Dr. Bob Arnot meet Dr. Bob Arnot meet - Health Care Compliance ...

Volume Four/Number NineSeptember 2002A publication forhealth care complianceprofessionalsmeetDr. Bob ArnotREGISTER TODAY!FOR THE HCCA/AHLA Fraud and Compliance Forum, WASHINGTON, DC–SEP 29-OCT 1, 2002 Forinfo see p.26 or go to conference central on the HCCA Website: http://www.hcca-info.orgINSIDE234691213151718192023Leadership letterOn the calendarStark made easyPayor/Managed CareSIGMeet Dr. Bob ArnotCHC certificantsCEO’s letterNew membersIncreased scrutinyunder corporateresponsibility reformsWeb resourcesFYIInitiative updatePeople on the go

Do we have a chance to dothe right thing, just becauseit is the right thing to do?HIPAAThoughtsAL JOSEPHS2nd Vice PresidentAs we all continue with HIPAA implementation,it has become more apparent that,once we move past April 2003, the role ofmonitoring HIPAA compliance will have to be integrated intoan organization's existing compliance program. TheCompliance Officer will be the most cost-effective choice formonitoring HIPAA compliance. The privacy portions of theregulations will fit easily into a compliance programs monitoringand auditing plans, but how will the security aspects of theregulations be managed?Information technology departments most certainly have theskill sets required to audit and monitor the security regulations,but is that not asking the fox to watch the hen house? Doesthis mean it will be necessary to have independent audits ofour computer security systems? Will security audits be necessaryon an annual basis? Will security audits become a part ofour annual financial statement audits? Will compliance departmentsneed trained staff to monitor security? And, the questionwe all want answered, what will constitute an effective securityand privacy compliance program? Sound familiar?Great questions with no definitive answers–but, helpful nonethe less. Knowing these questions (and others) during theimplementation process enables us to begin to identify thekey components of security and privacy compliance that willmeasure effectiveness. And given the nature of the HIPAApenalties, will effectiveness be an important aspect of HIPAAcompliance?In the spirit of RoseanneRosanna-Danna “what's upwith these HIPAA penalties?”Compliance programs currentlyhelp prevent or mitigate potential damages to organizations(both civil and criminal), but it appears that HIPAAcompliance does not have the same drivers. HIPAA complianceis necessary to prevent small civil damages ($100 per violation,capped at $25,000 for each calendar year), while the“big stick” seems to be criminal penalties (fines and jail time)for breaches of patient privacy. These will fall upon the personwho knowingly uses, causes the use of, obtains, or disclosesIndividually Identifiable Health Information. Have we beengiven the opportunity to act on our own initiative to preservepatient privacy? For those of us (hopefully, the majority of us)that are and have been focused on protecting patient healthinformation, we should applaud the practical approach theHIPAA regulations have taken to encourage cooperation inobtaining compliance, rather than vigorous enforcement withthe threat of large financial penalties. In taking this approach,the HIPAA regulations have given organizations and individualsthe opportunity to do the right thing for the right reason:individual rights to privacy are inalienable. ■Compliance Today wants you!Please email your article or topic ideas to Compliance Todayeditor, Margaret Dragon, at mrdragon@ziplink.net. Be sure toinclude your telephone number. Or, if you prefer, callMargaret at 781/593-4924 to discuss your article ideas. Sometopic ideas to consider: compliance and the Board, complianceeducation and training, moving beyond billing compliance,and monitoring your compliance program. ■September 20022HCCA’SHCCA exists to champion ethicalpractice and compliance standards inMISSION the health care community and to providethe necessary resources for compliance professionals and others whoshare these principles.fforum

DON’TMISS OUT!ONTHE CALENDARUse HCCA’s Information SourcesHCCA’s Fax-on-demand ServicesMembership information and upcoming events are twoitems available when you call HCCA’s Fax-on-demandservice. Here’s how:1. Dial 888/840-4359, press 2 after the system answers.2. Enter the three-digit code of the document you wish toreceive and press #. Once all of the document codes havebeen entered press #.3. When prompted, enter the number of the fax machineto which you wish the material faxed followed by # key.NB: If you enter number 1 when the system answers andenter your fax number when prompted, you will receive amenu of the current documents available.It’s on the HCCA Website–Payor/Managed Care SpecialInterest Group informationHCCA members working in health care payor or managedcare organizations now have a new compliance informationsource–the Payor/Managed Care SIG Webpages located onthe HCCA Website, http://www.hcca-info.orgYou will find information including:■ The Payor/Managed Care SIG Charter■ Contact information for the SIG Chair and SteeringCommittee Members■ Information on HCCA conferences related toPayor/Managed Care issues■ A list of Payor/Managed Care-related articles publishedin Compliance TodayOn the Members Only Section of the HCCAWebsite–Payor/Managed Care Information includes:■ Payor/Managed Care Compliance Professionals ContactList■ Complete Payor/Managed Care articles previouslypublished in Compliance Today■ PDF documents of the Payor/Managed Care presentationsgiven at past HCCA conferences■ Managed Care related documentsDon’t miss out on this new and valuable resource! ■AUDIOCONFERENCE:Compliance Lessons Learnedfrom Enron - Four Part Series■ September 4, 10, 17, and 24,1-2:30 PM EST2002 CONFERENCES:BIRMINGHAM, AL:■ OCT 25 - Region IVCompliance MeetingMark your calendars for the followingHCCA sponsored events:■ NOV 12, HCCA Region VIIState ConferenceST. PAUL/MINNEAPOLIS, MN:■ SEP 12, HCCA Region VCompliance ConferenceKANSAS CITY, MO:■ AUG 2, HCCA Region VIICompliance Conference■ OCT 21-22, HCCA Region II &SAN DIEGO, CA:III Compliance Conference■ DEC 9-11, HCCA AHA HIPAAForum WestPHILADELPHIA, PA:■ NOV 11-15, HCCA’s AcademySAN FRANCISCO, CA:of Health Care Compliance,■ NOV 7-8, Physician GroupUnion LeaguePractice ComplianceConferenceREDMOND, WA:■ NOV 21-22, MicrosoftWASHINGTON, DC:Meeting■ SEPT 29-OCT 1, HCCA/AHLAFraud and Compliance Forum 2003 CONFERENCES:LOS ANGELES, CA:ATLANTA, GA:■ FEB 16-19, HCCA Academy of■ NOV 4, HCCA Region IVHealth Care ComplianceCompliance ConferenceNEW ORLEANS, LA:DES MOINES, IA:■ APR 27-30, HCCA’sHCCACompliance Institute 2003RESOURCESFor more information about events or resources, check out theHCCA Website, http://www.hcca-info.org or call 888/580-8373.Be sure to ask about your member discount.AWARDARDWINNING■ Individual & Small GroupPhysician Practice Compliance:What every physician shouldknow, HCCA’s audio trainingprogram designed specificallyfor physicians.■ HCCA’s Compliance,Conscience, and Conduct ,a video-based compliancetraining programAWARDARDWINNINGATLANTIC CITY, NJ:■ Privacy Matters – HCCA’svideo-based HIPAA TrainingProgram■ HCCA’s book, Compliance 101■ The Health Care ComplianceProfessional’s Manual, to order,call 800/638-8437 ■September 20023

September 20024Editor’s note: Cathy Cahill is theCompliance Officer at UniversityHospital at Stony Brook in New York.She may be reached at 631/444-8026.On January 4, 2002, the Centerfor Medicare and MedicaidServices (CMS) implementedPhase I of the new federal Stark Law. It isanticipated that Phase II will be issued inabout a year. Stark prohibits a physicianfrom making referrals for certain DesignatedHealth Services (DHS) to an entityin which they have a “financial relationship”.There are legal exceptions to thegeneral prohibitions, which are outlinedbelow. If no exception applies and a claim,which violates the Stark Law, is submittedto the Medicare or Medicaid programinadvertently, a prompt refund is required.Stark is complicated and there is potentialfor misinterpretation. Stark “made easy”summarizes some of the more applicableexceptions to the Stark Law. Copies ofthese regulations along with commentaryfrom CMS can be found in the FederalRegister (66 Fed. Reg. 857). Stark “madeeasy” may be used as a guide to determinewhether referrals to DHS are permissibleunder the law. Although these rules can becumbersome, compliance with these rulesis necessary and violation of the Stark Lawcan prove costly to health care providers.To determine if there is a Stark issue, considerall of the following questions:■ Is there a financial relationship betweenthe provider and the entity? (Theprovider is performing a service thathas a financial value)■ Is there a referral relationship?■ Do the referrals involve Medicare orBy Cathy CahillMedicaid?■ Do any of the referrals involveDesignated Health Services?■ Does an exception apply?Stark “made easy”Stark prohibits a physician (or a physician’simmediate family member) who has a director indirect financial relationship withan entity from making referrals to that entityfor the furnishing of Designated HealthServices (DHS) payable by Medicare orMedicaid, unless there is an exception.A direct financial relationship (ownershipor compensation arrangement) is anyarrangement between the referring physicianand the DHS entity without anyindividual/entity interposed.An indirect financial relationship is anyarrangement between the referring physicianand the DHS with any number ofindividuals/entities interposed through anunbroken chain.Penalties for violating Stark involve CivilMonetary penalties (CMP):■ $15,000 civil monetary penalty foreach claim■ $100,000 civil monetary penalty forentering into a circumvention scheme■ Possible liability under the False ClaimsActDHS includes:■ Clinical Laboratory■ Physical Therapy■ Occupational Therapy■ Speech Therapy■ Radiology [MRI, Cat scan, Ultrasound]■ Radiation Therapy and Supplies■ Durable medical equipment and supplies■ Parenteral and enteral nutrients■ Home Health Services■ Prosthetics and orthotics■ Outpatient prescription drugs■ Inpatient and outpatient hospital servicesExceptions to the prohibition:A referral may be made to an entity thatprovides Designated Health Services andwith which a physician has a financialrelationship, if any one of the followingexceptions apply:Employment■ A physician may make a referral to anentity that provides DHS if there is abonafide employment relationship■ Remuneration must be:-Fair Market Value (FMV)-Not based on the volume or value ofreferralsExample: A physician wishes to refer workto a laboratory with which the physicianhas a financial relationship. If that financialrelationship is one in which the physicianis a bonafide employee of the lab,she/he may refer the work to the labunder the employee exception.In-office Ancillary ServicesThis exception applies generally to a referralwithin a group practice. Yes, Starkapplies even to referrals within a group!■ If it is a solo physician, the servicemust be performed in the same buildingwhere the solo physician performsthe non-DHS services■ In group practices, the services can bein a centralized location other thanwhere the group provides physicianservices. The group practice must ownor lease the space 24 hours per day,seven days per week■ The service must be performed orsupervised by the referring physician or

