclusion and prosecution … not settlements

And the “hammer” will be heavy.  It is interesting to note that each week several providers are prosecuted or sentenced, or excluded from Medicare, for fraudulent claims activities.  Yet the number of corporate integrity agreements (CIA) the HHS Office of Inspector General enters into each month is only a fraction of the number of providers prosecuted or excluded.  This seems to indicate CMS and the Department of Justice can find enough evidence to impose harsher penalties, vs. allowing providers to continue in the Medicare program under formal compliance arrangements.

So how does all this relate to medical record documentation? 

For physicians using E&M codes for many of their services, the one of the keys to defending yourself from post-audit give-backs, let alone getting into a CIA, getting excluded from Medicare or prosecuted, is to make sure your medical records documentation meets the CMS requirements for this documentation.

The standards for this medical record documentation are fairly clear.  Many physicians do an excellent job of documenting their patients’ conditions and their plan for treatment – in their heads.  The challenge is to get it on paper or into your EHR.  That’s the only place it matters when you get audited.

And it doesn’t matter that your documentation is no worse than what you see other physicians doing in their office or hospital notes.  CMS does not grade on the curve…

To learn more about the best practices in E&M documentation and coding take a moment to flip through our presentation on medical documentation and Risk-Based Coding.  CMS is taking preventive steps to cut down on fraud and abuse.  Implement your own prevention program by making sure your medical records documentation is where it needs to be.  What are you waiting for?

Learn more about Medical Record Documentation … will your’s survive a RAC audit? at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

On October 5, 2011, the Office of the Inspector General (OIG) published it’s long anticipated (drum roll please) … OIG 2012 Work Plan.  For those of you who are not familiar with this annual document, it outlines the compliance risk areas that subject both Medicare and Medicaid providers (including skilled nursing providers) to audit and enforcement actions.  As such, it is a valuable read as it can offer skilled nursing providers essential guidance on issues which will affect their operating practices.

Now, I’m guessing that most of you aren’t going to take the time to carefully sift through all 165 pages of this scintillating publication.  (Not exactly light reading.)  But, if you would like an excellent overview of the 2012 OIG work plan, I would strongly recommend that you read Tom Lee’s blog entitled OIG Work Plan Update-What’s new for 2012?.  It’s important to note that the work plan contains several critical provisions that pertain specifically to nursing home providers.

Skilled Nursing and the 2012 OIG Work Plan … what to know and what to do

The OIG has specified eight “projects” that specifically target skilled nursing facilities and three of these projects are new this year:

• Nursing home compliance plans

This one is a biggie.  The OIG intends on reviewing Medicare and Medicaid certified nursing homes to ensure that they have implemented compliance plans as a part of their daily operations.  The intent is to verify that the compliance plan contains the key elements as identified in the OIG’s compliance program guidance.  The Affordable Care Act of 2010 requires that CMS issue regulations by 2012 and that nursing home providers must have a compliance program in place by 2013.  This program must contain eight key elements:

1. Designation of a compliance officer and compliance committee
2. Development of compliance policies and procedures including standards of conduct
3. Developing open lines of communication
4. Appropriate training and teaching
5. Internal monitoring and auditing
6. Response to detected deficiencies
7. Enforcement of disciplinary standards
8. Periodic risk assessment of the compliance program systems and structures

• What should you do to address the 2012 OIG work plan? It should go without saying (but I’m going to say anyway), that if you don’t have a formal, written compliance plan in place, put one together right now!  First, make sure it addresses all eight key elements.  Second, make sure it’s a part of your daily operations by involving operations people in the system.  Lastly, the plan must be dynamic and active so do an annual assessment of your compliance program and make sure you make the necessary changes in the program as a result of your assessment.

• Questionable billing patterns during non-Part A nursing home stays

The OIG will identify, through a series of studies, questionable billing patterns for nursing home and Medicare providers, associated with the billing of Part B services for residents whose stays were not paid for under the Medicare Part A program.  The studies will focus on ambulance, imaging, laboratory and podiatry services.  By the way, Congress has directed the OIG to examine these areas for evidence of possible abuse by providers and thus, its inclusion in the 2012 OIG work plan.

