Add to collection(s) Add to saved
  1. Science
  2. Health Science

View as DOC - Post & Schell, PC

advertisement 
A Framework for ACO Credentialing and Peer Oversight
Robin Locke Nagele
I.
II.
III.
IV.
V.
VI.
VII.
Introduction and Background on ACOs…………………………………..…
Developing the Infrastructure for Credentialing and Peer Review………….
Protecting Peer Review Privilege and Confidentiality………………………
HCQIA Immunity and Reporting for ACOs…………………………...........
Adoption and Enforcement of Evidence-Based Protocols…………………..
The Use of PSOs for Aggregating and Analyzing ACO Quality Data………
Conclusion…………………………………………………………………...
I.
Introduction and Background on ACOs
1
4
9
14
19
21
25
Accountable Care Organizations (ACOs) are proliferating as providers seek to position
themselves to participate in the Accountable Care Act’s (ACA’s) Shared Savings Program
(SSP).1 ACOs are groups of providers that align themselves through a clinically integrated
entity designed to improve efficiency and quality of care, and reduce cost. Although ACOs can
be formed and operated for reasons other than the Shared Savings Program, it is safe to assume
that the majority of ACOs being formed at this time are motivated to comply with Medicare’s
SSP regulations, so that they can qualify for the financial incentives provided thereunder.
The SSP statute and regulations contain specific requirements regarding the structure,
governance and management of ACOs, which will shape their formation and their functioning.
Key requirements are that:

The ACO must be a distinct legal entity formed pursuant to state law;2

The ACO must have a governing body that is responsible for oversight and strategic
direction and to which the ACO management is held accountable;3
1
Patient Protection and Affordable Care Act, Pub. L. No. 111-148 , §§ 3022 &
10307 (Mar. 23, 2010) (codified at 42 U.S.C. § 1395jjj, with regulations codified at 42 C.F.R. §§
425.10 et seq.)
2
42 C.F.R. § 425.104.
3
Id. § 425.106.

At least 75% of the governing body members must be ACO participants (i.e.,
Medicare-enrolled providers providing services (or supplies) pursuant to the
ACO) and at least one member must be a Medicare beneficiary representative;4

The ACO must have a leadership structure in which the clinical and
administrative systems are aligned with the goals of the SSP – i.e., improved
quality and decreased cost;5

The ACO must have a chief executive officer (CEO) whose leadership team has
demonstrated the ability to influence or direct clinical practice to improve
efficiency processes and outcomes;6

The ACO must have a chief medical officer (CMO) who is a licensed and board
certified physician who is one of the ACO participants, and physically present at
one or more of the ACO locations on a regular basis;7

The ACO participants and provider/suppliers must demonstrate a “meaningful
commitment” to the ACO’s mission through, for example, (i) a significant
financial or time commitment to the ongoing operation of the ACO, and/or (ii) a
written commitment to the achievement of the ACO’s quality and performance
standards.8
At the heart of the SSP ACO regulations are the quality performance standards, which include
the following:
4
5
6
7
8
9

The ACO must promote evidence based medicine, focusing on conditions with a
significant potential for achieving quality improvements for the beneficiary
population covered by the ACO;9

The ACO must promote beneficiary engagement, through (i) including a
beneficiary representative on the governing body, (ii) conducting experience of
care survey requirements, (iii) evaluating and addressing the needs of the patient
population being served, (iv) communicating with beneficiaries in clear terms
regarding the goals of evidence-based medicine, (v) implementing shared
decision-making that takes into account the beneficiaries’ unique needs,
preferences, values, and priorities, and (vi) establishing written standards for
Id. §§ 425.106(c); 425.20.
Id. § 425.108(a).
Id. § 425.108(b).
Id. § 425.108(c).
Id. § 425.108(d).
Id. §§ 425.112(a); 425.112(b)(1).
2
beneficiary access and communication, and a process for beneficiaries to access
their medical record.10

The ACO must develop an infrastructure for internal reporting of quality and
cost metrics so as to facilitate evaluation, feedback to participants and monitoring,
and thereby to improve care over time;11

The ACO must coordinate care across and among primary care physicians,
specialists, and acute and post-acute providers and suppliers through defined
methods and processes, including the use of individualized care plans to promote
improved outcomes, at a minimum, for high-risk and multiple chronic condition
patients.12
To successfully participate in the Medicare Shared Savings Program, an ACO must therefore be
a separate legal entity with a defined governing body and clinical and administrative
management structure that is capable of clinically managing the inpatient and outpatient care for
an entire population of patients through coordinated care plans, intensive data measurement and
analysis, and the implementation and enforcement of evidence-based protocols. In order to even
achieve threshold eligibility to share in the financial rewards of the SSP,13 an ACO must meet
CMS’s specific quality metrics in four different domains (patient/caregiver experience, care
coordination/patient safety, preventive health and at-risk populations) by scoring above CMS’s
minimum attainment level on at least 70% of those metrics.14
The ACO program raises a host of new operational and legal challenges for providers in
the areas of credentialing, quality oversight and peer review. In this article, we examine those
challenges and suggest ways in which they may be successfully resolved.
10
11
12
13
14
Id. §§ 425.112(a); 425.112(b)(2); 425.106; 425.500.
Id. §§ 425.112(a); 425.112(b)(3).
Id. §§ 425.112(a); 425.112(b)(4).
Id. §§ 425.600-425.608.
Id. § 425.502(d).
3
II.
Developing the Infrastructure for Credentialing and Peer Review
Credentialing and peer review are the standard methods by which provider entities that
engage or employ licensed independent practitioners assure themselves of the quality and safety
of the services provided by those practitioners.15 In the hospital context, the goal of
credentialing, privileging and peer review is typically to ensure that practitioners are practicing
within a broadly defined “standard of care” in the medical community. By contrast, ACOs must
develop and enforce much more tightly controlled standards of practice. Specifically, ACOs are
charged with ensuring adherence to evidence-based protocols, individualized care plans, and
other methods of controlling care delivery to ensure high quality and decreased cost. Therefore,
ACOs cannot be content with simply replicating traditional methods of credentialing, privileging
and peer review. To be successful, they will need to exert much more targeted control over
clinical practices.
In developing the infrastructure for credentialing, privileging and peer review, ACOs
must consider the following questions:

Who are the credentialing and peer review decision-makers, i.e., those individuals or
committees responsible for developing standards, reviewing practitioners, and taking
action -- and what is the source of their authority?

