Whitepaper Navigating Compliance Regulations for Healthcare … · 2018-01-24 · Whitepaper:...

Whitepaper

Navigating Compliance Regulations for Healthcare Communications in 2016

Novitex Enterprise Solutions1-844-NOVITEX I www.Novitex.com

Whitepaper: Navigating Compliance Regulations for Healthcare Communications in 2016 2 2

In the highly-regulated healthcare industry, communication managers and compliance

officers face a growing number of complexities when it comes to communicating with

patients and members in a way that is both effective, and compliant. Already in 2016, fines

and sanctions related to HIPAA and HITECH laws have tallied as high as $6.5 million dollars

for a single violation. Today’s regulatory landscape, in regards to communications within the

healthcare industry is an understandably tense one, and stakeholders are actively seeking

more effective methods to execute their communications. The goal is to deliver

communications that are 100% compliant, contain zero defects, and are truly 1-to-1 in terms of

personalization, including honoring the patient or member’s preferred channel of

communication. However, those objectives are not always easy to achieve. In support of that

goal, we have assembled this whitepaper; taking a look at industry trends, some available

healthcare enterprise content management system options, and lastly, providing a look at

our own solution: Healthcare Connect.

Introduction

Whitepaper: Navigating Compliance Regulations for Healthcare Communications in 2016 3

Organizations in the healthcare space face a myriad of industry-specific regulations when it

comes to patient and member communications that do not exist in other industries, even

other highly-regulated ones like financial services.

Many organizations are bringing in a number of safeguards already. Compliance Officers and

dedicated compliance teams are among the top. But many are also using a number of

industry-specific software systems in an attempt to automate some of the production of

compliant materials, to reduce the risk of human error and mitigate the risk of compliance

penalties. While investing in tools and teams dedicated to this work are good steps, there is

still room for improvement as evidenced by the high number of substantial fines and sanctions

levied against a large percentage of healthcare and insurance firms in 2016.

$5.5 million settlement from

Advocate Healthcare

$4.3 million assessment

against Cignet

$2.2 million penalty against

New York Presbyterian

3

Mission Critical: Clear, Affective, Compliant Communications

Examples of Fines Against Healthcare Providers Include:

Due to sets of newly introduced and evolving laws

and conditions, like a 2016 round of HIPAA audits,

ICD-10 revisions, and the introductions of Medicare

Access and CHIP Reauthorization Act (MACRA),

Merit-Based Incentive Payment System (MIPS), and

Alternative Payment Models (APMs); navigating the

fluid conditions of HIPAA and HITECH Compliance,

as enforced by CMS, brings everyday challenges for

healthcare enterprises of all sizes when it comes to communicating with members and

patients; and high visibility to compliance and communications managers/officers within

these organizations.

In this ever-changing landscape of regulated communications, healthcare organizations are

finding it increasingly more important to have systems, processes, and accountability in

place to manage it all.


Let’s face it – the creation, and distribution of patient and member communications might be

one of the most cumbersome workflows; from sensitive information, including personal

health and financial records, to the privacy and security implications facing the management

of such documents. Hospitals, health insurance providers and pharmaceutical alike are

facing some common trends when looking at the industry in more detail.

Trends Within the Healthcare Communications Landscape

TREND 1: INCREASING REGULATIONS

TREND 2. KEEPING UP WITH TECHNOLOGY

As communication technologies change and evolve, healthcare enterprises must understand

how they can leverage technology and which tools are right for them.

These types of communication processes can lead to questions like:

Constant changes of regulatory conditions makes

choosing communication tools that can securely

manage and disseminate patient and member

communications in a compliant manner paramount.

Tools need to support security and privacy as well as

give insight back to the provider.

As important as the tools used are, so is the ability to

maintain and upgrade technology. Mergers and

acquisitions can lead to a number of legacy systems

that do not interface with one another, creating an

inability to effectively manage end-to-end

communications.

• Was the document printed or mailed?• Does it meet quality standards?

• When did we send our last communication?• Was it on time with a mandated deadline?

Oftentimes, organizations are working across departments, creating siloed workflows.

Working independent from one another can present redundant work, inefficiency and lost

productivity, as a result. And with little or no oversight, organizations have minimal visibility

into the chain-of-custody over communications, and limited ways for compliance managers

to audit the process – in the moment, or in review. Documents may be created by one

department, audited by another, and produced by yet another; sometimes by an external

vendor.