• What should you do to address the 2012 OIG work plan?  Part B services incurred during a non-Part A stay must be billed directly by a supplier or other provider.  Establish a regular audit process to insure that inappropriate billing of Part B services is not occurring.

• Safety and quality for post-acute care for Medicare beneficiaries

The OIG will examine the transfer process from acute care hospital to post acute care settings for Medicare beneficiaries.  OIG will also endeavor to examine the overall transfer process.  There are three post acute care providers specifically identified-skilled nursing facilities, inpatient rehabilitation facilities and long-term care hospitals.  This process will look to identify rates of adverse events and preventable re-admissions to hospitals.

• What should you do to address the 2012 OIG work plan?  OIG has seen average lengths of stay at acute hospitals drop and the acuity level at SNF’s rise.  They will be looking to identify SNF’s that are unable to provide the appropriate level of care to admitted patients.  Make sure that your quality assurance program actively monitors patient care and acuity and adjusts your admission criteria to comply with regulations.

And let’s not forget Hospice and the 2012 OIG Work Plan …

In addition to the three new skilled nursing related projects, there is one project that is classified as new for hospice but also directly involves SNF’s:

• Hospice marketing practices and financial relationships with nursing facilities

The OIG intends on reviewing hospice marketing materials as well as practices and financial relationships with nursing facilities.  In particular, they will look to identify particular instances where hospices and nursing facilities are involved in inappropriate enrollment and compensation under the Medicare program.

• What should you do to address the 2012 OIG work plan?  A recent OIG report found that a staggering 82% of hospice claims for beneficiaries in skilled nursing facilities did not meet Medicare coverage requirements.  Not surprising they’ve included this in the 2012 OIG work plan after that kind of result.  OIG will be looking at hospices that have a “high percentage” of their beneficiaries in nursing facilities.  Make sure that your hospice arrangements and coverages are appropriate.  With the OIG looking at hospices, why risk getting involved in the investigation?

The OIG work plan gives nursing home operators the ability to be proactive

The Office of the Inspector General’s annual work plan has created a series of efforts that have recouped billions of dollars in repayments, interest, and penalties from healthcare providers … skilled nursing operators included.  As a matter of fact, for every dollar spent on this enforcement effort, the feds realize a 1,670% return.  If this tells us anything, it tells us that the federal government will continue this effort, and will do so in serious fashion.  And that’s understandable.  After all, it’s our own tax dollars that are being protected.

That said, we in the long-term care industry have been made privy to the focus of these audits in advance.  This provides us with the opportunity to self audit our operations in each of the areas addressed in the OIG Work Plan.  And honestly … what more can we ask for?

Well, that’s it for my brief review of the 2012 OIG work plan as it relates to skilled nursing.  That wasn’t so bad now was it?

Learn more about Focus on Skilled Nursing and the 2012 OIG Work Plan at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

In part one of my long term care financing post, I discussed types of loans, lenders, borrower qualifications and financing assistance.  While the previous post was labeled with assisted living facility financing, the principles we discussed in that post, plus the discussion today, also apply to skilled nursing facility financing.  So today, we’ll be offering up some considerations before you embark on the financing journey.  When I ended my last post, my good friend Hymie Barber who is the Managing Director for Catalyst/Cambridge Healthcare Finance in Los Angeles, and I were enjoying an excellent lunch at a local Chinese restaurant and discussing financing in long term care.  We discussed some ideas on thoughts we’d like to share with long term care operators/owners out there that are considering financing or refinancing their skilled nursing projects.

Nursing Home Operators … “Understand your project financing needs”

“Man’s got to know his limitations” – a great quote from one of my favorites, Clint Eastwood in his role as Harry Callahan.  Okay, so what does Dirty Harry have to do with your financing needs?  Well, the message here is know yourself and what your financing needs are.

• What do you need the funds for?  Is it for expansion, rehabilitation, construction or simply to replace an existing loan?
• What terms are important to you?  For example, loan term, equity requirements, cash out options?
• How does the financing fit into your skilled nursing facility’s strategic plan/goals?  For instance, you may be looking to refinance an existing loan to free up cash flow to acquire or build another facility.
• One other thing is understand that while you are the expert in long term care operations, you are not the expert in financing.  Be willing to listen to the lender or your consultant.  And, don’t be afraid to ask questions!

