Conflicts of interest—the risks are real

Tanya White

Tanya White

Tanya White (tanya.white@ynhh.org, linkedin.com/in/tanya-white-mba-chc-67b75b33/) is Director of System Compliance Operations at Yale New Haven Health, New Haven, CT.

Elizabeth Valentino Braun

Elizabeth Valentino Braun

Elizabeth Valentino Braun (elizabeth.valentino@ynhh.org, linkedin.com/in/elizabeth-valentino-braun-421605215) is Senior Compliance & Conflict of Interest Specialist at Yale New Haven Health, New Haven, CT.
Listen to article
12 minute read

By Tanya White, MBA, CHC, and Elizabeth Valentino Braun

If you’re in the realm of healthcare compliance (and we bet you likely are, seeing as you’re reading this article), you probably have an understanding of conflicts of interest (COI). What does the term mean, what is the risk that such actual or perceived conflicts could pose for your organization, and how does your department handle these situations/conflicts? However, you may still have a laundry list of concerns keeping you up at night, or—worse yet—maybe you haven’t even started to think about. Our goal is to share Yale New Haven Health Service’s (YNHHS) best COI-related practices and the methods we have developed to help us sleep better at night.

What is a COI?

A COI exists when an individual’s financial interests or outside activities could directly and significantly impact their roles/responsibilities within their organizations or vice versa. Simply said, a COI may arise when an individual’s professional obligations/judgement are compromised or influenced by (or could be perceived as such) their financial interests (or other interests) or relationships.

Why does the phrase “conflict of interest” have a negative connotation and cause the workforce to become defensive? Annually, the compliance department reminds the 4,500 covered individuals surveyed that not all disclosures are conflicts. And not all conflicts are “bad.” They just need to be managed. At YNHHS, educating our workforce on COI and the importance of being transparent is imperative to reduce risk. The world we live in now is quite different from 10 years ago—the abundance of new media sources and publicly available information can affect public perception by the government and patients alike. So much COI is based on perception. And at the end of the day, we can’t manage actual or perceived conflicts unless we’re in the know. Herein lies the reinforcement of overdisclosure and a rigorous survey/cross-check process.

Who is within your COI scope?

Who you survey matters. Is it the entire workforce or certain individuals/departments?

If you’re part of a small private practice, surveying all members of your workforce may be a completely feasible task. If manageable, that is the ideal scenario—full disclosure and transparency by all. However, if your compliance team supports a large healthcare organization with tens of thousands of workforce members, surveying all might be out of the question—especially given the nature of compliance and all the other substantial risks. Another consideration: Does your compliance team have a dedicated COI person? These factors determine the foundation of your COI program.

If your organization cannot survey all, survey those who impact the greatest level of risk. A thoughtful question to always remember: Who are your main decision-makers or those with the ability to influence others on decisions—either in patient care or the general business of your organization?

  • Key executives

  • Director level and above

  • Certain departments/offices

    • Contracting and procurement

    • Legal and risk services

    • Pharmacy

    • Grants (especially where government funding is accepted)

    • Development/foundation offices

  • Physicians and advanced practice providers

  • Committees that control decisions (i.e., a pharmacy & therapeutics committee or other clinical decision-making body)

  • Board of trustees and any other similar officer-level positions

All these workforce members are at considerable risk for conflicts and hold highly influential positions.

How do you collect the data?

For the small private healthcare office, surveying the whole workforce might be easier via a paper disclosure form.

For a large healthcare organization, implementing an electronic database may be the best fit. Whether outsourced or homegrown, such technology will likely offer an electronic, paperless form to be distributed via email to your respondents. A variety of tools are offered, including built-in tracking methods and reporting, as well as the launch and monitoring of management plans.

At YNHHS, an electronic database is used to send out annual and transactional COI forms to covered individuals. This allows us to run various daily reports to communicate metrics to our leaders across the system.

