(From a Chief Medical Officer who recently attended The Peer Review Clinic)

Question: We are implementing the professional practice evaluation (peer review) process that we learned at The Peer Review Clinic.  I know that you recommend that a Leadership Council perform a “triage” function.  We are concerned that adding this step may slow down the process.  Why not just have the multi-specialty Professional Practice Evaluation Committee (PPEC) serve that function?

Answer:  Here are the reasons why we recommend (and most hospitals we work with include in their professional practice evaluation process) a Leadership Council

1. It keeps all of the top Medical Staff Leaders who serve on the Leadership Council – President of the Medical Staff, Chair of the PPEC, CMO/VPMA and perhaps Credentials Chair – in the loop with regard to the cases that are being reviewed in the process.  Certainly, reports from all Department Chairs regarding cases they have reviewed are sent to the PPEC for its review, but that happens on the “back end.”  Having the Leadership Council triage on the front end helps to prevent cases from going into a “black hole” in the Departments and makes sure that cases are reviewed according to the appropriate procedures (See #2 below).  Could the PPEC serve this function?  Yes, but it is harder to schedule a committee to review and make those initial triage determinations so using the PPEC for that function is likely to hamper rather than expedite the process.
2. Not all cases that are identified for review should go through the peer review process, e.g., cases involving unprofessional conduct or that might involve a practitioner health issue.  Many hospitals are using the Leadership Council to address cases of unprofessional behavior that are identified or referred into the process.  Incidents of unprofessional conduct (or to use the Joint Commission’s latest phrase, “behaviors that undermine a culture of safety”) are usually much better and more consistently addressed through a Medical Staff Code of Conduct Policy with a small group of leaders (such as those on the typical Leadership Council) than by Department Chairs alone or by the PPEC.  Likewise, issues involving a practitioner health issue should be addressed through the Practitioner Health Policy, not through the peer review process.

Some hospitals have all cases go to the Leadership Council for triage and referral to the appropriate review process.  Others have “straightforward” cases involving clinical issues go directly to Department Chairs for review and “administratively complex” cases go to Leadership Council.  The “administratively complex” cases are those involving professional conduct or a possible health issue, those involving the Department Chair, or those where a troubling clinical pattern has developed with a practitioner that has not been resolved through previous interventions.

Certainly, a Leadership Council is not absolutely required.  But most hospitals that have implemented it have found it to significantly enhance the effectiveness and efficiency of the process.

Upcoming dates for The Peer Review Clinic:

• October 4-6, 2012 • Fairmont Scottsdale Princess
• February 7-9, 2013 • Disney Boardwalk
• May 2-4, 2013 • Ritz-Carlton, New Orleans

Question:

Thanks for the clarification a couple of weeks ago on the recent CMS Memorandum (S&C-12-17) regarding providers writing orders for outpatient hospital services.  As a follow-up question, are we required to check excluded provider status or query the National Practitioner Data Bank (“Data Bank”) for these ordering practitioners who do not hold clinical privileges at our hospital?

Answer:

The CMS Memorandum does not specifically require a hospital to check excluded provider status or query the Data Bank for these practitioners.  However, a hospital is required to develop a policy that describes how it will handle these practitioners.

Even though not required by the CMS Memorandum, a hospital may want to check excluded provider status.  Many of the outpatient services these practitioners may order may be an item or service that is paid for in whole or in part by a federal health care program.  If the practitioner is excluded, the hospital would be subject to denial of payment and possible civil monetary penalties.

Since the ordering practitioners are not being granted clinical privileges, there is no requirement to query the Data Bank.  If a hospital decides that it does want a Data Bank report, it could require the practitioner to self-query.

Question:

Like most hospitals, we’re employing more and more physicians.  We’ve been struggling with how to conduct peer review of these employed physicians.  Should we use the Medical Staff peer review process, or should we address concerns via the employment contract using the Human Resources process?

Answer:

Many hospitals are struggling with this question.  Ideally, the Medical Staff and HR processes can be integrated to take advantage of the unique advantages of each.  It would be impossible to address this question fully in this limited space, but here are some general thoughts.