Skilled nursing project financing requires a firm grasp on operations and the local market

“Luck happens when opportunity meets preparation” – I heard this one many years ago while listening to a tape (yes, it was that long ago!) by the great Earl Nightingale.  It has always stuck with me since part of this valuable message is that we can make our own luck.

• Have three years of operating and financial data ready to go for the potential lenders.  Include census and payor mix information for those three years.  
• Make sure that you are familiar with your skilled nursing operations revenue and expense details, including revenue rates, staffing patterns, labor costs.
• Understand your primary and secondary market well – know your referral sources and competition.
• If this is a new project, make sure you have either a marketing and/or feasibility study for the project.  And a good feasibility study should include a financial proforma that at least brings the planned operation to breakeven, if not a three to five year horizon.  (Please make sure you are familiar with what it says!)
• Your intimate knowledge of your operations and your market and your ability to clearly and confidently articulate that knowledge will go a long way towards assuring a lender that you are a good borrower.

Skilled nursing facility financing … quality documents, timely submission, and be ready for curveballs

“Don’t confuse effort with results” – in my corporate days, I was notorious for saying this.  Okay, you know your facility and you can talk a good game, but can you really close the deal?

• While it’s important to be able to effectively convey your expertise in the nursing home operations, financing your project is also a lot about the paperwork.  So be ready to commit the resources necessary to get the required paperwork to your lender in a timely fashion.
• It won’t matter that your paperwork is in on time unless the content is quality.  Does the documentation address the needs of the lender?  Is the information contained in the paperwork reflective of your skilled facility?  Are your responses to the lender’s questions clear, concise and well written?
• A skilled nursing project, or any healthcare project’s financing process can be one that is filled with additional informational requests.  Make time and be prepared to quickly respond to these requests.  Remember, the lender can’t do this process alone.  
• Carefully review any documents that you will be submitting to the lender.  The information on these documents must be accurate.  As an example, it does not engender confidence in the eyes of the lender if the operating data, such as payor mix, is in conflict with what you say the payor mix is in your facility.

Financing transactions for healthcare projects will take time.  Even the faster ones can take 90 to 120 days.  So be realistic in your expectations when you start the process.  Proper preparation with special attention paid to the items we have discussed in this blog will go a long way towards making the process as efficient as possible.  Be mindful that lenders want to loan funds to a good candidate (notice I said “good”) so they will work with you to make it happen.

To my good friend Hymie, thanks so much for a wonderful lunch and for sharing your thoughts on the financing process for skilled nursing and assisted living operators.

So now, I hope that you’re a bit more prepared for the financing journey should you choose to go down that path.  And if you do, your fortune cookie will hopefully say, “Your endeavor will be successful”.

Learn more about Skilled Nursing Facility Financing … the devil is in the details at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

The other day, I was having lunch with my good friend, Hymie Barber who is the Managing Director for Catalyst/Cambridge Healthcare Finance in Los Angeles.  We were fortunate enough to eat at an excellent kosher Chinese restaurant (I didn’t realize there were kosher Chinese restaurants!) and eventually, the meal conversation turned to the long term care industry, a topic that’s of interest to the two of us, and specifically about the number of individuals who had approached us recently wishing to explore opportunities to enter into the assisted living market, or by existing providers looking to expand their current operations.

With interest rates at levels that we haven’t seen since the 1940’s and 1950’s, there are plenty of assisted living operators out there who are studying local markets, seeking construction loans to build new projects or add units to their existing facilities, as well as to refinance existing loans.  And with that in mind, over some excellent fish, we ended up comparing notes on what information we both would like to see long term care providers have prior to seeking any assisted living facility financing.