y another physician within the group(may be a contracted physician)Example: A cardiologist may refer (withinthe group) a patient for an MRI providedthe cardiologist or another physician inthe group supervises the test and all of therequirements set forth above are met.The group must qualify as a group practiceas defined by the regulations. Thisrequires that the members of the group:■ Pass the ‘unified business test’■ Be legally organized as a partnership,Professional Corporation, faculty practiceplan, or not-for-profit corporation(leased arrangements are not allowable)■ Each physician member of the groupmust furnish substantially the full rangeof services that a physician routinelyfurnishes (“substantially all servicestest”)■ Must personally conduct on average atleast 75% of all services of the grouppractice and the bill is submitted in thegroup billing number. (“substantially alltest”) Administrative responsibilitiesmay be includedExample: Physician A performs 50% ofthe services; Physician B performs 75% ofthe services; Physician C performs 100%of the services: The average work performedby all physicians within the groupis 75% and is allowable.Personal Services ArrangementsA physician or his family member providingpersonal services to an entity that providesDHS may make a referral to thatentity. The physician may refer a patientfor DHS to that entity provided that:■ There is a written agreement (for aminimum of one year)■ The specific services to be provided areoutlined in the agreement■ Compensation is set in advance anddoes not exceed fair market value■ Compensation is not based on the volumeor value of referralsExample: A physician may performQuality Assurance Activities in an entitythat provides DHS and refer a patient fora DHS.Academic Medical Center (AMC)ExceptionA faculty practice plan associated with ahospital, institution of higher education,or medical school may provide a variety ofspecialty services within and outside thegroup.■ Compensation must be set in advanceand must not be based on the value orvolume of referrals■ The referring physician must be abonafide employee of the AMC■ Does not apply to the physicians whoprovide only occasional academic orclinical teaching services■ The affiliated faculty practice plan is anot-for-profit tax-exempt organizationRental of Equipment or SpaceException■ The lease must be set in writing■ The equipment/space to be leased mustbe specific■ The equipment/space leased must beused exclusively by the leasee■ The term of the lease must be specifiedin advance (at least one year)■ The rental charges must be set inadvance, FMV and not based on thevolume or value of referralsMedical Staff Incidental BenefitsA physician may accept compensation froman entity (item or services) of low value.■ A low value item may be provided (

SPECIAL SPECIALINTERESTGROUPMarketingunder present substantial challenges. Many ofFor compliance officers, these changesthe HIPAA the key provisions of the HIPAAPrivacy Rule Privacy rule are ambiguous in theseBy Kirk J. Nahra marketing settings. Balancing complianceconcerns and risk managementEditor’s note: Mr. Nahra is a partner in with pressing business needs may be athe Washington, D.C. law firm of Wiley particular challenge in the marketingRein & Fielding, LLP, specializing in area, where the HIPAA rule will forceprivacy and insurance fraud issues. Views more significant change than withexpressed in this article are his alone and many other parts of a health plan'sdo not necessarily reflect the views of any operations. Who will be the decisionmakeron close calls in this area?entities he represents. He may be reachedat 202/719-7335 or knahra@wrf.com.The HIPAA Privacy rule will have asignificant effect on how any healthplan (or other covered health care entity)can use its member information formarketing purposes. These effects havebeen magnified by some proposedchanges to the Privacy rule (which arestill under consideration by HHS andhave not yet been finalized), as theseproposed changes cut back significantlyon the circumstances in which memberinformation can be used for marketingwithout first obtaining the member'swritten authorization.It is not an overstatement to say thatthe HIPAA marketing provisions willrequire a significant re-evaluation of allcurrent marketing efforts involvinghealth insurance members, and willplace a premium on creative strategiesto “market” without the use or disclosureof member information, or toobtain marketing authorizations in anefficient and compliant manner. Allhealth plans will face a significant challengein evaluating methods of communicatinginformation to customers thatdo not run afoul of these rules.September 20026In addition, the breadth of the rule iscounter-intuitive, and may present particularlydifficult education challengeswithin a health plan’s corporate structure.The rule also applies to a widevariety of practices that do not at firstblush appear to be marketing at all. Aswell, because the rule places so muchemphasis on obtaining authorizationsfrom members, it will be essential todevelop effective tracking systems foruse with marketing. Accordingly, it iscritical for compliance officers and otherswith responsibility for complyingwith the HIPAA rule to have animproved understanding of how thesemarketing rules work and effective waysto deal with them.What the rule says–The current ruleMarketing communications have hadtheir own set of use and disclosurerequirements within the Privacy rulesince it was issued in December, 2000.The Privacy rule does not impose anabsolute prohibition against a healthplan's using or disclosing ProtectedHealth Information (PHI) for marketing.Rather, the Privacy rule generallyprovides that before a health plan mayP AYOR/MANAGED C AREKIRK J. NAHRAuse or disclose PHI for marketing purposes,it must obtain a prior writtenauthorization, unless the disclosure fitsone of the marketing exceptions.The rule defines marketing broadly, toinclude any communication thatencourages the recipient to purchase oruse a product or service. Therefore, itencompasses some communications(such as certain disease managementprograms) that typically are not consideredmarketing. These 'marketing' provisionsalso potentially apply to a widevariety of communications that maynot appear to involve protected healthinformation at all, including newsletterscontaining advertisements, EOBstuffers, and product upgrade communications.The Privacy rule establishes a fairlycomplicated structure under whichthere are essentially four categories ofcommunications affected by the marketingrules. These are:■ Communications that are notencouraging purchase or use of aproduct or service and, therefore,don't meet the definition of 'marketing'(such as generalized communicationsurging members to “eat right”

or “stay healthy,” contained innewsletters or otherwise)■ Communications that fall within oneof the exceptions to the marketingdefinition (for example, a communicationdescribing entities participating ina health care network or identifyingthe extent to which a product or serviceis provided by the covered entity orincluded in a plan of benefits)■ Marketing communications for whichan authorization is not required (amarketing communication to the individualthat concerns health-relatedproducts or services of the coveredentity (or of a third party) providedthe communication meets certainspecified requirements (e.g., itdescribes how the individual may optout of receiving such future communications))■ Marketing communications that dorequire written authorizationWhat the rule says–Proposed changesThe most significant “negative” of theproposed HIPAA Privacy rule amendmentsin the Notice of ProposedRulemaking (“NPRM”) for health plansis the proposed changes to the marketingprovisions of the Privacy Rule.Responding to concerns raised by “privacyadvocates” that the marketing provisionsallowed too much use of PHI formarketing purposes, HHS proposes toreduce the categories of communicationsthat can be made without authorizationfrom the member. In particular, HHSproposes to delete the category of marketingcommunications for “health relatedproducts or services of the coveredentity or another third party,” which,under the Privacy rule, could be madewithout authorization as long as certainconditions were met.While “simplifying” the otherwise complicatedmarketing provisions, HHSclearly has reduced the marketing communicationsthat can be made withoutauthorization, by eliminating the abilityof covered entities to conduct most marketingof “health-related” products andservices. These restrictions are particularlytroubling for “generalized” marketingcommunications, where no specifichealth information is involved, and theonly disclosure is to the person whosePHI is involved (such as a generalizeddistribution of offers of discounted healthcare products, made to all members of ahealth plan).HHS recognized, however, that coveredentities “need to be able to discuss theirown health-related products and services,or those of third parties, as part oftheir everyday business and as part ofpromoting the health of their patientsand enrollees,” and HHS did not wantto “interfere with or unnecessarily burdencommunications about treatment orabout the benefits and services of plansand providers.” Therefore, the marketingdefinition will continue to excludecertain health-related communications“that may be part of a covered entity'streatment of the individual or its healthcare operations, but that may also promotethe use or sale of a product.” Thisincludes communications made for thepurpose of describing the participatingproviders and health plans in a network,or describing the services offered by aprovider or the benefits covered by ahealth plan. Also excluded from theauthorization requirement are communicationsby a covered entity in thecourse of managing an individual'streatment or recommending an alternativetreatment.HHS also proposed certain other “minorclarifications” to the marketing provisions.The new definition of marketingwill be “to make a communication abouta product or service to encourage recipientsof the communication to purchaseor use the product or service.” Under thischange, if the effect of the communicationis to encourage recipients to purchaseor use the product or service, thecommunication would be marketing.There also was a slight revision to theexceptions for the marketing communications,but these changes “are notintended to increase the scope of themarketing exclusions.” The “modified”exclusion applies to communications “forcase management or care coordinationfor that individual, or to direct or recommendalternative treatments, therapies,health care providers or settings of care tothat individual.” In addition to thesechanges, HHS noted that “certain commonhealth care communications, suchas disease management, wellness programs,prescription fill reminders andappointment notifications" are allowedunder the exceptions to the marketingdefinition. This means that no prior writtenauthorization is needed for theseactivities.Why these provisions matterThe scope of the PHI definition–Protected Health Information is the termused to describe the type of informationsubject to the Privacy rule. The majorityview of health plans and industry analysts,and the likely view of HHS, is thatthe name and address of a member,standing alone, constitutes PHI underthe Privacy rule, even without a connectionto health-related information. Thiswould mean that where a name andContinued on page 8September 20027