TREND 3. INDEPENDENT DEPARTMENT WORKFLOWS / PROCESSES


TREND 4. RISING FINES AND SANCATIONS

Trends Within the Healthcare Communications Landscape, Continued

With fines and sanctions becoming this common, and the financial stakes being so high, it is

important that organizations take careful steps to consider where and how they can

effectively manage their risk.

• The human ability to catch errors is inherently flawed. With only visual confirmation of data

correctness, humans miss an average of 10.23 errors per data set.

• The risk of fines for non-compliant communications around protected health information

(PHI) is on the rise. If discovered, a single non-compliant message could lead to a penalty

of up to $1.5 million.

• Even if corrected within 30 days, HIPAA violations can attract a fines of $10,000 –$50,000.

• HIPAA violation penalties can even include imprisonment for up to 10 years for knowingly

misusing individually identifiable health information.

The approximate number of healthcare companies who have received a CMS sanction or

suspension in 2015 is 35%, and 62% of these companies have received a CMS fine of $250K+,

on average. There are a number of causes behind these alarming compliance statistics.

Occasionally, problems arise due to internal processes. A lack of visibility in production, and

limited audit capabilities within communication platforms themselves lead to breakdowns of

oversight within processes.

$14,883,345 in resolution amounts and monetary penalties to date

OTHER FACTORS AFFECTING COMPLAINCE:

So the question becomes, how can enterprises most successfully navigate these

compliance rules, and avoid audits or breaches that prompt compliance fines and

affect revenue?

For healthcare communication production and dissemination, the best practices are clear:

achieve 100% compliance; maintain zero defects; develop 1-to-1, personalized

communications. In the current climate of software communication platforms available to

support healthcare enterprises, those best practices are not always achievable. In the next

section, we will take a closer look at why.


1.

There are a number of communication management options available to healthcare

organizations today – from SAAS-based software products to consultancies. Each one should

be considered carefully. Where one is strong in templated production capabilities, it lacks in

auditable oversight capacity for compliance; and while experts might recommend processes

and best practices – it leaves organizations on their own to manage in the every day.

Available Communication Management Options

Three Options for Healthcare Organizations:

2.

3.

Consultant-Based Solutions that can leave you exposed over the long term once their training period has completed, due to still manual processes and workflows

Software-Only Solutions that fail to address everything that HIPAA/HITECH or CMS

regulations entail; a software platform may contain compliance safeguards, but does not

have document production engine

A Holistic Solution that addresses the full extent of compliance regulations with

comprehensive, consultative guidance – combining proven methodologies and best of

breed technology applications

Anything less than the third option listed above can spell trouble for healthcare

organizations and put communication compliance at risk. For instance, one healthcare

provider drew the attention of auditors when they sent an explanation of benefits (EOB) by

mail to a complainant's unauthorized family member. A seemingly innocent mistake, but the

subsequent Office of Civil Rights (OCR) investigation determined that a flaw in the health

plan's communication system put the protected health information of approximately 2,000

families at risk of disclosure in violation of HIPAA compliance rules; a substantially larger

violation.

On a separate occasion, a programming error by a business associate at an Indiana-based

FSSA was not caught by internal audits, causing extra pages from client notifications to be

mixed into mailings to the wrong clients, compromising medical and financial information for

nearly 200,000 clients.

Adding software technology to the mix can help, but alone is not the answer. Where one

platform may be strong in terms of audit capabilities, its editable content templates may be

limited. For example, solutions like MedSafe offer compliance training, but then leave you on

your own to remember that training, and create compliant communications based on what


Available Communication Management Options,

Continued

Another company, called Healthicity, offers a suite of compliance-focused software designed

to help organizations manage compliance issues in regards to their outgoing

communications, but their platform does not include an actual document production engine;

meaning, that while their software can guide you through the process of creating compliant

communications, you are still left to create the actual documents outside of their software,

leaving room for human error, unmanaged version control and no trackability or insight into

the proofing process, inclusive of the actual delivery of the final patient facing

communications.

