JO - Health Care Compliance Association

More documents

Recommendations

Info

September 2006 14 feature Editor’s note: Lea Cobb, RN, MBA, CHC, CPHQ, CPHRM, CLNC; Director of Compliance and Policy, HIPAA Privacy Officer at Erickson Retirement Communities was interviewed in July by HCCA Board Member Jennifer O’Brien. Lea may be reached by telephone at 443/883-4607. JO: Tell us about your background and the journey that brought you to your current role. LC: I have worked in health care for over 20 years. I began my career and eventual track to compliance as a home health staff nurse working in the acute care hospital setting. After completing my MBA, I started my career in health care management with responsibilities for areas such as quality/peer review, utilization review/case management, patient safety, JCAHO 1 accreditation, and risk management in various health care settings. These settings included rural health clinics, physician practices, home health services, and hospitals. My first compliance position began in 1998, when I became the corporate compliance officer for a hospital in West Virginia. In 2000, I moved from West Virginia to Maryland where I began working in a hospital as the director of risk management and performance improvement, and eventually obtained the corporate compliance officer responsibilities as well. I had the opportunity to begin working for Erickson Retirement Communities, LLC (a continuing care community management and development company) in the Risk Management department with responsibilities for risk management and compliance. This eventually led article Meet Lea Cobb Director of Compliance and Policy, HIPAA Privacy Officer Erickson Retirement Communities to my current position as the Director of Compliance and Policy and HIPAA Privacy Officer. I saw the career move to Erickson Retirement Communities as an exciting challenge, since I had many years of experience in a variety of other health care settings. JO: What are some of your responsibilities as Director of Compliance and Policy? LC: Simply stated, I oversee all on-going compliance and ethics activities throughout the organization. These activities are related to the development, implementation, maintenance of, and adherence to the organization’s policies and procedures governing compliance. The privacy of and access to protected health information and compliance with federal and state laws also falls within the scope of my responsibilities. This includes: conducting an organizational compliance risk assessment; ensuring on-going compliance monitoring activities; reporting compliance activities to the Erickson and community boards and Compliance and Ethics committee; ensuring compliance education and training for all employees, board members, management and professional staff; conducting compliance investigations; and maintaining the organization’s values line. I work closely with the HIPAA security officer to ensure alignment between security and privacy practices, policies and procedures. Health Care Compliance Association • 888-580-8373 • www.hcca-info.org JO: What is your reporting structure? LC: The chief compliance officer reports to our four boards of directors. As the director of compliance and policy and HIPAA privacy officer, I report to the chief compliance officer. Each of the Continuing Care Retirement Communities (CCRCs) has a community compliance liaison who manages compliance responsibilities at the community level. Community management and corporate line of business management also play a roll in the reporting structure of compliance. There is also a HIPAA security officer in the Information Technology department with whom I work on HIPAA initiatives. The Compliance and Ethics committee consists of representatives from legal, health services, finance, compliance, senior campus physicians, information technol-
ogy, human resources, Erickson Advantage, and operations. The Corporate Compliance department consists of four staff members: the chief compliance officer; the director of compliance and policy (a HIPAA privacy officer); the assistant director of coding and compliance; and a project manager. JO: Tell us about Erickson Retirement Communities and the services it provides? LC: Erickson Retirement Communities (www.EricksonCommunities.com) is a development/management company based in Baltimore County, Maryland, since 1983. For middle-income people, the Erickson lifestyle offers unparalleled opportunities and is the best financial and health decision people can make. Our mission is to create communities that celebrate life. The Erickson network currently comprises 18 Continuing Care Retirement Communities (CCRCs). Thirteen campuses in Illinois, Maryland, Massachusetts, Michigan, New Jersey, Pennsylvania, Texas, and Virginia, are home to 17,000 people. New developments in the Chicago, Dallas, and Philadelphia areas will open in 2006, and new sites in the Denver and Kansas City areas are scheduled to open in the coming years. The company is currently pursuing site acquisition opportunities across