1 / 32

Carle Foundation Corporate Compliance

Contact Information. Julie Houska, Privacy and Security Official(217) 383-7159Opal Manning, Senior Compliance Administrator (217) 326-0025Steve Kelly, Corporate Compliance Officer(217) 383-3927. What is Health Care Compliance?. The detailed, interconnected web of laws and regulations governi

hisoki
Télécharger la présentation

Carle Foundation Corporate Compliance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Carle Foundation Corporate Compliance

    2. Contact Information Julie Houska, Privacy and Security Official (217) 383-7159 Opal Manning, Senior Compliance Administrator (217) 326-0025 Steve Kelly, Corporate Compliance Officer (217) 383-3927

    3. What is Health Care Compliance? The detailed, interconnected web of laws and regulations governing health care providers and the effort to behave ethically in our business. Some laws include HIPAA, Stark, Anti-Kick Backthe list goes on Hospital Compliance programs were started because of the Federal Sentencing Guidelinesthis is a clue to the seriousness of our mission.

    4. Mission To maximize compliance with all relevant laws and regulations and to encourage ethical conduct in all of our business activities by: Promoting a Culture of Compliance Preventing violations before they occur Helping to fix problems once they do occur.

    5. Proactive Activities Ways that we can be proactive Risk Assessments Policies/Procedures Compliance are found in the 600 series on CWeb Standards of Conduct Read booklet, sign p.63 in the binder, and return to educator Education (including annual training) Departmental Monitoring Auditing Open Communication This is how we want to be. We want to work on doing the right thing through these means. Go through list If we arent completely successful at the proactive side of things thennext slideThis is how we want to be. We want to work on doing the right thing through these means. Go through list If we arent completely successful at the proactive side of things thennext slide

    6. Open Communication Suggested actions for reporting Chain of Command Any Director level person with which you are comfortable Call Julie 383-7159, Opal 326-0025 or the Compliance Officer 383-3927 Confidential Message Line 1-888-500-5012 These are ways that you can help us remain proactive or just compliant in general. Go through list by using these tools to report issues you help us next slideThese are ways that you can help us remain proactive or just compliant in general. Go through list by using these tools to report issues you help us next slide

    7. Confidential Message Line 1-888-500-5012 Available 24/7 (Pens!) Answered by compliance staff Monday-Friday 8:00am to 5:00pm Voice mailbox during non-staffed hours Callers may remain anonymous All calls are confidential & cannot be traced Another important number to remember is the confidential message line, maybe the most important is the confidential message line. You can report issues to staff by calling this number and there is no caller id to identify you. You can use this number if you wish to identify yourself. It is your choice. If you call in and would rather leave a message simply ask the person that answers to hang up so you can call back to leave a message. By calling us with issues or stopping in to talk with us at the trailer you help us be avoid being non-compliantAnother important number to remember is the confidential message line, maybe the most important is the confidential message line. You can report issues to staff by calling this number and there is no caller id to identify you. You can use this number if you wish to identify yourself. It is your choice. If you call in and would rather leave a message simply ask the person that answers to hang up so you can call back to leave a message. By calling us with issues or stopping in to talk with us at the trailer you help us be avoid being non-compliant

    8. Its Expected and Protected Everyones Responsibility Safe Environment Can remain anonymous when reporting May reach us by email/phone Non-retaliation policy Helps us fix our small problems before they become BIG problems This is our goal, as we are only as effective as the employees allow us to be. We hope to help encourage this by, the list You may be wondering, what type of issues do you get? Next SlideThis is our goal, as we are only as effective as the employees allow us to be. We hope to help encourage this by, the list You may be wondering, what type of issues do you get? Next Slide

    9. Reactive Ways that we are reactive Investigations Corrective Action Discipline Preference for non-punitive corrective action These are ways that we are reactive, go through the list we dont want to get to the reactive stage so we need your helpThese are ways that we are reactive, go through the list we dont want to get to the reactive stage so we need your help

    10. Common Carle Issues Contracts Relationship with CCA Billing and Coding HIPAA (Federal Law) These are some of the biggest topics that we face, explain the list and then after HIPAA Give it to Julie next SlideThese are some of the biggest topics that we face, explain the list and then after HIPAA Give it to Julie next Slide

    11. Consequences of Non-Compliance May be excluded from Medicare/Medicaid programs Substantial fines and penalties Possible imprisonment for serious violations Loss of trust of our patients and the community Loss of reputation with our patients and the community Talk about list and then transition into the next slide by saying that is why we try to be proactive next slideTalk about list and then transition into the next slide by saying that is why we try to be proactive next slide

    12. What You Can Do Follow your departmental policies and procedures Document accurately and thoroughly Communicate any concerns, particularly those about poor care or insufficient documentation, to your supervisor, the Compliance Office, or any Director level person Complete your annual online compliance and HIPAA training

    13. Compliance & HIPAA Training Compliance & HIPAA training must be completed annually. You will complete 2 parts (compliance & HIPAA) to complete your annual requirement. The training is mandatory, discipline will be given to employees that do not complete the required training. The initial training takes approximately 2-3 hours to complete. After the first year, employees will be able to complete the update for the training which usually takes 1-2 hours to complete. In 2009, Only 1 person didnt complete the training by the deadline!!!