SIG: MARKETING UNDER HIPAA...continued from page 7address is “pulled” from membership rosters,any use of the name and addresswould be considered use of PHI.While it is not necessarily intuitive that aname and address, standing alone, constitutehealth information, and there is slightoptimism that this question could berevised through a Rule change or interpretiveguidance, the majority view at thepresent time is that a name and address(or any other information) taken from amembership list will constitute PHI, andthat HHS will interpret and enforce theregulations under this interpretation.Use and disclosure–The Privacy rule,unlike most other privacy rules (includingthe NAIC Model Statute forInsurance Information Privacy Protectionand most state G-L-B laws), applies toboth the “use” and the “disclosure” ofPHI. Accordingly, the impact of theHIPAA rule is disproportionately largebecause it applies to so many situationswhere a health plan “uses” its memberlists to send marketing communicationswithout “disclosing” PHI to anyone.The need for authorizations–It isimportant to remember that the Privacyrule does not “prohibit” marketing communications.Instead, it simply placesconditions on how and when such communicationscan be made. The most significantcondition is that these communicationscannot be made without a priorwritten marketing authorization. Thisauthorization must meet a variety ofrequirements (and the proposed rulechanges both impose a specific marketingauthorization requirement while simplifyingthe authorization procedures ingeneral). Health plans will want to evaluatehow best to obtain authorizationsSeptember 20028(and to track the members from whomauthorizations have been received). Thisauthorization for marketing cannot berequired for members, nor can any benefitsbe conditioned on executing anauthorization.In addition, there is no precise definitionon how “broad” the authorization canbe. It is probably possible to draft a marketingauthorization (even at the time ofenrollment) that would be sufficientlydetailed to allow covered entities to marketanything it wanted at any time. Inorder to do this, however, the languagewould have to be sufficiently broad thatit might “scare off” some members.Accordingly, the narrower the scope ofthe authorization, arguably the moremembers would execute the authorization.Is it possible to send out a requestfor authorization that identifies the productto be marketed, unlike asking, “canwe get your permission in order to tellyou about our great product?” This iscertainly an area for creative thinking bycovered entities.ConclusionsIn general, in evaluating future marketingcommunications, covered entities willneed to evaluate the following questions:■ 1. Is the communication designed toencourage the recipient to purchase oruse a product or service? If so, it willmeet the definition of “marketing.”■ 2. Was any protected health informationused to make the communication,including identifying the recipientsof the communication (i.e., recipients’names and addresses)? If so,then it falls within the rule’s marketingrequirements.■ 3. Does the communication fall withinan exception to the authorizationrequirement which survives theNPRM?■ 4. If the answers to 1 and 2 are yesand 3 is no, is there a practical meansof obtaining (and tracking) an authorizationfrom the member to continueto make this communication?For compliance officers, understandingand analyzing the ambiguities of this rulewill be critical, and educating the appropriatepersonnel on the significant analyticaland operational changes required bythis rule will be difficult. Developing creative(and HIPAA-compliant) means ofobtaining authorizations, tracking theseauthorizations, and developing alternativemarketing strategies will be substantialchallenges with significant compliancerequirements. The pressure to continueto do marketing under a strict regulatoryregime (in an area where complianceconsiderations often have beenignored) may create significant tensionsbetween business operations and theHIPAA requirements. Will complianceofficers (or others with HIPAA responsibilities)need to (or be able to) exerciseappropriate oversight over marketingactivities where virtually all customerbasedmarketing is called into question?These challenges and others confront anycompliance officer evaluating the impactof the marketing rule. Is there help insight from HHS? Possibly, but unlikely,given HHS' view on customer-control oftheir information for marketing and thecriticism they have received on any "proindustry"changes to the Privacy rule. Onthe long list of HIPAA challenges, marketingis among the most complicated. ■

featurearticleEditor’s note: This interview with Dr. BobArnot, NBC Correspondent, was conductedby Roy Snell, HCCA Chief ExecutiveOfficer, during the 2002 ComplianceInstitute in Chicago. Roy may be reachedat 763/478-4490. Dr. Arnot may bereached at MSNBC 201/583-5000.RS:Dr. Arnot, thank you for yourtime today. Please tell me what you considerto be some of the biggest problemsfor health care in the quality of care arena?BA:I think that the biggest singleproblem is in the management of chronicdisease. That is: you’ve got an operation;people know what the results are supposedto be; they know what a lot of the factorsare; they know what they have to do.When it comes to chronic disease,it’s the easiest place for somebody tocut corners. Take diabetes, as an example.We probably have a 15 year timelinebetween the time that you first are diagnosedwith diabetes and the time that youcome down with serious complications,such as loss of eyesight, nerve damage,heart attack, peripheral arterial damage.So, if I am running a healthcare organization, I can cut corners tobeat the band on that, in terms of notdoing the regular eye test; not doing theregular cardiovascular; not making certainthat someone’s blood sugar levels aremanaged properly or that their weight’sdown and that they’re given the rightkind of lifestyle enhancement inducement.It’s very, very expensive to takecare of a diabetic. So across the board,Meet Dr. Bob Arnotdiabetes and obesity are the diseases that,in the long run, account for the greatestnumber of deaths. Seventy percent ofwhat we die from is basically what weput into our mouths, according to formerSurgeon General Koop. And so Ithink, in terms of compliance, an operationis easy, chronic diseases are hard–they kill us. And that is the biggest challenge.And that’s where I think thatcompliance professionals can be trueheroes in terms of really sticking it to thesystem to make certain that happens. Inmy own family with family membersthat have chronic diseases, I’ve foundthat even at some very good medicalinstitutions, they just got very sloppy,what I would call, substandard care. Soto answer your question, it’s chronic diseasewhere health care providers, and particularlyhealth care payors, really have tobe held to the bar.RS:In your opinion, has JCAHObeen able to address some of the problemsraised by their critics?BA: You know, the Joint Commission,I think, holds people to a certainstandard. I do not–personal opinion–think that that is a standard of academicexcellence. You look at top academic centers,and it’s my belief that JCAHO doesnot hold people to as high of a standardas they could. You know, a lot of it ispaperwork oriented. You have goodNBC Correspondentpaperwork. And it’s much the way theFAA works. For example, if your paperwork’sgood, your airplane is good. So tothe extent the paper looks good, youknow, JCAHO is able to ensure that youhave a good paper trail.I guess the best answer to yourquestion is I’m not certain for myselfthat JCAHO has the investigative abilityor authority to be able to uncover realshortcomings. But certainly in terms ofbeing able to look at paperwork andbeing certain that the paperwork is inorder, I think they do an excellent job.RS:Are you familiar with some ofthe large health care settlements relatingto regulatory compliance problems suchas insufficient documentation, allegedkickbacks? And if so, what concerns youthe most about these settlements?Continued on page 10September 20029

Dr. Bob ArnotBA:ROY SNELLReally don’t know enough about America really getting serious on providingthe settlements themselves.excellence for chronic disease. And Ithink one of the greatest tragedies in ourRS: Long-term care providers have country is that just because you’re old youbeen specifically singled out for quality of don’t count, which is to say you let allcare problems. In your opinion, are they these things slide. If you and I had diabetesmaking progress?at our age or coronary artery disease,BA: By long-term care you mean we would have our disease managed onnursing homes? This is where health care the most meticulous level. But becauseproviders are really up against the wall you’re 30 years older, it’s just not managedbecause given a budget which is, in my at the same level. And I think it’s tragicview, not enough to be able to really treat and wrong.the chronic diseases of those in long-termhealth care facilities adequately, I think it RS: And a related question is, healthmakes it very tough. Because they’re care is under pressure to be more compliantcaught in a real Catch 22 in terms ofwith regulations, improved quality, andbeing able to provide the kind of care. For reduced cost. Is it realistic to expect healthinstance, there are cases of individuals that care to meet all of these expectations?have a broken hip. And they’ll be dischargedBA: You know, I think, something’sfrom the hospital to a long-term got to give (given the lack of health carehealth care facility. And they simply can’t dollars). Look at waste in health care, forafford to be able to treat all of the other example if you look at unnecessary operations,diseases these individuals may have (a urinarymalpractice, or the $60 to $100 bil-tract infection, a chronic respiratory lion dollar bill for just managing healthinfection.) They’ve got to provide rehabilitativecare, a lot of countries manage theircare. And in a hospital, that might health care for a lot less money than webe costing somebody several thousand dollarsmanage ours–the Canadians, for instance.a day. And at a, you know, $300, So, do I think you could squeeze money$400, $500 a-day cost, you just can’t do it. out of administration and waste andAnd that’s why, here too, I think that the fraud? Sure, absolutely. And I think that’sbar has to be raised in terms of compliancewhere compliance comes in too. If you’rewith what’s considered the generally looking at waste and fraud, you can takeaccepted level of excellence.those waste and fraud dollars and channelWhen it comes to the treatment those dollars into greater health care. Butof chronic disease, even in my own family, one of the real problems in health care iswith my own father, I’ve been very disappointedthat you don’t have the ability, on a microin terms of holding the standard level, to be able to manage or reduce theof care in a variety of different chronic illnessesoverall system costs. And so you really areup to the bar to which it should up against the wall because there’s just sohave been held. And I’m, obviously, trying much you can do without some restructuringto do everything I can to make sure that itof a system.is. And that’s with good health care insuranceand someone living outside of a longtermRS: Due to high expectations, criti-health care facility.cism, constant criticism, and demands putSeptember 200210So, I think it’s a matter of on health care providers by the governmentand by society at large, are we at riskof burning-out the health care providersand are you detecting any affect on moral?BA:Yes. I mean, I think that we’reabsolutely burning-out health careproviders. Not just here but also abroad. Iwas reading in one of the English papersyesterday, how every day there are threegeneral practitioners who quit, that peopleare looking to retiring early, going into otherkinds of professions. I know a lot of peopleof my age in medicine are getting burnedout,too, because you know, you’re spending90% of your time just fighting the systemand 10% of it taking care of patients. So it’sjust extremely difficult and frustrating. Andyou run the risk of not attracting the brightestbrains into medicine.You run the risk of having thosewho do go into medicine with the brightestbrains going into more lucrative, lessregulated fields–plastic surgery, for example,rather than general internal medicine.When I went to medical school,general internal medicine was kind ofconsidered the queen of specialties. That’sthe one that I was attracted to. And now,you know, it’s tough because you just can’tpractice medicine the way you’d like topractice medicine.It’s an enormously frustratingfield. I mean, just what we’ve talked aboutin terms of long-term care. As a physician,

