April 10, 2025

QUESTION:
We recently had a patient suicide reviewed through our sentinel event/root cause analysis process.  The process did not identify any aspect of the matter that should be attributed to the attending physician’s provision of care.  Is that the end of the matter?  Do we also need to refer this matter to the medical staff’s peer review process for consideration?  Would it have any authority to reach a different conclusion?  How do these processes intersect?

ANSWER FROM HORTYSPRINGER ATTORNEY RACHEL REMALEY:
We get many questions like this.  There are many quality review processes in health systems and hospitals that intersect with the medical staff’s peer review process and it is not uncommon for there to be questions about which process applies and which takes priority/has authority.  This holds true not only for sentinel event root cause analysis, but also processes to manage utilization review, infection control, antibiotic stewardship, patient grievances, and even workplace investigations (e.g., HR investigations of sexual harassment complaints).

These processes are generally conducted without regard to whether the involved subjects are physicians or other hospital personnel.  So, facts are being gathered, records reviewed, witnesses interviewed, documentation created, and factual conclusions made, often without the involvement of a medical staff peer review committee.  This is normal and customary.

In the end, any of these processes might eventually identify an issue that requires referring to the medical staff.  That’s because, in addition to identifying issues with facilities and equipment, procedures and systems, and hospital personnel – sometimes, these hospital‑based processes also identify with the performance or conduct of physicians or other privileged practitioners.  And how to further review and address those practitioner‑specific issues falls within the sole jurisdiction of the medical staff credentialing and peer review processes.

Those processes allow you to take the initial concern referred by the hospital process (for example, a conclusion from a sentinel event root cause analysis, that the physician’s failure to fully comply with the time-out procedure was partially responsible for a wrong-site incision) and consider it, along with the practitioner’s other peer review information (for example, the practitioner’s history of behavior issues, carelessness, inattention to detail), to determine whether this new issue raises any concern about the practitioner’s ability to practice safely.  If so, it is the medical staff peer review process that would also determine whether any collegial, progressive steps would be reasonable and might help the practitioner to improve and address the concern or, alternatively, whether more formal disciplinary action should be taken.

To provide clarity regarding this intersection between hospital and medical staff processes, it can be helpful to include in the medical staff peer review policies a list of indicators that, when identified, results in a matter being referred to the medical staff’s peer review support specialist (to be funneled into the medical staff’s peer review process).  In addition to listing the more common indicators for review (e.g., specialty-specific FPPE indicators, OPPE outliers, areas where legal risk has been identified, patient complaints, reported concerns), you might also consider specifically listing referrals from personnel/committees reviewing broader aspects of hospital functions (e.g., referrals from a utilization review committee or case manager, representative of the Human Resources department, the quality director, the compliance department, the risk management department).

We are sometimes asked by physician leaders whether it is necessary for medical staff committees to conduct their own witness interviews and gather their own facts, rather than relying on witness summaries, written reports, and other documentation compiled by others, sometimes outside of the peer review process.  It is not necessary to do this.  You can review, and rely on, information generated or compiled by others.  Of course, if you believe that it would be helpful to ask additional questions of a witness or an individual who previously submitted written comments – or if your medical staff committee believes it is necessary or helpful to meet with any of those individuals to better assess their credibility – you may do so (and nothing in the medical staff or hospital policies should prohibit it).  In our observation, medical staff committees do not feel the need to do this in most cases.  But, you do want to leave your options open.

Finally, you asked whether it would ever be appropriate for a medical staff committee to reach a different conclusion than the individual/committee that referred the matter to the committee (e.g., a sentinel event root cause analysis, a utilization review committee).  In the end, each medical staff committee is charged with reviewing the matters in front of it and using the collective professional judgment of its members to reach a conclusion – even if that conclusion differs from those reached by other individuals or bodies that have reviewed the matter.