We recommend that once a concern about an employed physician is logged in to the hospital’s central repository (you do have a central repository, right?), the person or entity responsible for employment decisions be notified.  This may be a hospital-affiliated physician group, or it may be the HR department within the hospital.  (We’ll refer to this person or entity as the “employer.”)

The content of this notification has to take into account the state’s peer review law.  Some states permit the free flow of information among peer review entities, while other state laws do not address this topic.  Where it is not clear that state law permits the sharing of peer review information, one option is for the employer to be notified that a concern has been raised without providing copies of documentation.

Once the employer has been notified that a concern exists, it can choose to review the matter itself or it can ask that the matter be reviewed via the Medical Staff process.  Presumably, employers will be more likely to deal with behavioral concerns on their own, while they may be more likely to defer to the Medical Staff process to review clinical issues.

If the employer does review the matter on its own, it must notify the Medical Staff process of its resolution of an issue.  Importantly, if those responsible for the Medical Staff process are unhappy with the employer’s resolution of a concern, they have the authority to review the matter independently via the Medical Staff process.

If the employer asks the Medical Staff to review an issue, the employer can be kept in the loop by having the person responsible for employment decisions (or a designee) take part in the Medical Staff’s review of the issue (this may be the VPMA or the physician in charge of the hospital-affiliated group).  This is perhaps the safest approach to protect the peer review privilege, depending on state law.  If at any point during this process the employer concludes that the physician’s employment should be terminated, the employer may do so (subject to the procedures set forth in the employment contract).

There are numerous other factors that must be considered, such as whether the physician’s contract has an “incident and coterminous” provision, whether it has a “no cause” termination provision, whether litigation is likely if a physician is terminated, and so on.  But the key point is that it is possible to integrate and coordinate the Medical Staff and HR processes.

For more information on these issues, please join us in Chicago on April 12-14 for The Peer Review Clinic.  Mornings will be devoted to discussions of how hospitals can design a more effective peer review process, while afternoons are free to let you explore all the museums, parks and other attractions of Chicago. 

Question: We were confused by a recent CMS Transmittal that seems to indicate that all providers writing orders for hospital outpatient services (i.e, rehabilitation and respiratory care) must be privileged by the hospital. This requirement would create huge headaches for us and our patients. Can you clarify CMS’s position on this issue?

Answer:

This issue has been on the minds of many, ever since CMS published Transmittal 72 back in November.  It stated that certain hospital outpatient services could only be ordered by practitioners who had been granted clinical privileges to do so.

This set off a firestorm in the provider community.  Hospitals pointed out that Transmittal 72 created a huge problem for community physicians (i.e., those without hospital privileges) and for physicians whose patients travel out of town or, worse yet, out of state.

Fortunately, CMS issued a new memorandum on February 17, 2012 clarifying its position and updating its original guidance.  In the new memorandum, CMS makes it clear that outpatient services in hospitals may be ordered by a practitioner who is:

• responsible for the care of the patient;
• appropriately licensed;
• acting within his/her scope of practice under state law; and
• authorized by the medical staff to order the applicable outpatient services in accordance with hospital policy.

However, the practitioner is not required to hold medical staff privileges at the hospital under this new superseding guidance.

Did you notice the number of cases in this week’s HLE that involved employed physicians?  We did!  Join Linda Haddad, Henry Casale and Charlie Chulack to learn more – “Integrating Employed Physicians into the Health System of the Future,” April 12?14 at the Fairmont, Chicago.

Question: We heard that the Health Care Reform law has several provisions on malpractice reform. Have those provisions been implemented?

Answer: The Patient Protection and Affordable Care Act (“PPACA”) does contemplate malpractice reform. Section 10607 of the PPACA provides for $50,000,000 to be awarded to states to develop and implement malpractice demonstrations. The demonstrations were meant to be alternatives to current tort litigation models and were to include both promotion of a reduction in medical errors and resolution of malpractice disputes. However, the distribution of these awards has been stalled by Congress’s unwillingness to fund the malpractice demonstrations. Nonetheless, some states have begun experimenting with malpractice reform. For example, Oregon is considering developing “safe harbor” legislation that would limit liability for those physicians who follow state-endorsed, evidence-based guidelines. Oregon is also studying the effects of defensive medicine and overutilization. Hospitals and health care systems are also testing ideas to reduce malpractice claims and amounts, such as the University of Michigan Health System’s disclosure program that found that there were fewer lawsuits and claims after the program was implemented. To find out more on this topic, please join Linda Haddad, Ian Donaldson and Charlie Chulack for the audio conference “Be Careful What You Ask for: Tort Reform and Malpractice Litigation” on Tuesday, March 6, 2012 from 1:00 p.m. – 2:00 p.m. Eastern Time.