The best option to consider –

a fully holistic, document composition and workflow solution.

they taught you. This consultant-based approach is hardly different than the educational and

training content offered by the CMS themselves. In both cases, you’ll have to learn volumes

of always-evolving information either on your own or with the help of a consultant, and are

left without the built-in compliance safeguards that more comprehensive solutions offer, when

it comes time to actually produce communications. While such educational approaches are

beneficial, this strategy essentially leaves all the same technical and process-based

potential for compliance lapses that your workflows had previously, even if your workforce is

more educated.


Introducing Healthcare Connect

When it comes to effectively communicating

with patients and members, healthcare

organizations have substantially more

components to manage than businesses in

other industries. Connect was developed with

this in mind.

Designed with input from hundreds of client conversations and a proven CMS practice,

Novitex designed Healthcare Connect.

During the document composition phase,

Healthcare Connect includes built-in

safeguards that help support compliance,

zero defects, and mitigate operational risk.

With a web-based portal at the core,

Healthcare Connect allows for the

implementation of proprietary business rules

that will create parameters to satisfy

regulatory requirements. To help ensure

these business rules are followed, the

platform also allows for the establishment of

document formatting rules, and provides

templates with lockable content zones;

preventing errors before they ever happen

by removing the ability to change sensitive

patient and member information completely.

Connect is a complete end-to-end communication composition and workflow solution that supports compliance, personalization, and the fulfillment and

dissemination of healthcare communications.

-by-side document comparisons, and a

streamlined, customizable document review

process, which provides validation, version

comparison, quality control, and document

approval capabilities; all helping to facilitate

that only compliant documents make their

way to production and fulfillment stages.

Version control helps increase compliance by

building in safeguards. This allows your

organization to better manage the most

updated and approved versions among ever-

changing regulations and requirements. It

enables organizations to speed up the

approval process. You can apply template

changes at a parent level that can get applied

to all other related documents.

Enabling compliance and communications

teams alike, Healthcare Connect provides

real-time, self-controlled auditing and

proofing capabilities, including version

control, document rights management, side-

With Healthcare Connect, you’ll be able to

personalize communications and honor each

patient or member’s preferred communication

channel with a number of specifically-

engineered tools. Multi-channel templates


help facilitate the efficient production of

various types of documents; from email to

traditional direct mail; and personalization

through data ensures the most relevant

information is being sent to the appropriate

recipients.

By simply uploading patient or member

data files through the easy to use web

portal, Healthcare Connect automates the

personalization of communications.

Healthcare Connect

SUMMARY:

The last component of successful communication is being able to track and prove that

communications entered the mail stream in accordance with federally regulated CMS

deadlines – offering full chain of custody – down to as granular a level as managing

individual enrollment kits and envelope fills.

Integrating composition, print, fulfillment and mail services with our best-of-breed technology

into your workflows, Novitex offers a seamless and holistic communications solution.

The penalties for compliance issues caused by departmental silos, lack of auditability,

and lack of process oversight, or internal business rules are simply too high to ignore in

the healthcare environment in 2016. Achieving the seemingly lofty goal of 100%

compliance, zero defects, and true 1-to-1 communications is possible, but only with the

right technology, people, and processes in place.

Compliance is just one aspect of an

effective healthcare communication

process. Your patients and members now

expect consistent, personalized multi-

channel communications — satisfaction

and consistency is of utmost importance.

ParentTemplate

ChildrenTemplates

Change Comparison


These efforts led to the company earning 100% HIPAA

compliance after our solution was implemented, saving them

hundreds of thousands of dollars in penalties along with

millions in saved postage costs.

100%

of SLAs were Met

CHALLENGE: DELIVERING 100% COMPLIANCE

When a nationwide health

insurance provider added

Medicare Part D to its portfolio

of services, it was confronted

with new, operational

challenges. Its internal print

and mail facilities did not have

the equipment to handle all

administrative mail, annual

notices of change (ANOCs)

and enrollment documentation

SOLUTION

RESULTS

Within Connect, Novitex created document templates with hierarchical, parent/child structures

and zones that enabled the provider to easily personalize their directories through data

integration while maintaining compliance with HIPAA regulations. With our live auditing tools,

our client was able to track all jobs, from creation to mail insertion, checking for compliancy,

accuracy, and consistency.

triggered exponential cost

increases due to the size of

the piece. The vendor’s

failure to audit also

subjected the client to a

multitude of HIPAA

violations and due to the

size of the pharmacy

directory mailings, incurred

exponential processing

and postage fees.

could not adequately comply

with CMS regulations.