Whenever a committee reaches a conclusion that differs from the other individuals/bodies that have reviewed the matter (even if it’s a difference of opinion from another medical staff committee that has reviewed the matter at a prior level of review – such as when the MEC is reviewing a credentialing recommendation from the Credentials Committee), it is a wise practice to take a bit of extra time to consider, articulate, and document (for example, in the meeting minutes) the reasons that the committee is reaching a different conclusion.  This is not only a good risk management strategy (bolstering your defense in the event that your actions are later challenged as unfair or as negligent), but also provides greater protections for medical staff members and other privileged professionals who are subject to review processes, by ensuring that when opinions differ, a bit of extra consideration is given to the matter prior to moving full steam ahead.

If you have a quick question about this, e-mail Rachel Remaley at rremaley@hortyspringer.com.

April 3, 2025

QUESTION:
As a part of our routine peer review process, our multi-specialty peer review committee recently requested a meeting with a physician whose case was under review.  The physician said he would only attend if he was allowed to bring his attorney.  Do we have to allow his attorney to attend this meeting?

ANSWER FROM HORTYSPRINGER ATTORNEY IAN DONALDSON:
You do not, but make sure your peer review policy supports you in making this determination!

We are strong proponents of using “collegial” discussions to address performance concerns.  However, that collegiality can quickly go out the window when attorneys are introduced into the process.  If the physician is allowed to bring their attorney, then an attorney from the hospital side is also likely going to be in attendance.  When this happens, the attorneys end up doing all the talking, instead of having a constructive, peer-to-peer discussion.  Even when the physicians at the meeting find a way to get a word in, the presence of attorneys is likely to cause the committee members to speak less candidly, as they will be worried about whether their comments might be used against them by the adverse attorney.

How can your policies help with this dilemma?  We always recommend including language that makes it clear that any collegial meetings will be held in a “no lawyer zone.”  This gives you something to put your finger on to show it is not permitted, should the question ever come up.  More importantly, this allows the invited physician and applicable committee members to have an open and frank “peer‑to‑peer” discussion about whatever issue is on the agenda.

If you have a quick question about this, e-mail Ian Donaldson at idonaldson@hortyspringer.com.

March 27, 2025

QUESTION:
A member of our Medical Staff recently had a significant skiing accident which included a concussion.   When he returned to the hospital, staff noticed a change in his behavior and in his clinical performance.  Last week, he had two significant surgical complications and there are concerns that he might not be safe to practice.  The President of the Medical Staff and the Chief Medical Officer want to summarily suspend his privileges and then mandate a health evaluation – not as a punitive measure but to keep patients safe.  Does that sound like a good plan?

ANSWER FROM HORTYSPRINGER ATTORNEY SUSAN LAPENTA:
Health concerns can be particularly challenging.  There are several reasons why we don’t recommend the imposition of a summary suspension in a situation like this, except as a last resort.  First, the standard for imposing a summary suspension is pretty high and typically requires a finding that “failure to take such an action may result in an imminent danger to the health of any individual.”  (This is the standard built into the federal Health Care Quality Improvement Act.)

Second, most bylaws require that there be significant process after the imposition of a summary suspension.  This process typically includes a meeting with the Medical Executive Committee and, if the Medical Executive Committee continues the suspension, the commencement of an investigation, which might lead to a recommendation for disciplinary action.

Third, just calling the action a suspension changes how it is perceived.  A suspension sounds punitive even if you say it’s for patient safety concerns.  Furthermore, the imposition of a suspension creates reporting obligations.  A summary suspension that is in effect for more than 30 days must be reported to the National Practitioner Data Bank and the State Board.  In fact, some state reporting statutes require any suspension to be reported regardless of the duration.

In our experience, in situations where there might be an injury leading to an impairment, the preferred approach, and the approach that is consistent with accreditation standards, is a more collegial one.  For example, as a first step, the President of the Medical Staff and the Chief Medical Officer could meet with the physician, share their concerns, and discuss next steps and options.  This discussion could include a request that the physician voluntarily refrain from exercising surgical privileges until the fitness for practice evaluation can be completed and reviewed by the Practitioner Health Committee.

