VALUE
EXPERIENCE
RESULTS
Grooming a Top Notch
Patient Access Professional
Betsy Keating, RN, CHAM
Senior Consulting Manager
October 25, 2011
Agenda
♦ Introduction
♦ Examples
♦ Compliance Overview
♦ Training and Education
♦ Performance Management
2
Introduction
Patient Access Associates perform a diverse and complex range of tasks
during the registration process:
♦ Data Collection
♦ Insurance, Benefit Verification
♦ Identification of Pt. Financial Liability, POS Collections
♦ Securing required signatures
♦ Acquisition of Referrals and Pre Certification
Embedded within the daily functions of an Access Associate are laws and
regulations applicable to their day-to-day job responsibilities.
3
Today’s Discussion
♦ Identify violations that could lead to legal liability for the organization
and employee.
♦ Provide an understanding of the laws and regulations that impact Patient
Access Services.
♦ Learn techniques to incorporate a full realm of compliance training into
existing education plans.
4
HIPAA Enforcement Examples
♦ Following investigation by the U.S. Dept. of Health and Human Services,
office for Civil Rights, the University of California at LA settles potential
violation of HIPAA for $865,000.
– Complaint alleged that two UCLAH employees looked at electronic
health records repeatedly without permission. Upon further
investigation, it was reported between 2005 -2008 numerous
employees looked at the EMR of patients without valid reason.
5
HIPAA Enforcement Examples
♦ In 2009, Mass General lost PHI on over 192 patients – consisting of
patient schedules with names, MRN’s billing information, diagnoses,
procedures.
– An employee, while commuting, left the documentation on a subway
train. The documents were never found.
– $1M settlement
6
Penalty and Action Plan
♦ Covered entities are responsible for actions of their employees.
♦ Penalties in the amount of $1.8M were incurred between the two
facilities.
♦ Corrective action plan established.
– Privacy and Security Policies and Procedures
– Regular and robust training
– Independent monitor to assess compliance
7
Recovery Audit Contractor
♦ Three year demonstration – pilot (2005 through 2008)
– Identified $1.03 billion of improper Medicare payments
– $900 million in overpayments returned to Medicare Trust Fund
♦ 40 percent of overpayments due to medically unnecessary services (65
percent for services provided in an inappropriate setting)
♦ 8 percent due to insufficient documentation
♦ 35 percent connected to incorrect coding
♦ 17 percent – other category
8
RAC Exposure
(*Evaluation of the 3-year demonstration)
Improper payments due to:
♦ Medically Unnecessary Services
♦ Services provided in an inappropriate setting
♦ Incorrect coding
♦ Improper documentation
♦ Other
9
Patient Access Link
♦ Medical Necessity – Critical function in all access areas to:
– Prevent improper Medicare payments.
– Ensure provider can pursue payment from beneficiaries.
♦ Advance Beneficiary Notice (ABN) – Failure to issue an ABN can lead to
financial losses to an organization due to inability to bill for services
denied by Medicare as medically unnecessary.
♦ Medicare Secondary Payer Questionnaire (MSPQ)– Since 1980, the MSP
provisions have protected Medicare funds by ensuring that Medicare does
not pay for services and items that certain health insurance or coverage
has primary responsibilities for paying.
10
Patient Access Link
♦ Physician Order Documentation – Denials when medical records failed to
have a clear admission order.
– Level-of-care orders documented
– Inadequate or incomplete admission orders
– Presence of an order on elective surgeries
– Physician education
– Standard Order Sets with clear delineation to admit to inpatient or
place in observation
– Identification of Inpatient Only Procedures
11
Risk of Non Compliance
♦
♦
♦
♦
♦
♦
♦
12
RAC Exposure
HIPAA Penalties
Quality and Safety
Customer Satisfaction
Financial Liability
Healthcare Fraud
Loss of integrity and credibility
Impact
♦ Privacy Violations – misuse of information
– Failure to comply with requirements and standards – not more than
$100 for each violation not to exceed $25,000
– Criminal penalties up to $50,000, $100,000 and $250,000 with
imprisonment up to 10 years
♦ Security Breach Notification and Penalties
– Notify patients
– If breach affects over 500 patients, notify DHHS
– Notify local media
– Results: Damage to the organizations reputation, Financial losses,
Fraud, Fines, and Personal Liability
♦ Returned overpayments to Medicare Trust Fund
13
Patient Access Leadership Responsibilities
Patient Access is at the forefront and recognized as a vital component of the
Revenue Cycle and strongly influences the financial integrity of the
organization.
Essential to:
♦ Engage in robust recruitment and retention strategies.
♦ Develop a comprehensive education and training plan.
