In an April 2013 keynote to the Health Care Compliance Association (HCCA), Daniel Levinson, Inspector General for the U.S. Department of Health and Human Services (HHS), began his remarks to the nation’s healthcare compliance officers on a sympathetic note, noting a survey that cited high levels of “negative stress” in their roles. Negative stress, he explained, occurs when those the compliance officer depends upon for cooperation are indifferent to compliance efforts. Attitudes like these leave the compliance officer to swim alone against the tide of organizational culture, which often regards the role as an obstacle or delay that stands in the way of the organization’s ability to perform its mission.
Levinson went on to describe how the compliance function has evolved – from a focus on meeting a set of static rules set out by federal and state government payers, to a much more dynamic and multidisciplinary process, built around concrete, measurable goals that serve not only the payer, but the needs of the service recipient as well. He added that as healthcare, including behavioral healthcare, becomes more coordinated, compliance programs are bound to face greater complexity and challenge.
“There are always vulnerabilities,” he noted, reminding the audience that it is not only a compliance officer’s job to anticipate vulnerabilities long before they manifest as threats, but also to take action to address them. Levinson told the story of Maurice Clarke, an inspector who worked for Britain’s Board of Trade, whose job was to certify HMS Titanic as seaworthy in early April 1912. In a recently discovered notebook that had been lost for 100 years, Clarke noted that although Titanic carried 20 lifeboats - the number strictly required by law – current maritime safety practices required that the ship carry at least 50 percent more, a minimum of 30 lifeboats. But when he raised this concern, Clarke experienced negative stress - a threat to his job. So, rather than standing for safety, Clarke, the last man who could have stopped Titanic’s maiden voyage, relented and certified her departure.
“Maurice Clark failed to follow through on what he saw and the result was the deaths of many more people,” said Levinson, noting the moral of the story, then and now “is that the law isn’t always very good at keeping up with the latest technological advances, and it’s very important to stay focused on quality, safety, and effectiveness, irrespective of what any particular or ‘landmark’ law might require.”
It is telling that the blueprint for a compliance officer’s work actually originates in Federal Sentencing Guidelines. These guidelines dictate appropriate punishment for crimes involving federal and state programs, along with guidelines about mitigating factors – things that organizations might do to mitigate the risk or limit the damage of such crimes, explains Fabio van der Merwe, director of quality improvement and compliance officer for the DeKalb Community Service Board (Atlanta, Ga.). Though it was considered a good practice, van der Merwe says that having a compliance function in a healthcare organization wasn’t a requirement until passage of the Affordable Care Act (ACA).
“Anytime a provider is taking federal dollars, you’ve got to meet the compliance guidelines,” says Anelia Shaheed, general counsel and COO of Med-Pro Billing (Tamarack, Fla.). Shaheed adds that “states have guidelines too, which generally follow or build on the federal requirements.” While current compliance guidelines don’t apply to commercial health insurance at present, she advises behavioral health organizations to “prepare for a medical model. Insurance companies are highly regulated, especially now, and they’ll be looking at you, seeking more insight into medical records.” Due to the ACA’s medical loss ratio (MLR) requirements – rules that require commercial insurers to prove they’ve paid out 80 to 85 percent of their premium dollars on claims – she says that “they’ll be paying increased attention to how services are being delivered.”
A compliance program is one of the few things in for-profit and not-for profit business where an organization’s efforts may count as much or more than results. “Just having a program is seen as a significant mitigation of risk to the organization,” says van der Merwe. While on one hand, the federal government has been working with states to encourage them to unite around standards in the Federal False Claims Act, on the other, he says that even credible allegations of fraud may be mitigated if an organization can demonstrate that the alleged violators had to evade an active compliance program. He suggests that enforcement action may well be toughest when an organization confronted with possible wrongdoing is unable to demonstrate that it had appropriate procedures in place, or that it has the willingness and know-how to implement and sustain a program of corrective action. To enforcement officials, these factors betray a lack of effort.