A physician in this situation will almost always agree to get the evaluation even if they don’t necessarily think it’s needed.  You can use this approach even if it is not expressly spelled out in your bylaws.

Better yet, build this approach into your Medical Staff bylaws documents.  That way, Medical Staff leaders have the authority to require a fitness for practice evaluation by a physician approved by them and can get the necessary authorizations to share information with, and receive information from, the physician who performs the evaluation.  It also helps to have bylaws language which states that if a physician refuses to get the fitness for practice evaluation that the result would be an automatic relinquishment of clinical privileges, not a suspension.

If you have a quick question about this, e-mail Susan Lapenta at slapenta@hortyspringer.com.

March 20, 2025

QUESTION:
We just discovered that a Licensed Practical Nurse was excluded from participation in all federal health programs.  We have never had a problem with this LPN and since she is an LPN, she does not refer patients to the hospital.  Should we do anything?

ANSWER FROM HORTYSPRINGER ATTORNEY HENRY CASALE:
Yes.  First, remove this person from any contact with patients whose care is paid for in whole or in part by a federal health care program such as Medicare or Medicaid.  Next, review your employment-related credentialing process.  All employees should be screened against the OIG’s List of Excluded Individuals/Entities before they are hired.  Find out how and why this did not occur before this person was hired and institute the processes necessary to prevent a similar situation from occurring in the future.

Now for the difficult and painful part.  You need to make a voluntary disclosure to the OIG.  The information described above will help to structure that self‑disclosure.  The fact that the excluded individual was an LPN, and that an LPN does not refer patients to the hospital or other facility, is irrelevant to the OIG.  Their position is that this person should never have provided any care, items, or services to a federal health care program patient.  As a result, the OIG will demand a refund for all federal health care reimbursement received by the hospital for each patient cared for in any way by the excluded person.

As you can imagine, the penalty will add up.  For example, in January 2025, an Ohio Skilled Nursing Facility entered into a $243,000.90 settlement agreement with the OIG in order to resolve allegations that the SNF employed an LPN who was excluded from participating in any federal health care programs and who provided items or services that were billed to federal health care programs.

If you have a quick question about this, e-mail Henry Casale at hcasale@hortyspringer.com.

March 13, 2025

QUESTION:
We have a physician who was granted a leave of absence (LOA) last October.  Before she went on leave, there were some concerns raised about her practice, and she signed a performance improvement plan that included extensive CME and simulation training.  When the physician asked to go on leave, she was told that before she would be reinstated, she would have to complete both the CME and the simulation training outlined in her performance improvement plan.

The problem is her current appointment term expires at the end of April.  We don’t want to reappoint her now and give her a stamp of approval especially if she hasn’t completed the CME or training. Is there a way to align the decision on her reappointment with her return from the LOA?

ANSWER FROM HORTYSPRINGER ATTORNEY SUSAN LAPENTA:
We share your concern about reappointing a physician who is on an LOA.  This case is further complicated by the fact that when the physician took the LOA there was an incomplete performance improvement plan.

Additionally, we would be reluctant to reappoint a physician about whom you had clinical concerns at least without first reviewing the most up to date information about her clinical performance.  If you reappoint this physician now, you won’t have any clinical information for at least the last six months.  And then, she won’t return from the LOA for an additional six months, at least potentially.

One suggestion would be to inform the physician that final action on her reappointment application will be held in abeyance until she seeks reinstatement from the LOA.  When she is ready to return from the LOA, she will have to update her reappointment application before any action is taken.  You will also want to make sure that your primary source verifications are current.

Simultaneously, she will have to demonstrate that she has satisfied the elements of the performance improvement plan.  Furthermore, it is not unusual, when a physician has been on an LOA for an extended period of time, for leadership to develop a focused professional practice evaluation plan to confirm competence as part of the physician’s reinstatement.

If you have a quick question about this, e-mail Susan Lapenta at slapenta@hortyspringer.com.

March 6, 2025

QUESTION:
Our hospital received a threatening letter from a lawyer, claiming that our website uses Google Analytics and, in doing so, has violated wiretapping laws.  Is this legitimate or a scam? What should we do?

