Healthcare Best Compliance Practices 2012 Forum Compliance Risk Assessment and Work Plan Process
North Shore-LIJ North Shore-LIJ cares for people of all ages throughout Long Island, Queens, Manhattan and Staten Island
North Shore-LIJ Overview q Integrated healthcare system q Service area of 7 million people in Long Island, Manhattan, Queens and Staten Island q More than 43,000 employees q Recipient of the National Quality Forum’s 2010 National Quality Healthcare Award q Home of the largest “corporate university" in the healthcare industry – the Center for Learning and InnovationSM q Home of the nation’s largest patient simulation center – the Patient Safety InstituteSM
Compliance Assessment Process Flow Communicate
Evaluate
Board of Trustees: Audit and Compliance Committee
Focus on Compliance Risks
Monitor
Risk Identification
Risk Assessment
Controls Assessment
Control Activities Establish Priorities Develop Work Plans
Risk Assessment Resource Guide q Compiled semi-annually and the areas covered include the following: • The status of ongoing Compliance initiatives • Key changes and updates to pertinent rules and regulations • Risk profile chart • Health System financial data and benchmarks
Risk Assessment Resource Guide continued… q Government audit data trends and Health System government audits q Internal audits conducted q Health System voluntary disclosures q Health System developments q Compliance Help-Line trend analysis
Determining Potential Risk Areas q Interviews of key personnel q External work plans from OIG and OMIG are reviewed q Prevalent industry topics also reviewed q Internal data mining, through third party software q Financial data is assessed to evaluate reimbursement trends q Audit items that pertain to the Health System are placed on a “potential audit” list q Prior year audits/re-audits
Risk Assessment - Educational Tool q Distributed to Board, Senior Leaders, etc… q Provides education on new developments •Keeps a pulse on regulatory environment •Provides a global perspective of the organization’s business and risks q Compliance document as well as a business document •Only as effective if it matched up to the organization’s business plans •The more it looks like a business document the more successful it will be and more individuals will read it
Risk Matrix and Work Plan Development Vulnerability
Interim NSLIJ Compliance Risk Profile
Almost Certain
Likely
Moderate
Unlikely
Rare
Low
Low to Moderate
Moderate
The purpose of this graph is to provide a visual depic3on of high risk issues which may impact the Health System based upon our analysis. The graph does not include all proposed audits, ini3a3ves or risks, but provides a high-‐level overview of the compliance risks that may impact NSLIJ.
Moderate to High
High
KEY: Red=High Risk Yellow=Med. Risk Green=Low Risk
Choosing Work Plan Topics Impact to the Organization
Potential Risk
Work Plan
Mission
FACILITY
Financial
Legal
Vulnerability
Risk Impact
Likelihood
Detectability
Controls
Vulnerability
Risk Prioritization Score
Work Plan Structure q Investigative Coding Audits
•Billing complaints •Inappropriate documentation
q Data Mining
•Missing charges •Supply units
q Professional Fee Coding Audits •Modifier assignment •Physician Supervision •High volume providers
q Home Health, Skilled Nursing, Hospice and Laboratory •RUG Coding •Trends in Laboratory Utilization
q Facility – Inpatient and Outpatient •MS-DRG Reviews •Clinics •Ambulatory Surgery Unit
q Non-Coding Audit Initiatives •Policy revisions/creation •Electronic Medical Record Access •Compliance Survey
Audit Efficiency Audits can only be as effective and efficient as you are q Utilize technology whenever possible to cover more ground q Complicated reviews may require additional credentialed resources q One audit may take 100 hours and be of little benefit while another audit may take 10 hours and may be of great benefit q All comes down to weighing the risk as well as the benefit to the organization
Data Mining q Federal/State governments investing heavily in data mining tools q What is “data mining” and how does it relate to risk assessments? q Types of data mining algorithms/reviews • RAC • OIG/OMIG work plans • External reports (e.g., Medicare Compliance Report) • Help Line calls • Internal inquires
Data Mining continued… qIdentified data mining risk areas often do not equate to errors qData mining software can validate data is within a normal range qLots of options to perform data mining internally or externally
Sample Data Mining Dashboard (Non-North Shore-LIJ Data)
Sample Data Mining Risk Report (Non-North Shore-LIJ Data)
California Data Mining q Healthcare Compliance Association (HCCA) Compliance Today
article summarized a coding issue at one California Hospital whereby 16.1% of their Medicare patients aged 65 and older suffered from Kwashiorkor
q The California Hospital’s percentage, when compared to California state data, was 70 times the state average of 0.2%
Data Mining Example: Kwashiorkor Syndrome q “A condition that is caused by severe protein deficiency that is usually seen in some underdeveloped areas in Africa and Central America; however it is extremely rare in the United States” Coding Clinic Third Quarter 2009 Page: 06 Effective with Discharges: September 15, 2009 q ICD-9-CM Diagnosis Alphabetic Index: Protein malnutrition or Malignant malnutrition = 260 q ICD-9-CM Diagnosis Tabular Index: code 260, Kwashiorkor; nutritional edema with dyspigmentation of skin and hair
Data Mining Example: Kwashiorkor Syndrome continued… q Review of article prompted Compliance to look at billing data related to ICD-9-CM diagnosis code 260 q In comparison to the California data average of 0.2%, data was significantly lower
Questions
Greg Radinsky, JD, MBA, CHC, CCEP Vice President & Chief Corporate Compliance Officer North Shore-LIJ Health System (516) 465-8327 gradinsk@nshs.edu Melissa McCarthy, RHIT, CCS Director, Corporate Compliance Audit & Facilities North Shore-LIJ Health System (516) 465-8081 malexand@nshs.edu