Peer Review

profileavett2012
RegulatoryCompliance-peerreview.docx

11

CHANGES IN SECURITY AND COMPLIANCE REGULATIONS

Changes in Security and Compliance Regulations

Student

Class

10/22/20

Running head: ASSIGNMENT TITLE HERE

1

Running head: CHANGES IN SECURITY AND COMPLIANCE REGULATIONS

Changes in Security and Compliance Regulations

Regulatory frameworks serve as a model for enacting facility regulations, and the government relies on these rules to develop, laws, and regulations (Singh, 2018). With the complexity of the United States healthcare industry and current initiatives that promote quality and efficiency of care through technology, there is always the chance of new opportunities and barriers. Regulatory laws should be in place to ensure higher quality care, yet many physicians believe the opposite is taking place. A report shows most doctors feel frustration with complicated and expensive systems designed to deliver more efficient healthcare (Singh, 2018). A complex functionality of these systems, combined with a confusing array of recording systems, has proven to be another example of significant barriers. Tiny physicians' practices, rural healthcare providers, and non-acute healthcare providers across the continuum face unique obstacles when implementing and maintaining compliance regulations (Holt, 2019). Electronic health record (EHR) system implementation within a healthcare setting is a significant cost barrier (Holt, 2019). Healthcare providers face increasingly complex risk and compliance challenges, and as regulatory pressure on healthcare organizations increase, there is an uptick in enforcement by the federal government, to seek out waste, fraud, and abuse within the healthcare industry (McSwain & Zeko, 2016). Compliance officers must ensure to engage stakeholders to help support changes and security in regulatory compliance laws to follow technological requirements to be competitive in the fast-paced healthcare delivery system.

Stakeholder participation is important as a means through which information about political and economic consequences of regulations is generated. In other words, stakeholder participation is a vehicle through which stakeholders become involved deeply in regulatory policymaking by engaging in a “deliberative process aiming toward the achievement of a rational consensus over regulatory decision (Balla & Dudley, 2014). To show they are transformational leaders, a compliance officer must show they have the ability to stimulate, motivate, influence, and understand their followers (Frederiksen, 2015). They must become transformational leaders when helping physicians understand compliance, how to train and educate them about compliance, and eliminate barriers (Frederiksen, 2015). Every change will create an additional risk, that the compliance officer must mitigate. Due to the changes, compliance programs are becoming essential in ensuring organizations are remaining compliant and detect, deter, prevent, and correct instances of noncompliance (Frederiksen, 2015). Until an organization realizes where their compliance risks are, their compliance programs cannot perform the critical functions of mitigating those potential regulatory risks. They must always be proactive in preparing for these in an organization. With cross-organizational coalitions specifically meeting to expand and evolve stakeholder engagement, the discussion can turn to tactical discussions of “what if?” and “what may happen (Rittenhouse, 2015).” A manager hoping to understand how each of the stakeholders and stake-holding groups may respond to the changes can leverage the force-field-analysis tool (Rittenhouse, 2015). An assessment like this is used with the aim of understanding what additional planning needs to take place, resources must be acquired, expectations must be set, and can discuss more openly conceptual barriers and contrive solutions collaboratively. Facilities still incur fines even with diligently internal auditing and governmental scrutiny, internal whistle-blowers, monitoring, and hefty fines, some of these organizations still enter into corporate integrity agreements for noncompliance (Frederiksen, 2015). Earning stakeholders’ support is critical to help prevent and ensure fraud is not committed within the organization, either intentionally or unintentionally.

Another viable solution to prevent fraud is to make sure there are appropriate resources for change. Accreditation within organizations create standards that promote quality, consistency, drive, and safety (Chinn, 2014). Also, these same standards of accreditation increase the value of care given by lending procedural guidance to accomplish what regulations intend (Chinn, 2014). Sooner rather than later a hospital will have a never event. Another value of accreditation is that the organization is required to have risk management procedures to manage these events when they occur. If the organization would take such steps as informing a patient of a medical error, this will decrease liability claims (Chinn, 2014). Root cause identification and contributing factors is important but to prevent reoccurrence the implementing and maintaining of improvements triggered through risk management must be continued. During the accreditation procedure, organizations must adopt tools for improvement of organizational compliance, conduct self-assessments, take part in publicly reported databases, and establish root cause analysis following medical error events (Chinn, 2014). The implementation of electronic health information brought in information quickly, safely, and electronically. Through sound practices in portfolio management, organizations can benefit by ensuring standardization of the following practices, often the province of an organization’s governance function: by providing an infrastructure for the management of projects, programs and sub portfolios (Harrington, Voehl, & Voehl, 2015). Support review and evaluation of new initiative requests, facilitating prioritization and authorization of new projects, and allocating resources to affect change in alignment with organizational strategy and objectives (Harrington, Voehl, & Voehl, 2015). Provide program and project progress reporting of critical success factor metrics, resources, expenditures, defects and associated corrective actions to the portfolio governance process (Harrington, Voehl, & Voehl, 2015). Communicate risks and issues related to ongoing initiatives while monitoring compliance to policies and ensuring ongoing alignment with the organization’s strategic objectives (Harrington, Voehl, & Voehl, 2015). Also, a good practice is providing knowledge management resources and archival services, including collection and propagation of lessons learned. This part of the project deliverable is attained and reported at the close out of the project once the objectives for the changes envisioned.