the U.S. and, by 2025, expects to bring together 750,000 people as residents, customers, and colleagues. Each Erickson CCRC is supported by Erickson HealthSM, the nation’s largest and most completely integrated wellness and health care system for people older than 62 years of age. Nationwide, 2,320 people across the country moved to Erickson CCRC in 2005, and the company added 1,433 new employees, bringing the total to more than 12,000 employees. The company is on pace to reach nearly 20,000 residents by the end of 2006. Comprehensive health services are provided based on the maturity of the CCRC including: certified home health; emergency medical services (emergency response); rehabilitation; assisted living, skilled nursing, long-term care services; and a resident health benefit plan. Each community houses a medical center staffed by primary care physicians who specialize in geriatrics and practice only at Erickson CCRCs. In addition, hospice services will soon be added to the wide array of services available for our residents. JO: What are unique compliance challenges you face working in a CCRC? LC: Compliance risk areas and challenges are similar for most health care facilities. The major challenge for a CCRC is maintaining compliance with regulations in the current atmosphere where CCRCs are not specifically addressed in guidelines or rules and regulations as a single entity. CCRCs are made up of many different health services, all of which need to comply with specific regulations and requirements. Erickson is unique in that we currently have 18 communities spanning 10 states; therefore, communication and follow through are essential. This is where our annual risk assessment becomes a vital tool. Faced with continuous legislative changes, we must be diligent regarding all compliance activities and ensure that our risk assessment process is on-going, not periodic. JO: What are the biggest compliance risk areas for the CCRC? LC: In light of the continuing focus on regulatory compliance, we are committed to ensuring compliance with our requirements under state and federal regulations relating to business ethics, Medicare, HIPAA privacy and security, employment law, and Sarbanes Oxley as it may apply to not-for-profit CCRC’s. Compliance risk is the possibility that an employee will fail to follow an internal policy or procedure or an external law, rule, or regulation that applies to the activity in which they are engaged. It is important that CCRCs have processes, methods and tools in place to deal with the consequences of events that have been identified as significant threats related to fraud, waste, and abuse. Other areas of compliance risk include document management, research, contract management, Medicare D, and the Deficit Reduction Act of 2005. JO: You are also the HIPAA privacy officer. What are some of the most common HIPAA issues you respond to for your organization? LC: The most common HIPAA questions that I have encountered concern uses and disclosures of protected health information. Also, because we are unique and have communities in multiple states, state preemption analyses become a concern and driving force for HIPAA compliance. JO: Where are you in the development of your compliance program? LC: We have a fully developed and comprehensive compliance and ethics program at Erickson. PREVENT is an acronym we use for the seven elements of a compliance program (P = Policies and procedures, R = Responsible person, E = Education and training, V = Venting complaints, E = Enforcement of standards, N = Need for internal audits, T = Taking corrective action) as outlined in the United States Sentencing Guidelines and the Office of Inspector General Compliance Guidances. We want to PREVENT fraud, waste, and abuse. Our program spans all of the health services provided at the CCRCs in addition to incorporating human resources and inter- Continued on page 16 September 2006 Health Care Compliance Association • 888-580-8373 • www.hcca-info.org 15
Page 1 and 2: Volume Eight Number Nine September
Page 3 and 4: ASK John asks the leadership your q
Page 5 and 6: the Health Care Compliance Associat
Page 7 and 8: Health Care Compliance Association
Page 11 and 12: You’re a compliance professional,
Page 13: A-110, or applicable regulation. n
Page 19 and 20: is to make your hotel reservations
Page 21 and 22: September 2006 Health Care Complian
Page 25 and 26: those that have already enrolled in
Page 27 and 28: New Medicare enrollment regulations
Page 29 and 30: New Medicare enrollment regulations
Page 33 and 34: properly documented IRB or Privacy
Page 35 and 36: ment, on the theory that although d
Page 37 and 38: The Health Care Compliance Associat
Page 39 and 40: Register Today! Physician Practice
Page 41 and 42: They also are extremely credible an
Page 43 and 44: FYI ...continued from page 22 Sterr
Page 45 and 46: ■ William Munson, North Colorado
Page 47 and 48: ® SMART2.o : bringing HIM people a

JO - Health Care Compliance Association

Create successful ePaper yourself

Delete template?

Save as template?