Additionally, they needed to

create confidential pharmacy

directories to disseminate to

their members, but were

confronted with technological

and operational challenges

that impeded compliance and

caused cost increases that

impeded compliance and

$1.4 Million Saved In Postage Costs

Case Study #1: Healthcare Connect in Action

Plus, Connect kept a log of all jobs, allowing the provider to reference historical information

when needed for auditing and tracking purposes.


Our team introduced Connect’s Produce Module and its powerful tool set that included a

customizable web-to-print capability for managing the production of promotional

communications. Features included:

• An eCommerce shopping cart, allowing for easy job submission

• Real-time reporting, providing insight into volume, costs and more

• Preview capabilities, helping to manage quality and consistency

• Audit-friendly tools, enabling managers to quickly approve jobs

• Job tracking, providing users insight into project status

In order to reduce costs further, we leveraged our proprietary collaborative sourcing

database to help our client find the best vendor at the right price point

CHALLENGE: DRIVING THOUSANDS IN SAVINGS WHILE INCREASING QUALITY

This solution led to a 22% annual reduction in print costs,

while satisfaction with printed documents increased

substantially.

Annual

Savings

15% Faster

Production

Times22%


For more than a decade,

Novitex had been providing

on-site reprographic services

to the number one ranking

pharmaceutical company in

the world. As a trusted

adviser, our client turned to us

asking that we help optimize

the production of its

promotional communications.

jobs, which resulted in:

• Usage of multiple vendors,

limiting buying power

• Limited visibility into costs

due disparate workflows

• No approval process,

leading to inconsistent

quality and branding

More specifically, our client

needed to develop a more

efficient and cost-effective

process for ordering and

producing promotional

communications for new

pharmaceutical products.

Our client did not have one

centralized location for users

to submit commercial print

SOLUTION

RESULTS


By leveraging the web-based portal, our client was able to automate the personalization of

customer communications easily and quickly. In addition, we implemented:

• An enterprise-wide set of rules for the development of materials

• Helped develop hundreds of pre-approved templates and brand assets

• An optimized and automated approval process

Our solution enabled this client to save time, money, and

allowed agents to communicate more frequently and

effectively with clients.

30%

SOLUTION

RESULTS

Saved on

Production

Costs

Increased

Brand

Consistency


CHALLENGE: CENTRALIZING THE CREATION OF MATERIALS TO DRIVE

INCREASED STANDARDIZATION

A national, diversified

healthcare services company,

operating 80 hospitals, 190

outpatient centers and six

health plans and Conifer

Health Solutions needed to

launch an outreach and

enrollment campaign to raise

awareness of the new

coverage options available

each agent had their own

system for completing this

task; leading to brand

inconsistencies. One agent

was even using tools like

Word’s merge feature with

Excel to develop hundreds of

letters, wasting countless

hours and increasing the risk

of human error exponentially.

through the Affordable Care

Act. However, the provider

needed to have greater

control over branding across

their hospitals and outpatient

centers. Additionally, the

client needed to increase

efficiency for creating and

producing personalized

communications. At first,

For more information on Healthcare Connect and examples on what it can do for your

healthcare customer communications, visit:

https://www.novitex.com/regulatory-communications-management

https://www.novitex.com/communications-management

You can reach out to our team directly as well by emailing [email protected]

Novitex Enterprise Solutions is the leading provider of innovative, cloud-based solutions in

the document outsourcing industry. By leveraging the end-to-end Integrated Document Life

Cycle™ framework, our consultative approach and the right technology, Novitex and its

9,000 on-the-ground employees enable clients to free up valuable resources to drive their

businesses forward. With more than 30 years of experience, Novitex has successfully

implemented solutions for hundreds of clients, including the Fortune 500, Am Law 200 and

across ten vertical markets.

Learn More About Healthcare Connect

https://www.novitex.com/regulatory-communications-management

https://www.novitex.com/communications-management

mailto:[email protected]

Date post:	08-Aug-2020
Category:	Documents
Upload:	others
View:	0 times
Download:	0 times