Regardless of how the form is sent out, you must ensure that those surveyed complete the form. One hundred percent is always the goal, but we understand that this can be a real challenge.

Are you chasing down COI forms after the deadline? This can be a constant struggle, no matter the organization’s size. Instilling a culture of compliance with the workforce and support from leadership is crucial for COI completion. For those who do not complete their forms, what is the repercussion? Do you hold parking privileges? Pay? Credentialing? Research opportunities?

When do you survey?

Do you survey based on a workforce’s work anniversary or the same time each year? Are there any other external events? Given that the Centers for Medicare & Medicaid Services (CMS) Open Payments runs on a calendar year cycle, it may make the most sense for healthcare organizations to launch their annual COI form as early in the calendar year as possible—to capture information from a like period.

At YNHHS, the COI form is launched in the January time frame to capture CMS Open Payments data. This allows our team to review and compare the industry payments to the COI form.

Respondents should be reminded to update their forms as soon as possible, following any changes to their disclosures, but no later than 30 days from the date of change.

Why manage COI?

As with every compliance risk, why do we do it? To protect the organization and assess its risk—reputational, financial, and legal. It is essential to manage conflicts, whether actual or perceived, because, as a healthcare organization, it is critical that decisions are made free from bias. If a conflict is not managed appropriately, it can be detrimental to the public’s trust. Every compliance program should have a COI policy, process, and oversight to protect the organization’s integrity. As mentioned before, if the organization is small and the compliance officer holds many hats, COI must be one of them.

CMS Open Payments

Does your department review CMS Open Payments for physicians and advanced practice providers (APPs)? You should. It’s free public information to everyone—patients, the government, and the media.

If CMS Open Payments is new to you, the Open Payments program (which some may know as the Sunshine Act):

“. . . promotes a more transparent and accountable health care system by publishing the financial relationships between applicable manufacturers and group purchasing organizations (GPOs) and health care providers (physicians and teaching hospitals) be made available to the public.”[1]

Review teaching hospital data and encourage same for physicians and APPs

Annually, teaching hospitals and physicians and APPs are allowed six weeks (April 1–May 15) to electronically review and refute the data provided by the industry to CMS to ensure that any transfers of value (i.e., payments) are accurate and appropriate before the information is made publicly available on June 30. This data reflects all “transfers of value” provided by pharmaceutical/medical device manufacturers the prior calendar year (CY), except for materials and items directly benefiting patients or intended for patient use. Because of this important review and approval process, CMS Open Payments is considered the “source of truth” for compliance professionals to identify which providers are engaged with the industry—and in what ways.

If your hospital is considered a teaching hospital, it is imperative for you to review the data. Trust, but verify. Always. Before the data goes public, make sure it is accurate. Registering with CMS Open Payments is an easy, two-step process. Once CMS verifies your enrollment, you will have access to review all payments. This review can seem daunting because the manufacturer provides limited information regarding the payment. At YNHHS, all payments are refuted, and an email is sent to each manufacturer requesting more information about each transfer of value, such as the hospital’s point of contact, contract, or documentation for the transfer of value. The manufacturer is responsible for responding to the teaching hospital with the requested information. Once you have the supporting documentation, you can follow up with the individual/department to determine if the transfer of value was accepted and why. Reviewing and determining if any policy violations exist is a great process and supports compliance’s focus on workforce education.

Utilizing CMS Open Payments data

Every year, the dollar figures grow, especially this year since APPs have been included in the CMS Open Payments population. For CY 2021, $2.55 billion was the total of general payments to providers—including food and beverage, travel and lodging, education, consulting/honoraria, and other services.[2]

To get the biggest bang for your buck, the CMS Open Payments review and analysis should be focused on payments captured in your annual COI form and those that may conflict with your organization’s COI policies.

If you have ever downloaded the data set, you know it is huge! However, reviewing and comparing it to the disclosures of those you survey is crucial to ensure all relationships and activities are being captured and managed.