♦ Put in place proper resources to ensure compliance.
14
Education and Training
15
Training Techniques
Student Centered – Focus on the Trainee
Motivation – Build motivation activities
Activation – Give trainee opportunity for active participation
Reinforcement – Learner demonstrates a means of reinforcing newly
learned skill
Transfer – Trainer checks throughout program to ensure trainee has an
understanding of skill
Environment – Comfortable and suitable for learning
16
Training Plan . . . Methodology
♦ Utilize a combination of techniques.
– Classroom training
– Preceptor
– On-the-job training
♦ Engage a subject matter expert as the dedicated trainer.
♦ Provide ongoing feedback, encouragement, and validation.
♦ Monitor, track, and measure competency.
♦ Provide training that incorporates:
– Demonstration
– Hands On Experience
– Policy and Procedure Review
♦ E Learn
♦ Training Modules
17
Patient Access Orientation Training Plan
Week 1
Monday
Tuesday
Wednesday
Thursday
Dept.
Orientation
Patient Access
Overview –
Scope of
Responsibility
Data Collection Insurance
– Patient
Training
Interviews
System
Training
Service
Excellence
Scripting
Financial
Responsibility
• Completion of Healthcare System mandatory training modules
• Review of Associated Policies and Procedures
• Practical Application in ‘test’ system
18
Friday
Compliance
and
Regulatory
Agencies
Patient Access New Orientation Training Plan
Week 2
Monday
Tuesday
Physician
Outpatient
Order
Registration
Documentation
Wednesday
Thursday
Friday
Inpatient
Registration
Emergency
Dept.
Registration
Scheduling, Pre
Encounter
Workflow,
Check In
• Review of Associated Policies and Procedures
• Practical Application in ‘test’ system
19
Compliance
Compliance training is a critical component of an Access Department’s
training and education plan.
Educational goals should ensure the Access Associate:
♦ Possesses a complete understanding of the laws and impact within Patient
Access.
♦ Complies with policies and procedures.
♦ Possesses knowledge and understanding of Medicare Compliance,
Regulatory Agencies governing compliance and healthcare laws.
20
Essential Documentation for an Effective Training Plan
♦
♦
♦
♦
♦
♦
21
Outline
Defined Objectives
Content
Method of Delivery
Method of Evaluation
Measurement of Competency
Sample Compliance Training Module
Topic: Medical Necessity and ABN Compliance
Objective: At the completion of this program, the trainee will possess the
skills to perform medical necessity checks on all Medicare beneficiaries
rendering outpatient procedures and be compliant when issuing an ABN.
Content:
Medical Necessity Software Demo
Policy and Procedure
Method of Delivery:
Instructor led discussion, demo, and policy review
Self Learn Training Module with post test
Practical application utilizing sample physician orders
Method of Evaluation:
Post Test Competency
Direct Observation
22
Effective Compliance Program
♦ Establish compliance standard, procedures and policies.
♦ Assign oversight responsibility for compliance to an individual high in the
organization’s structure.
♦ Conduct effective training and educational programs (communications of
standards).
♦ Perform internal audits and continued monitoring to detect
noncompliance and improve quality.
♦ Develop effective lines of communication for reporting violations and
clarifying policies.
♦ Enforce standard well-publicized discipline guidelines and procedures.
♦ Respond appropriately and immediately to detected offenses in order to
prevent further offense through corrective action.
23
Key Ingredients to Compliance Training
♦ Medicare Compliance
– Medical Necessity, Advance Beneficiary Notice (ABN)
– Important Message from Medicare
– Medicare Secondary Payer Questionnaire (MSPQ)
♦ The Joint Commission
– Patient Identification
– Patient Rights
♦ Laws
– Health Information Portability and Accountability Act 1996 (HIPAA)
– Health Information Technology for Economic and Clinical Health Act 2009
(HITECH)
– Red Flags Rules 2007
– Patient Self Determination Act 1991 (PSDA)
– Emergency Medical Treatment and Labor Act (EMTALA)
24
Regulatory Agencies
CMS: The Center for Medicare Services issues Regulations for Hospitals and
Conditions of Participation (COP). Every hospital accepting payment for
Medicare and Medicaid patients –including Joint Commission accredited
hospitals must comply with these conditions.
TJC: The Joint Commission provides evaluation and accreditation services for
multiple healthcare organizations such as general, psychiatric, children’s
rehabilitation, and critical access hospitals. TJC standards address the
organization’s level of performance in key functions such as patient rights, patient
treatment and infection control, and on its ability to provide safe, high quality
care. Joint Commission sets an important standard for hospital compliance
under the premise that if an organization does the right things and does them well,
there is a strong likelihood patients will experience good outcomes.
