Vendor Compliance

The 2009 trend was that the vendors, who once questioned whether to participate or stonewall vendor credentialing programs, have accepted the new reality.   Certainly, there is still some grumbling.   There are some who spend more time trying to avoid programs than participating.   But for the most part, vendors have settled down.

Vendors will now look for ways to leverage vendor programs to their advantage.  

It will start with universal policy preview and responses.   One of the scariest aspects of healthcare vendor credentialing to vendors is that the sales reps, the feet on the street, will be asked to make corporate level commitments.    Vendor-side legal counsel shudders at the thought.   The impact to Business Associates of HITECH and its new HIPAA breach notification policy is just one example of the type of event that raises red flags.  (We touched on this issue earlier. )    Look for vendors to ask the credentialing outsourcers to provide the ability for management to preview policies before the rep even sees them.   Based on the preview, corporate will dictate how the individual rep responds.

Vendor appointments become a sales management tool.    Hospitals are very interested in when sales reps are on site for a variety of reason, not the least of which is cost control.   Short-staffed hospital materials managers want visibility into sales rep activity to avoid off-contract sales.   

But just as the hospital reviews who visited, the vendor sales management will become interested in tracking where their sales reps have been.    Is the rep visiting the customer regularly?   Calling on the right person?   Getting the appointment records from the vendor management system could serve as a rep activity and efficiency indicator to the sales manager.  

In short, expect a rising number of vendor credentialing admins in 2010.   These admins will be tasked with the same centralized management of vendor credentialing programs as on the healthcare side but on the supplier side.  

Vendormate is already seeing these predictions at work.   Our vendor services team is establishing direct relationships with a number of supplier side credentialing administrators, giving them advance alerts to new hospital programs and changing policies.    The vendor adminitrastor dashboard feature of Vendormate Credential Central lets the administrator download all policies from every Vendormate hospital and healthcare system, verify an individual representative’s credential standing, and view to the credentialing status of all of their sales reps through Vendormate Credential Central.

This is just the begining.    I’m sure creative suppliers, looking for an advantage and a better way to meet their customer’s needs, will think of even more in the coming year.

Continuing with the theme of 2009 in Review, we can’t overlook the ongoing conversation about standards in vendor credentialing and compliance requirements.   Are there standards already?   Are standards coming?    Should there be standards?   

Going into 2009, AORN, ACS, the CDC and others all had existing statements that could be applicable to clinical healthcare reps.    HHS OIG Deficit Reduction Act sanction clearance requirements apply to the vendor company and its principals. 

But the greatest dialogue centered on the healthcare industry rep in the field.   As the tangible face of the vendor credentialing experience, the industry spent the year most concerned about what was appropriate for the HCIR.  

At the March 2009 AORN Congress, eleven industry organizations, representing clinical groups and supplier interests, released joint best practices recommendations for credentialing clinical healthcare industy reps.    It was a start, but it was clearly labeled as limited in scope.   It didn’t encompass the behaviors and requirements of industry reps outside clinical areas (e.g., gift policies and sanction lists), nor did it touch the credentials of the vendor companies(e.g., sanction lists and financial solvency).

The industry craved more clarity, and the discussion about standards frequently revolved around the Joint Commission.   For two years, every comment the Joint Commission made about HCIRs was examined for relevance and impact.  

Finally in April 2009, the speculation that ”Joint Commission standards are coming” was answered by the Joint Commission’s statement declining to issue standards that specifically address health care industry vendor representatives, but still pointing to several of its own guidelines as applicable.

Still common practices are emerging that are gaining ground as standards.  

1.  Credentials and requirements align with risk.   

Vendormate’s recommendation, and most hospitals agree, is that credentials for individuals should reflect their role.   That is, sales reps that do not access procedural or patient areas do not need to meet the same requirements for training and immunization.    Credentials and requirements should reflect risk and be adjusted accordingly.

2.  The vendor company is distinct from the vendor rep.  

Requirements such as liability insurance and Business Associate Agreements are between the contracting entities — the vendor company and the health system — not between the rep and the materials manager.   While a rep may hold responsibility for providing this information as part of the account relationship, a rep should never be required to change the nature of the business relationship as part of the rep-level credentialing process.   

3.  Rep privacy must be protected.    

The rep’s privacy rights have to be balanced against the healthcare system’s need to document and verify.   Driver’s licenses and SSNs are not part of the default data set.     Reps are routinely reminded to black out that type of information from any document they share.

Yet even as standards for are being debated, the fundamental question of who is a vendor? is still debated.   Is it the company selling the good or service?   Is it the sales rep?  Is it the field service and support rep?

With this in mind, here’s a preview of two of our predications for 2010 and beyond.   First, increasing attention will be paid to the credentials and access of other special populations — visitors, volunteers, and non-licensed contractors.   Second, the uncertain economic climate will further press healthcare systems to measure the risks posed to their operations by their suppliers’ solvency and operations.   More traditional supply chain financial and operational monitoring is coming.

February 7 is the lunar New Year.  As I’m sure you’re aware, this date also ushers in a new animal.   We have come to the Year of the Rat.  

I suffer from the typical Westerners knee-jerk reaction that ”rat” is an unfortunate sign for an entire year, let alone to be born under.   So, I’m looking for evidence that this year might be better than the animal indicates to me.

Then I read this headline Survey Finds Corporate Business Ethics Back to ‘Pre-Enron Levels’ from the Fulton County Daily Record.  The gist is that according to The Ethics Resource Center’s 2007 National Business Ethics Survey we’ve made little progress in institutionalizing formal ethics practices, confidential reporting programs, etc. that were all the recommendation rage following Sarbannes-Oxley.  