The biggest focuses are the payments reported in the following categories:

  • Ownership and investment interest

  • Royalties

  • Speaking fees—speaker bureaus/programs (“services other than consulting”)

  • Consulting/proctoring

At YNHHS, we work with our Joint Analytics Data department to run prescribing reports and compare them to the date when the payment was accepted by the physician/APP. The physicians/APPs that are engaged in the industry are reviewed to see if it could be perceived that the payment is changing prescribing behavior. Additionally, the information provided by CMS Open Payments may offer insight into themes across your health system and may be just the information needed to justify further investigations.

Speaker bureaus/programs

Does your organization allow employees to engage in speaker programs with the pharmaceutical/medical device industry? If so, this should be on the top of your priority list.

In November 2020, the U.S. Department of Health & Human Services Office of Inspector General (OIG) released a Special Fraud Alert related to speaker programs.[3] The significance of this alert being released in the prime of the COVID-19 pandemic and health crisis not only highlights the scrutiny being placed on such activities, but also the severity of the concern for all those involved. The alert clearly states, “If the requisite intent is present, both the company and the [healthcare professionals] HCPs may be subject to criminal, civil, and administrative enforcement actions.”[4]

The alert goes on to read, “This Special Fraud Alert is not intended to discourage meaningful HCP training and education. Rather, the purpose of this Special Fraud Alert is to highlight certain inherent risks of remuneration related to speaker programs. Drug and device companies and HCPs should consider the risks when assessing whether to offer, pay, solicit, or receive remuneration related to speaker programs.”[5]

Do you know how to differentiate an industry speaker bureau program from speaking for the industry? Educating the workforce on the difference is crucial to ensure compliance with this prohibited engagement. Table 1 makes it possible to understand the differences in the engagements. You may be happily surprised to learn that many leaders can already see the troubling elements of such arrangements and why they, too, do not want their workforce or organization at risk. Understanding the very real risks involved in such suspect interactions and that other speaking arrangements may still be permitted and beneficial—to scientific advances, patients, and the organization, will help drive your education efforts.

As a best practice, YNHHS holds an annual vendor webinar education series, inviting all active vendor reps to attend. During this education, YNHHS reiterates any new policy updates or changes to vendor visitation guidelines. Best practice would be to include your corporate supply chain department or whoever is responsible for maintaining your vendor credentialing software. These webinars increase compliance adherence with our YNHHS interactions with vendors policy and hold attendees accountable. You’d be surprised what you can learn from these sessions and the relationships that are built!

Table 1: Yale New Haven Health System – Interactions with Vendors Policy

Disclosure reviews

Reviewing and assessing risk with disclosures is the most critical step in the COI program and can be the most challenging since each situation has different facts.

Some types of conflicts are more straightforward and easier to manage than others. For those conflicts, establishing a role-based mapping approach, even a decision tree, based on general situations (industry engagements, external ownership, etc.) can help create consistency in both the review and management of like disclosures. Figure 1 depicts the disclosure review process from beginning to end. It is essential to understand the covered individual’s role and responsibility in the organization, how it can influence behavior, and whether that behavior is biased based on the financial interest/activity. If yes, a management plan needs to be established and followed by the covered individual.

Another recommendation is implementing a COI committee of different subject matter experts to review your most complex COI situations. Their input, advice, and consultation can allow your compliance team insight into scenarios that aren’t always as clear. This also ensures that a management plan is inclusive and risks are appropriately managed.

Food for thought

For those workforce members engaged in the pharmaceutical/medical device industry, recusal and disclosure are typical actions of a management plan. What about patient disclosure? Those with a financial interest in the pharmaceutical/medical device industry should be required to disclose their relationships to the patient if the workforce is recommending and/or prescribing/ordering from the manufacturer. This disclosure needs to be documented in the medical record so it is possible for the compliance department to audit the management plan’s effectiveness.