    14. Compliance & HIPAA Training Training will be announced through email (including instructions) You must be paid for the time involved in completing the training The training is accessible via the cweb or hospital education's website Please call Opal (326-0025) or the IT Help Desk if you are having any computer issues!

    15. HIPAA Health Insurance Portability and Accountability Act of 1996 Federal law which requires health care providers to take reasonable safeguards to prevent the improper use or disclosure of patient information (PHI) We must protect any: Verbal, Paper, Electronic information that can be used to identify our patients Use reasonable safeguards

    16. HIPAA Terms PHI = protected health information, e.g. name, address, phone numbers, birth date, clinic number, etc. TPO = Treatment Payment Operations Anything outside of TPO requires patients signatures If state law is more strict than Federal law, Carle follows the state law Minimum Necessary Use only the information necessary to do your job Use your computer access or facility access only to perform your job duties no special privileges because you work here Staff such as Housekeeping, Volunteers and Guest Services can also be affected by HIPAA Being at Carle gives you physical access to the patients being treated here, which is also private

    17. Privacy Tips Follow the procedure through the Health Information Dept if you would like to access your own or your familys PHI Remember, if youre visiting a family member who is a patient you are a visitor, not an employee Find out where to dispose of PHI in your work area sort your trash appropriately Be responsible with any materials containing PHI e.g. list of patients, reports containing patient information

    18. Like They Say About Vegas What Happens at Carle Stays at Carle! Be careful discussing in public this includes the shuttle, bars and restaurants, etc. Be careful discussing when youre off the clock, even with family members No pictures please Best practice is always not discussing specific patient information with others not involved in that patients care

    19. HIPAA & Electronic Security What is HIPAA Security? The efforts we take to protect patient electronic PHI (ePHI) How we support the privacy of our patient information medical information should only be used to treat patients by people who have a need to know that information ePHI is present in all our major patient oriented information systems and in smaller systems as well even on your desk or lap top computers

    20. How Do We Protect Information? We limit information availability to staff by grouping them and assigning different access levels We insure the accuracy of the information by having multiple checks in our systems We track who has looked at information to verify that the access was valid and appropriate

    21. Electronic Security Tips Protect your passwords and sign out when youre done! Report if you see anyone using anothers password Change your password regularly and use a strong password Please - Dont open unknown email attachments Dont download software Dont stream audio or video Secure your office Dont look up anyones records if there is not a business reason to do so not allowed!

    22. Consequences of a HIPAA Violation for Staff Being requested to participate in the investigation process Any discipline up to and including termination

    23. Stimulus Act of 2009 American Recovery and Reinvestment Act of 2009 (ARRA); aka Public Law 111-5 Signed into law February 17, 2009 Contains numerous provisions affecting patient privacy and health information technology Many changes to come over the next few months and years which will make HIPAA more strict

    24. Breach Notification Effective September 23, 2009 A breach is an event that compromises the security or privacy of the PHI it poses a significant risk of financial, reputational, or other harm to the individual Applies to covered entities and business associates Staff must receive training on this new rule

    25. Breach A breach is defined as the unauthorized acquisition, access, use, or disclosure of unsecured PHI which compromises the security or privacy of the PHI, except where an unauthorized person to whom such information is disclosed would not reasonably have been able to retain such information.

    26. Unsecured PHI Unsecured PHI is defined as PHI that is not secured through the use of a technology or methodology that renders the PHI unusable, unreadable, or indecipherable to unauthorized individuals. Encryption and destruction are the only two methods recognized by the federal govt for making PHI secure

    27. Breach Notification We will now be required to notify patients in writing of a breach depending on the number of patients affected by the breach, we may have to post a notice on our website, notify local media and notify the federal government

    28. Red Flag Rule Effective November 1, 2009 The Fair and Accurate Credit Transactions Act (FACTA also known as the Red Flag Rule) was passed by the Federal Trade Commission to reduce the risk of identity theft. It requires various organizations to implement policies and procedures to assist patients when Red Flags occur.

    29. Some Examples of Red Flags Presentation of documents that look to be forged, altered or fake; A suspicious change of address; A complaint or question from a patient who - received a bill for another individual; - received a bill for services never rendered; - received a bill from a provider that the patient never patronized; or - received an Explanation of Benefits (EOB) for services never received.

    30. Identity Theft A fraud committed or attempted using the identifying information of another person without authority. Both identity theft and the resulting theft of services are felony offenses Non-compliance would put CF at risk for fines and the loss of trust and reputation in the community

    31. Red Flag Program Requirements The Red Flag Rule states that we must have a program that: describes how Carle Foundation and its affiliates (CF) identify Red Flags describes how CF detects Red Flags in its operations describes how CF responds to Red Flags describes how CF administers its program Corporate Compliance Policy CF610 Red Flag Identity Theft Program on the CWeb describes our Red Flag Program in its entirety.

    32. Patient Privacy & The Golden Rule Treat patient information that way you want your own information to be treated Patient Rights/Patient Choice To whom does the patient want information released is it you?

    33. Quick Reference Guides Privacy Security Good to keep these reference materials along with your employee handbook easily accessible!

More Related