Doctors, nurses, pharmacists, patients, and other healthcare professionals are allowed to access and securely share a patient’s vital medical records electronically through the “electronic health information exchange (HIE), according to HealthIT.gov (Holt, 2019). During the infancy days of HIE efforts, the availability of technology was an important barrier to achieving the goal to share health information on a massive scale (Holt, 2019). Another concern of HIE is information security and privacy, even though studies show many breaches in hospital involve paper records. The Center for Medicare and Medicaid Services has the influence to push providers into HIE use. Through adoption of standards or submission requirements of quality measures that are met through the information exchange with others as a condition of reimbursement, CMS has significant power over most providers (Holt, 2019). Another approach would be to treat HIE as a public benefit, something like law enforcement or highways (Holt, 2019). Using this approach with an emphasis on rural areas and the underserved will allow everyone the opportunity to participate without individual costs associated with building interoperability one at a time (Holt, 2019). Also, Medicare and Medicaid anti-kickback statutes make it a crime for someone (i.e. a physician) to knowingly solicit or accept payment for referring a patient to another person or entity for furnishing services for which payment may be made in whole or part by the Medicaid or Medicare programs (Holt, 2019). Change does not have to be complex when one creates effective work groups to collaborate and implement change processes within their field of expertise.

Healthcare is a diverse industry where change is a constant, however, change can cause turbulence making, adapting to change complex (Change Management Strategies: Change may be inevitable, but doesn’t have to be hard, 2018). Human responses to change can vary drastically. Everyone’s initial reaction is shock, no matter if change is announced days, weeks, or months ahead of time. To transform shock into a willingness to embrace change takes effective change management. An organization should have a formal change management team and resources, it is critical that department leaders step up to take on the role of change manager as they are the employees’ go-to person (Change Management Strategies: Change may be inevitable, but it doesn’t have to be hard, 2018). Senior leadership and board members must be informed about rules and regulations as individuals on the front lines of compliance, more importantly, compliance officers must ensure leaders are educated about regulations and updated with changes in the field (McSwain & Zeko, 2016). Collaborators and groups for this change need to consist of healthcare administrators, compliance officers, physicians, and other stakeholders, while resources are funding, healthcare IT, and accreditation. To keep employees on a clear path as their roles evolve, leaders must keep the lines of communication open, sharing current status, future goals to progress, and changes needed to reach those goals (Change Management Strategies: Change may be inevitable, but it doesn’t have to be hard, 2018). Leaders must realize employee confusion and understand their response to change, where confusion may exist for the reason opposite of insufficient understanding (Change Management Strategies: Change may be inevitable, but it doesn’t have to be hard, 2018). All leaders must use effective communication to get employees to focus on their role in change, their jobs, and their contributions daily that will affect change. Employee engagement is essential with or without change and to engage staff education is needed. The employees need to be educated, so they fully understand why change needs to occur, to become engaged, and to contribute to ideas (Change Management Strategies: Change may be inevitable, but it doesn’t have to be hard, 2018). To assess a compliance program's strength, an organization must look at the extent their culture is conducive to producing compliance activities and priorities (McSwain & Zeko, 2016). Often times individuals are more uncomfortable with uncertainty than they are with change.

A business of a theoretical approach could be set up, through long-term cost savings, through efficiency, quality of care improvements, and improved reimbursement or insufficient reimbursement fines (Holt, 2019). The cost of electronic health records could cripple a practice’s ability to invest in other vital endeavors, including updated equipment, more staff, or strangling one’s administrative budget, which could lead to decreased resources for effective compliance programs (Holt, 2019). What is needed is the immediate overlay of cash to support an IT initiative that will lead to theoretical return on investment over time within a rapidly changing the healthcare environment, but this can be a complicate sell (Holt, 2019). To support this argument, it is necessary to engage at the highest management level and at the level of physicians, carefully weighing the selection and implementation of the project, focusing on outcomes and transforming the provision of care within the system of implementation of HIE (Holt, 2019). Sustainable change will come from support from the top, utilizing change-sustaining approaches, and shift paradigms when needed (Harrington, Voehl, & Voehl, 2015). Change sustainment requires ongoing communication so individuals understand why certain actions, processes, and behaviors are expected of them. Assimilate and integrate, invest in planning for sustained results, and negotiate those results with a portfolio approach (Harrington, Voehl, & Voehl, 2015). When enforcing the consequences of changing action, it is important leaders learn to back each other up as well as leverage inter-departmental cooperation lest a double standard be perceived, this can drive up resistance and cause adoption rates to go down.