ANSWER FROM HORTYSPRINGER ATTORNEY RACHEL REMALEY:
Some might believe the letter you received is both legitimate and a scam, wrapped up in the same package.  Specifically, as you likely know, the U.S. legal system acknowledges/permits class action lawsuits – essentially, lawsuits filed by one or more “class representatives” who litigate the claim on behalf of all similarly situated class members (the aggrieved individuals).  In concept, class actions permit litigation of claims where the damage to any one litigant may be too small to warrant a single individual shouldering the expenditure of fees/costs on complex litigation.  By grouping the claims of the entire class together, the lawyers who manage class action lawsuits make their money (since they collect their legal fees/costs first, out of any settlement or award), making it possible for these claims – that may otherwise go unaddressed – to be brought.

With that said, many of the class action lawsuits threatened/brought in recent years seem to originate with lawyers looking for a hook to justify a claim.  Often these firms run advertisements looking for individuals willing to serve as a “class representative” plaintiff, giving assurances that those volunteers won’t have to pay any upfront fees and, for their time, will be awarded a greater share of any settlement/award that results from the suit.  One begins to wonder if, for many of these suits, anyone was ever “aggrieved” to begin with.  Some of these firms even sell an interest in the lawsuits to private equity investors.  If the suit eventually results in a settlement or award, the firms/investors win big.  Class members usually receive paltry payouts.  Sometimes, they are a few cents or dollars.  Sometimes, there is no payout for the class members, just promises by a company to do better in the future.  Either way, the law firm walks away with its fees/costs recouped.

So, the letter you received is probably a legitimate letter from a lawyer or law firm.  If it alleges that some class of individuals is aggrieved, it remains to be seen whether any individual actually believed they were aggrieved or knew anything about the alleged wiretapping violation described in the letter.  A quick search of the internet will reveal for you that these types of letters/claims are rampant, and not just with respect to health care organizations.  They are just one of the many ways that firms/plaintiffs have been pursuing class action claims in recent years.  Remember several years ago, when a spate of lawsuits alleged that health care entities were violating HIPAA and state healthcare privacy laws through tracking that occurred on their websites?  We have also seen some firms/plaintiffs taking a new angle, alleging that websites that show videos and track users are violating the federal Video Privacy Protection Act (VPPA).

The good news for you is that (1) you are not alone in being targeted in this way, and (2) a number of courts around the country have already rejected these types of claims under various state’s wiretapping laws.  But, that doesn’t mean that you should simply throw the letter in the trash and ignore it.  Any time you receive any correspondence alleging a legal violation or threatening to sue, you should notify risk management and legal counsel, so that they can help the organization decide the most appropriate response.  In most cases, the next step will be to promptly notify your insurance carrier (who may decide whether to appoint specific counsel to manage the response, put a litigation hold in place, etc.).

Finally, receipt of a letter like this can be a good time for the organization to review its current practices to ensure that there are not gaps in compliance/areas of risk.  The Department of Health and Human Services put out a guidance document, “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates” that may be helpful to review, if website tracking concerns are new to you.  As the HHS website makes clear, some of the guidance has been limited by court action.  But, if you are looking for more information about why website tracking is of concern and some steps that might be taken to address privacy concerns, it is a good place to get started.

If you have a quick question about this, e-mail Rachel Remaley at rremaley@hortyspringer.com.

February 27, 2025

QUESTION:
We perform delegated credentialing/payer enrollment for our employed practitioners and have been receiving correspondence from health insurers with which we have delegated agreements that we need to make changes to our policies and procedures because of revisions to the NCQA Standards.  Is this correct and, if so, can you provide us with more information on the changes that we need to make?

