what keeps you up at night
play

What Keeps You Up at Night? Issues of Fraud and Abuse Compliance - PowerPoint PPT Presentation

What Keeps You Up at Night? Issues of Fraud and Abuse Compliance Series How to Handle the Bad Email or Social Media Post 37 Offices in 18 Countries How to Handle the Bad Email or Social Media Post How to Handle the Bad Email or Social


  1. What Keeps You Up at Night? Issues of Fraud and Abuse Compliance Series How to Handle the Bad Email or Social Media Post 37 Offices in 18 Countries

  2. How to Handle the Bad Email or Social Media Post

  3. How to Handle the Bad Email or Social Media Post • A survey reported in January 2012, Modern Healthcare found  Nearly 60% of hospital compliance officials wake up in the middle of the night from job related stress  Nearly 60% of hospital compliance officers have considered quitting within the past year

  4. NAGGING NURSE My hospital is the WORST! They bully employees and one of my fellow colleagues even killed himself because they are so bad! Our CEO uses unfair labor practices!

  5. Today’s Host David W. Grauer Chair, Squire Sanders Healthcare Practice T +1 614 365 2786 david.grauer@squiresanders.com

  6. Today’s Speakers Thomas E. Zeno T +1 513 361 1202 thomas.zeno@squiresanders.com Traci L. Martinez T +1 614 365 2807 traci.martinez@squiresanders.com Elizabeth E. Trende T +1 614 365 2728 elizabeth.trende@squiresanders.com

  7. Topic Areas • How online communications are stored in cyberspace • What kinds of issues have surfaced as a result of a bad email or social media post • Steps organizations can take to protect themselves • Expected future developments and challenges

  8. Other Social Media Icons = Flickr = RSS Feeder = Blogger = Instagram

  9. Some Healthcare Stats

  10. How Online Communications Are Stored Client Service and Feedback Process and Resource Value-based Optimization Pricing Training and Staffing Development Models Project and Knowledge Management 12

  11. How Online Communications Are Stored • Familiar Technologies:  Email  Instant Messaging (IM)  Text Messaging

  12. How Online Communications Are Stored • Newer Technologies:  Social Networking  Blogging  Microblogging • Websites qualify as social media sites when the majority of content is user-contributed

  13. How Online Communications Are Stored • Social Networking  Facebook, Twitter, LinkedIn, MySpace, YouTube Client Service and Feedback  Profiles and user information are stored Process and Resource Value-based on the servers of the Optimization Pricing online entity hosting the social network Training and Staffing Development Models Project and Knowledge Management 15

  14. How Online Communications Are Stored • Social Networking  Ability of users to delete information once posted varies based on the social network’s policies – Facebook policy: even after users deactivate their account, information remains on the server for a “reasonable period of time” but is generally not available to other users

  15. How Online Communications Are Stored • Blogging  Over 400 million English blogs in existence  Most accessible to anyone with Internet access; free; searchable  Quickly becoming a mainstream communication vehicle  Blog is hosted and data stored on Internet servers  Deleted entries may be retrievable depending on the archiving policies of the hosting service

  16. How Online Communications Are Stored • Microblogging  Social messaging service; combination text message and social network (Twitter or status updates on Facebook)  Updates posted to the website can be read by anyone who “follows” (Twitter) or “friends” (Facebook) the user  Depending on privacy settings, updates can be publicly available or locked down

  17. How Online Communications Are Stored • Microblogging (cont’d)  Like blogging, data is stored on the website’s servers, but may be available in many places – A large number of applications integrate Twitter with other applications, so tweets can be anywhere  Data can also multiply and be difficult to delete – A friend “sharing” a status message on Facebook posts it to their profile as well or “retweeting” on Twitter copies an update to another set of followers

  18. Issue #1: Facebook Privacy and HIPAA Concerns • Mortally wounded 60-year-old patient arrived in the St. Mary Medical Center emergency room • Nurses and staff members did not rush to his aid • Rushed to cell phones to take photos to post on Facebook and send via IM • Photos were on Facebook two days before HR became aware of them http://articles.latimes.com/2010/aug/08/local/la- me-facebook-20100809

