Today's healthcare is more regulated than ever before with the ongoing implementation of the Patient Protection and Affordable Care Act. As the heads of their organization, CEOs are responsible for overseeing a never-ending list of tasks, decisions and strategic actions. With the numerous duties of chief executives, they must rely on others to inform and guide their decision making.
Privacy and compliance are largely top of mind in hospitals and healthcare organizations with the increased cyberattacks, data breaches and data protection issues, as well as healthcare reforms new requirements regarding payment screening and auditing submitted claims. As privacy and compliance concerns continue to surface within the industry, chief executives must be comfortable delegating to their chief compliance and privacy officer.
"There are so many things on the CEO's plate," says Frank Corvino, former president and CEO of Greenwich (Conn.) Hospital and executive vice president of parent organization Yale New Haven (Conn.) Health System. "When you have a compliance officer that you trust, it takes a lot of stress off the plate."
Developing trust
With the delicate nature of protected health information, sensitive data, and pressures to meet conditions of payment requirements and the various other regulatory rules and regulations, hospitals require a strong compliance program, which arguably begins with an effective compliance leader.
"You can really get in trouble as a CEO if you don't have a strong compliance program," Mr. Corvino says.
During his tenure at Greenwich Hospital, Mr. Corvino worked to develop a strong and effective health system compliance program with Fahad Ahmed, current compliance and privacy officer for Bridgeport (Conn.) Hospital (also part of YNHHS), Greenwich Hospital and director of compliance and privacy for YNHHS. Mr. Ahmed joined the system five years ago, and the two worked together until Mr. Corvino retired from YNHHS Dec. 31, 2014.
The underlying current of Mr. Corvino and Mr. Ahmed's relationship relied heavily on trust and the shared belief and commitment to the organization's mission. For example, Mr. Corvino relied on Mr. Ahmed to provide him with details of regulations. "From a CEO's point of view, my view is from 30,000 feet," Mr. Corvino says. "The CEO is responsible for everything in the organization, and must rely on the detailed knowledge of the compliance officer in order to make decisions that will affect patients and the organizations."
Mr. Ahmed, on the other hand, relied on Mr. Corvino to set a mission and tone that incorporates the importance of privacy and compliance issues within the organization's overall direction. "The most important part of any compliance program is the organization's tone at the top. The CEO defines what the tone is," Mr. Ahmed says. "When you have a CEO say publicly that compliance programs are an important part of patient-centered care organizations, that gives the compliance and privacy officers the leverage that he or she needs to go out and do the job."
Of course, achieving this balanced and trusting relationship can take time, but Mr. Ahmed says it becomes easier once compliance officers believe in and do their part to fulfill the mission of the hospital. He says that as healthcare becomes even more patient-centered, all members of a healthcare organization must always work in the best interest of the patient — even the CPOs.
"Building that trustworthy relationship between the two parties isn't a difficult thing to get to if we're all working in the same direction," he says.
Collaborative engagement
CPOs' duties largely involve ensuring rules and regulations are followed, which can lead them to come across as enforcers, a characteristic Mr. Corvino believes CEOs should avoid bringing into their organization and CPOs should eliminate from their approach. CEOs and CPOs can achieve this by making patient-centered care the focus of compliance and privacy programs, an approach all team members can rally behind.
"I didn't want compliance folks to be looked at as police. I wanted them to be looked at as critical members of our team who help make sure we were following regulations," Mr. Corvino says. Mr. Corvino hoped the hospital staff as a whole would work in tandem with the CPO to ensure patient-centered care — so that privacy and compliance is embodied by every individual.
"That's what I wanted the staff at the hospital to feel, that they need to work in conjunction with the compliance officer so we could deliver the best experience possible and not look at them as policemen who are looking for mistakes to be made," Mr. Corvino says. "Just because individuals aren't involved directly in patient care doesn't mean they don't affect patient experience."
What's more, a strong compliance program also communicates protection to employees, not just patients. This, Mr. Ahmed says, relies on another string of trust between CPOs and employees.
"My job and my goal [are] to say to the staff, 'This is what the rules say, and this is what our policies are. If you do a good job and take care of patients the best that you possibly can in a compliant matter, then no matter what happens, I'm going to be able to back you up 100 percent of the time,'" Mr. Ahmed says.
The key to this relationship — viewing compliance as an integral team member instead of an enforcement position — is the ability to interrelate and be respected and trusted, Mr. Corvino and Mr. Ahmed agree. Mr. Ahmed says engaging other team members and making sure they know they play a critical role in the overall regulatory health of the organization can keep entire staffs motivated and dedicated to organizational missions.
Continuous learning curve
Regulations are continuously in motion. New rules and requirements are released, and CPOs have to be quick to digest new information — such as rules relating to accountable care organizations, shared savings programs, value-based purchasing and effects of healthcare reform — at the same time that the industry is releasing it.
That being so, the relationship between the CPO and the CEO becomes even more important, as new privacy and compliance issues present new challenges for hospitals and health systems to address. Mr. Ahmed says it is important for CPOs not only stay abreast of all the new rules and regulations, but look to be involved early in strategic conversations regarding these new regulations and models. Early engagement allows CPOs to plan the strategic direction of the compliance program accordingly so that it complements the healthcare organization's strategic plan, he says.
"With the implementation of the PPACA, CEOs and CPOs almost have a blank canvas right now to design and implement a compliance program sustainable for the future of healthcare," Mr. Ahmed says. "When you have built that trust with the organization's CEO, there's no way the CEO is not going to engage CPOs to be a part of strategic conversations because he or she will understand the value added by having a compliance officer engaged early."
More articles on leadership:
Leaders: Stop doing these 3 things and improve engagement
Healthcare may change, delivery fundamentals will not
Hospital diversity improvement plans, goals: 16 things to know