Types of loans available for assisted living facility projects

In general, there are three main types of loans that assisted living providers, or any other healthcare facilities, seek:

• Construction loans:  to build new facilities
• Acquisition loans:  to acquire existing healthcare facilities
• Refinance loans:

-  to replace current debt that is maturing
-  to replace current debt that carries a high interest rate
-  to replace recourse with non-recourse debt
-  to modernize or re-position a facility in an existing market
-  to cash out with some equity

Typical assisted living facility financing lenders

Banks …

• recourse loans (personal guarantees)
• 20-25 year amortization with a five year maturity
• interest rate float with prime or LIBOR
• typically not interested in cash out

Specialty finance companies …

• recourse loans (personal guarantees)
• 20-25 year amortization with a three to five year maturity
• interest rate float with prime or LIBOR (typically higher than bank rates)
• will entertain some portion to cash out

Government insured products (FHA/HUD, FNMA, SBA, USDA) …

• non-recourse for FHA/HUD
• up to 35 year amortization, fully amortizing
• interest rates fixed for entire loan term (at closing)
• no cash out

What makes for a good borrower in the lenders’ eyes?

Contrary to what some operators and owners believe, this is not one of those black box questions with some mysterious answers.  Here are some characteristics that lenders are going to be looking for…

• Industry experience (seems kind of obvious doesn’t it, but don’t forget to highlight your experience – it counts!)
• Accurate data with at least three years operating results (please make sure it’s organized too!)
• Good credit history (if you don’t it’s not the end of the world, but it will definitely limit your options)
• Positive trend analysis (lenders are not particularly anxious to lend to someone whose operating results have been trending downwards for the past few years)

Don’t forget that a presentable facility with a good star rating is a definite plus in the lenders’ minds too.

What help should I consider when seeking financing for an assisted living project?

Well, of course you should seek out a good healthcare consulting firm (hint, hint) which can guide you in the preparation as well as a financial consultant such as Hymie.  Why?  Lenders are constantly entering and exiting the market and each of them have their own sweet spot and their own appetite for certain situations.  It helps to know what product(s) may best fit the owners’/operators’ short, medium and long range goals.  Plus, it is important, as I mentioned before, that the borrower be organized and prepared for the financing process.  Good help can avoid wasted time, facilitate the financing process and better ensure financing success.

By now, Hymie and I haven’t even finished our fish and our veggies quite yet but that’s all the room I’ve got for this blog.  In my next installment, we’ll finish our delicious meal (including my fortune cookie) and talk about some essential information that borrowers need to know before they start down the path of financing.

Learn more about Assisted Living Facility Financing … getting started at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

The Office of the Inspector General (OIG) released its 2012 Work Plan the other day, as they do every year at about this time.  This is the annual publication that contains descriptions of new and ongoing reviews and activities that OIG plans to pursue with respect to HHS programs and operations during the next 12 months and beyond.

Download the OIG Work Plan

Traditionally, in the opening pages of the OIG Work Plan there’s a list of recent accomplishments based on their investigations.  In this edition they cite, among other things, the following:

• $3.8 billion in court ordered civil settlements that resulted from cases developed by OIG investigators;
• $1.1 billion in audit receivables that were agreed to be pursued by HHS program managers as a result of OIG audit disallowance recommendations;  
• a ratio of $16.7 to $1 expected return on investment measuring the efficiency of OIG’s health care oversight efforts.

With those kinds of results, and especially with an almost seventeen-fold annual return on investment (who wouldn’t like that?), it suffices to say that the the OIG’s auditing efforts will continue to get considerable support from the Federal Government.  It also means that anyone whose business is connected to the healthcare industry would do well to familiarize themselves with those areas that the OIG says they will be focusing on.

Use the OIG Work Plan as a resource for your healthcare compliance program

Thankfully, unlike some government documents, the OIG Work Plan, though long (165 pages this year) is fairly easy to follow.  It’s broken up into seven major categories, and from there it’s organized into smaller categories or industry sectors, and finally it provides a brief description of each review item that covers what’s being reviewed and a reference to the regulations that govern the reviewed item.  There are a total of 349 current and planned reviews listed in this year’s document, 99 of which are new items to be focused on.

The OIG Work Plan isn’t intended to be intimidating.  Rather, it’s both an excellent resource for a proactive healthcare compliance plan, and an important part of decreasing waste and fraud in our federally funded healthcare programs.  Consequently, I strongly recommended that you download a copy of the OIG Work Plan each and every year so that you’re able to keep informed on areas of review that may involve your own heatlhcare business.  I also recommend that each of those areas of OIG review that do affect your business be incorporated into your own compliance plan for internal review and auditing. 