What are the particular procedures and methods by which practitioners are reviewed
against the ACO’s clinical practice standards?

What quality data and information is used in the credentialing and peer oversight
process?
15
In hospitals, ambulatory surgery centers, dialysis facilities and other clinical
settings, “privileging” is also an important component of the quality oversight process.
However, we believe “privileging” is less meaningful in the ACO context, which does not
involve a designated practice setting, but rather, is a means of coordinating care across many
different settings. Therefore, we do not include a separate discussion of “privileging” in this
article. However, using the concepts discussed herein, a “privileging” process could readily be
developed and applied, if appropriate to a particular ACO setting.
4

What are the enforcement tools and consequences for failing to meet the ACO’s
quality standards?
In this section, we will suggest some possible approaches to these issues, recognizing that each
ACO will ultimately need to develop its own unique approach that is tailored to meet its
particular provider and beneficiary population and culture.
ACOs will undoubtedly vest ultimate decision-making authority for credentialing and
peer review decisions with their governing bodies, which are ultimately responsible and
accountable for the actions of the ACO. The governing bodies, in turn, can be expected to
delegate significant operational responsibility to the CMO and staff. The major question for
ACOs to resolve will likely be whether they create one or more separate review committees for
credentialing and peer review, and if so, who those committees report to – CMO, CEO or
governing body.
The multi-layer review that is typical of hospital credentialing and peer review often
creates inefficiencies and redundancies with, arguably, little corresponding benefit in terms of
improved decision-making. ACOs may be better served by having a tight decision-making
structure, in which the ACO governing body either (i) acts as a super-credentialing and peer
review committee of the whole, or (ii) if that is not operationally feasible, creates a board-level
credentialing and peer review committee with delegated authority to act for the governing body.
The CMO and staff can thoroughly investigate and vet all credentialing and peer review matters
coming before the governing body committee, so that there is essentially one layer of decisionmaking.16
16
Of course, in order to obtain immunity under the Health Care Quality
Improvement Act, 42 U.S.C. § 11101 et seq., it may be necessary to provide multiple layers of
hearing and appeal of certain adverse decisions. See Section IV below. However, in a well
organized ACO, the need for such action should be rare.
5
Establishing the source of authority of the credentialing and peer review decision-makers
is also important. Practitioners often challenge adverse credentialing/peer review action by
asserting that the action is outside the authority of the decision-makers. ACOs must ensure that
all ACO participants bind themselves to the governance structure by which credentialing and
peer review standards will be developed and enforced, and agree to be bound by the
credentialing and peer review decisions, even (and especially) when they are adverse to the
practitioner.
Common methods for securing such commitment are through (i) contracts, (ii) bylaws,
and/or (iii) binding policies and procedures. All of these methods are acceptable, so long as the
ACO participants clearly signify their knowing and voluntary agreement to be bound by the
credentialing and peer review provisions – including the consequences for failing to meet the
required minimum standards -- as a specific condition for becoming a participant in the ACO.
Anything less is likely to subject the ACO to controversy and/or litigation.
As is evident from the SSP regulations, ACO credentialing and peer review has a
different focus than typical hospital peer review. Those ACOs that will be successful under the
SSP are those in which the leadership is capable of “influenc[ing] or direct[ing] clinical practice
to improve efficiency processes and outcomes,”17 -- i.e., changing practice patterns through
successful implementation of evidence-based protocols, individual care plans, and other methods
of care coordination and management.
The traditional vetting of credentials, although an essential first-step, is only the
beginning of the inquiry as to whether a practitioner will succeed in the ACO setting. Of much
more import will be the “softer” criteria, i.e., whether the practitioner is capable of:
17
42 C.F.R. § 425.108(b).
6

adapting his/her practice in response to evidence-based protocols;

coordinating his/her care with that of other practitioners across a spectrum of
inpatient and outpatient providers; and

working cooperatively within a system of care.
In many respects, these characteristics are much more difficult to evaluate. Nevertheless, they
may prove to be essential qualities in defining successful ACO participants. These types of
issues can be vetted initially through extremely detailed and specific peer references and through
a substantive interview process. Alternatively, ACOs can opt not to do a thorough vetting of
these intangibles at this stage, but rather, rely on their ability to implement very clear standards
and consequences once a practitioner is accepted into the ACO.
Once practitioners are “credentialed” with the ACO, it is, in our view, paramount to the
success of the ACO that practitioners are regularly evaluated in accordance with external,
objective standards, and that there be a defined set of sanctions for failure to meet these objective
standards. The objective standards could consist, for instance, of a defined minimum level of
compliance with:

the ACO’s duly approved and adopted evidence based clinical protocols and
individual care plans;

minimum quality standards as judged by clearly defined internal and external quality
metrics such as those that will render the ACO eligible to share in the financial
rewards of the Shared Savings Program;18 and

basic conduct expectations as set forth in the ACO’s code of conduct (which would
address such things as sexual harassment, disruptive conduct and legal compliance
expectations).
These metrics could be reviewed by the ACO’s peer review committee regularly, for instance,
every three months, and an ACO participant that failed to meet the required minimums, might be
subjected to the following (on a graduated basis, as necessary):
18
See Id. § 425.500.
7

Level 1 Peer Review: After review by the ACO peer review committee, the CMO
(or delegate) meets with the ACO practitioner to counsel him/her regarding his/her
deviations from the objective standards; discusses necessary changes in practice
patterns and “problem solves” any practical impediments thereto; secures the ACO
practitioner’s agreement to make the necessary changes; and records the substance
and outcome counseling session(s), including the specific agreed-upon practice
changes, in a written peer review record, signed by the CMO and the ACO
participant.

Level 2 Peer Review: In the event that the ACO participant either (i) refuses to
cooperate in the Level 1 Peer Review, or (ii) is cooperative but subsequently fails to
implement the necessary changes in practice pattern and/or continues to practice
below the required minimum standard of practice, the matter moves to Level 2 Peer
Review. This consists of a formal warning, reprimand, and/or proctoring of the ACO
practitioner. Again, after review by the ACO peer review committee, the CMO (or
delegate), meets with the ACO participant and records the warning, reprimand and/or
proctoring in a written peer review record, signed by the CMO and the ACO
participant. If proctoring is involved, a proctor is engaged (internally or externally,
depending on the circumstances) to conduct an intensive period of evaluation and
intervention over a defined period of time. At the end of that period, the proctor
submits a written evaluation report as to the ACO participant’s response to the
proctoring, with specific reference to whether or not the ACO participant was
successful in changing his/her practice patterns and/or improving his/her compliance
with the minimum standards of practice.

Level 3 Peer Review. Level 3 is the final stage of peer review, which is reached only
if Level 2 Peer Review has been unsuccessful. The question under review at this
stage is whether the ACO Participant should (i) be terminated and excluded from the
ACO, or alternatively, (ii) be given “one last chance” to demonstrate his/her ability to
comply with the ACO’s minimum standards of practice. In anticipation of the
possibility of future litigation, the review at this level should be as thorough and
formal as deemed necessary under the circumstances (using external resources as
necessary) to provide a fair and defensible analysis.
A decision to terminate an ACO Participant may necessitate a HCQIA-compliance “fair hearing”
process, as will be discussed in Section IV, below.
The goal of the peer review framework described above is a tightly controlled system in
which the standards are clearly defined, the intervention is direct and immediate, and the
consequences for seriously underperforming providers is termination from participation. Such a
peer review process may turn out to be a key ingredient of the ACO’s ability to meet the
stringent quality mandates of the SSP, thereby enabling the ACO to share in the financial
8
rewards of the federal program. It may also help position the ACO to “partner” effectively with
other health plans and provider entities also seeking to implement more coordinated and aligned
systems of care.
III.
Protecting Peer Review Privilege and Confidentiality
Fearful that peer review data and information may be accessed and used by plaintiff
malpractice attorneys against ACO participants, ACOs will want to seek as much protection as
possible from the zone of confidentiality and privilege that exists under state and federal law. In
this section, we will analyze the scope of protection afforded by the Pennsylvania Peer Review
Protection Act, 63 P.S. §§ 425.1 et seq., (PRPA), which provides the primary state law peer
review privilege in Pennsylvania.19
The threshold question for ACOs is whether the PRPA extends its protections to peer
review conducted by an ACO relative to the ACO participants. PRPA’s provisions appear broad
enough to encompass a “peer review committee” made up of licensed healthcare providers acting
on behalf of an ACO. Nevertheless, because there is some degree of ambiguity in the statutory
text, it is hard to predict whether Pennsylvania courts would apply the PRPA protections to the
“peer review committees” of an ACO, given the courts’ general hostility towards this privilege.
The key definitions are as follows:
"PEER REVIEW" means the procedure for evaluation by professional health care
providers of the quality and efficiency of services ordered or performed by other
professional health care providers, including practice analysis, inpatient hospital and
extended care facility utilization review, medical audit, ambulatory care review, claims
review, and the compliance of a hospital, nursing home or convalescent home or other
health care facility operated by a professional health care provider with the standards set
by an association of health care providers and with applicable laws, rules and regulations.
19
A somewhat different type of peer review protection is provided by the patient
safety provisions of the MCARE Act, 40 P.S. § 1303.311, but the provisions of that Act are only
applicable to hospitals, ambulatory surgery centers, abortion facilities, and birth centers. Id. §
1303.302 (definition of “Medical facility”).
9
“PROFESSIONAL HEALTH CARE PROVIDER” means: (1) individuals or
organizations who are approved, licensed or otherwise regulated to practice or operate in
the health care field under the laws of the Commonwealth, including, but not limited to,
the following individuals or organizations: (i) a physician; (ii) a dentist; (iii) a podiatrist;
(iv) a chiropractor; (v) an optometrist; (vi) a psychologist; (vii) a pharmacist; (viii) a
registered or practical nurse; (ix) a physical therapist; (x) an administrator of a hospital,
nursing or convalescent home or other health care facility; or (xi) a corporation or other
organization operating a hospital, nursing or convalescent home or other health care
facility; or (2) individuals licensed to practice veterinary medicine under the laws of this
Commonwealth.
“REVIEW ORGANIZATION” means any committee engaging in peer review,
including a hospital utilization review committee, a hospital tissue committee, a health
insurance review committee, a hospital plan corporation review committee, a professional
health service plan review committee, a dental review committee, a physicians' advisory
committee, a veterinary review committee, a nursing advisory committee, any committee
established pursuant to the medical assistance program, and any committee established by
one or more State or local professional societies, to gather and review information
relating to the care and treatment of patients for the purposes of (i) evaluating and
improving the quality of health care rendered; (ii) reducing morbidity or mortality; or (iii)
establishing and enforcing guidelines designed to keep within reasonable bounds the cost
of health care. It shall also mean any hospital board, committee or individual reviewing
the professional qualifications or activities of its medical staff or applicants for admission
thereto. It shall also mean a committee of an association of professional health care
providers reviewing the operation of hospitals, nursing homes, convalescent homes or
other health care facilities.20
The PRPA’s confidentiality protections are as follows:
The proceedings and records of a review committee shall be held in confidence and
shall not be subject to discovery or introduction into evidence in any civil action against
a professional health care provider arising out of the matters which are the subject of
evaluation and review by such committee and no person who was in attendance at a
meeting of such committee shall be permitted or required to testify in any such civil
action as to any evidence or other matters produced or presented during the proceedings
of such committee or as to any findings, recommendations, evaluations, opinions or other
actions of such committee or any members thereof: Provided, however, That information,
documents or records otherwise available from original sources are not to be construed as
immune from discovery or use in any such civil action merely because they were
presented during proceedings of such committee, nor should any person who testifies
before such committee or who is a member of such committee be prevented from
testifying as to matters within his knowledge, but the said witness cannot be asked about
20
63 P.S. § 425.2 (emphasis added).
10
his testimony before such a committee or opinions formed by him as a result of said
committee hearings.21
As noted, although this broad language would appear to encompass ACO credentialing and peer
review, Pennsylvania courts have historically found many ways of limiting the statute’s reach,
such that the PRPA may not provide the degree of protection as one might expect, given the
broad language of the Act.
In McClellan v. HMO of Pennsylvania, 686 A.2d 801 (Pa. 1996), the Pennsylvania
Supreme Court ruled that PRPA’s confidentiality provisions did not extend to an “IPA-Model
HMO” because the HMO was not itself neither a licensed healthcare provider nor a healthcare
facility.22 The court found that the HMO’s major objective was to “contract” with healthcare
providers to deliver healthcare, and that “its physicians usually work in their own offices, use
their own equipment, and keep their own records.”23 Thus, an HMO’s credentialing and peer
review records were held to be discoverable in an action against the HMO for alleged negligence
in selecting and retaining the physician in its HMO panel. Notably, as pointed out by Justice
Nigro in his dissenting opinion, the peer review information was held discoverable against the
HMO even though it could not be used against the allegedly negligent physician, who was a codefendant in the lawsuit.24 Justice Nigro suggested that the majority decision would undermine
the PRPA’s goal of encouraging frank and candid review of physicians by their professional
peers, and thereby “hamper the quality of care.”25 Although a later court pointed out that the
21
22
23
24
25
Id. § 425.4 (emphasis added).
McClellan v. HMO of Pennsylvania, 686 A.2d 801 (Pa. 1996).
Id. at 806.
Id. at 809 (Nigro, J., dissenting).
Id.
11
McClellan case was decided by an equally divided Supreme Court, and therefore, arguably, not
precedential,26 the case has nevertheless been consistently followed since decided in 1996.
The McClellan decision created a large loophole in the PRPA’s confidentiality
protections, that could arguably jeopardize the privileged nature of ACO peer review
proceedings. ACOs, like HMOs, are neither licensed healthcare providers nor medical facilities.
Like HMOs, ACOs have as one of their primary goals, the ability to contract with third parties
for the delivery of coordinated healthcare services by licensed healthcare providers. However,
ACOs are not mere insurers, and they are legally and definitionally required to have a much
more direct and “hands-on” clinical involvement than IPA-model HMOs. ACOs do not merely
evaluate the competency of providers, they are directly involved in establishing and enforcing
clinical protocols and individualized patient care plans, and maintaining a coordinated system of
care. The level of direct clinical involvement required of ACOs should help distinguish them
from an IPA-model HMO, should the need arise.
Even if clearly applicable to ACO credentialing and peer review, the PRPA can be seen
as offering only a patchwork of protections. Pennsylvania courts have chipped away at the peer
review protections even in those healthcare settings that are squarely covered by the PRPA. The
only clear zone of protection is the minutes and records of formal meetings of peer review
committees. As defined by the Pennsylvania courts, a “review committee” is not just an
individual, or even an informal gathering of persons, but rather, is a committee that has been
established by some definitive action prior to the time of the review.27 In order to be covered by
26
Fanelli v. Independence Blue Cross, 75 Pa. D. & C.4th 10 (Phila. C.C.P. 2005)
(holding that the PRPA confidentiality provisions did not extend to the Independence Blue Cross
Credentials Committee).
27
Steinbacher v. Mariano, 19 Pa. D & C.4th 399, 405-06 (Lycoming C.C.P. 1992);
Mazzucca v. Methodist Hospital, 47 Pa. D & C.3d 55, 60 (Phila. CCP 1986).
12
the Act, the record must be the product of that peer review committee and relate to the matter
which is the subject of review.28 A memorandum prepared by a Department Chair on his own
initiative, addressed to himself, is not peer review protected.29 Likewise, documents created
during a meeting of hospital personnel to evaluate the causes of an adverse event are not
protected if the group was not formally constituted or identified as a “peer review committee”
and there was no formal record created of the meeting.30
Moreover, even records of peer
review committees that clearly fall within the scope of the PRPA’s protections may be
discoverable if copies are maintained in a facility’s “administrative files” as opposed to the
formal committee records.31 The privilege can also potentially be “waived” by providing to an
outside party such as, e.g., the Pennsylvania Department of Health.32 When evaluating and
deciding on whether or not specific documents are peer review protected, courts closely examine
the entity’s bylaws, policies and procedures to determine how the entity itself defines and
maintains peer review privileged documents.33
Thus, ACOs cannot simply assume that their peer review materials will be protected
under the PRPA. Rather, they should work with counsel to carefully establish and document the
system of peer review oversight so as to maximize the available protections and position
Forrest v. St. Luke’s Hospital, 73 Pa. D & C.4th 353, 355 n.1 (Lehigh C.C.P.
2005); Treible v. Lehigh Valley Hospital Inc., 75 Pa. D & C.4th 22, 27-28 (Lehigh C.C.P. 2005).
29
Mazzucca, 47 Pa. D & C.3d at 60-63.
30
Johnson v. Wiseman, 46 Pa. D & C.4th 532, 535-36 (Bradford C.C.P. 2000);
Forrest, 73 Pa. D & C.4th at 355 n.1.
31
Short v. Pavlides, 33 Pa. D. & C.4th 118, 126 (Phila. C.C.P. 1996); Fowler v.
Pirris, 34 Pa. D. & C.3d 530, 533-37 (Washington C.C.P. 1981); Resnick v. Hahnemann
University Hospital, 28 Phila. 561, 566-69 (Phila. C.C.P. 1995); but see Troescher v. Grody, 869
A.2d 1014, 1021-23 (Pa. Super. Ct. 2005) (PRPA protects the confidentiality of a document
created for a peer review committee, even if the author of that document maintains a copy of it in
his/her confidential file).
32
Rosser v. Feldman, 38 Pa. D. & C.4th 353, 354-55 (Lackawanna C.C.P. 1998).
33
See Steinbacher, 19 Pa. D & C.4th at 406; Mazzucca, 47 Pa. D & C.3d at 58-61.
28
13
themselves to argue successfully in court that, notwithstanding McClellan and the lower court
decisions cited herein, that the ACO’s credentialing and peer review activities are precisely the
types of activities that the Pennsylvania legislature designed the PRPA to promote and protect.
IV.
HCQIA Immunity and Reporting for ACOs
ACOs need to carefully evaluate their potential rights and obligations under the federal
Healthcare Quality Improvement Act, 42 U.S.C. §§ 11101 et seq., (HCQIA) with regard to
credentialing and peer review of ACO participants. HCQIA was enacted by Congress in 1998
as a means of furthering quality health care nationally by “restrict[ing] the ability of incompetent
physicians to move from State to State without disclosure or discovery of the physician’s
previous damaging or incompetent performance.” 42 U.S.C. § 11101.
Except in the small number of states that have rejected HCQIA’s federal statutory
scheme in favor of their own, more stringent, peer review requirements,34 HCQIA provides
federal immunity from damages actions to “health care entities” that take “professional review
action” (including adverse credentialing and peer review decisions) in accordance with HCQIA’s
statutory provisions.35 It also requires “health care entities” to report the adverse results of those
professional review actions to the National Practitioner Data Bank, 42 U.S.C. § 11133 (NPDB),
and provides immunity for such reporting.36
34
For an entity that is subject to
HCQIA’s
Under HCQIA, states do have the option of rejecting the federal HCQIA
requirements, in favor of their own, more stringent, peer review protections. 42 U.S.C. §
11115(a). A small minority of states have opted to do so, including Maryland (MD. COURTS
AND JUDICIAL PROCEEDINGS CODE ANN. § 5-637 immunizes peer reviewers from civil
liability, provided they acted in good faith and within the scope of the jurisdiction of a medical
review committee), Georgia (GA. CODE ANN. § 31-7-132 provides criminal and civil immunity
to persons performing peer review activities, so long as they did not act with malice), and Illinois
(225 ILCS 60/5 provides peer reviewers with immunity from civil damages, provided they did
not engage in willful or wanton misconduct).
35
42 U.S.C. §§ 11111-11112.
36
Id. § 11137(c).
14
provisions, the statutory consequence of either (i) failing to perform a professional review action
in the manner prescribed by HCQIA or (ii) failing to report to the NPDB, is loss of HCQIA’s
immunity protections.37
The threshold question for an ACO is whether it can or should qualify as a “health care
entity” for purposes of HCQIA immunity and reporting. As set forth below, at least some ACOs
likely can qualify as HCQIA “health care entities.” The question as to whether an ACO will
choose to qualify is more involved, and it is likely that ACOs will opt for different approaches
depending on their particular structures, cultures and circumstances.
A HCQIA “health care entity” is statutorily defined as an entity (including a health
maintenance organization or group medical practice) that (i) provides health care services and
(ii) follows a formal peer review process for the purpose of furthering quality health care. 38
Under HCQIA, the term “provides health care services” means “the delivery of health care
services through any of a broad array of coverage arrangements or other relationships with
practitioners either by employing them directly, or through contractual or other arrangements.39
The term is broadly applied to include managed care entities such as an HMO or PPO, so long as
it implements and follows a formal peer review process. 40
Since ACOs bear many
commonalities with HMOs and PPOS, in the sense of bringing a wide spectrum of providers
together to provide coordinated and “managed” care, based on HCQIA’s broad definitions, it
would appear that most ACOs will be able to qualify as “health care entities” so long as they are
structured to perform formal credentialing and peer review.
37
Id. § 11133(c).
Id. § 11151(4)(A); 45 C.F.R. § 60.3.
39
U.S. DEPT. OF HEALTH & HUMAN SERVICES, HEALTH RESOURCES & SERVICES
ADMINISTRATION, DIVISION OF QUALITY ASSURANCE, NATIONAL PRACTITIONER DATA BANK
GUIDEBOOK, at B-2 (Publication No. HRSA-95-255, Sept. 2001) (“NPDB GUIDEBOOK”).
40
Id.
38
15
While hospitals are automatically subject to HCQIA’s immunity, reporting and querying
provisions, other types of health care entities have a certain latitude in determining whether or
not to follow HCQIA’s mandates. The statute requires providers to make a self-determination as
to whether they meet the definition of “health care entity,” and if so, to register with HRSA,
providing a certification by an official of the organization that they qualify. If the registration is
accepted by HRSA, then a Data Bank Identification Number (DBID) will be issued, thereby
qualifying the provider as a “health care entity” that would be eligible for HCQIA’s immunity
provisions, and enabling the entity to submit reports and queries to the NPDB.41
The determining factor for ACO eligibility to participate in the HCQIA immunity,
reporting and querying provisions will be whether or not the ACO opts to establish a formal peer
review infrastructure, including the provision of hearings (and appeals) for providers for whom
ACO membership may be denied or revoked.
If an ACO opts not to conduct formal
credentialing and peer review, and particularly if it opts not to provide a formal hearing process
such as that outlined in HCQIA, then it may not want to certify itself as a “health care entity”
under HCQIA.
The major upside of not participating in HCQIA is that it relieves the ACO of the
obligation of NPDB reporting, which creates its own liability exposures from adversely impacted
providers, most of whom ascribe to the common view of Databank reporting as professional
“poison.”
Many hospitals and other healthcare entities regard the need to report adverse
credentialing and peer review decisions to the NPDB as having the unfortunate and unintended
consequence of chilling, rather than promoting, adverse professional review action. Because of
the generally held perception (accurate or not) that a negative Databank report will have
41
Id. at B-4-B-5.
16
catastrophic professional consequences, physicians will often, at a minimum, invoke the
cumbersome hearing and appeal process to challenge adverse action, and when they do not
succeed at that level, frequently resort to litigation for equitable relief and damages for injury to
reputation.
Although HCQIA provides immunity from damages both for good faith reporting
and for taking the underlying peer review action itself, its immunity provisions are incomplete,
and costly and disruptive litigation is generally anticipated to flow from adverse professional
review action.
A major downside of not registering as a HCQIA health care entity is that the ACO will
(i) be unable to query the Databank, and (ii) be ineligible for HCQIA immunity in terminating
ACO Participants and revoking their privileges. The NPDB report does provide a valuable
“snapshot” of the practitioner’s malpractice verdicts/settlements and any prior reported licensure
and hospital adverse actions, information which, unless it is self-disclosed by the practitioner, is
not readily available through other means. The NPDB query is a commonly used tool for
“vetting” physicians because it is an available external source for a physician’s confidential
malpractice and disciplinary history, and thus has valuable information that an ACO would be
unable to secure independently (unless it has chosen to delegate the credentialing function to a
closely affiliated entity, such as a participating hospital). Indeed, many payers require their
participating providers to routinely query the NPDB, as a basic component of the credentialing
process. There is significant external pressure being brought to bear on all healthcare providers
to do effective credentialing as a way of protecting patient safety, and an ACO would be
particularly susceptible to such external pressure, given the centrality of its focus on quality of
care.
17
Likewise the HCQIA immunity may be particularly valuable to ACOs – particularly
immunity from claims for treble damages under the federal antitrust laws. ACOs are susceptible
to physician antitrust litigation (with its high defense costs and treble damages exposures)
because ACOs are designed to be selective and nimble in evaluating and intervening with regard
to physicians who undermine the success of the ACO by, for instance, failing to adhere to
clinical protocols or coordination of care policies. Moreover, the antitrust exposure can be
expected to increase as the ACO achieves success and market dominance in a particular region.
Thus, there are significant ramifications that flow from an ACO’s choice to register, or
not register, as a HCQIA health care entity.
Once an ACO chooses to participate as a HCQIA entity, the ACO must be prepared to
both query and report to the Databank as required under the Act, and to perform its credentialing
and peer review functions, in a manner that will meet the minimum requirements for HCQIA
immunity for “professional review actions,” which require that any adverse action have been
taken:
(1)
in the reasonable belief that the action was in furtherance of quality healthcare;
(2)
after a reasonable effort to obtain the facts of the matter,
(3)
after adequate notice and hearing procedures are afforded to the physician under
the circumstances, and
(4)
in the reasonable belief that the action was warranted by the facts known after
such reasonable effort to obtain facts and after meeting the notice and hearing
requirement.42
42
42 U.S.C. § 11112.
18
Each of these elements has been litigated extensively and refined through court interpretation,
and the statute itself provides a safe harbor interpretation of “adequate notice and hearing
procedures.” 43 ACOs that choose to operate within the HCQIA framework will need to ensure
that they have implemented a process that, from the initiation of the investigation through
hearing and final decision-making will meet these parameters.
V.
Adoption and Enforcement of Evidence-Based Protocols
The key to an ACO’s success in achieving its quality objectives (and associated financial
rewards) will be its ability to adopt and enforce evidence-based protocols for the coordination of
care among the diverse participants in the ACO. This will require three structural elements:

up-front commitment to be bound by the ACO’s duly adopted evidence-based
protocols through the ACO governance documents -- whether in the form of
contracts, bylaws or binding policies;

procedures for generating evidence-based protocols that will maximize their
effectiveness and acceptance by the ACO participants; and
The “safe harbor” requirements for adequate notice and hearing, are as follows:
(1) Notice of proposed Action. The physician has been given notice stating – (A)(i) that a
professional review action has been proposed to be taken against the physician, (ii) the reasons
for the action, (B)(i) that the physician has the right to request a hearing on the proposed action,
(ii) any time limit (of not less than 30 days) within which to request such a hearing, and (C) a
summary of the rights in the hearing. (2) Notice of Hearing. If a hearing is requested on a
timely basis under paragraph (1)(B) – (A) subject to paragraph (B), the hearing shall be held (as
determined by the health care entity) – (i) before an arbitrator mutually acceptable to the
physician and the health care entity, (ii) before a hearing officer who is appointed by the entity
and who is not in direct economic competition with the physician involved, or (iii) before a panel
of individuals who are appointed by the entity and are not in direct competition with the
physician involved; (B) the right to the hearing may be forfeited if the physician fails, without
good cause, to appear; (C) in the hearing the physician involved has the right – (i) to
representation by an attorney or other person of the physician’s choice, (ii) to have a record made
of the proceedings, copies of which may be obtained by the physician upon payment of
reasonable charges associated with the preparation thereof, (iii) to call, examine and crossexamine witnesses, (iv) to present evidence determined to be relevant by the hearing officer,
regardless of its admissibility in a court of law, and (v) to submit a written statement at the close
of the hearing; and (D) upon the completion of the hearing, the physician involved has the right –
(i) to receive the written recommendation of the arbitrator, officer, or panel, including a
statement of the basis for the recommendations, and (ii) to receive a written decision of the
health care entity, including a statement of the basis for the decision. Id. § 11112(b).
43
19

rigorous enforcement, e.g., through the peer review process articulated above.
The binding agreement to follow the ACO’s evidence-based protocols serves two
important functions. First, it builds in the commitment to evidence-based protocols as a
foundational element of the ACO. Specifically, providers acknowledge and agree that, by
joining the ACO, they are relinquishing a degree of medical autonomy and entering a system of
care in which their medical decision-making is pre-determined to some extent by the system’s
needs for efficiency and coordination. Providers that are unwilling to relinquish their medical
autonomy to that degree should opt not to participate in the ACO. Second, the binding
agreement to follow the ACO’s evidence-based protocols provides the ACO the authority it
needs to discipline or terminate a provider who has joined but refuses to follow the ACO
protocols. ACO participants who willfully refuse to adhere to the ACO’s approved evidencebased protocols cannot be heard to complain that they are being unfairly singled out or
disciplined, if the foundational documents that they agreed to when they joined the ACO make it
crystal clear that lack of adherence will lead to such disciplinary action.
The ACO’s evidence-based protocols must be designed through a process that generates
confidence in them by the ACO participants. This likely requires a cross-section of providers
who have the necessary knowledge-base to design processes that will foster quality and
efficiency within a system of care. Moreover, evidence-based protocols cannot be seen as static
tools, but must be continuously reviewed and refined in the actual practice setting in which they
are being utilized.
Ideally, an ACO will be in a position to generate and review clinical practice
data that will enable it to evaluate the efficacy of its protocols in real time, and make
improvements where necessary. Such data can be compiled electronically, through a systemwide Electronic Medical Record system if the ACO has one, or it can be compiled through more
traditional chart review or sentinel event “root cause analysis.” Whatever the methods used, the
20
dynamic use of evidence-based protocols to promote a highly coordinated system of care should
be what drives the ACO’s quality program.
Finally, as discussed above, an ACO should be committed to rigorous enforcement of its
evidence-based protocols as the means of achieving its quality objectives. We emphasize that
“rigorous” enforcement does not mean “blind” enforcement. When deviations from evidencebased protocols occur the initial step should always be an inquiry into “why” the deviations
occurred and whether they are reflective of a weakness in the protocol or practical hurdle that
can be overcome through a redesign or retraining process. The vast majority of any peer review
effort should be focused on improving the system of care through improved coordination
between and among the group of providers. In our view, an effective peer review process in this
setting is 88% percent refinement of the protocols and education of the provider team, 10%
practitioner-targeted informal corrective action (including education and proctoring) and ideally,
only 1-2% any type of formal discipline (up to and including termination from the ACO).
An ACO’s success may depend on how effectively it manages the cultural change that is
required for practitioners to come to see themselves in isolation but as participants in a defined
and coordinated system of care. Those ACOs that are participants in the Medicare Shared
Savings Program or other payer incentive program will have a financial incentive to make the
necessary cultural shift. However, whether or not those financial incentives exist, direct
involvement in the design and ongoing improvement of the system may be another important
means of securing the practitioners’ commitment to the new system.
VI.
The use of PSOs for Aggregating and Analyzing ACO Quality Data.
One of the methods that ACOs may want to consider in order to enhance their ability to
analyze quality data is a Patient Safety Organization (PSO), as defined by the federal Patient
21
Safety and Quality Improvement Act of 2005 (PSQIA)44 and its implementing regulations.45 A
PSO is an entity that collects and analyzes healthcare data for the purpose of improving patient
safety through clinical protocols and best practices.46 The system for evaluating information
and developing clinical protocols and best practices is called a Patient Safety Evaluation System,
or PSES.47 PSOs may be freestanding entities that provide no other services, or may be
components of other healthcare organizations.48 PSOs and their work product enjoy substantial
confidentiality and privilege protections under federal law, which were put in place to help
promote their use by healthcare providers.49 However, as will be discussed in this section, the
security, confidentiality and privilege requirements are restrictive, and consequently entities must
be cautious in how they utilize PSOs and the patient safety information that they generate, so as
not to inadvertently run afoul of the statutory requirements by attempting to define and use the
PSO and its PSES too broadly.
The security requirements mandate that the PSO have policies, procedures and processes
in place to ensure that PSWP is received, accessed, processed, developed, used, maintained,
stored, removed, disclosed, transmitted and destroyed in a manner that maintains its
confidentiality and ensures that it is not accessed or used outside the confines of the PSO.50 The
confidentiality provisions mandate that PSWP must be kept confidential and may not be
44
42 U.S.C. §§ 299b-21-299b-26.
42 C.F.R. §§ 3.10 et seq. These became effective in January, 2009.
46
Id. § 3.20 (Definitions - Patient safety organization and Patient safety activities).
In order to be recognized as a PSO for purposes of the PSQIA, an entity must meet the
requirements for public listing as such by the federal Agency for Healthcare Research and
Quality (AHRQ), and be listed on its public web-site.
47
Id. § 3.20 (Definitions - Patient safety evaluation system).
48
Id. § 3.20 (Definitions - Component organization and Component PSO); Id. §
3.102(a)-(b).
49
Id. §§ 3.204-3.212.
50
Id. § 3.106 (Security requirements).
45
22
disclosed except in very limited circumstances, such as for use in criminal proceedings or
equitable actions to vindicate rights established by the PSQIA (such as freedom from retaliation
from reporting into the PSO).51 Likewise, the extensive privilege protections preclude the use of
any PSWP in administrative or court proceedings, except in very limited circumstances, such as
criminal proceedings or the types of equitable actions referenced above.52
The core functions of a PSO are the gathering and analysis of quality data, and the
generation of protocols and best practices to improve the quality of care. ACOs may want to
consider placing that component of their operations that consists of gathering and analyzing data
and generating evidence-based protocols into either a component PSO or a separate, freestanding
PSO. However, a potential downside to using a PSO for this purpose is that it creates a more
“arms-length” process for analyzing and developing evidence-based protocols, whereas what
may actually be more effective is a more direct, hands-on approach. For instance, in order to
maintain a component PSO, an entity must be able to certify the following:

The component PSO maintains its Patient Safety Work Product (PSWP) separately
from the rest of the organization, and has established security measures to maintain its
confidentiality;

Members of the component PSO workforce may not make unauthorized disclosures
of PSWP to rest of the ACO;

The mission of the component PSO is not in conflict with that of the ACO as a whole;

There is a written agreement between the component PSO and any individuals or
units of the ACO to which the component PSO discloses PSWP that clearly sets forth
the parameters within which the PSWP is disclosed and how all of the other
requirements will continue to be met;

The component PSO does not share staff with the rest of the ACO.53
51
52
53
Id. § 3.206.
Id. § 3.204.
Id. § 3.102(c).
23
These restrictions could hamper the free flow of information between the ACO and its
component PSO (or an external PSO), which might diminish from the ACO’s ability to act
nimbly in response to quality data generated “in the field.”
An ACO might consider, as other entities have done, defining its entire operations as a
PSO, thereby enabling it to freely share and act upon PSWP internally without fear of breaching
the confidentiality and privilege obligations by doing so. This may be a workable approach,
since ACOs are generally defined and regarded as entities formed for the primary purpose of
improving quality of care. However, making the entire entity into a PSO also creates operational
and administrative challenges, particularly with regard to the ACO’s compliance with the
security, confidentiality and privilege requirements, and should not be undertaken without a
very carefully defined plan for maintaining and managing the flow of PSWP within the
organization.
ACOs need to bear in mind that, whether they choose to use a freestanding PSO, a
component PSO or to define themselves as the PSO, the privilege provisions of the PSO
regulations could make it difficult for an ACO to take adverse action against an ACO participant
based on quality data that is part of the PSWP that enters into or is generated by the PSES.
Specifically, PSWP is privileged and not subject to discovery or introduction into evidence in
any civil proceeding under federal or state law.54 While this provision protects an ACO from
the use of PSWP in a malpractice case against it or one of its providers, it also precludes the
ACO from using it to defend itself from an action brought by an ACO participant seeking to
challenge discipline or termination based on quality data that was generated by the PSO and
therefore constitutes PSWP. Thus, although an ACO could use the information internally to
54
Id. §§ 3.204(a)(2); 3.204(a)(4).
24
discipline or terminate the ACO participant, it would be unable to defend itself substantively in
any subsequent legal action, without incurring risk of a civil penalty or de-listing as a PSO.55
This could create unacceptable legal exposure for any ACO seeking to enforce its evidencebased protocols through physician discipline or termination. 56 Although we have noted above
that physician discipline or termination should be considered only as a last resort and necessary
only in a tiny minority of cases, the mere knowledge that discipline and termination are genuine
potential outcomes, is often helpful in solidifying the ACO’s commitment to quality oversight
and enforcement.
In short, ACOs may find it helpful to develop a of PSO arrangement for the purpose of
analyzing quality data and generating best practices and evidence-based protocols. If this path is
pursued, considerable care should be taken in defining the PSO framework, and setting up a
PSES that will enable the ACO to obtain the benefits of the PSO while adhering to its many
requirements for security, confidentiality and privilege of the PSWP generated by the PSO.
VII.
Conclusion
ACOs offer the opportunity for physicians and other providers to develop coordinated,
systems-based care that may help foster quality and efficiency while reducing the overall cost of
care. The framework for credentialing and peer review discussed in this article will assist ACOs
55
The sanctions for disclosing identifiable PSWP in knowing or reckless violation
of the confidentiality provisions is a civil penalty of up to $11,000, in addition to any other
penalties prescribed by law. Id. §§ 3.402(a); 3.404(b); 3.418. In addition, a PSO may be delisted based on a finding that it is not fulfilling its certifications, including the certifications
pertaining to privilege and confidentiality. Id. § 3.108.
56
PSQIA does permit disclosure of PSWP if all providers identified in the PSWP
sign written authorizations to permit it. Id. § 3.206(b)(3). However, it might be risky for an
ACO to count on obtaining such permission from all identified providers in the event of
litigation with a disciplined or terminated ACO participant.
25
to position themselves to meet their own quality objectives as ACOs, and to participate in the
financial rewards arising from the Medicare Shared Savings Program.
26
Related documents
What is an Accountable Care Organization?
What is an Accountable Care Organization?
Foundations for a Successful Patient
Foundations for a Successful Patient
Resource - Indiana Rural Health Association
Resource - Indiana Rural Health Association
Slides - New Mexico Academy of Family Physicians
Slides - New Mexico Academy of Family Physicians
Webinar Slides: Frank Belsito, DO, and James Dearing, DO
Webinar Slides: Frank Belsito, DO, and James Dearing, DO
Download
advertisement