Although we have successfully created entirely new lines of business focused on GRC (governance, risk, and compliance), we successfully haven’t changed the essential nature of people.   That is, there will always be a few of us who want a more without more work. 

It really is the year of the rat.

(more…)

I’ve been thinking about the disappearance of Thanksgiving as retailers continue to rewrite the merchandising seasons to jump from “Back to School” to the simultaneously marketed holidays of Halloween/Christmas.  Other than the grocery stores and a few restaurants, Thanksgiving is hardly mentioned.   Some would argue that we consumers brought this on ourselves.  After all, every September purchase that reflects the Halloween or Christmas theme only encourages retailers to start the shopping opportunities even earlier the following year.  

Despite limited marketing efforts, Thanksgiving creates the heaviest travel traffic of the year.   Despite the moans of travel woes and family drama, we persist in loading up the car or standing in line at the airport to go “home” for this holiday.  

I’m reassured that something in the American psyche that keeps “Thanksgiving.” 

So in keeping with the reality that this week your mind may be somewhat distracted, this week’s post is going to be a simple “Thank you.”   Here’s a brief post to thank you all for making Vendormate’s progress possible throughout the past year and to wish that the blessings of life be yours in abundance in the coming year.   

Vendormate’s been out on the road a lot recently as we go through the education and implementation of new hospital customers.   We’ve enjoyed the usual thrills of travel — delayed flights, car rentals to drive through unknown cities, and late night arrivals at indistinguishable motels.   It takes a lot for a business trip to be memorable now.   And for some of us, it’s that occasional brush with celebrities.   

Andrew Somoza, VP of Sales, thought he’d topped the office when he spotted Ralph Lauren  on the street in Manhattan. 

But Ashlyn Wadley and Ed Zunzunegui , Director of Operations, blew him away when their visit to Children’s Hospital Central California  Madera, CA coincided with a visit by the Governator, Arnold Schwarzenneger.   Not only did they see the Governor, but the day was captured on film.  (Yes, that is Alan Autry, mayor of Fresno and formerly Captain Bubba Skinner from In the Heat of the Night, standing behind him.)  

Alright, enough of the celebrity-stalking paparazzi blog entry.    Nothing beats spending time with customers and seeing them think of new ways to engage all the capabilities of our Vendormate VISION(TM).   A few other places we’ve been recently:       

Swedish American Hospital in Illinois

Alamance Regional Medical Center in Burlington, NC

Covenant Health in east Tennessee

Vail Valley (Colorado) Medical 

Houston Medical Center in Perry, Georgia

University of Chicago Medical Center

Wellstar Health in Kennesaw, Georgia

Keep an eye out for us on the road.   We’ll see you soon.

If you’ve been out and about in the past year, you know that Crocs are the required footwear of suburbanites and campers across the nation. 

It was only a matter of time before someone poked holes in the plastic peds.   Now, Mercy Hospital in Pittsburgh has announced that Crocs are no longer allowed in the patient care areas.   In the name of employee safety, Mercy Hospital has banned the holey shoes for fear of a rougue syringe piercing a slightly exposed toe.  

Now, Vendormate is all about risk mitigation, compliance assurance, and security.   And we strive to stay current on all issues and bring them forward to our customers.   So when I read this news, I immediately thought of implementing a new compliance statement for all of our customers’ vendors.   Something to the effect of:   I have read and understand that the shoes known as Crocs, or any other shoe with excessive holes, piercings or other openings, are not allowed in (CLIENT FACILITY).  

We had planned to have coders burning the midnight oil to deliver this enhancement in our next update, but the Croc company  has beat us to the safety punch.   Just in time for back-to-safety shopping, they have released two new closed-toe models – the Endeavor (think plastic clogs) and All Terrain (does anyone besides me remember duck shoes?).

Seriously though, managing the security of your facility and data is never complete.   New threats emerge.   Watch lists are updated.  Vendors change.   Vendor management and compliance monitoring is a constant search for holes that may start as small as Crocs.  At Vendormate, we’ll be constantly working with you to fill the holes. 

The United States Attorney’s Office, Southern District of Florida, recently announced a medical equipment company owner was sentenced to four years in prison for defrauding Medicare of $2.2 million in payments for medical equipment that was never provided to patients.  Do you know if you are/were doing business with this company? 

Talking to one large multi-national medical device company about their processes for screening their employees against the OIG sanction list, they admitted that this is done once…. at the time of hire.  That does not cut it in OIG eyes.  These should be done at a minimum, annually.  A vendor representative may be placed on the sanction list as a result of improprieties from a business relationship (Board Membership, ownership stake, former employee) outside of their direct employment.  Without continuing these screenings, gaps in credentialing are created.    I suggest you ask yourselves the following questions when considering who you work with:  Who is roaming your halls? How many vendor representatives are in your hospital every day?Is this vendor representative still employed by the vendor they claim to be associated with? 

What has their employer screened for that covers your liability?  How often are these screens performed? 

What additional screens are required to protect your employees, patients, customers, other vendors? 

What do you know about their employer?

What is the skill / aptitude of this representative?

Has this individual signed off on all current vendor policies? 

Have all individuals requiring special certifications and immunizations been qualified? 

How often is this person in your facility? 

Who are they seeing when they come on site? 

How long are they visiting?

What is the relationship with that representative and any of your company representatives?

What tests or certifications have they acquired that give you confidence in their abilities and mitigate your risks?

Does this person have a criminal record that you should be aware of?

How often is a vendor trained on the product he is selling?  Did he pass the training?  How do you know this?

Does your representative have a criminal background? 

Has he ever filed bankruptcy?

Do vendor reps know what is required of them?