When the compliance program began 20 years ago at MultiCare, a health system in Washington state, Samantha Karpenko, who worked in revenue cycle there at the time, said it was perceived as “red tape.” There was that sense of compliance as “intimidating,” with more of a police aura.
“The team wasn’t very approachable and didn’t have much of an identity,” according to Karpenko, who joined the compliance department in 2011 and ultimately became director of corporate compliance. Over the years the compliance program evolved and improved, culminating last year in a reboot under the direction of Karpenko and Monica Freedle, the director of privacy and civil rights. The difference between then and now is an object lesson in how far compliance has come and how important it is not to leave it in the past, especially with the Department of Justice expecting organizations to do far more than check the boxes.
“It was a 20-year-old program that really needed to be updated and made more relevant to current times,” said Karpenko, who recently left MultiCare to become senior compliance manager at 98point6, a telehealth app.
Karpenko and Freedle described the metamorphosis of the compliance program April 21 at the Health Care Compliance Association’s Compliance Institute.[1]
Compliance Program Reboot: Write New Code
When Karpenko joined compliance, it was combined with the internal audit program under a single vice president. “The compliance program was run very proscriptively,” she said. “It was a heavy lift as we looked at how we needed to adjust and change the perception of our program and make ourselves into something new.” In 2017, MultiCare made a significant acquisition in another geographic area and, a year later, began taking its first big steps with the compliance program. Internal audit was pulled out of compliance, and the hotline was moved from Karpenko’s desk to an external company. MultiCare launched its first tracking system and branded the integrity line. “We also created the first regional position to deal with various operational hats. I started in mid-2018, and we could already see a huge shift,” Freedle said.
The following year brought leadership changes. “While always awkward, it gave us a chance to experiment with things,” Freedle said. “We had an external effectiveness review so they were able to point out things we already knew and other things we hadn’t dived into.” Oversight of the compliance program was moved from the CEO to another person, and Freedle and Karpenko were promoted and pulled out as a stand-alone team. They acted in a dyadic manner over the compliance program. “We had the same service-level expectations and documentation standards across our teams, and we collaborated to put together the compliance committee and board reports,” Karpenko explained.
MultiCare also had its first maturity assessment, Freedle said. “It wasn’t an effectiveness review, but it gave us insight into our effectiveness. It was eye-opening to see where we were on the benchmark maturity level. It called out areas where we were babies in the world and gave us something tangible to move forward to help us be more effective.”
The 2020 mission was to rightsize the compliance program because MultiCare is not the same organization in the same geography as it was 20 years ago, and the world has changed enormously since then.