OIG: Office of Inspector General is the federal government’s Department of Health
and Human Services publishes compliance program guidance for multiple
sectors of healthcare and billing companies.
25
Patient Access
Day-to-Day Responsibilities
When: During Registration, Outpatient, Emergency Department, Central
Scheduling, Financial Counseling, Admitting, Check-In
–
–
–
–
–
–
–
–
–
–
–
–
–
26
Ensure positive identification of patients prior to the onset of registration
Address the communication needs of each patient
Meets the spiritual needs of patients
Secure signatures Consent for Treatment, Assignment of Benefits, and Release of
Information
Perform Medical Necessity, ABN
Complete Medicare Secondary Payer Questionnaire
Comply with EMTALA
Distribute Patient Right to Privacy brochure
Ensure Privacy and Security
Be respectful of the patient’s option to ‘opt out’ of hospital directory
Distribute Important Message from Medicare
Address Advance Directive
Ascertain Release of Information privileges
HIPAA
The law known as “HIPAA” stands for the Health Insurance Portability and
Accountability Act of 1996. Congress, designed the Act to:
– Provide consumers with greater access to health care insurance.
– Protect the privacy of health care data.
– Promote more standardization and efficiency in the health care
industry.
27
Patient Access Responsibilities
Privacy and Security
Ensure Privacy:
♦ Do not disclose or share your password with another employee.
♦ Log off computer when walking away from workstation.
♦ Avoid work related conversations in hallways or elevators.
♦ Update, test and maintain correct fax numbers.
♦ Know your hospital’s policies for leaving messages on answering
machines.
♦ Do not post patient information around your workstation.
♦ Dispose paper information in closed receptacles for shredding.
♦ Do not use your password to look up information on family members or
friends.
28
HITECH
The Health Information Technology for Economic and Clinical Health Act (HITECH
or "The Act") is part of the American Recovery and Reinvestment Act of 2009
(ARRA). ARRA contains incentives related to health care information technology in
general (e.g. creation of a national health care infrastructure) and contains specific
incentives designed to accelerate the adoption of electronic health record (EHR)
systems among providers.
29
HITECH
HITECH also widens the scope of privacy and security protections available under
HIPAA; it increases the potential legal liability for non-compliance; and it provides
for more enforcement.
♦ Right to Restrict enforced in 2010: Requires the covered entity to agree on
restriction of disclosure to a health plan if: The disclosure is for the purposes of
carrying out payment or healthcare operations and is not otherwise required by
law; and, The Protected Health Information (PHI) pertains solely to a health care
item or service for which the individual, or person on behalf of the individual
other than the health plan, has paid the covered entity in full.
*Patient Access Considerations: Insured Self Pay procedure
30
EMTALA
Under EMTALA, patients are to be “triaged” by a “clinician” to determine
severity of illness and degree of emergency prior to being asked about
insurance or method of payment.
31
EMTALA
Three primary requirements on Medicare participating hospitals:
♦ The hospital must provide an appropriate medical screening exam (MSE).
♦ The hospital must treat and stabilize the emergency medical condition, or transfer.
♦ A hospital must not transfer an individual with an emergency medical condition
that has not been stabilized.
Regulations were amended in 2003 to specifically permit reasonable registration
procedures, including inquiries about insurance, before the medical screening
examination is done, again as long as those inquiries do not delay the examination.
A request for payment, however, may not be made at that time.
Patient Access Responsibilities:
♦ Know your hospital bylaws to identify ‘who’ can perform the MSE.
♦ Know triggers that communicate completion of MSE.
32
RED FLAGS REGULATION
The Red Flags Rule requires many businesses and organizations to
implement a written Identity Theft Prevention Program designed to detect the
warning signs — or "red flags" — of identity theft in their day-to-day
operations. By identifying red flags in advance, businesses will be better
equipped to spot suspicious patterns that may arise -- and take steps to
prevent a red flag from escalating into a costly episode of identity theft.
33
Red Flags Regulation
Patient Access Responsibilities:
♦ Comply with patient identification policies.
♦ Be alert to suspicious, altered documents.
♦ Be alert to suspicious PHI, such as date of birth and photo identification
not consistent with the appearance of the patient.
34
Patient Self Determination Act
Advance Directive means a written instruction, such as a living will or
durable power of attorney for health care, relating to the provision of health
care when the individual is incapacitated.
Organization’s Responsibility:
♦ Provide written information regarding Advance Directives.
♦ Document in Medical Record.
♦ Educate patients, employees and community.