Question: Our hospital recently became part of a multi-health care system. The Chief Medical Officer of the System announced, at a recent Medical Executive Committee meeting, that one of the System’s top priorities was to standardize the medical staff bylaws and related policies. We’re not sure what this will mean to us or what role, if any, we will get to play in the process. Can you help us?

Answer: Many health care systems are recognizing the importance of having similar bylaws, policies and procedures throughout their organization. The standardization makes it easier for physicians who want to move from one hospital in the System to another. If they meet the standards for appointment and privileges at one hospital, they will meet the standard at the other hospitals in the System. And, there won’t be new policies or procedures to learn as they move from one system facility to the next. This benefit also extends to the System’s Chief Medical Officer and legal counsel who, with standardization, will not be forced to follow completely different policies for similar situations that occur in the different hospitals.

Having the same or similar bylaws, policies and procedures has the added benefit of ensuring or at least facilitating similar outcomes with respect to credentialing and privileging decisions. Different standards, without a rational basis, could be hard to explain in a legal challenge brought by a physician who was appointed to one system hospital and rejected at another or by an injured patient in a malpractice claim.

For most medical staffs, living through a hospital merger, consolidation, or acquisition can be a bit unsettling. There are often lots of questions about the new organization, including how it will function, how much will change, and the role physicians will play in it.

Resisting the change (including trying to hold on to past bylaws, policies, and procedures) is probably not the most productive approach. It would be better to make sure that physician leaders from your organization play a role in the transition. Make sure you attend meetings that are scheduled to discuss the transition and that you read newsletters and other information published about the transition. It would also be a great idea to volunteer to serve on key transition committees, like the Bylaws Task Force.

Try to maintain an open mind during the transition and be willing to bend. And keep your eye on the issues that are really important.

Question: The medical director of one of our specialty clinics would like to create a Facebook page where he could communicate with his patients. What are the legal risks we need to keep in mind if we allow this endeavor?

Answer: There is nothing legally that would prohibit a physician from interacting with his or her patients via electronic mediums such as Facebook or Twitter. In fact, it seems logical to expect increased demand for this type of communication from both patients and physicians. Allowing physicians to interact with patients electronically provides a number of potential benefits, including increased practice efficiencies, a reduction in the number of office visits, and greater convenience for both parties. However, it must also be recognized that a physician who interacts with patients in this way must still comply with the minimum standards of care for the practice of medicine in your state.

Documentation also could become problematic (e.g., if any communications are relevant to the individual’s ongoing care, what mechanisms will be in place to get the information documented in the medical record?).

Privacy, security, and confidentiality are also of primary concern. Under the HIPAA security regulations, health organizations are required to ensure the confidentiality and integrity of all electronic protected health information the organization creates, receives, maintains, or transmits. As such, it is generally recommended that some type of secure communication tool be used for e-communications between a physician and a patient in order to avoid the risk of inappropriate disclosure of protected health information. We would recommend an analysis be completed to see if Facebook provides an appropriate level of security to ensure compliance with these requirements.

To learn more about the wonders of using social media at your hospital, please join Alan Steinberg, Phil Zarone and Ian Donaldson on February 28, 2012 for a special HSM audio conference entitled “OMG! Hospitals, EHR Patient Portals and Social Media – What Hospitals Need to Know.”

Question: We received a request for medical records from an attorney who says he is representing one of our former patients in a criminal matter. He included the patient’s signed authorization for the release of the records. What’s unusual is that he is requesting records not only for the patient but also records filed under an alias that the patient alleges to have been using at times. The patient signed the authorization form with his real name and with his alleged alias. Should we release the records?

Answer: Federal law (HIPAA) requires that covered entities verify the identity of an entity or individual requesting protected health information and the authority of that entity/person to have access to that information. 45 C.F.R. §164.514(h)(1).