I think, “Okay, now here’s the standard,this is what I want for my patient.” I can’tdeliver that standard.RS:You talked about the model ofhealth care as it exits today–do you anticipateany significant changes to the model?Are we going to continue to slog alongtrying to make this one work?BA:I think we’ll slog along indefinitely.That is, the brave and bold step wasto look at sort of massive restructuring.And the nickel-dime approach is to justtry to patch things up as you go along.And we still have, probably the best healthcare system in the planet. So I don’t thinkwe ought to kick ourselves in the shins toobadly. But yeah, I think that the politicianswere not as brave as they might havebeen in terms of a forthright overhaul ofthe system. Instead, we’re kind of justplugging along.RS:We’ve had significant experiencewith managed care now. Is it working,from your perspective?BA:I’m the wrong person to askbecause I’m not a huge fan of managedcare. I don’t see the evidence that it’s actuallysaved money on a macro level. Youknow, for a few years on a micro level byshifting costs, it certainly saved money forcorporate America. I’m not convinced thatit saved money in a macro level.There are excellent managedhealth care firms. And there are those thatare less than excellent. My father was inwhat was considered one of the very top inthe country. And I was extremely disappointedwith the way they just let him slideon a variety of different illnesses; ultimately,to his death. So I’m kind of the wrong personto ask because I just think that managedhealth care has not achieved the costcuttingthey should on a macro level andhas hampered physicians from providingthe kind of care that they want to.On the plus side for managedcare, there’s no question that in terms ofaddressing inappropriate care, there’s a realadvantage. And you know, they havesome very good arguments in terms ofpreventative medicine. The vaccines, as anexample. You’re more likely to have vaccinesand some preventative medicineexams with managed care than you arewith the general practitioner. So it’s notblack and white.RS:There’s talk about a single-payorsystem every few years. Do you believe itcould resurface and is it practical?BA:When I was in medical school, Iwas in Montreal, which had a single-payorsystem and what I liked about it at thetime was there was no muss, no fuss, nopaperwork. You just had a form like aMasterCard form. You put in the code.You were paid. And it meant that therewas tremendous streamlining. If you lookat Canada and the percentage of healthcare dollars actually spent on administration,it’s dramatically lower than ours. So Idon’t think that that’s necessarily a reasonwe should entertain single payer, but areason we should look at a far morestreamlined method of paying.In the end when you look atsingle payer systems like England orCanada, you have a great deal of unhappiness.In Canada you have, on macro level,good results: longevity, morbidity, mortality.When you look at it on an individuallevel, somebody is waiting six months to ayear for a bypass or a hip replacement.There is micro disappointment in macrosatisfaction.RS:Health care compliance professionalsfrequently have to convince doctorsto change their behavior. Do youhave any advice on how to do that?BA: Sure, I do. I think that the airplaneindustry is the best model for healthcare professionals. One, because they dohave a very low error rate, thank God, sothat the model is successful. And two, inmedicine, compliance, and behavior changeis viewed as punitive. In the aircraft industry–theU.S. Air Force as well as commercialpilots–have a continuous qualityimprovement model. They also have whatthey call a cockpit crew awareness. Thatmeans if I’m a sergeant on the deck and I’vegot a general flying that airplane, and I say,“Hey general, I think we’re at the wrongaltitude,” or, “Why are we doing the coursewrong?” “What about this power setting?”And the general, rather than taking it badlysays, “Well, that’s interesting. Let’s take alook at this. Let’s consider this,” and thewhole crew is pulled in.So we, unfortunately in medicine,have had absolutely the wrongmodel in terms of changing behaviors.Which is, if you’re doing somethingwrong, you’re going to be punished andit’s very hurtful and it hurts your pride. Ithink it has to be looked at as: “Doc, youknow, you’re a dedicated professional. Youdo a damn good job. Your patients loveyou. We’ve looked at this, and we do thestudies and, you know, here’s a differentway of doing it. Let’s talk about it. Tell mewhat your thoughts are.” Or “Let’s talkabout this paper that shows this. Is anyother evidence there?” So that it’s lookedat as a team decision.I think–to the extent that acompliance officer is viewed as a policemanrather than a colleague–it makes itdifficult to change behaviors.RS:BA:Thank you for your time.You’re very welcome. ■September 200211

The Healthcare ComplianceCertification Board (HCCB)announced that the followingindividuals - between April and June2002 - have successfully completed theCertified in Healthcare ComplianceExamination - thus earning the CHCdesignation:■ Beverly Dawn Anderson, CHCCompliance OfficerBuchanan General HospitalGrundy, VA■ Louis P. Babilino, CHCKPMG, LLPOrange Park, FL■ Sueanne Bicknell, CHCCompliance DirectorCardiology and Internal MedicineAssociationDallas, TX■ Carol E. Connors, CHCAssistant Compliance OfficerOregon Health Sciences UniversityPortland, OR■ Karla B. Dreisbach, CHCDirector of Quality and ComplianceBrandywine Senior CareExton, PA■ Linda S. Farrar, CHCOutsourcing Solutions IncPhoenix, AZ■ Judith A. Heimann, CHCManaging Director, CareManagement and ComplianceHIP-NYNew York, NY■ Milo David Huempfner, CHCClinic and Emergency ServicesDirectorWaianae Coast Health CenterWaianae, HI■ Traci Lyn Jensen, CHCCompliance Program ManagerHealth Alliance Medical PlansUrbana, IL■ David L. King, CHCDirector, Audit Services andCorporate ComplianceCentral Georgia Health SystemMacon, GA■ Robert J. Kirk, CHCCompliance OfficerCitizens Medical CenterVictoria, TX■ Joseph P. McCloskey, CHCPrincipalMedical Compliance Support, Inc.Hollywood, FL■ Larry Wayne Montes, CHCCompliance OfficerJohnson & Johnson, Inc.Somerville, NJ■ Melinda D. Nicholson, CHCCaritas Health SystemLouisville, KY■ Virginia Gail Sredanovich, CHCCompliance CoordinatorMedical Center HospitalOdessa, TX■ Susan M. Stell, CHCDirector of ComplianceChartwell Community Services, Inc.Mc Kinney, TX■ William Ernest Torrence, CHCKnoxville, TN■ Kimberly Ann Vernon, CHCVice-President, Compliance andDevelopmentTotal eMedFranklin, TN■ Melissa Ann Walker, CHCVice President and ChiefCompliance OfficerUroCor, Inc.Seminole, OK ■Your physician compliance training just got easier!Order a copy of HCCA’s 39-minute audiotrainingprogramIndividual & Small Group PhysicianCompliance: What every physicianshould knowAn essential resource for every compliancedepartment. Visit HCCA’s Website,http://www.hcca-info.org, to order.September 200212

FreddyKruger’sNightmare onComplianceStreetROY SNELLFollow-up on compliance complaints isthe “Freddy Kruger” of compliance professionals.As a compliance professionalI was concerned that someone wouldsubmit a compliance issue and wewould lose the complaint or not followup “fast enough.” My nightmares wouldinvolve a headline that went something like ‘Compliance professionalnamed in the whistleblowers complaint, “I told Royabout the problem and he did not do anything about it.” Thenastiest thing that can happen to a compliance professional isbeing accused of covering up or ignoring a complaint.It has happened to two compliance professionals that I knowof. Their names showed up in the complaints and one of themwas used in the press, too. Whether or not it was groundless,the experience must have been a nightmare. Enron andWorldCom are accused by two whistleblowers of ignoringtheir concerns. If you really want to get an investigator stirredup, you must not only do something wrong but you musthave been warned about it and ignored it.The logMost people keep a hot line or investigation log but it is oftennot automated. Hand written notes are transferred to a log ina spreadsheet or word processor. Keeping track of past versionsof the log is a concern. Several people from the complianceteam often get involved in investigations. If someone retrievesan older version of the log, updates old issues, and adds newissues you have a problem. The last set of revisions would belost until the version SNAFU is caught. If not caught you mayhave the problem brought to your attention by an outsideinvestigator who had been asked to follow up on your untimelyresponse to someone’s complaint.Falling through the cracksAnother concern is managing all of the issues simultaneously.Investigations often have people outside of the complianceteam working on a complaint. If one of the tasks assigned tosomeone falls through the cracksyou must catch it in a timely manner.Although most of the complaintsare unfounded or minorthere is always a sizable list to workon and tracking several issues simultaneouslyis a challenge.Many departments are trackingmany issuesThe entire organization is ultimately responsible for trackingcomplaints. Human Resources has their list, Quality Assurancehas theirs, the Legal Department has yet another list and manyother departments are responsible for following up on theirown issues. At least you hope they have a list and are followingup on their issues.Although the compliance office gets involved in major issues itis not practical or advisable to manage all complaints for alldepartments. Compliance teams are trained and passionateabout following up. However, compliance teams often worryabout other departments documenting, tracking their issues,and securing their information.One shot at following up on complaintsA high school football coach once told me that when a playerwent down screaming in pain he would stay on the sidelinesand let the trainer handle it. If a player went down and didnot move he would run out on to field as fast as he could.I feel the same way about people who register complaints. Theperson who checks in each week about their compliant is a bitof a pain but at least they are communicating and gettingsome feedback while the investigation is proceeding.The meekThe screamers don’t bother me as much as the people who registera complaint and never check in and wait for the outcome.Call me cynical, but I think some people may even log a complaintand hope you don’t get the investigation done “quickly”and think they now have a better story for the outside investigator.Most investigators I know don’t fall for this sort of thingand give compliance professionals the benefit of the doubt andample time to follow up. It is a concern none the less.Continued on page 14September 200213

