Brett Friedman, Ropes & Gray health care partner, discusses the impact to compliance organizations as payment models transition from traditional fee-for-service to value-based.

Click here to view video.


As the payment models have shifted from traditional fee-for-service, where you're paid for each encounter that you deliver the service, to more value-based, where you're paid for outcome goals or quality goals, the compliance infrastructures of my clients have yet to really catch up. The auditing and monitoring elements are really designed to look at whether the encounter incurred or whether it was coded correctly, and those things are increasingly less important now that the overarching health and welfare of an individual is focused for specific payment. And what I've found is that the compliance infrastructure of clients is still geared to the old model and they haven't looked forward to determining how they need to readjust the structure of the compliance organizations to reflect where there are new risks. My advice to clients is you need to follow the payment. And so if the payment is influenced by X, you need to make sure that you have the resources to look for whether X is being manipulated, and whether that may, in fact, result in increased or decreased payment that could present the compliance risks for those organizations.

Some specific things I'm seeing as compliance organizations transition to value-based payment models is a focus on data analytics and the ability to have compliance professionals that understand the types of data that can drive changes in reimbursement, and drive a change in providers' reimbursement associated with value-based payment. Historically, it was very much a documentation focused exercise – you would look to see if the documentation supported the clinical encounter. Now there's a much more population health focus of what a provider is doing or what a payor is doing, and looking to see if you have the resources within a compliance organization to understand whether data's incomplete, whether data is inaccurate, or whether data's being manipulated in a way to drive towards the factors that influence payment. And that's a level of sophistication that we haven't historically seen in compliance organizations, and something that we think clients need to adapt to in order to really identify the compliance risks in the new environment.

My advice to compliance officers in adjusting to the reimbursement environment is two fold. The first is to rethink your compliance risk assessments. Again, those factors that historically drove reimbursement – level of coding, adequacy of documentation – while they remain important, aren't the full picture. There are other elements now that drive reimbursement that you really need to understand in order to adjust and to devote resources, and the appropriate compliance resources, to addressing those. Where you historically had a risk of overutilization because additional services resulted in increased reimbursement, now you have the risk of stinting or cherry picking, which is to try and find the healthiest patients that require the least amount of services. And so to be able to identify those risks, and then to be able to respond to them through mitigative work, whether it's auditing, monitoring, data analytics and analysis or the like, is really critical. The second thing I'd recommend that compliance organizations do is assess the skill base, including the necessity to hire outside consultants to do the analytical exercises that compliance organizations maybe can't do in-house. And to use the outputs of those to really inform the risk assessment process, and then reinforce the corrective activity that compliance organizations take in order to address these emerging risks.