A few samples from the OIG Work Plan for 2012

The following are my comments on just a few excerpts from the OIG Work Plan for 2012.  They’re intended to provide a sample of what’s included in this valuable publication from the Office of the Inspector General.

Physicians:  Impact of Opting Out of Medicare (New)

This review is actually looking at two separate, but related issues.  The first issue is focused on determining whether physicians who have opted out of Medicare are still submitting claims to Medicare.   The second issue is actually studying whether specific areas of the country have seen higher numbers of physicians opting out of Medicare, and what the potential impact is on beneficiaries.

Evaluation and Management Services:  Trends in Coding of Claims

This current review will continue to focus on Evaluation and Management (E&M) claims from the period of 2000 through 2009, and will further attempt to identify providers that exhibited questionable billing for E&M services in 2009.  The OIG points out that E&M related Medicare payments in 2009 totaled over $32 billion, and represented 19% of all Medicare Part B Payments.  This review item, which is largely focused on E&M coding and documentation practices, is clearly a case of spending auditing resources on those areas where there’s the most activity, a practice that makes perfect sense for any kind of hunting.

In-Patient Rehabilitation Facilities (New)

This is a new review in which In-Patient Rehabilitation Facilities (IRF) are to be examined to determine the appropriateness of their admissions.  The focus will be on the level of therapy being provided, and how much concurrent and group therapy is being provided in these settings.  An IRF can be a free standing rehabilitation hospital, or a rehabilitation unit in an acute care hospital.  Patients admitted to IRF’s must be able to tolerate three hours of intense rehabilitation services per day.

 More on the 2012 OIG Work Plan to come …

In future posts we’ll delve into some additional areas of particular interest in the coming year’s plan.  We’ll help explain some of the areas being audited, and provide you with suggestions about how you can use this information to make sure that your own organization remains proactive and compliant.  So bookmark us, and check back often … or better yet, subscribe to our feed!

Learn more about OIG Work Plan Update – “What’s new for 2012?” at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

Organizations that were once “just” business associates of Covered Entities are realizing that they’re subject to HIPAA regulations to the same extent as the Covered Entities they contract with.  And with that realization, many are asking about the necessity of completing a Business Associate HIPAA Risk Assessment.  But what should such an assessment include?  And what are the requirements for protecting the privacy of the Protected Health Information (PHI) they have in their possession?

 Some companies are asking about being designated as HIPAA-compliant or having a HIPAA “seal of approval”.  Is that possible?

 No one, including the government, can give you a “seal of approval” since so much of what an organization has to do to remain in compliance involves individual employees following your policies and procedures.  It’s a continual, dynamic process.

Business associate HIPAA concerns

It used to be enough to be sure to have an executed “Business Associate Agreement“.  So why should an organization pursue a HIPAA Risk Assessment? 

As more and more breaches of privacy of PHI are reported, members of the public are becoming more and more sensitive to the idea that their information may be at risk of disclosure.  Business associates and covered entities alike must contact patients when PHI is unlawfully disclosed, and of course all covered entities must already tell their patients who to contact if they have a complaint about privacy – the Office of Civil Rights (OCR) of the Health and Human Services Department.

When it comes to complying with HIPAA, business associates need to be proactive

So how should you prepare?  What if a client asks you about your HIPAA compliance activities?  Or imagine being contacted by a representative from the Office of Civil Rights launching an investigation because of a complaint from someone who is claiming their privacy was breached? 

There are at least four things that would be important to have on hand:

1)      Your HIPAA Privacy and Security Risk Assessment,

2)      Your Privacy and Security policies and procedures (updated for changes as necessary),

3)      Your evidence of training your employees in those policies and procedures, and

4)      Your evidence that you do some auditing to see if your policies and procedures are being followed.

If you ever have a breach, due to a failure of some technical methods to protect Electronic Personal Health Information (ePHI), or because of an employee who fails to follow the rules (or defeats your security measures), you want to be in the position of engaging in good-faith efforts to comply with the regulations.  The organizations that get slapped with penalties, etc., usually have some deficiency in the items I listed above.  Being proactive will make everything more manageable.