A person who claims to have used an alias to obtain medical treatment will not, in most circumstances, be able to verify that he or she is – in fact – the person who received treatment under that name. Often, the person will have no government-issued identification with the relevant name. And even if he or she did, since the person has already admitted that the identity is a fraud, you would be unwise to trust it.

Also problematic is the fact that if the person has been using the identity of an existing patient, you could be releasing medical records not only for the requestor, but also for the individual whose identity he or she has stolen.

For these reasons, we recommend that you do not release records filed under the alias without a court order or other lawful process.

Though not directly responsive to your question, we also advise that you take this opportunity to evaluate the medical record filed under the alias’ identity. If it appears that different individuals have been using that identity, you will want to put red flags in the file. This way, if anyone seeks treatment under that name in the future, the hospital will be tipped off immediately to the potential for fraud and the care provider will know that the medical record includes discrepancies. Also take this opportunity to identify and contact any payors who may have been billed for services provided to the individual using an alias. Repayment of those amounts may be required. Lastly, unless the patient is clearly insolvent, consider filing suit against the patient for theft of services.

Question: We use “proxy credentialing” for our telemedicine providers, relying on the credentialing and privileging decisions of the Medicare-certified distant site hospital where the providers are located. Can we also rely on the distant site’s Data Bank queries, or do we need to query the NPDB on our own for each of our telemedicine providers?

Answer: CMS simply does not address this issue, based on a review of the preambles to the proposed and final telemedicine regulations, the applicable regulations themselves (including those that are cross?referenced in the telemedicine regulations), a CMS survey and certification memo on the topic, and the CMS web page.  The telemedicine credentialing rules do not specifically address whether an NPDB query that is performed by either (1) a “distant” hospital (i.e., the hospital where the telemedicine practitioner is located) or (2) a telemedicine entity (i.e., a telemedicine group) may be used by the hospital where the patient is located.

Because the telemedicine regulations do not address this issue, it is necessary to review the general NPDB rules to see what they say about sharing query information.  The NPDB regulations permit a hospital to use an “authorized agent” to perform queries on its behalf.  See, 42 C.F.R. §60.12(a).  Thus, the hospital where the patient is located could designate a distant hospital (or a telemedicine entity) as an “authorized agent” to perform a query on its behalf.

However, there is an important caveat.  The “authorized agent” must perform a separate query for each hospital.  Thus, a distant hospital (or a telemedicine entity) could not perform a single query, with that query then being used by each hospital that wants to use a telemedicine physician to provide services to its patients.  Here is the relevant guidance from the NPDB Guidebook:

The agent is explicitly prohibited from using information obtained from the NPDB for any purpose other than that for which the disclosure was made.  For example, two different health care entities designate the same authorized agent to query the NPDB on their behalf. Both health care entities wish to request information on the same practitioner. The authorized agent must query the NPDB separately on behalf of each health care entity. The response to an NPDB query submitted for one health care entity cannot be shared with another health care entity.  (Emphasis added.)

NPDB Guidebook, page B-7.

Thus, the “streamlined” credentialing process described by CMS in the telemedicine regulations will not work for NPDB queries.  Instead, either the hospital where the patient is located or the “authorized agent” must query the NPDB separately for each telemedicine practitioner.

Question: We heard that the IRS released a draft revised Schedule H and new instructions in December. We thought that the IRS released those in August. What’s the story?

Answer: The IRS issued an “early release” of those documents in August, then revised them and issued the revised documents in December.

In any event, the new Schedule H and instructions adopt changes required by the Patient Protection and Affordable Care Act (“Act”). The Act created a new Section 501(r), which includes additional requirements that hospitals must meet in order to qualify for tax-exempt status under Section 501(c)(3) of the Internal Revenue Code.

The instructions make it clear that for hospital tax years beginning after March 23, 2012, all tax exempt hospitals must perform a community needs assessment that takes into account input from persons who represent the broad interests of the community and must be made widely available to the public. The hospital then must repeat that needs assessment once every three years and adopt an implementation strategy to meet the community needs identified through that assessment.

For more on the revised Schedule H, please join us for our audio conference on February 6, 2012 that discusses these issues and more.