ANSWER FROM HORTYSPRINGER ATTORNEY CHARLES CHULACK:
It is indeed correct.  The NCQA Credentialing and Recredentialing Standards that go into effect on July 1, 2025 include significant changes that will require, at a minimum, updating your policies that apply to delegated credentialing/payer enrollment.  The most significant NCQA amendment is the elimination of the much maligned and close to incomprehensible “Credentialing System Controls” Standard.  When we first heard of this decision by the NCQA, we were relieved (and our relief was shared by those on the frontlines of delegated credentialing).

Unfortunately, the Credentialing System Controls requirements have been replaced with a new “Credentialing Information Integrity” Standard.  On its face, the new Standard is a little bit easier to understand, but it is process heavy and will require revisions to your documents.  Without going too far into the weeds of the Standard, the NCQA is targeting “inappropriate documentation and updates” to credentialing information.  Per the Standard, those performing delegated credentialing must have, among other things, policy language and corresponding processes for: (1) the credentialing information that falls under the integrity requirements, (2) the process for documenting updates to credentialing information, (3) a description of inappropriate documentation and updates, and (4) the auditing process for identifying inappropriate documentation and updates to credentialing information.  This is scratching the surface of what is required under the Credentialing Information Integrity Standard, but it gives you an idea of what changes need to be made to address this topic.

The NCQA Standards also tightened up the time limits for verifications and notifying practitioners of credentialing and recredentialing decisions.  By way of example, verifications of licensure, board certification, work history, and malpractice history must be reviewed by your Credentials Committee or Medical Director within 120 days of the verification (as opposed to 180 days which was required by the old standard).  Moreover, practitioners now must be notified of a credentialing decision within 30 calendar days (compared to the previous requirement of 60 days).

Other changes to the Standards include a requirement that your application ask about practitioner race, ethnicity, and language and a statement that you do not discriminate or base credentialing decisions on these items.  However, the application needs to note that providing this information is optional.

While the Q&A section of the Health Law Express doesn’t have the space to detail all the amendments for the 2025 NCQA Standards, we wanted to give you notice that changes will need to be made.  We have walked many of our clients through the required changes to their policies and procedures and, frankly, the policy changes that are mandated are not difficult to make.  That being said, the Standards are going to necessitate process updates, adjustments, and education for your credentialing staff and implementation may be a rocky road.

If you have a quick question about this, e-mail Charlie Chulack at cchulack@hortyspringer.com.

February 13, 2025

QUESTION:
Our team just attended your seminars in Amelia Island.  The one member who attended the Peer Review Clinic came out of the session with a strong belief we should remove “scoring” from our case review forms.  He’s had some trouble convincing the rest of us, so we wanted to hear it right from the horse’s mouth – why do you recommend against scoring cases?

ANSWER FROM HORTYSPRINGER ATTORNEY IAN DONALDSON:
We are happy to back up your colleague on this one!  The reasons we recommend moving away from using scoring as a part of the peer review process are based on the following issues:

  • We have observed that peer review committees spend a lot of energy on assigning the score, which distracts from the more important issues of whether there is a concern with the care provided and, if so, the appropriate intervention.
  • While scoring gives a perception of being objective, we’ve found that numerical scores don’t necessarily capture the complexity of a case in the same way as a detailed description from a case reviewer.
  • We have found that reviewers may be uncomfortable assigning low scores, which often carry labels indicating that the physician’s care was “inappropriate” or “below the standard.” As a result, the reviewers choose higher scores indicating “care appropriate” even if there are concerns.
  • Negative scores may put physicians on the defensive, especially since most scoring systems don’t allow for the provision of nuanced information.

These characteristics of scoring can undermine efforts to make the peer review process educational rather than punitive.  Accordingly, we recommend having a peer review/professional practice evaluation (“PPE”) system that focuses on actions and performance improvements rather than scoring.

If you have a quick question about this, e-mail Ian Donaldson at idonaldson@hortyspringer.com.

Please join Ian Donaldson and Charlie Chulack at an upcoming Peer Review Clinic to learn more about the new approaches Medical Staffs are taking to traditional peer review matters. You can learn more by clicking here.