  19. Issue #1: Facebook Privacy and HIPAA Concerns • The organization can be in trouble when it does not find out  Invasion of a patient’s privacy  Four staff members fired; three disciplined • Be proactive • Know what is being said about your organization and leaders  Webcrawlers – Google Alerts: http://www.google.com/alerts – Spokeo: http://www.spokeo.com

  20. Issue #2: The Bad Email

  21. Issue #2: The Bad Email • Compliance Response:  Investigate  Provide explanation if possible  If warranted, discipline must be imposed  Keep a record of the response and the discipline

  22. Issue #2: The Bad Email Possible Solution

  23. Issue #2: The Bad Email

  24. Issue #2: The Bad Email • Compliance Response:  Investigate  If warranted, discipline must be imposed  Keep a record of the investigation and the discipline

  25. Issue #3: The Bad Social Posts NAGGING NURSE My hospital is the WORST! They fired my fellow colleague and he killed himself! Our CEO uses unfair labor practices!

  26. Issue #3: Disciplining Employees for Bad Social Posts Hospital Response: This nurse must be discharged. He has been causing trouble on Facebook for months and this is a public display of disparaging remarks defaming the hospital’s reputation. Is this permissible?  Hospital wanted to discharge  Here, not permissible, BUT  Case-by-case analysis

  27. Other Organization Concerns Pre-Employment “Screening” • Many organizations use social media sites as part of their employment screening process  Some view this as a violation of privacy • Organizations may use these social media cites to confirm information on a resume; get more insight into a potential employee

  28. Voting Poll • Will private employers be permitted to force their employees to give passwords to private social media sites?  Yes  No

  29. Other Organization Concerns CAUTION: Pre-Employment “Screening” • Don’t ask employees for private passwords • Be aware of people with the same name • False profiles are prevalent and easy to create • Unintended biases • Could provide you with information you do not want to have (e.g., candidate has a disability, is pregnant, etc.)

  30. Steps Organizations Can Take to Protect Themselves

  31. Steps Organizations Can Take • Implement a social media policy • Implement an Internet use policy • Update disciplinary policy

  32. Steps Organizations Can Take • Issue clear, written policies on computer use to employees and update such policies annually • Remind employees:  ALL communications equipment is the employer’s property (hardware, software, email, voicemail, mobile devices)  They should have NO expectation of privacy in any communications prepared on company equipment, even if deleted (e.g., personal email accounts, tweets, Facebook status updates)  Messages sent from school email accounts may be subject to disclosure as a public record • Recommended to remind employees with every login

  33. Steps Organizations Can Take • Consider blocking network access if abused • Assign an employee to regularly monitor social networking sites (via Google and/or Spokeo) for references to the organization • Train employees on organization policies, social networking best practices and obligations under severance agreements • Ensure network security is sufficient for the new technologies employees are using • Do not take disciplinary actions that are not clearly authorized by policies/Collective Bargaining Agreements

  34. To Monitor and Discipline or Not to Monitor and Discipline

  35. Expected Future Developments and Challenges During a recent Secret Service investigation, it was learned that one agent posted the following while on detail with Sarah Palin in 2008:

  36. Expected Future Developments and Challenges It’s a Fine Line … • Organizations are permitted to monitor what employees do on their computers while at work under acceptable use policy • Organizations can monitor social networks to determine if their “sick” employees are really unable to work • Organizations may monitor after-hours behaviors that may affect the employer’s reputation or which may place patients’ privacy in jeopardy

  37. Expected Future Developments and Challenges It’s a Fine Line … • Organizations are not permitted to discipline if the post or email is about employees’ terms and conditions of employment • When in doubt – seek legal advice

  38. Compliance Requires Action What do you do when you find the bad email? • You keep it and ACT • The government will not accept inaction for bad email on company equipment • Failure to discipline will be held against the company undergoing audit or qui tam suit • The government may not accept inaction about private media sites that are known to the company

  39. Questions?

Recommend


More recommend