The Most Important Compliance Best Practices You Need to Know

One of the most important issues facing health care executives today is the demand for health services from an increasing number of patients with Limited English Proficiency (LEP). The design community is challenged to develop design tools and methodologies that will enable those with LEP and limited literacy access to health services. Universal symbols are an effective design tool to help visitors navigate health facilities.

This document was developed by the Provincial Infectious Diseases Advisory Committee (PIDAC). PIDAC is a multidisciplinary scientific advisory body who provide to the Chief Medical Officer of Health evidence-based advice regarding multiple aspects of infectious disease identification, prevention and control. PIDAC’s work is guided by the best available evidence and updated as required. Best Practice documents and tools produced by PIDAC reflect consensus positions on what the committee deems prudent practice and are made available as a resource to the public health and health care providers.

Mar 22, 2010 – Hollywood, FL - Interview with: Gerald Bowe, Chief Executive Officer, COHR Inc. (DBA Masterplan, ReMedPar and MESA)

Running a hospital requires clockwork precision and attention to detail. One problematic machine can delay patients and staff, disrupt the processes in place and potentially jeopardize patient safety. A mechanical hiccup also translates to a loss of revenue, says Gerald Bowe, Chief Executive Officer at Masterplan Inc. A solution provider at the marcus evans National Healthcare CXO Summit Spring 2010 taking place in Florida, April 25-27, 2010, Bowe considers cost reduction strategies that healthcare CEOs could implement to ensure a steady revenue stream.

The progress of the information revolution in clinical health care has been slow compared with its advance in fields such as financial services, manufacturing, architectural design, and transportation. Computerized data processing came first to the financial aspects of health care, including clinical billing systems. Clinical laboratories, radiology, and research absorbed the new and powerful tools made possible by computer technology. Clinicians were dragged reluctantly into compliance with diagnostic-related groups (DRGs) and Current Procedural Terminology (CPT). Reluctance was followed by dismay when use of DRGs and CPT led to the creation of massive pooled databases of clinical information and the documentation of significant variations in quality, cost, efficiency, and outcomes.

The advent of virtually free Internet access has opened large vistas of health care information to those willing to invest a small amount of time and energy learning how to perform searches using browser software. Health care providers, organizations, and professional associations, among many others, publish "best practices" information for both administrative and clinical audiences, making these recommendations among the fastest-growing types of health care information appearing on the World Wide Web. The problem is how to find best practices among the wealth of resources on the Internet and then how to separate the proverbial wheat from the chaff.

WHO IS SEEKING BEST PRACTICES ON THE INTERNET?

Best practice describes a process or technique whose employment results in improved patient and/or organizational outcomes. Health care providers, managed care organizations, administrators, payers, and policy analysts are all interested in improving the quality of health care and are likely to be customers of best practices informational resources.

HOW TO EVALUATE THE QUALITY OF BEST PRACTICES INFORMATION?

Once the information is available on the Internet, the problem for the searcher shifts from one of quantity to quality. The best practices information seeker should stop and ask a number of questions about the quality of information, its sources, and the methods used to obtain it. CONCLUSION: The "truth" may be out there some-where in cyberspace, but locating best practices information and evaluating its quality require new skills and patience and time to practice and develop them to the point of efficiency.

Source: http://www.ncbi.nlm.nih.gov/pubmed/9476203

 

We are all searching for the best practices in value analysis in order to obtain greater savings yields and quality gains. The question is where and how can we find them? To speed up your search I am of feting you 10 of the top value analysis best practices that we have observed or initiated at healthcare organizations throughout the country that will move your supply value analysis program to the next level of savings and quality:

1. Team-based:

Value teams are now coming into their own throughout the country became they make more sense than value analysis committees. Value teams get the job done faster and better by involving customers, stakeholders and experts who understand their products, services and technologies much better than a committee member or members collectively can or should.

2. Extensive training:

Value analysis is an art and a science with a 63-year history that requires 40 to 80 hours of classroom and just-in-time training to truly become proficient in this discipline. Healthcare organizations that are making this investment in training their value teams are receiving a minimum of41:1 ROI for their efforts.

3. Standardized process:

Too many hospitals are "Winging It" when it comes to value analysis, whereas, best practice hospitals have a defined value methodology that their value team members follow religiously on each and every value study that they perform. By adding this discipline to their value analysis program best-practice hospitals are realizing 6 percent to 9 percent savings annually in addition to greater quality gains.

4. Function oriented:

Value analysis is the study of function and the search for alternatives, not price. Value analysis goes beyond price to identify the true requirements of your customers and meets those requirements at the lowest possible cost. Best-practice hospitals who understand this important differentiation are saving on average 26 percent on each commodity group they study.

5. Customer focused:

Value analysis begins and ends with the customer at best practice hospitals. However, spelling out just what products, services and technologies will meet our customer's exact requirements is the real challenge. This challenge is being met through utilizing techniques, such as, the Value Analysis/Value Engineering Customer Mapping process. This process helps to truly understand a customer's exact requirements, and then positions customers for the change(s) that you will be proposing to them with your value justifications.

6. Clinician ownership:

The No. 1 challenge for value analysis practitioners in healthcare today is obtaining buy-in from their clinicians on product, service and technology changes that they are recommending. Yet best-practice hospitals have solved this challenge by having their clinicians customize the product, service and technology they are purchasing, as opposed to standardizing on products, services and technologies they won't accept or buy-into.

7. Strategic planning driven:

Most value analysis programs focus their efforts on their group purchasing organization contracts and requisition driven offerings, whereas best-practice hospitals strategically plan their value analysis candidates and target their savings. This results in the strategic planning driven value analysis programs saving 10 to 15 times more than GPO and requisition driven value analysis programs.

8. Outcome-based results:

Best-practice hospitals track their value analysis savings and quality gains through agreed upon metrics and milestones with their executive management team in order to enforce discipline and ensure that outcome-based goals are met and/or exceeded.

9. Decision support:

Real-time data, in an organized, structured and cleansed format, is provided by best-practice hospitals for their value team members to use to data mine for the gold nuggets that surface with data driven value studies.

10. Knowledge management:

Best-practice hospitals capture all value studies documentation in a centralized electronic database to be shared with all internal and external collaboration partners, as opposed to reinventing the wheel year after year.

These 10 best practices in value analysis represent the forefront of system thinking on value analysis in healthcare today. If your hospital wants to be on the cutting edge of this maturing discipline you will need to adopt all or most of these best practices in order for you to move to the next level of supply chain performance. To quote Kenichi Ohmae, known as Japan's only management gum, rowing harder doesn't help if the boat is headed in the wrong direction." So let these 10 best practices guide you to grow faster, smoother and easier with your value analysis program and in the right direction.

Source: http://findarticles.com/p/articles/mi_m0BPC/is_7_29/ai_n14735115/

 

Many changes have and will continue to occur in how your family will receive health services. One important change is the use of managed care plans, such as health maintenance organizations (HMOs) and preferred provider organizations (PPOs), by employers and state Medicaid agencies. This article answers some of the most frequently asked questions about effectively using managed care plans.

 

Pfizer is penalized for violating U.S. racketeering law. The drug giant now, has to pay a hefty amount of $142.1 million for promoting Neurontin for unapproved uses, illegally. In last few months, the world has witnessed many similar cases where the drug making companies are getting more and more involved with illegal or noncompliant means of producing drugs, which often bring these companies into limelight and brought down their reputation. This article highlights the pharma companies that have been under the spotlight for non-compliance so far this year.

Physician-patient relationship is perhaps on a verge of losing its eternal sacrosanct essence. Utmost dependence of a patient with all his personal and intimate information on a doctor will have to see an end as an increasing numbers of incidents of breaching patients’ confidentiality are being recorded from almost all corners of the word, and surprisingly the number is on rise!
 

Almost everyday’s newspaper brings to us the news of breaching patient confidentiality, but how many of us are truly aware of its effect? Let’s take a ride to this article and try to explore some unknown corners of patient confidentiality, its meaning, significance and impact of breaching..let’s explore who breaches and why…so that next time we become sincere (finicky?) before sharing our information (if patient) or will give a little effort to maintain the data in a more proper way (if staff/doctor).
 

What is Patient Confidentiality?
 

According to the American Medical Association, “Confidentiality is the right of an individual to have personal, identifiable medical information kept private. Such information should be available only to the physician of record and other health care and insurance personnel as necessary.”
 

If put in simple words, patient confidentiality means when a patient reveals his personal and medical information to a healthcare provider, that has to be kept with maximum care so that the information do not get divulged to others. Only with specific permission of the patient, his information can be disclosed to others.

Knowing a patient’s full information helps a doctor to provide better diagnosis and improved care. Therefore, knowing a patient’s medical history is a doctor’s right. Likewise, when a patient reveals his personal info, he expects it to be protected by the doctor. Hence, it is the physician’s duty to keep patient’s information confidential and let the patient enjoy access to a better treatment.
 

What is a Breach of Patient Confidentiality?

Breach of patient confidentiality refers to incident where patient’s confidential information, learned by the doctor within the physician-patient relationship, is divulged to a third party without the former’s consent or court order.

Breaching can be oral, written, or done via telephone or fax, or electronically by using email or health information network. Importantly, the medium of disclosure is not important but special security requirements may apply to the electronic transfer of information.

HIPAA and Patient Confidentiality

HIPAA Privacy Rule was introduced to ensure the privacy and protection of personal information of the patients held by physicians, hospitals and its staffs. HIPAA also provides a range of rights with respect to personal information. At the same time, the Privacy Rule permits the disclosure of personal health information when needed for patient care and other important purposes.

The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information.

As per the Health Insurance Portability and Accountability Act (HIPAA) of 1996, all professionals and organizations are to guard the privacy of their patients and customers. Employees at all levels are required to maintain confidentiality with integrity.

Not only HIPAA, in other countries like in UK, a similar Act, Patient confidentiality and Access to Health Records is also there to protect patients’ confidentiality.  This law functions under the Data Protection Act, 1998. This rule says, “Patient information is generally held under legal and ethical obligations of confidentiality. Information provided in confidence should not be used or disclosed in a form that might identify a patient without his or her consent. There are a number of exceptions to this rule but it applies in most circumstances”.

In India also, Privacy and the Right to Information Act, 2005 holds high the significance of individual`s right to privacy in general, and especially in health-related matters.

Impact of Patient Confidentiality Breaching

According to UK government, organizations failed to comply with the Data Protection Act can face a fine of up to £5K in magistrates courts, unlimited fines in higher courts and even face legalities in charge of violating Human Rights Act.  Moreover, there are possibilities that the organization may be told to stop using the data they gather.

Failure to comply with HIPAA can result in civil and criminal penalties (42 USC § 1320d-5). The “American Recovery and Reinvestment Act of 2009”(ARRA) that was signed into law on February 17, 2009, established a tiered civil penalty structure for HIPAA violations. Under this rule, the organization, violating HIPAA is supposed to give penalty of $100 per violation, with an annual maximum of $25,000 for repeat violations to $50,000 per violation, with an annual maximum of $1.5 million.

In June 2005, the U.S. Department of Justice (DOJ) clarified criminally liability of breaking HIPAA. Organizations and specified individuals, who "knowingly" obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations, can be penalized with a fine of up to $50,000, as well as can be imprisoned for up to one year.

Cases of Patient Confidentiality Breach
 

• Breach of Britney Spears patient data reported (March, 2008)
  New York Times published that employees accessed confidential medical records of pop star Britney Spears during her stay at UCLA Medical Center.

• GPs fear breach of secret patient data
  In UK, doctors blamed health officials for risking a breach in thousands of patients' medical records through a new system being pioneered in Stoke-on-Trent.

• Estimated 500,000 BlueCross members at risk for identity theft (October, 2009)
  Health Imaging revealed, the October data security breach at a Chattanooga, Tenn. office threatened an estimated 500,000 BlueCross members’ of identifies theft. While most of the at-risk members reside in Tennessee, BlueCross has identified 32 states with 500 or more members whose data may be at risk as of Jan. 8.
  

• Kaiser Hospital Fined $250,000 for Privacy Breach in Octuplet Case  (December 2009)
  An external electronic data storage device containing patient health information for approximately 15,500 Northern California members of health insurance company Kaiser Permanente got stolen from an employee’s car at the employee’s home in Sacramento, Calif.

• Non-medical staff 'have access to health records' (March 2010)
  BBC News reveals, At least 100,000 non-medical staff in NHS trusts have access to confidential patient records.
   

Can Breaching Be Stopped?

Breaching of patient confidentiality can be stopped if addressed properly. If you are an owner of a healthcare organization, following steps can provide you with a good result:

Train Your Staff

Organizations can’t assure confidentiality, integrity, and availability of information without “ensuring that each person involved understands their roles and responsibilities and is adequately trained to perform them, therefore implement a security awareness and training program for workforce, including management

Establish and Check Workforce Clearance Procedures

Before giving access to your organization’s confidential database, check your employee’s criminal background.

Use Improved Security Measure

To restrict employees’ access to your confidential start using improved security measures. The new technologically sound security measures will help you cut or limit your employee’s access.

Effective Workforce Termination

Adhere to a policy that terminates your employee’s access to building, computer and health related protected information, soon as you terminate the person.

Review System Activity

Conduct technical audits and do a regular checking of your systems’ activities. Regular tracking may help you know the access of your employees.

Keep Data in Encrypted Mode

Provide password to all important data to protect them from theft.

Periodic Security Reminder

Use a security reminder to help you keep your employees vigilant about data theft.

Finally, discuss consequences of theft! Let workforce know what measure company can take when someone breaks the rules. And, make your training program dynamic and part of everyday work routines. Now, with successful implementation of the above mentioned steps, witness a better result in terms of protecting patient data and saving yourself from bad reputation.

Reference:

http://www.issuesinmedicalethics.org/164ar158.html

http://www.dh.gov.uk/en/Managingyourorganisation/Informationpolicy/Patientconfidentialityandcaldicottguardians/DH_702

http://www.ama-assn.org/ama/pub/physician-resources/...

http://www.healthimaging.com/...

http://www.scmagazineus.com/breach-of-britney-spears-patient-data-reported/article/108141/

http://news.bbc.co.uk/2/hi/health/8587898.stm

http://www.cmanet.org/bestpractices/best_practices_6.pdf

 

Finding employee engagement low in your workplace? Consider building trust...Trust is said to be the cornerstone to successful relationships in the workplace and the cornerstone of successful leadership. Without it, relationships break down and people stop working collaboratively. Employee engagement decreases reflecting in your bottom line. This article explains the best practices how to establish and maintain trust in your workplace.

This article outlines key aspects of the overall drug development process with focus on the role of nonclinical safety evaluations at each stage of the development and also provides definitions of key terminology used in nonclinical toxicology. Three key decision points are addressed: Drug discovery (focus on lead optimization), nonclinical (or preclinical) safety evaluations prior to first-in-human studies and clinical development and nonclinical studies required for marketing decisions.

Clinical Trial Data can be collected in any of the following methods: paper or electronic medical records, paper forms completed at a site, interactive voice response systems, local electronic data capture systems, or central web based systems. The quality of the data directly depends on the quality of the instrument used to make measurements. Proper data points collected result in a meaningful analysis of the entire Clinical Trial.

In this article, Charles H. Pierce, a clinical research expert, explains how data and safety monitoring is to be established.  Dr. Pierce also explains how committee members are chosen, and most importantly how to ensure that the member chosen are free from even the perception of a Conflict of Interest and that they will keep the information they acquire strictly confidential.

Software has become part of almost every business process and the scope and complexity of software is increasing every year. Most software is purchased from a vendor and is referred to as commercial off-the-shelf software (COTS). The term “developer” identifies people that create software and for the purposes of this article is equivalent to the vendor. The term “user” identifies people that use software to perform their job.

The developer and users share responsibilities that affect the quality of the software. The developer must create the software to contain the functionality required by the users, and perform developer validation. The users must perform user validation of the software in the context of its application, meaning the business processes that use the software.  Additionally, the user must ensure proper maintenance and control of the software on an ongoing basis.

The requirements of validation from the developer and user perspectives have many steps in common but the focus of each step is different because their perspectives are different. 

Although governance, risk and compliance are separate factors, they each have a significance, relevance and influence on each other. Governance is the umbrella term used to describe the overall framework through which the senior executive management ensure that their organization follows appropriate processes and policies to meet the required standards. Risk Management is the process through which an organization identifies and resolves the gap between the current operational standards and the required operational standards. Compliance is the process that records and monitors the controls, be they physical, logical or organisational, needed to enable compliance with legislative or industry mandates as well as internal policies. Governance, Risk, and Compliance are highly related but distinct activities that solve different problems for different sets of constituents of an organization. Covergence or risk covergence refers to the methodology offered by consulting organizations which brings together the efforst of risk and control assessment groups. GRC convergence is achieved when all assessment groups come to a consensus on the tools, practices, frameworks, common languages and software tools to assist in assessment and reporting. There are no mandated path to achieving complete convergence but following best practices can help realising the desired results.

In ideal risk management, a prioritization process is followed whereby the risks with the greatest loss and the greatest probability of occurring are handled first, and risks with lower probability of occurrence and lower loss are handled in descending order. Risk management should:

• create value.
• be an integral part of organizational processes.
• be part of decision making.
• explicitly address uncertainty.
• be systematic and structured.
• be based on the best available information.
• be tailored.
• take into account human factors.
• be transparent and inclusive.
• be dynamic, iterative and responsive to change.
• be capable of continual improvement and enhancement.

Any effort to fall in-line with compliance is a costly affair. But the consolation is that the cost of non-complaince is even more higher. PCI compliance is also seen as weighing high on cost and resource utilization. Companies falling under the PCI standards are categorised based on the number of transactions they muster annually. The PCI requirements focus on basic computer security including secure infrastructure, password protection, unique ID to name a few. Best practices to PCI compliance lists steps which ensures a smooth run.

Clinical trials on Human participants needs strict vigilance and is conducted under high standards of quality assurance. Quality assurance of clinical trials in South Africa is achieved at a number of levels, through monitoring, audits and inspections. Clinical trials are a joint responsibility of the sponsor and the investigators. A proper comunication channel has to be established between the sponsor and the invetigators at every stage of the trial. Regular audits are necessary to ensure proper processes are followed and all regulatory compliances are considered. Independent regulatory authority may conduct announced or unannounced inspections at any stage of the trial to review the competency of the clinical trial site.

A recent clipping in an English Daily says,“The pace of global warming is likely to be much faster than recent predictions, because industrial greenhouse gas emissions have increased more quickly than expected and higher temperatures are triggering self-reinforcing feedback mechanisms in global ecosystems.” If the nature had a Dow, with global warming increasing its pace, it would be on an all time low.

“We are looking now at a future climate that’s beyond anything we’ve considered seriously in climate model simulations,” says Christopher Field, director of the Carnegie Institution’s Department of Global Ecology at Stanford University, in the same article1. If the current financial crisis is serious, the future is horrendous. The world’s best scientists have been warning — that climate change is happening faster and will bring bigger changes quicker than anticipated. Ironically market and the nature hitting the wall at once, is a sign that we need to find better ways to be more sustainable.

A recent clipping in an English Daily says,“The pace of global warming is likely to be much faster than recent predictions, because industrial greenhouse gas emissions have increased more quickly than expected and higher temperatures are triggering self-reinforcing feedback mechanisms in global ecosystems.” If the nature had a Dow, with global warming increasing its pace, it would be on an all time low. Read on >>