LETTER FROM THE CEO...continued from page 13Investigations always take longer thanexpected and compliance professionalsworry that the person registering theconcern would think they were beingignored. People who register concernsbelieve that they are obligated to takethe problem to someone outside theorganization to ensure that they haddone every thing they could to resolvethe issue. The concern is that if they donot make an effort to stay informedthey make unfounded assumptionsabout your efforts.Some people feel that they have to gooutside to protect themselves frombeing accused of knowing about theproblem and not doing anything aboutit. If you do a good job documentingthe investigation you can show theinvestigator that you were on top of itand more time should be given toresolve the issue. The challenge is tohave impressive documentation that isorderly and shows continuous activity.You may also need to document thatyou have not gotten to that issuebecause you were working on otherimportant issues.Documentation is the best defenseDocumenting investigation is not anSeptember 200214easy thing to do well. Notes are taken,documents are reviewed, people areinterviewed, and the investigation log isupdated. The problem is that all of thisinformation is often kept in variousfiles and locations. To demonstrateprogress you will have to pull informationfrom several locations, hoping thatyou get it all and that all activities hadbeen recorded in a timely, orderly, andcomplete manner.Another problem with documentationis that it should be secured. File cabinetsand desktops are not the mosteffective storage devices. Employeesworking on various investigations sometimeswork in cubicles. Many filingcabinets are in hallways. You can stressto everyone that they should be carefulbut you always wonder if the documentsare stored and locked every nightall year round. Documents are oftentaken to and from meetings in and outof the building. It is critical that theynot be left unattended. Proper storageof all documents relating to an investigationis an important issue that mustbe addressed.The nightmare that keeps on givingEven after you leave an organizationIt’s in the mailyou wonder if you can prove that youdid enough. Did you leave behindeffective documentation? Will they findit all? Will they try hard enough to findit? I recently spoke to someone whocoordinated a large project that is nowbeing investigated and his number oneconcern is that they are not trying hardenough to find and share the documentswith the investigators. He haseven gone back to the organization tohelp them but he feels a little helplessdue to the lack of effort on their part.They seem to be more concerned abouttheir current projects and appear unmotivatedbecause they are very busy andhave no personal stake in the outcome.I have seen people do a great job of thisand I know others who need help. It isan area of great concern and must betaken very seriously. Every individual inevery organization should keep orderlydocumentation and properly track complianceissues. Nobody has moreresponsibility to ensure documentationis handled properly than complianceprofessionals. Problems originatingfrom improper documentation canmake Freddy Kruger look like a choirboy. ■The Health Care Compliance Association and Walker Information has mailed the 5thAnnual Compliance Officer Survey to all HCCA members. This year, we’ve addedadditional questions to the survey related to compliance officer compensation as wellas compliance training. Please be certain to take a few minutes to complete it andreturn it in the enclosed envelope to Walker Information. It must be received byAugust 14, 2002 to be included in the results. HCCA and Walker Information planto publish the results early in October 2002. ■

HCCA welcomes the following people andorganizations listed below (U.S. States NB-WV) who joined HCCA between Januaryand March, 2002. All member contactinformation is available in the MembersOnly section on the HCCA Website,http://www.hcca-info.org. Call HCCA,888/580-8373 with membership questionsor information changes.Nebraska■ Bradley ShaffNew Hampshire■ Paula Christy, St. Joseph Hospital■ Carl DeMatteo, Dartmouth-Hitchcock■ Jane Guilmette, The Mental HealthCenter of Greater ManchesterNew Jersey■ Dennis Bator, Masonic CharityFoundation■ Susan Blair■ Sharon Boyer, South Jersey Hospital■ Theresa Coia, Schering-Plough Corp.■ Eileen DeFeo, Shore Memorial Hospital■ Sandra Hineline, UMDNJ■ Erich Kreher, Raritan Bay Medical Ctr.■ Angela Melillo, Saint Barnabas HealthCare System■ Debra Tortora, Irvinston General Hosp.■ Cynthia Uber, Eisai, Inc.New Mexico■ Mark Padilla, Cimarron Health PlanNew York■ Jack Breck, Computerized BusinessServices■ John Costin, New York Eye & EarInfirmary■ Susan Daley, Oneida Healthcare Center■ Anne Dawson, MJHS■ Myra Fasner, The Rogosin Institute■ Joseph Hoestermann, IntercommunityMemorial Hosp.■ Ellen June, Deloitte & Touche■ Louis Katz, Lifetime Assistance■ Sandra Lyons, Schuyler Hospital■ Edith Maher, Maria Regina Residence,■ James Speros, VA Healthcare; Upstate NY■ Nathalie Terrier, UHCNorth Carolina■ Tonjia Artis, New Hanover Reg. Med.Center■ Cheryl Atkinson■ Hilda Conrad, FirstHealth■ Alberta Craven, EyeAmerica■ Donald Gardner, Caldwell MemorialHospital■ Pam Holcombe, Mountail Area Health& Edu. Center■ Laura Lyon, Margaret R. PardeeMemorial Hospital■ Pattie Moore-Boyette, UNC Hospitals■ Adrian Shelton, UNC-Chapel Hill■ William Shenton, Poyner & Spruill LLP■ Juliann Tenney, Duke UniversityOhio■ Donna Conley, The Ohio Heart HealthCenter■ Kimberly Dettwiller, O’BlenessMemorial Hospital■ Barbara Ellison, The Ohio HeartHealth Center■ William Hanlon, Mercy Medical Center■ Harry Holt, Cap Gemini Ernst &Young LLP■ Dorothy Homan, Hospice of Dayton, Inc.■ Elizabeth Johnson, Forum Health■ Marsha Martin, Mount Carmel HealthSystem■ Raymond Marvar, Cleveland ClinicHealth System■ Kathleen McWilliams, Mount CarmelHealth System■ Michael Moss, Mercy Medical Center■ Kay Nolen, Drake Center, Inc.■ Donna Pedley, American Express Tax &Bus. Srv.■ Cheryl Rice, Mercy Health Partners■ Colleen Shannon, Cole Managed Vision■ Catherine Sickler, Quadax, Inc.■ Pam Stitt, Summit Healthcare Services■ Vivien Townsend, ProMedica HealthSystemOklahoma■ Wanda Jones, Integris Health■ Susan Mahaffey, HCA PhysicianServices■ Eric Smith, HMA/Midwest RegionalMedical Center■ David Williamson, HMA/MidwestRegional Medical CenterOregon■ Ann Hanson, St. Charles Medical Ctr.Pennsylvania■ Joe Bubacz, Laurel Health System■ Mary Costigan, VA Medical Center■ Cindy Farano, Wills Eye Hospital■ Gregory Fisher, Keystone Mercy HealthPlan■ Jim Kantoski, Bon Secours Holy FamilyReg.■ Beth Kost, Precyse Solutions, LLC,■ Lucia Lajcsak, Charles Cole MemorialHospital■ Sreekant Murthy, Drexel & MCPHahnemann Univ.’s, Philadelphia■ John Olszewski, Grand View Hospital■ Pamela Ramsey, Gateway Rehab Center■ Salvatore Savatteri, Parente Randolph■ Irene Smith, The Regional Cancer Ctr.■ Reese Thomas, Professional HumanResources■ Bradley Vansickles, Sharon RegionalHealth System■ Vicki Wertz, Altoona Hospital■ Sherry Winiarski, Gateway Rehab Ctr.Rhode Island■ William Florio, Lifespan/Physician PSO■ Dianne Izzo-Orwitz, Lifespan/PhysicianPSO■ Judith Kapuscinski, Self-EmployedSouth CarolinaContinued on page 16September 200215