 Integrating HIPAA into daily practice is the new norm for business associates

The good news is, the regulations are worded rather generally, and organizations must decide how they reasonably apply in their own circumstances.  The bad news is, the regulators who investigate complaints and breaches also apply their own logic or rationale to your situation, and second-guess the reasonableness of your security and privacy practices.  You can get some idea of their thinking on various issues by looking at the FAQ’s on the OCR website, but ultimately they always refer back to the actual text of the regulations – and how a reasonable person may choose to comply with them.

So remember, HIPAA compliance is a long-term proposition.  You have to stay abreast of changes in regulations, keep your workforce trained, and set a tone of compliance as a business necessity, not just a regulatory requirement.

Learn more about A Business Associate HIPAA Risk Assessment … “Why is it necessary?” at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

The Accountable Care Organization, or “ACO”, is among healthcare’s latest trends.  And what about the “Medical Home“?  Is that the same as an ACO,  or different?  Some organizations, after their initial support and promotion, appeared to back away from the “Medical Home”, quoting studies which don’t find the expected benefits.  Others cite studies in support of this concept, and then again,  some point out that it’s not that black and white.  In fact, the effectiveness might be related to the style and method of implementation of this and similar concepts.

Let’s take a brief look at these concepts, and why some of us believe the ACO is a “keeper”, until further notice, that is.

An ACO, like the Medical Home, has a Triple Aim

Generally the view is that both the ACO and Medical Home models aim to achieve …

• better care for individuals
• better health for populations, and
• lower costs per capita

Kevin Fickenscher, M.D., the former Chief Strategy and Development Officer for Dell’s healthcare division, describes well, in one of his blogs, the similarity and difference between the ACO and the (related) Medical Home concept:

“Accountable care organizations are vertically integrated organizations of care, which are at minimum composed of primary care physicians, a hospital, and specialists . . . Medical Homes are similar . . . in that they consolidate multiple levels of care for patients.  However, medical homes take the approach of having the primary physician lead the care delivery “team.”   Simplistically, an ACO consists of many coordinated practices while a medical home is a single practice”.

To be sure, nothing is perfect, but a concept which is attempting to combine quality of clinical outcome, financial performance, and medical services integration, all in a “fee-for-service” environment deserves to be “tried”.  And it is.  A number of high profile providers have entered this model market.  Some have left.  I am reminded of the “poli-clinic” concept in Europe’s past; an integrated medical system focused on patient outcomes and a “one-stop-shop” medical service organization.  Now we add financial incentives, or penalties, depending on the ACO model used, and for some, we predict, it should work well.

The ACO requires the same business fundamentals as other healthcare organizations

In some ways, not much has changed.  Be it a Medical Home or a large Accountable Care Organization, effective and efficient operations, just like in any healthcare organization, is essential for sustainable financial and clinical performance.

Remember, critical benchmarks still apply as they do for any other healthcare setting.

Kaiser Health News refers to “ACO” as the hottest three-letter word in healthcare.   Take a read and let me know what you think.

Learn more about The Healthcare ACO … “What it is and why I should care” at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.

No doubt about it: The home healthcare industry is booming right along with the baby boomers.

The economic downturn, healthcare reform legislation, the changing preferences of seniors in America (or perhaps, the greater availability of long-term care services in settings other than nursing homes),  all have contributed to tremendous growth in this sector. (You can read about Home Care: Then & Now at SeniorsForLiving.com.) Throw in the huge numbers of boomers and seniors in need of services over the next few decades, and I’d say the future of home healthcare looks bright.

Yet there are still many challenges facing the industry. In this article from HealthcareIT News, Frank Morgan, managing director at RBC Capital Markets in Nashville, believes that post-acute care providers and other healthcare companies with “predictable volumes” will do well. But, he says, “On the negative side, home healthcare still faces formidable challenges this year.”

The industry’s rapid growth, increasing demand for services, and great diversity (home care spans a huge continuum of care options, from skilled medical care to non-medical companion services to hospice care, with many variations in between) undoubtedly creates complex challenges and rich opportunities.

Regulating home healthcare agencies

Challenges like how to appropriately regulate home care agencies are certainly at the top of the list.  That’s because they are difficult to standardize given that some agencies provide only skilled medical services, others provide non-medical care, and some offer both. How to create and implement regulations that would be both protective of those receiving care, yet not overly restrictive for those providing it, will be a difficult balance to strike.

