If there’s one constant in the healthcare industry, it’s change. Perhaps nowhere is that more evident than in the perpetually shifting landscape of healthcare legislation and regulatory compliance.
Hospitals and health systems always have needed to continually adapt to changes occurring at federal, state, and local levels. Recently, it appears as though those changes have been accelerating, such as with legislation like the Affordable Care Act and Medicaid expansion. To put things in perspective, a Healthcare Financial Management Association (HFMA) report had this to say in August 2020 about the state of healthcare regulatory compliance: “Administrative and regulatory burdens placed upon U.S. healthcare providers are ballooning out of control with severe financial consequences.”
HFMA noted a major research study published by the Annals of Internal Medicine that analyzed healthcare expenditures in the U.S. and Canada, which had a healthcare industry that closely resembled that of the United States before reforming to a single-payer system. The study reveals a broadening gulf between what the U.S. spends on healthcare administration compared to Canada. It attributes much of the increase in U.S. healthcare expenditures on administration from 1999-2017 to growth in private insurers’ high overhead in Medicare and Medicaid managed-care plans.
Compliance is Costly, but Non-Compliance is Crushing
As regulations change, they also often grow more complex. That has made maintaining compliance increasingly difficult and expensive. The American Hospital Association has indicated that hospitals and post-acute care (PAC) providers must comply with nearly 630 discrete regulatory requirements (341 for hospitals, 288 for PACs). The AHA’s report, “Regulatory Overload: Assessing the Regulatory Burden on Health Systems, Hospitals, and Post-Acute Care Providers,” reveals some striking data on the cost of adhering to the litany of legalities:
- Nationally, health systems, hospitals and PAC providers spend nearly $39 billion a year on the administrative aspects of regulatory compliance.
- An average-size hospital (161 beds) spends nearly $7.6 million annually on compliance administration.
- Regulatory compliance costs $1,200 per patient at an average-size hospital.
- 59 full-time employees (including clinical staff) are dedicated to regulatory compliance at an average-size hospital.
It’s clear that maintaining compliance comes at a high price. It’s also very apparent that there’s great value in doing everything necessary to keep track of the various twists and turns the healthcare industry takes, because the cost of regulatory non-compliance – in any industry – can be devastating.
An independent study of dozens of large organizations conducted by the Ponemon Institute in 2011 showed that on average non-compliance cost 2.65 times as much as what it takes to maintain compliance. A follow-up report by Ponemon in 2017 showed the cost of non-compliance had increased by 43% in six years, for an average of $14.82 million per organization. Of the industries covered in the report, healthcare had the highest growth in total compliance cost, rising 106% in the same time frame.
Look to an Experienced Partner with Specific Expertise
Partnering with an outsourcing vendor that has a long history in healthcare and proven expertise in legal and regulatory compliance can help hospitals and health systems boost their compliance efforts. When evaluating vendors, it’s important to consider their track record of success navigating the ups and downs of the healthcare industry.
As MedData’s President and COO Emily Fisher pointed out in a recent HFMA spotlight article, a good partner will have been “around long enough to fully understand how federal, state and regional laws and programs, which used to be familiar and consistent, have grown in complexity and variance.” Other things to look for when considering a vendor’s compliance expertise include:
- Guidance on matters related to HIPAA, HITECH, and state privacy and confidentiality laws and regulations, as well as enterprise-wide risk management and workplace safety.
- Responsibility for reviewing the laws and regulations that govern their services, as well as tracking and reporting on all relevant legislative changes.
- Coordination with operations to ensure processes and procedures are consistent with federal, state, and local laws, as well as responsive service in addressing any inquiries around the effect of such laws and regulations.
- A dedicated effort to oversee all aspects of data security, including HIPAA and other third-party risk assessment and PCI compliance.
MedData has been a trusted RCM services provider for more than 40 years. Our in-house legal team, in conjunction with outside legal counsel, is constantly monitoring regulatory changes at both the federal and state levels. We also have earned Healthcare Financial Management Association Peer Reviewed status and have been highlighted by HFMA for helping “organizations navigate the biggest challenges in healthcare.”
“U.S. Hospitals Can No Longer Afford the Burden of Administrative Waste,” HFMA, August 2020