35
Policies and Procedures
Primary
♦ Medical Necessity ABN
♦ EMTALA
♦ Medicare Secondary Payer
Questionnaire
♦ Patient Identification
♦ Emergency Department
Registration
♦ Orders for Outpatient Testing
♦ Advance Directive
♦ Registration of Family and
Friends
♦ Patient Rights and
Responsibilities
36
Related
♦
♦
♦
♦
♦
♦
Guarantor Policy
Performance Management
Performance Improvement Plan
Registration Quality Assurance
Insured Self Pay Policy
Patient Search, Name Standard
Competency
Competency:
♦ Quality of being adequately or well qualified.
♦ Ability of an individual to perform a job properly.
♦ Set of defined behaviors that provide a structured guide enabling the
identification, evaluation and development of the behaviors in individual
employees.
♦ Combination of knowledge, skills, and behavior used to improve
performance.
37
Performance Management
38
Performance Measurement
♦ Demonstration of Competency
♦ Ongoing Evaluation
– QA Monitoring
– MSP Audits
– Medical Necessity Compliance – Vendor Reports
– ‘Rounding’ with Reason
♦ Performance Management
– Behavioral Based
– Addresses Confidentiality and Security
39
Method of Evaluation
♦ Pre- and Post- Test
♦ Return Demo
♦ Direct Observation
♦ Verbal Affirmation – Sign Off
40
Employee Responsibilities
♦
♦
♦
♦
♦
♦
Timely completion of mandatory training and education modules.
Perform Medical Necessity check for outpatient procedures every time.
Issue ABN when indicated.
Accurate and complete documentation on MSPQ.
Understand the importance of completion of MSPQ.
Collaboration with Case Managers and other clinicians to ensure level of
care orders are in place.
♦ Consistent review of outpatient orders and appropriate follow up for
incomplete, illegible orders.
♦ Utilize solid interview techniques, adapt scripting.
41
Individual and Department
Key Performance Indicators
Individual KPI
1.
2.
3.
42
MSPQ audit
MED Necessity ABN audit
Documentation Audits
a. Consents
b. Place of Service Order
Department KPI
1.
2.
3.
MSPQ audit
ABN Audit
Technical Denials
Performance Management
Key Behaviors to ensure compliance:
♦ Adheres to the Health System’s Code of Conduct.
♦ Remains up to date and compliant with all Federal, State and Local laws,
Joint Commission standards or regulatory requirements which apply to
assigned area of responsibility.
♦ Ensures confidentiality of all customers/patients/residents information and
that information is only available to those who have a business reason to
know.
♦ Accepts responsibility for one’s actions and decisions.
♦ Builds trust and maintains consistency through words and actions.
43
Improvement Needed
Behaviors
♦ Fails to follow laws, regulations or Health System policies consistently.
♦ Demonstrated by:
– Sub par auditing results
– Less that 100% MSP completion
– Failure to check Medical Necessity or issue an ABN 100% of time
44
Access Leadership Responsibilities
♦ Develop policies.
♦ Communicate, Communicate, Communicate!
– Disseminate Information to staff.
♦ Measure Results.
– Improved Performance
– Reduction in Denials
♦ Audit.
– Round
– Individual and Department Performance
♦ Review results with staff, coach, and mentor.
♦ Report results to Sr. Leadership.
45
Training Tool Kit
♦
♦
♦
♦
♦
♦
♦
46
Department Orientation Check List
Training Module Documentation
Competency Validation, Inventory, and Tracking Sheet
Performance Management Evaluation Criteria
Applicable Policies and Procedures
Trainer Evaluation
Sign In Sheet
Benefits of an Effective Training Program
Employee
Organization
♦ Employee Satisfaction
♦ Professionalism
♦ Professional Development
♦ Financial Security
– Reduced denials
– Less turnover
– No penalties
♦ Builds credibility
♦ Employer Satisfaction
♦ Improved Outcomes
Patient
♦ Patient Satisfaction
♦ Safety and Quality
♦ Positive Outcomes
♦ Dignity and respect
47
Unintentional Consequences – failure to comply
♦ Incorrect data validation – risk of privacy breach
Ask Don’t Tell Campaign
♦ Medical Necessity Checks on limited number of procedures
♦ Physician Selection errors - *Safety and Privacy
♦ Incorrect Guarantor listing
♦ Opt Out Vulnerability - *Safety
48
References
♦
♦
♦
♦
♦
49
www.cms.gov
www.emtala.com
www.ftc.gov
www.hhs.gov/ocr/privacy/hipaa/enforcement/examples
www.racmonitor.com/news/33-top-stories/347-understanding-theimportance-of-patient-access-in-the-rac-process
Contact Information
Betsy Keating RN CHAM
Senior Consulting Manager
IMA Consulting
bkeating@ima-consulting.com
484-832-8149
50