Compliance officers have a responsibility to be transformational leaders and educate other leadership, physicians and stakeholders on security, compliance, and regulation. While explaining the importance of participating in the accreditation process to ease compliance issues, they must also look for other change initiatives to apply project objectives for improvements. Implementing an electronic health record is also a huge cost barrier when looking for ways to improve data collection within the organization.

References

Balla, S.J., & Dudley, S.E. (2014). Stakeholder Participation and Regulatory Policymaking

in the United States. The George Washington University Regulatory Studies Center.

Retrieved from https://regulatorystudies.columbian.gwu.edu/sites/g/files/zaxdzs330

6/f/downloads/Reports?GW%20Reg%20Studies%20%20US-Stakeholders-Reg-Process

%20-%20SDudley%20and%20SBalla.pdf

Change Management Strategies: Change may be inevitable, but it doesn’t have to be

hard. (2018). Health Care Registration: The Newsletter for Health Care

Registration Professionals, 27(11), 6-8. Retrieved from

https://lopes.idm.oclc.org/login?url=https://search.ebscohost.com/login.aspx?

direct=true&db=bth&AN=131580891&site=ehost-live&scope=site

Chinn, S.D. (2014). Pressure and Performance: Buffering Capacity and the Cyclical Impact

of Accreditation Inspections on Risk-Adjusted Mortality, Journal of Health

Management 59(5), 337. Retrieved from https://doi.org.lopes.idm.oclc.org/10.1097/

00115514-201409000-00006

Frederiksen, M. (2015). Earning Physician Support of Compliance. Journal of Health Care

Compliance, 17(3), 37-42. Retrieved from https://lopes.idm.oclc.org/login?url=https:

//search.ebscohost.com/login.aspx?direct=true&db=bth&AN=102541522&site=ehost

-live&scope=site

Harrington, H.J., Voehl, F., & Voehl, C.F. (2015). Model for Sustainable Change. PMI White

Papers. Retrieved from https://www.pmi.org/learning/library/model-sustainable-change

-11122

Holt, R. (2019). Healthcare Compliance and Barriers to the Implementation of Healthcare IT

Initiatives Across the Continuum of Care. Journal of Health Care Finance. Retrieved

from https://www.healthcarefinancejournal.com/index.php/johcf/article/view/198/201

McSwain, J. & Zeko, K. (2016). 5 Barriers to an Effective Compliance Program. Crowe, LLP

Healthcare Connection. Retrieved from https://www.crowe.com/insights/healthcare

-connection/5-barriers-to-an-effective-compliance-program

Rittenhouse, J. (2015). Improving stakeholder management using change management tools.

Paper presented at PMI Global Congress 2015-North American, Orlando, FL. Newtown

Square, PA: Project Management Institute. Retrieved from https://www.pmi.org/learning

/library/improve-stakeholder-management-9901

Singh, R. (2018). Top 10 Regulatory Challenges in the Healthcare Environment. Retrieved from

https://www.jdsupra.com/legalnews/top-10-regulatory-challenges-in-the-82563/

References

American Psychological Association. (2010). Publication manual of the American Psychological Association (6th ed.). Washington, DC: Author.

Daresh, J. C. (2004). Beginning the assistant principalship: A practical guide for new school administrators. Thousand Oaks, CA: Corwin.

Herbst-Damm, K. L., & Kulik, J. A. (2005). Volunteer support, marital status, and the survival times of terminally ill patients. Health Psychology, 24, 225-229. doi:10.1037/0278-6133.24.2.225

U.S. Department of Health and Human Services, National Institutes of Health, National Heart, Lung, and Blood Institute. (2003). Managing asthma: A guide for schools (NIH Publication No. 02-2650). Retrieved from http://www.nhlbi.nih.gov/ health/prof/asthma/asth_sch.pdf

Running head:

CHANGES IN SECURITY AND

COMPLIANCE REGULATIONS

1

Changes in Security and Compliance Regulations

S

tudent

C

lass

10/22/20

Running head: CHANGES IN SECURITY AND COMPLIANCE REGULATIONS 1

Changes in Security and Compliance Regulations

Student

Class

10/22/20