Having worked on accountable care models for many years and studying health informatics technologies at Oregon Health & Science University School of Medicine over the last five years for my PhD, and how they can contribute to better quality and cost effectiveness, it is becoming increasingly apparent that the nature of compliance is changing.
Consider that some of the Medicare and Medicaid anti-kickback and civil monetary penalties laws may be implicated by the following. Do programs, such as those below, seek to give away something of value to attract patients?
Certain wellness programs/health fairs/health promotions
Patient assistance programs
Payment of health plan premiums
Incentives to remain in network
Do programs, such as those below, seek to promote stinting on care?
Promotion of adherence to certain treatment regiments/protocols/practice parameters
A focus on readmission reductions
End of life/palliative care programs
Many, if not all, of the above are found in models where the stakeholders focus on payment for quality and cost effectiveness.
We also are seeing more clinical integration, which the Federal Trade Commission has defined as an active and ongoing program to evaluate and modify practice patterns by the network's physician participants and create a high degree of interdependence and cooperation among the physicians to control costs and ensure quality. The program may include (1) establishing mechanisms to monitor and control utilization of healthcare services that are designed to control costs and assure quality of care; (2) selectively choosing network physicians who are likely to further these efficiency objectives; and (3) the significant investment of capital, both monetary and human, in the necessary infrastructure to realize the claimed efficiencies.
Clinical integration often involves cross-collaborative team models, patient-centered medical homes, and effective management of chronic conditions, preferably with aligned financial incentives for clinicians and hospitals. Effective clinical integration today is generally facilitated by health information technologies such as electronic health records (EHRs) and personal health records (PHRs). With EHRs, compliance officers might need to know whether the requirements for Meaningful Use are being met to ensure the payments are proper. Does the technology do what the vendor said it will do? Is it appropriately supported and updated? What happens when the vendor has carved out any of its potential liability? What happens when a vendor does not continue to support the EHR? How are the privacy and security issues addressed? With PHRs, what can patients input or "correct" in their PHRs? What are the implications for clinicians and hospitals?
Payment for quality and cost-effectiveness by its very nature relies more on evidence-based medicine (EBM) principles. The EBM triad of individual clinical expertise, best external evidence, and patient values and expectations come together. In doing so, compliance officers might need to be concerned that the external evidence is best, and what supports that. Patient values and expectations differ, along with a clinicians' clinical expertise.
EHRs increasingly employ clinical decision support systems (CDSS), which often provide for alerts, reminders, critiques, interpretations, diagnoses, assistance, and suggestions. How can a clinician and hospital be assured that they all are up to date, they function properly, and they provide the correct information in the dynamic healthcare marketplace? What if they do not, or an untoward event occurs? Often, compliance issues will be raised.
A compliance officer may be faced with issues such as: Can the clinician still make the ultimate decision with respect to patient care, given the practice parameters and protocols that have been adopted? Is the EBM behind the CDSS really EBM? Will providers embrace it? Is it dynamic enough in nature to keep up with the state-of-the-art practice of medicine? What is the effect of clinician work-arounds from a liability perspective? What happens when a nurse in a unit reports to Compliance about clinicians ignoring alerts and fashioning work-arounds?
EHRs also typically employ computerized physician order entry (CPOE). A compliance officer may have to be concerned with whether the CPOE actually does what the vendor claims it will do. He/she may also have to be concerned whether all the affected clinicians agreed on what it will assist in ordering/recommending. If CPOE is used as part of a financial incentive, what are its implications? Is a particular CPOE system dynamic in nature, and does it keep up with the state-of-the-art practice of medicine? What happens when a new physician comes into Compliance to suggest it does not?
E-prescribing systems are becoming ubiquitous and certainly a component of systems paying for quality and cost-effectiveness. Usually, such systems have drug alert capabilities. What happens when they do not work? What happens when clinicians ignore their alerts? What happens when all of one's allergies are not in the system for whatever reason? What does the compliance officer do when he/she is alerted that in a transition from one system to another, perhaps some information has been dropped (e.g., part of one's allergy information)?
Increasingly, payment for quality and cost effectiveness means ensuring that one has good data and proper metrics by which to compare progress. What happens when the data is not clean or truly comparable, and the clinician comes into Compliance to report this? Information sharing is key. Can such information be shared to develop the baseline and the metrics? Are the HIPAA Privacy and Security Rules an impediment? Are they observed? What about state law progeny?
Payment for quality and cost-effectiveness often involves telemedicine, mHealth and its applications, and the use of social media. Telemedicine no longer merely involves going to an office and seeing a clinician on a monitor. It is often accomplished via smartphones. Who pays for such consultations, and how? Many individuals want to access their health information, such as laboratory test results, on their smartphones. Is the information properly protected (e.g., encrypted)? What happens when a smartphone is misplaced or stolen? Clinicians increasingly use such devices and often bring their own devices (BYOD). What happens when someone reports to Compliance that a smartphone with patient information was stolen out of a car?
Social media sites often are centered around particular disease states where patients communicate with each other. What happens when the clinicians jump into the discussion? Certainly, care can be facilitated in a payment-for-quality and cost effectiveness world where patients might share new reactions to drug therapies that it might take years to publish. What happens when Compliance is advised that physicians are reviewing these sites to find out additional information about their patients? For example, what if they want to determine whether a patient has told them everything about his/her condition? What happens when the compliance officer learns that clinicians are running clinical trials, in part, using social media sites?
We hear more and more about big data and data analytics. Certainly data holds the promise for much better management of patient care. Predictive analytics seeks to determine which patients may respond to a particular treatment. What happens when a researcher strolls into Compliance complaining that the research used for predictive analytics for a particular patient or type of patient is flawed in his/her opinion?
Certainly, the landscape has changed for compliance in the transition from fee-for-service to payment for quality and cost effectiveness, and it will continue to change. We have not even begun to discuss the unanticipated consequences that often arise with the use of new health information technologies.
A compliance officer's job is never boring and it is getting much more interesting as the nature and extent of the skill set one needs is increasingly analytical in nature.