NEW MEMBERS...continued from page 15September 200216■ Susan Lake, Providence HospitalSouth Dakota■ Cindy Matson, Sioux Valley Hospitals& Health System■ Tracey Miller, McKennan■ Connie Schickedanz, Prairie LakesHealthcare SystemTennessee■ Gayle Cramer, Clark, Partington, Hart& Hart■ Elaine Edwards, Quorum HealthResources, LLC■ Mark Gilbert, Hospice of Chattanooga■ James Madden, Keystone Education &Youth Srv.■ Denise Roe, Vanderbilt University■ Rhonda Sides, Horne CPA Group■ Janice Smith, PhyCor■ Kelly Stevenson, TBN of TN■ Terry Todd, The Heart GroupTexas■ Shannon Adrian, Methodist HealthCare System■ Shawn Arrington, Wilf & Henderson, P.C.■ Amy Boykin, Baylor Institute for Rehab.■ Deborah Dabbs, University MedicalCenter■ Loretta Davis, Univ. of Texas MedicalBranch■ Susan DeLeo, Baptist Health System■ Hayley Ellington, Corp Health, Inc.■ Vickie Ellis, Moore County HospitalDistrict■ David Glassburn, Northeast Med. Ctr.Hospital■ Kimberly Hagara, University of TexasSystem■ Colleen Hillier, Arthur Andersen LLP■ Donna Holmes, First Consulting Group■ Rebecca Hurley, Triad Hospitals, Inc.■ Amy Johnson, PricewaterhouseCoopers■ Hillary Koenig, Parkland Health &Hosp. System■ Pamela Lane, Zale Lipshy UniversityHosp.■ Larry Leahy, Foundation ManagementServices■ Aurora LeBrun, TX Health & HumanService Comm.■ Denise Lenihan, Interim Solutions■ Merry Moore, University Medical Ctr.■ LaSandra Morris, DiversifiedHealthCare Services■ Steve Musgrave, VHA, Inc.■ Christian O’Connor, DiversifiedHealthcare Services■ Carol Phelps, Baylor Medical Center■ Cheryl Porter, Methodist Health CareSystem■ Roman Pscheidt, John Peter SmithHospital■ Sharon Randolph■ Virginia Sredanovich, Medical CenterHospital■ Debra Stich,UTSM/MC■ Norman Stiteler, LifeCare ManagementServices■ Richard Swann, Keller ConsultingGroup, LLC■ Stacey Tovino, Vinson & Elkins, L.L.P.■ David Vela, Prime Medical Services, Inc.■ Kathy Ventre, Odyssey Healthcare■ Pamela Wright, Christus Medical GroupUtah■ Keith Kelly, Ray Quinney & Nebeker■ Lisa Larriva, 3M HIS■ Janice Ohlsson, 3M HIS■ Lynette Stanton, 3M HISVirginia■ Pamela Board, Lynchburg GeneralHospital■ Kimberly Breininger, Sentara HealthManagement■ David Compton, PMUSA OccupationalHealth■ Bev Duffy, AmeriChoice Health Services■ Jeff Jones, Strategic Management Sys.,Inc.■ Lora Lukasiewicz, Sentara HealthManagement■ Kelly Montagna, Sentara HealthManagement■ Ralph Traylor■ Kathleen White, Sentara Health Mgmt.Vermont■ Gail Anderson, Stephanie J. Landvater,M.D.Washington■ Bradley Becker, Valley General Hospital■ Craig Bodway, Olympic HealthManagement Systems■ Leonard Coulombe DaVita■ Frances Hara, Grays Harbor Comm.Hospital■ Jennifer Hughes, Olympic HealthManagement■ Toni Qunell, Enumclaw CommunityHospital■ Bill Ulrich, Consolidated Billing Srvcs.Inc.■ Lisa Wick, Children’s Hosp. & Reg.Med. Ctr.■ Susan Winters, Valley Imaging Partners■ Amy Woodfin, St. Joseph HospitalWest Virginia■ Joy Moore, Garnett County MemorialHospital■ Jennifer Paxton, HCA Physician ServiceWisconsin■ Nancy Davis, Ministry Health Care■ Ann Gainey, Pathway Health■ Michael Garlie, St. Joseph’s Comm.Hospital■ Ann Glaney, Pathway Health■ Bob Heider, Waukesha Health Care,Inc.■ Daniel Icenogle, Whyte, Mirscol Boeck,Dudek■ Eric Kaminski, All Saints HealthcareSystems■ Karen Mayes, Physicians Plus Insur.Corp.■ Peter Weidenheim, Security Health Planof WI, Inc.■ Rebecca Ziegler-Ohs, Bay Area MedicalCenter■ Gary Ziehr, 16th Street CommunityHealth Center ■

By Michael Hemsley, Esq.Editor’s note: Michael Hemsley, Esq., chairs profit health care organizations.the HCCA Special Interest Group for LargeIntegrated Health Care Systems. He is Vice As responsible corporations, regardless ofPresident, Corporate Compliance and size, will evaluate and respond to suchLegal Services for Catholic Health East. To reform initiatives, management will againlearn more about the Large Integrated be pressed to ensure that informationHealth Care Systems SIG please contact and reporting systems exist that are reasonablydesigned to provide accurateMike at 610/355-2047 or via email:mhemsley@che.orginformation sufficient to allow the Boardand management to reach informedOne can hardly avoid the public judgements concerning both the corporation’scompliance with law and its busi-and professional discussionssurrounding proposals for corporatereform in response to the variousness performance.notorious corporate financial accounting In that process, it is suggested that complianceofficers prepare for the anticipat-and related improprieties. As high profilehealth care fraud enforcement actions led ed demand for heightened scrutiny ofto new laws, penalties, and increased compliance areas of heretofore lesserenforcement resources under HIPAA, a focus. The following are suggested areassimilar government response is developingto these corporate integrity issues.for familiarity and re-emphasis:Although President Bush’s recently Governanceannounced “Comprehensive Corporate Become familiar with your Corporation’sReform Agenda” focuses on publiclytradedcompanies, it is foreseeable that a your Conflict of Interest policy to ensureBoard orientation program and reviewnumber of such reforms will migrate to that it comports with the latest IRS recommendations(See IRS 2000 Continuingnon-profit health care organizations.Professional Education Manual) and is adequatein breadth to apply to all fiduciar-It is also a well taken assumption thatState Attorney Generals may join the ies, not simply officers and directors.chorus for corporate reforms to strengthenand extend their traditional oversight Financeover charitable organizations. A complianceofficer need look no farther than the management letter. Although such lettersReview the financial auditors annualexperience of the Allina Health System often contain “stock” recommendations,with the Minnesota Attorney General in they occasionally identify areas of vulnerabilityor performance below industryhis 2001 “Business Compliance Review”to understand the expanding role of State norms which may have complianceAttorneys General in the affairs of non-implications. Review those portions ofMICHAEL HEMSLEY, ESQ.public disclosure statements which relateto organizational compliance. Significantadverse ramifications arise from errors inpublic financing disclosure statements.Excess benefit transactionsOn January 23rd of this year, the IRSissued final intermediate sanction regulationsdirected to tax exempt organizationswhich must make annual determinationsregarding “reasonable compensation”paid to the organization’s managersand administrators. The breadth of individualssubject to these rules can be surprising.A review of the adequacy of thedocumentation of compliance in thisfield should be a matter of annual review.Review procedures for designation ofcharitable gifts and compliance withapplicable state charitable solicitationsregulations. Alleged violations of stateunfair trade practice and consumer protectionlaws is an increasing basis forstate attorney general review of arguablyunrelated business decisions of nonprofithealthcare organizations.Document management policiesThe travails of Arthur Andersen, LLPhighlight not only the need to establishdocument management policies but toContinued on page 18September 200217

STATSEditor’s note: This information is provided byErin O’Donnell, with PricewaterhouseCoopers.■ Qui tam cases account for roughly $4 billionor 57 percent of the total civil fraudrecoveries since 1986. In FY 2000, 80 percentof the $1.5 billion in total fraudrecoveries stemmed from qui tam lawsuitsinitially filed by whistleblowers. For moreinformation visit: http://www.taf.org/publications.html■ Survey fact from the “HCCA 2001 Profileof Health care Compliance Officers”–“Since 1999, the percentage of health careorganizations with active compliance programsin place has increased from 55% to80%, and budgets have increased by over10%” Want to read more? Visit:http://www.hcca-info.org■ The Centers for Medicare and MedicaidServices has failed to collect $260 millionin civil penalties as of September 30, 2000.$255 million is from fraud and abusedebts. $172 million has been outstandingsince fiscal 1997. Source: ModernHealthcare, Jan. 7 2002■ Of the total civil fraud recoveries to date,$2.85 billion–or 41%–are from healthrelatedFalse Claims Act cases. In FY 2000,$840 billion–56%–of the total civil fraudrecoveries were from health-related cases.For more information visit:http://www.taf.org/publications.html■ Near-term hospital spending growth is projectedto accelerate more rapidly than projectedlast year, as recent data suggests thatcosts and utilization are rising faster thanexpected. The report now projects anincrease in hospital spending of 8.3 percentfor 2001, up from 5.1 percent in 2000. ■September 200218& FACTSWEBEditor’snote:Periodicallywe publish alisting of helpful Internet and emailresources. If you know of Websites thatmay be helpful to compliance professionals,please submit them to MargaretDragon at mrdragon@ziplink.netBe sure to visit the HCCA Website:http://www.hcca-info.org to find themost up to date listings of upcomingconferences, compliance resources andWebsite links. Don’t miss out–Be sure toread the articles BNA provides on theMembers Only section of the HCCAWebsite.Also on HCCA Website:■ HCCA’s New Quick Survey Resultshttp://www.hcca-info.org/html/compliance.html#Survey■ Examples of CCO Job Descriptionshttp://www.hcca-info.org/html/cco_jobs.html■ Career OpportunitiesRESOURCESinfo.org/html/careers.htmlGovernment Links■ Office of Civil Rights guidance onproviding interpretershttp://www.hhs.gov/ocr/lep/■ EMTALA changes - pages 31469-31479http://www.access.gpo.gov/su_docs/fedreg/a020509c.html■ Federal Register Notice RE: Revisionof OIG Compliance Guidance for theHospital Industryhttp://oig.hhs.gov/authorities/docs/cpg%20hospital%20solicitation%20notice.pdf■ ABN Infohttp://cms.hhs.gov/medlearn/refabn.asp■ OIG Review of Graduate MedicalEducation And Indirect MedicalEducation At Saint Elizabeth’sMedical Center For Fiscal YearEnding September 30, 1999http://oig.hhs.gov/oas/reports/region1/10200505.pdf ■PREPARE FOR INCREASED SCRUTINY...continued from page 17revisit existing policies. Additionally, the federal and state corporate reform measuresare enacted, we must stay abreast ofcompliance officers consult with counselto ensure that processes are established to these developments and modify our programsappropriately.enable employees to obtain authoritativeguidance and ensure preservation of documentsthat may be subject to review. See “An Emerging Issue: Waste of CharitableAssets”, published in the SpringThe legal rules in this area are fluid.2002 Newsletter , American HealthThe current corporation reform initiative Lawyers Association, Tax and Financereminds us that compliance responsibilitiesand liabilities extend beyond “lines of ing from In Re: Caremark International,Substantive Law Committee, paraphras-business” or government payor focus. As Inc. Derivative Litigation. ■