February 6, 2025

QUESTION:
There is a private subreddit discussion group in which only Medical Staff professionals are approved to participate.  Most members of the group seek advice on credentialing, privileging, and peer review issues.  Community guidelines within the group caution against identifying the practitioners involved in their questions.  However, some posts may include specific details about problematic credentialing files or behavior incidents.  In some instances, individuals who post questions may include information such as their name and the hospital at which they work.  A few of our leaders are wondering if joining this group would help to bounce ideas off other Medical Staffs and their leaders.  Is this problematic?

ANSWER FROM HORTYSPRINGER ATTORNEY MARY PATERNI:
While we don’t mean to discourage professional interactions among Medical Staff professionals, there are legal risks to discussing credentialing and peer review issues about individual practitioners on social media.

Let’s be real, it’s social media.  There is never any guarantee that anything posted on platforms like Reddit, Facebook, or Instagram will remain private, even if a group is “closed.”  A member of the group could have a reason for disclosing information outside the group.  All it takes is a screen shot or copy + paste.  Plus, efforts to “de-identify” information do not always work.  Even the smallest bits of supposedly de-identified information can sometimes be pieced together and become identifiable.

There are a variety of legal risks if a post about credentialing or peer review matter gets back to the practitioner who is the subject of the post.  First, the practitioner could claim that the post was defamatory because it disclosed unfavorable information in a public setting.  Also, the practitioner could argue that the post constituted a breach of the confidentiality obligations set forth in the Medical Staff Bylaws, “tortiously interfered” with his employment prospects, or constituted a “breach of contract” under state law.

Social media posts could be problematic even if they are disclosed to individuals other than the practitioner in question.  For example, plaintiffs’ attorneys could use such posts as a reason to look for problems at a hospital.  Also, attorneys representing plaintiffs in malpractice or negligent credentialing cases could argue that the disclosure of peer review information on social media resulted in a waiver of the peer review privilege under state law of any information related to that matter.

So, we want to be careful here.  Again, we don’t mean to discourage professional interactions among Medical Staff professionals.  There are certainly many topics that could be discussed that don’t raise the potential problems discussed above.  However, recognize that there are risks to disclosing practitioner-specific information on social media.

If you have a quick question about this, e-mail Mary Paterni at mpaterni@hortyspringer.com.

January 30, 2025

QUESTION:
Our hospital is in the process of refining our Conflict of Interest (“COI”) Policy.  What are some general principles we should stick to/try to avoid?

ANSWER FROM HORTYSPRINGER ATTORNEY HALA MOUZAFFAR:
Every potential COI is unique depending on who is involved, what stage in a process you are in, and the level of participation of the potentially conflicted individual.  So, it is hard to have a lot of hard and fast rules when it comes to evaluating COIs.  That being said, there are some general principles you can follow when defining a process to identify and manage COIs.

(1)        The provider under review should not have the right to compel someone to be disqualified as a COI.
While we can and should allow a provider under review to note potential conflicts with individuals reviewing them, the final say in determining if an individual is truly a COI should remain with someone like a committee chair or other leadership that can make an objective decision.  Also keep in mind that anyone can end up in the hot seat as the provider under review, so we want to make sure that no matter who that individual is – even if it is you one day – we are giving that person fair process and evaluating all potential COIs.

(2)        Committees should have a COI identification process.
Some conflicts are obvious (e.g., family members, competitors, etc.), but some you might be completely oblivious to (e.g., history of animosity, good friends, etc.).  Since it is impossible to know every conflict that might exist, you should have a process that requires committee members to disclose any potential conflicts.  Because if conflicted individuals participate in a process, they may be putting themselves at risk of some legal trouble, so we want to protect those that are volunteering their time to help the hospital by managing those conflicts on the front end.

(3)        Have a COI Policy that maintains the integrity of the process.
Ultimately, our goal in managing COIs is to protect the integrity of the processes we have in place.  By managing conflicts effectively, we build trust in our system processes, so everyone feels like they are being treated fairly and given a fair chance to be heard.

If you have a quick question about this, e-mail Hala Mouzaffar at hmouzaffar@hortyspringer.com.