Yet regulations should not be the only reason that providers seek standards for quality care. Many agencies have already established a standard of excellence that they should continue to follow, regardless of new legislation or pending regulatory changes. Others could benefit from this level of accountability, but in the meantime, should consider implementing their own quality control measures to ensure that their agency stays afloat. As consumers become more aware of what sets apart those companies who provide superior home care, this self-enforcement will be crucial for longevity.

The means for reimbursement, both in terms of how the consumer pays the bill and how the agency can bill for services rendered, is also likely to change in the coming years, although as the home care industry grows and more legislation in support of aging-in-place services is passed, there is a real hope that this will be a change for the better. 

Strategic planning  for home health agencies

Among these challenges, existing home health agencies have the great advantage of staying ahead of the curve as these winds of change begin to blow. Veteran providers should maximize their enviable position by studying current consumers more closely, getting a better sense of what they want and need, and establishing a commendable training program for current and future caregivers.

Professional training, though often seen as cost-prohibitive in terms of time and resources, should be a top priority for all home care agencies moving forward. Home care agencies often advertise themselves as equipped to meet a diverse array of needs, yet many of their caregivers are inexperienced in dealing with the challenges that some illnesses and injuries may present (i.e. various forms/stages of dementia, end-of-life needs, etc.). Home care agency owners and operators should seek creative means for integrating the vast universe of online and in-community resources available to them, rather than viewing training as a series of one-day workshops, week-long in-service sessions, or lunch and learn seminars.

Baby boomers will have an effect on the home healthcare industry

Consider also the assertive nature of baby boomers, who are known to be quite the opposite in demeanor as the “silent generation” preceding them (read more about Baby Boomers: The Transformation Nation at our site), and you have an industry that will be driven by the demands of the very market that will be depending on its positive growth and long-term stability. Not to mention that a majority of boomers are, or will be, caught between caring for parents, children, and grandchildren (or all of the above), and may prevail themselves of the benefits that respite care via a home health agency might offer.

Also, not all boomers are in the best of health, apart from or before, after or during these intense caregiving experiences that many find themselves in. Consequently, the need for home care services (maybe PT after a knee replacement surgery, or light housekeeping help during chemo treatments) is likely to increase. Home care providers would do well to market to/educate the public about these specific needs, as many boomers are not even aware of what services are available to them and not just to their senior parents.

With the threat of dementia always looming – impacting boomers and seniors in equally devastating ways – the need for tailored home care services to meet these needs (and prevent the inevitable: caregiver burnout) will certainly grow. Again, specialized training in all aspects of dementia care will serve providers well to keep ahead of the competition.

Clearly we should expect many changes – positive and negative, exciting and disappointing – to this exploding industry in the coming years. There will be victories and defeats for businesses and for consumers. Sometimes, these extreme pressures force an industry out. That will not be the case here.

In some cases, assisted living communities and other congregate living settings are integrating home care services into their roster of amenities, as per the 2011 Top 10 Senior Housing Trends.

Yes, changes are in store, but you can bet that home care is not going anywhere, as AARP studies affirm that well over 90 percent of 50+ Americans prefer to stay in their homes as they age. And, if you ask the baby boomers/seniors utilizing or considering the services, that’s a comforting thing. Ask the executives, business owners and employees of the home healthcare industry, and they will agree, although they’re likely prepared for a wild ride.

Who knows what the future of home healthcare will look like, but it is nonetheless the industry to watch in the years to come.

Today’s guest post comes from SeniorsforLiving.com’s Michelle Seitzer. Before settling down as a full-time freelance writer, Michelle spent 10 years serving in various roles at assisted living communities in Pennsylvania and Maryland, then worked for several years as a public policy coordinator for the Alzheimer’s Association’s PA Chapters. She has blogged for SeniorsforLiving.com since November 2008, and is the co-moderator of the first #ElderCareChat on Twitter, held every other Wednesday at 1pm EST. Follow her on Twitter and Facebook.

Learn more about The Home Healthcare Industry has Many Changes & Challenges Ahead at The Fox Group, LLC - The Fox Group, LLC - Consultants To The Healthcare Industry.