FORYOUR INFOABCsOF ACRONYMSMA mangets jailterm forhealth care fraudOn July 16, U.S. Attorney for MassachusettsMichael J. Sullivan, announcedthat Peter A. Salvati, age 52, of Norwood,MA, was sentenced to sixmonths in jail followed by six monthsof community confinement as part of aterm of three years’ supervised releaseas a result of his conviction for defraudinghealth care programs. Salvati mustalso make restitution of $38,069 andparticipate in mental health counselingas ordered by the ProbationDepartment.Salvati had earlier pleaded guilty tocharges of defrauding health care programswhile operating a business knownas P.A.S. Orthotics and FootcareSpecialties. For more: http://www.usdoj.gov/usao/ma/presspage/July2002/Salvati-Peter-sentencing.htmLifemark Hospitals of Florida pays$29 million to resolve false claimschargesLifemark Hospitals of Florida, a subsidiaryof Tenet Healthcare Corporation,has paid the U.S. $29 million to settleallegations that Lifemark, Tenet, and variousaffiliated and predecessor companiessubmitted false claims to the Medicareprogram and violated the False ClaimsAct.This settlement resolves claims broughtby whistleblower Isabel Ayers. Ayers filedher suit in August of 1997. She willreceive approximately $4 million of thetotal recovery. For more: http://www.usdoj.gov/opa/pr/2002/July/02_civ_406.htmGulfport dentist among eight peopleindicted on Medicaid fraud chargesOn July 12, Mississippi AttorneyGeneral Mike Moore announced thateight individuals, including Gulfportdentist Dr. Frederic Dunn were arrestedon multi-count indictments related toMedicaid fraud.Dr. Frederic Dunn was indicted on 19counts related to Medicaid fraud in twoseparate indictments. He is charged withfiling false claims for unauthorized servicesand unlawfully receiving or attemptingto receive unauthorized paymentsfrom the Medicaid program.Dunn is charged with intentionallybilling Medicaid for gum trimming procedureswhen he knew the patients didnot qualify for these services under theMedicaid program. He faces up to 57years in jail and/or up to $190,000 infines if convicted. Dunn was arrested onJuly 9, 2002, and released on a $19,000bond. For more: http://www.ago.state.ms.us/news-events/index.htmlPhysician concedes he obstructedinvestigation of UWA billing practicesOn July 16, the U.S. Attorney for theWestern District of Washington, duringa press conference, announced that Dr.H. Richard Winn admitted he obstructeda criminal investigation related to theMedicare and Medicaid billing practicesat the University of WashingtonPhysicians, a private nonprofit corporation.According to a report in the July17 Seattle Times, Winn “pleaded guiltyto obstructing a criminal investigationinto inflated billings by asking otherdoctors to lie for him and creating anContinued on page 22Editor’s note: The following listing will help youthrough the health care acronym maze. Theinformation is provided by Erin O’Donnell,an Associate with PricewaterhouseCoopers.EDI- Electronic Data Interchange - Thetransference of claims, certifications, qualityassurance reviews, and utilization data viacomputer. Source: Coder’s Desk Reference,2002FAR - Federal Acquisition Regulations -Regulations of the federal government’sacquisition of services. Source: Coder’s DeskReference, 2002MCE - Medical Care Evaluation is the partof the quality assurance program that reviewsprocess of medical care. Source: Coder’sDesk Reference, 2002MLP - Midlevel Practitioners - areProfessionals such as nurse practitioners,nurse midwives, physical therapists, physicianassistants, and others who provide medicalcare but do so with physician input.Source: Coder’s Desk Reference, 2002MSSP - Medical Staff Services Professional- The medical staff services professional usuallyreports to the chief executive officer, vicepresident of medical affairs, or a similar position.The MSSP plans, develops, organizes,and controls the operation of the medicalstaff office to contribute to meeting the missionand goals of the hospital and to meetthe requirements of the medical staff bylaws,JCAHO standards, and other applicable federal,state, and local regulatory and/oraccrediting agencies. For more information:http://www.credentialinfo.com/career/jobdesc/mssp.cfm ■September 200219

By Steve Vincze, CHCEditor’s note: Steve Vincze is a member of the Initiative. Hospital compliance programsHCCA Board of Directors and he is the are the first segment of the health careethics and compliance officer for TAP industry to be explored.Pharmaceutical Products Inc. He is the chairof the Compliance Program Performance The Task Force, Steering, and DraftingMeasurement Initiative Task Force. Those Committees met in Boston, June 12 andserving with Steve in this effort are listed in 13, 2002. We had good attendance withthe box below.approximately 25-30 people as well as participation/observationfrom the AHA,UpdateFederation of American Hospitals, andIn the July 2002 issue of Compliance CMS. On June 12, 2002, Lori PelliccioniToday we reported on the organizational provided a full briefing on the results ofsteps taken by the Health Careher research in greater depth and detailCompliance Association (HCCA) in its than previously available. This proved mostpublic and private sector Compliance helpful and informative in framing theProgram Performance Measurement issues and moving forward constructively.STEVE VINCZE, CHCRound table discussions regarding the rolesand missions of the Steering and DraftingCommittee followed the briefing.On June 13, the Drafting and SteeringCommittees split up to perform theirwork. They agreed to use the seven elementsof the U. S. Sentencing Commissionand the “indicators” for complianceprogram effectiveness from Lori’s dissertationas a basis to begin outlining the neces-Compliance Program Performance Measurement Initiative Task Force,Steering and Drafting Committee membersSteering Committee members:■ Albert Bothe, M.D., University ofChicago■ Steve Brannan, University ofAlabama, Birmingham■ Suzie Draper, IntermountainHealth System■ Rory Jaffe, M.D., UC Davis■ Lisa Murtha,* Children’s Hospitalof Philadelphia■ Jeff Oak, Ph.D., Department ofVeterans Affairs■ David Orbuch, Allina HealthSystem■ Steve Ortquist, Banner HealthSystem■ Daniel Roach, CatholicHealthcare West■ John Steiner, Cleveland ClinicDrafting Committee members:■ Eileen Boyd, KPMG■ Fred Entin,* Foley & Lardner■ William Mitchelson, Alston &Byrd■ Glen Reed, King & Spalding■ Brent Saunders,PricewaterhouseCoopers■ Catherine Sreckovich, TuckerAlan Inc.■ William Tillett, Ernst & Young■ Debbie Troklus, President,Healthcare ComplianceCertification Board,PricewaterhouseCoopers■ Sheryl Vacca,* President, HCCA,Deloitte & Touche■ Mark Watson, Deloitte & Touche■ Howard Young, Esq., Arent FoxTask Force members:■ Steve Vincze,* Chair■ Odell Guyton, Microsoft■ Tim Hill, Centers for Medicareand Medicaid Services■ Lewis Morris, Office of InspectorGeneral and■ Lori Richardson Pelliccioni, JD,Ph.D., PricewaterhouseCoopers,■ Roy Snell, HCCA Chief ExecutiveOfficer■ Sheryl Vacca, HCCA Presidentand Director, Deloitte & Touche■ Alan Yuspeh, HCA* ChairSeptember 200220

sary “inputs”–design and implementationelements for the first work product that weagreed we would strive to develop. It wasdecided that the Steering Committeewould provide the substantive content outline,while the Drafting Committee wouldflesh these out and draft the basic “principles.”Post-BostonSince meeting in Boston the Committeeshave been busy. Work groups have beenestablished, several conference calls haveoccurred, and quality DRAFTS for the initialproduct relative to compliance programinputs have been produced.In Boston it was agreed that the first workproduct would be finished by the AHLA/HCCA meeting in September, but that itmay take significantly more time to completethe second product relative to performancemeasurement tools. Nevertheless,the Steering Committee has made progresson beginning the process of identifyinguseful measurement tools for hospital complianceprograms.SPECIALTo get involved or ask a question, just email or call the following SIG chairs; be sureINTEREST GROUPSto include your telephone and fax numbers, and best time to contact you. Alternately,you may fill in this form and fax it to 215/545-8107 or mail it to The HealthCare Compliance Association, 1211 Locust Street, Philadelphia, PA, 19107 ■❏ I am interested in the Special Interest Group(s) checked below:❏ Health Care SystemMichael C. Hemsley, Esq., 610/355-2047, mhemsley@che.org❏ Payor/Managed CareVickie McCormick, 612/204-4156, vmccormick@halleland.com❏ Long Term CareTerri Graham, 502/596-7356, terri_graham@kindredhealthcare.com❏ Home CareChris Anderson, 631/501-7390, chris.anderson@gentiva.com❏ Behavioral HealthJohn Ciavardone, 610/260-4610, Jciavardone@nhsonline.org❏ Academic/ResearchMarti Arvin, JD, CHC, CPC, 412/647-3388, arvinm@msx.upmc.edu❏ PharmaceuticalCharles Brock, 847/937-5210, charles.brock@abbott.com❏ I have a question about:MissionWe are engaged in a collaborative, volunteereffort to improve the collective abilityof all health care organizations, in this firstcase–all hospitals–to know with greaterprecision (1) what it takes to design andimplement an effective compliance programand (2) what to measure and how tomeasure to be assured that the complianceprogram is achieving fundamental performanceobjectives. This is a work inprogress that is first and foremost intendedto serve the greater good of all health carecompliance professionals. We will continueto update our members and the health carecommunity on these efforts. ■NameTitleOrganizationAddressCityStatePhoneFaxEmailHCCA member #ZipSeptember 200221