Do you allow the workforce to have a secondary commitment? If so, how do you ensure the workforce’s primary commitment is not compromised by the secondary? After the covered individual attests to a management plan, the manager should be informed of the actual/potential conflict so that it will be handled appropriately if a situation arises.

Graphic 1: COI Review

Moving the mark

So, how do you translate COI policies and processes to your workforce? How do you reach that level of understanding and transparency and achieve that “Oh, I get it now” lightbulb moment?

The “wearing one hat at a time” analogy is generally quite effective. It’s all about helping the workforce understand it has nothing to do with controlling their actions. It’s about patients. It’s about removing any influence or bias from their patient care practices, ensuring that there aren’t divided loyalties or other motivators. It’s about teaching that level of trust—protecting them, the organization, and their patients. It’s not about constricting their activities inside and outside work but ensuring that there are measures in place that reflect your responsibility to all. And that you can’t control what’s not been shared. It’s about honest, straightforward communication, meeting people where they are, and setting clear, bright boundaries for all. People want to do the right thing; they often just need to know someone has their back.

The takeaway

Compliance professionals are masters of “the dig.” We seek out more information. We gather facts. We use every single resource and explore all the possibilities. Leave no rock unturned.

And how does that apply to COI? Very simply: survey. Develop policies. Educate. Encourage overdisclosure. Review, review, review. Ask all the (right) follow-up questions. Use Google. Analyze CMS Open Payments. Understand what is going on locally, regionally, and nationally. Keep your leaders aware. Engage those knowledgeable and closest to the riskiest situations for their perspectives. Develop a network—inside and outside your institution. Phone those friends and get insight into their best practices. Ask for advice.

And let’s not forget: COI is an art, not a science.

Takeaways

  • Survey those at your institution who impact the greatest level of risk. Remember: Who are your key decision-makers or those who can influence others on decisions, either in patient care or the general business of your organization?

  • Utilize the Centers for Medicare & Medicaid Services (CMS) Open Payments for the review/dispute of anything attributed to your teaching hospitals and encourage your providers to check their own data before it becomes publicly available. When data became public, use the data to compare to the disclosures received. CMS Open Payments is a free resource—available to all: the government, your patients, and the media.

  • Review and understand your organization’s standpoint on pharmaceutical/medical device speaker bureaus—and the difference between those arrangements and speaking engagements/activities. Keep your leaders aware. Educate both your workforce and your vendors often—especially if your organization prohibits those activities.

  • Develop a conflicts of interest (COI) committee for advice and consultation as you review disclosures and then standards for your management plans. Ensure that your COI policies are clear and concise and provide as much education to the workforce as possible. Audit and monitor that those plans are being upheld.

  • It is important to manage conflicts, whether actual or perceived, because, as a healthcare organization, it is critical that decisions are made free from bias. If a conflict is not managed appropriately, it can be detrimental to the public’s trust.

 
1 U.S. Department of Health & Human Services, Centers for Medicare & Medicaid Services, Open Payments: Your Role in Health Care Transparency, Medicare Learning Network® (MLN) Event, 5, accessed May 3, 2023, https://www.cms.gov/files/document/2020-03-19-open-payments-presentation.pdf.
2 U.S. Department of Health & Human Services, Centers for Medicare & Medicaid Services, “The facts about Open Payments data,” June 30, 2022, https://openpaymentsdata.cms.gov/summary.
3 U.S. Department of Health & Human Services, Office of Inspector General, “Special Fraud Alert: Speaker Programs,” November 16, 2020, https://oig.hhs.gov/documents/special-fraud-alerts/865/SpecialFraudAlertSpeakerPrograms.pdf.
4 U.S. Department of Health & Human Services, Office of Inspector General, “Special Fraud Alert: Speaker Programs.”
5 U.S. Department of Health & Human Services, Office of Inspector General, “Special Fraud Alert: Speaker Programs.”
This publication is only available to members. To view all documents, please log in or become a member.
Become a Member Login

What to read next...

Is optimizing reimbursement a bad thing?

About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings