Compliance training does not require the same education for all personnel. Handing employees the anti-kickback or HIPAA regulations accompanied by a big memo warning them to read and heed or face reprimand is neither necessary nor desirable.
Lazy managers who lead by memo might take this route, but leaders building an effective company will take the time to train — and retrain — staff about the internal policies and procedures that matter to their individual job responsibilities.
Obviously, your compliance team should possess dog-eared, tape-flagged, highlighted copies of useful HIPAA, reimbursement and anti-fraud resource materials and should keep trusted consultant phone numbers handy. However, the receptionist answering the phone, the delivery scheduler or the records manager need only be familiar with a few policies that affect them on a daily basis, and they only need to know whom to ask about more complex questions.
The dangers of leadership by memo allow managers to hide behind memos crafted as orders or ultimatums. A related problem is the “do-it-because-I-said-so” method of training.
For example, a supplier in Illinois recently told us about his new privacy officer who declared that patients could not have friends in the room during an equipment set-up and training session because it would violate HIPAA. When asked by a staff member how that would be a violation, she was simply told, “HIPAA says so.” And a warning memo shortly followed.
A better answer would have been: “We have adopted this policy to protect patient privacy. We are evaluating whether this may be over-burdensome and may need to be changed in the future. In the meantime, if you have questions or suggestions to make the process more efficient, call me, and I'll try to work through it with you.”
In a sense, training occurs during every contact between management and front-line personnel, or between compliance officers and staff. In the example, the staff member is told to do something and does not understand why. The tone of the privacy officer discourages value-added solutions from the staff member. She senses an aura of superstition about compliance with HIPAA and suspects that if something goes wrong, the organization will look for a scapegoat.
In the hypothetical answer, the employee would perceive that the privacy officer has studied the rule and, even if it is unclear, hears that a rational policy decision has been made. She also realizes that there is flexibility in the process, that the organization values patient privacy and values its personnel's input. She trusts the company, wants to work within the guidelines and is more apt to carry out the policy.
The same principles apply to formal training sessions. Good trainers are good leaders. They demonstrate their commitment to compliance through technical proficiency, but not by pretending to know all the rules by chapter and verse.
The trainer's true desire should be that your staff learn not just the text but the intent of policies and directives: Here's what we do, and here's why we do it.
Neil Caesar is president of the Health Law Center (Neil B. Caesar Law Associates, PA), a national health law practice in Greenville, S.C. He also is a principal with Caesar Cohen Ltd., which offers compliance training, outsourcing and consulting and the author of the Home Care Compliance Answer Book. He can be reached via e-mail at ncaesar@healthlawcenter.com or by telephone at 864/676-9075.
The ROPE Ladder
Rung 1: Articulate the way you want things to run, and note how they run now. Then, tweak your systems as necessary to comply with “The Rules.”
Rung 2: Teach your operating systems to your employees.
Rung 3: Implement a clear and simple method for dealing with problems — identify them, report them, investigate them and fix them.
Rung 4: Give your compliance staff resources to help them keep up-to-date with internal and external changes that may sometimes require you to refine your operating systems.
Rung 5: Monitor your operating systems to make sure they continue to run as you intended.