FYI...continued from page 19‘atmosphere of fear and intimidation’within the department.”Winn has agreed to resign from UW’smedical school where he has worked for20 years and “helped build its prestigiousneurosurgery department and trainingprograms,” reported the newspaper.Winn also agreed to pay $500,000 tocompensate for the improper billingssubmitted to Medicare and Medicaid. Inaddition, he has agreed to perform 1,000hours of community services. “Federalprosecutors recommended that Winnspend no time in prison. Prosecutors alsoagreed to urge that Winn be allowed tokeep his medical license,” according tothe Seattle Times report. Search theSeattle Times Website for the completestory: http://seattletimes.nwsource.com/html/homeNY nursing home owners will pay $11millionNew York Attorney General Eliot Spitzerannounced on July 11, that nursinghome owners, Stanley and Judith Dicker,will repay NY taxpayers $11 million,including interest, for Medicaid overpaymentsimproperly paid to them between1996 and 2001. The Dickers own andoperate the Hillside Manor Rehabilitationand Extended Care Center inJamaica Estates, Queens, and the HudsonValley Rehabilitation and ExtendedCare Center in Highland Park, NY.New York’s Medicaid Fraud ControlUnit, in the course of an ongoing reviewof home care providers, discovered thatbeginning in 1994, the Dickers withdrewsubstantial sums of money, classifiedas “management fees” from theirnursing homes. Although these fees areSeptember 200222deemed non-reimbursable administrativeexpenses, a percentage of the fees wereerroneously factored into the rates billedfor therapists, nurses, and aides associatedwith the Dickers’ long-term homehealth care programs. Thus, these rateswere improperly raised by $13 to $26per visit.These inflated rates came to $9 millionin Medicaid overpayments between1996 and 2001. For more: http://www.oag.state.ny.us/press/2002/jul/mfcu_07_11_2002.pdfFL AG issues subpoenas related toProzac mailingOn July 9, Florida Attorney GeneralBob Butterworth announced that investigativesubpoenas were issued to EliLilly & Co, Walgreens Company, HolyCross Hospital, Ft. Lauderdale, andmedical group members Drs. ZoniaAcosta, Kenneth Burke, and Lise M.Lambert. The subpoenas were issued todetermine whether state laws were violatedwhen Prozac tablets were mailedunsolicited to a Florida resident.Butterworth took the action after a freesample of Prozac, formulated to be takenweekly, was sent unsolicited to at leastone Florida resident. Along with the freesample was a letter signed by the medicalgroup members and was contained in aWalgreens envelope.“This type of activity raises serious questionsin the areas of both public healthand marketing,” said Butterworth.“There is legitimate concern that theunsolicited delivery of prescription drugscould lead to dangerous misuse. At thesame time it raises the specter that privacyrights are being violated by misusingmedical information to target likely candidatesfor a particular drug.” For more:http://legal1.firn.edu/newsrel.nsf/$defaultviewFL man pleads guilty to health carefraudOn June 27, the U.S. Attorney’s Office,Middle District of Florida announcedthat Fred D. Ford, Jr., pleaded guilty tofelony offenses in two separate casesrelating to massive Medicare andMedicaid fraud schemes. Dubbed“Operation Hardgear” governmentinvestigators uncovered the schemeconcerning fraudulent billings bydurable medical equipment companies(DME) in Florida and elsewhere.Ford, a salesman for Gold Star, wascharged in January 2002 by a federalgrand jury in a 55-count indictmentrelated to Medicare and Medicaidfraud. It’s alleged that Ford and othersconspired to submit false, fictitious, andfraudulent claims to Medicare andMedicaid related to the sale of motorizedwheelchairs, alternating pressuremattresses, and related items. Fordpleaded guild to conspiring to commitMedicare and Medicaid fraud and submittingfalse claims to Medicare andMedicaid.Previously the investigation nettedguilty pleas from Barry DouglasHaught of Tampa, Phillip Lipsey ofOrlando, James Taylor of Georgia,Dennis E. Rodriguez of Odessa, JohnC. Merlino of Tampa, and JohnBidelspach, D.P.M., of Palm Harboralong with DME companies DBB, Inc.,Trans-Capital Investment Group, Inc.Med-Care Distributors, Inc., and T-Tech Medical Services, Inc. ■

Editor and Publisher:Margaret R. Dragon, Director of Communications, HCCA, 781/593-4924,mrdragon@ziplink.netConsulting Editors:Sheryl Vacca, President, HCCA, 916/498-7156Roy Snell, CEO, HCCA, rsnell@hcca-info.orgAdvertising Department:Joni Lipson, 888/580-8373, joni.lipson@rmpinc.comDesign & Layout:Robin Taliesin, Raven Creative, 781/631-4639, robint@raven2.comHCCA Officers and Board of Directors:Sheryl Vacca, CHCHCCA PresidentDirector, West Coast Compliance Practice,Deloitte & ToucheAlan Yuspeh, JD, MBAHCCA 1st Vice PresidentSenior Vice PresidentEthics, Compliance and CorporateResponsibilityHCAAl W. Josephs, CHCHCCA 2nd Vice PresidentCompliance OfficerHillcrest Healthcare SystemOdell GuytonHCCA TreasurerDirector for ComplianceMicrosoft CorporationDaniel RoachHCCA SecretaryVP and Corporate Compliance OfficerCatholic Healthcare WestGreg WarnerHCCA Imme. Past PresidentDirector for ComplianceMayo FoundationShawn Y. DeGroot, CHCCompliance OfficerUpper Midwest Network & VA Medical& Regional Office CenterSuzie Draper, BSN, RNCorporate Compliance Officer and PrivacyOfficer, Intermountain Health CareCEO/Executive Director:Roy Snell, CHCHealth Care Compliance AssociationRory Jaffe, MD, MBAChief Compliance OfficerU.C. Davis Health SystemAllison Maney, CPA, CHCCompliance OfficerLovelace Health SystemVickie McCormickSpecial CounselHalleland Lewis Nilan Sipkins & JohnsonLewis Morris, Esq.Assistant Inspector Generalfor Legal AffairsDHHS Office of Inspector GeneralF. Lisa MurthaChief Audit and Compliance OfficerChildren’s Hospital of PhiladelphiaJeffrey Oak, PhDAssociate Chief Financial Officer forComplianceVeteran’s Health AdministrationTeresa L. Mullett ResselDeputy Assistant SecretaryU.S. TreasuryBrent SaundersPartnerPricewaterhouseCoopersDebbie Troklus, CHCAssistant Vice President for Complianceand PrivacyUniversity of LouisvilleL. Stephan Vincze, JD, LL.M, CHCEthics and Compliance OfficerTAP Pharmaceutical Products, Inc.PEOPLEEditor’s note: If you have receiveda promotion, award, degree, orrecently changed jobs, please let CTknow. Call or fax 781/593-4924, emailmrdragon@ziplink.net, or mail your news to MargaretDragon, HCCA, P.O. Box 197, Nahant, MA 01908.➤ Carolyn Avery has been named Coding & ComplianceManager for Horne CPA Group in Nashville, TN. Carolynmay be reached at 615/312-9050.➤ Raylene Kelsberg has joined Children’s Hospital & HealthCenter in San Diego, CA as Director of RiskManagement. She may be reached at 858/966-4980.➤ Julie Marston, MPH, has been named Chief ExecutiveOfficer of CRI of New England, Inc. in Boston, MA. Shemay be reached at 617/778-5454.➤ Lewis Mashburn III, CHE, MHA, MPA, has been namedHIPAA Compliance Manager for The Children’s MercyHospital in Kansas City, MO. He may be reached at816/234-3946.➤ Debbie Troklus, CHC, has been named Assistant VicePresident for Compliance and Privacy for the University ofLouisville. She may be reached at 502/852-0758.➤ Richard Zimmerer has joined KPMG in Los Angeles, CA.He may be reached at 213/630-8068. ■Your Vote Counts!HCCA Leadership Ballot Mailing this MonthCompliance Today (CT) (ISSN 1523-8466) is published by the Health Care ComplianceAssociation (HCCA), 1211 Locust Street, Philadelphia, PA 19107. Subscription rate is $287 a yearfor non-members. Periodicals postage-paid at Philadelphia, PA 19107. Postmaster: Send addresschanges to Compliance Today, 1211 Locust Street, Philadelphia, PA 19107. Copyright 1998the Health Care Compliance Association. All rights reserved. Printed in the USA. Except wherespecifically encouraged, no part of this publication may be reproduced, in any form or by anymeans without prior written consent of the HCCA. For subscription information and advertisingrates, call HCCA at 888/580-8373. Send press releases to M. Dragon, PO Box 197, Nahant, MA01908. Opinions expressed are not those of this publication or the HCCA. Mention of productsand services does not constitute endorsement. Neither the HCCA nor CT is engaged in renderinglegal or other professional services. If such assistance is needed, readers should consult professionalcounsel or other professional advisors for specific legal or ethical questions.Very soon all HCCA members will receive a ballotlisting the HCCA Board of Directors Nominees. Itis vital that you make your vote count. Please be sureto return your HCCA Board of Directors ballotpromptly. The election results will be published inCompliance Today. ■September 200223