Compliance the Third
In the most annoying sense of the term
“Compliance” is a very versatile word, in the healthcare industry. We’ve already gone over two very different but equally valid meanings for it. On the one hand, it can refer to how much your lungs will distend in response to a given amount of pressure. Lungs with low compliance are stiff and won’t inflate well. On the other hand, it can also refer to the extent to which a patient cooperates with the plan of care their doctor gives them; we often say a patient is “non-compliant” on their home CPAP machine for sleep apnea, because the machine is unpleasant to wear, or that a schizophrenic is non-compliant with their psych meds, because those meds cause onerous side effects.
Today I’d like to go over yet another meaning of the word, though it’s one which I imagine is found at any number of other large corporations. My hospital has a whole department called “Compliance.” It isn’t about lungs or patients at all. It’s about the law. Your compliance people are responsible for making sure that everybody is obeying the bajillions of regulations covering healthcare1. This is not a fun job. Not only is the job itself tedious, whoever’s in charge of it instantly becomes the Lord Voldemort of the company, feared and hated. People flinch and hide wherever they go. But it has to be done.
As a lowly snot-sucker grunt at the bottom of the totem pole, I do not regularly and directly interact with the Compliance people. I am mostly reminded of their existence by annual “education modules” which I must do. If I don’t do my modules on time, HR will forbid me from coming to work until I do. These modules consist of powerpoint presentations, videos, and short quizzes on a variety of subjects such as what needs to go in a sharps container versus ordinary trash, or what constitutes fraud, waste, and abuse as far as Medicare is concerned2.
I don’t learn much of anything from these education modules. I mean, they’re the same damn thing every year, so I wouldn’t anyway, but more importantly they’re designed to be excruciatingly easy. I can and generally do click through the slides at lightning speed without looking, then answer the quiz questions, which are usually something like this:
You see a patient in yellow socks, the universal marker for Fall Risk, getting up to go to the bathroom by herself. She is not your patient and you do not know her. What should you do?
A. Yell, “Bitch, get your wrinkled ass back in that bed!”
B. Walk away and mention to the nurses’ station that “it looks like 23 is off the reservation.”
C. Hurry into the patient’s room, tell her not to get up, and call for a nurse or tech to come help. Do not leave the patient until someone is available to move her safely.
D. Ask the patient care techs if they want to form a betting pool on whether she breaks a hip.
(slightly exaggerated, but the real thing will have three "be a complete idiot heel” options and a fourth which is obviously correct)
You might ask what the point is of asking such obvious questions. But the obviousness is the point. Compliance is about complying with the law, and these little slideshows and quizzes are about compliance—demonstrating compliance, that is. If you actually see a patient in yellow socks risking a fall and walk away whistling, and she falls and breaks something, and the administration finds out, you will lose your job at minimum. And then the hospital will hire another whatever-you-are.
But what will the hospital do? Well, they’ll point to these modules, which they can prove you did, where you said the correct thing to do was answer C, which shows that they did their best and are not at fault and should not be sued into oblivion. How were they supposed to know you were lying?
That, ultimately, is the point of all compliance: to protect the company from lawyers, who have immense power to harm them. It’s easy to be angry at the hospital for being so cowardly about this, but incentives matter. Our country has a ridiculously huge number of lawyers; law schools have been overproducing for years, even resorting to daft schemes like rehiring their own graduates under low-paying sinecures to hide the fact that there simply aren’t enough jobs out there for the number of people who want to be lawyers. A hospital is a corporation like any other, and it has an obligation to protect itself against existential risks, one of which is that one worker, out of the thousands they employ, might be an idiot in such a way that they, the hospital corporation, lose millions of dollars in court and subsequently have to downsize. So they have a whole department concerned with defending themselves against that risk, as efficiently as they can manage.
The questions are easy so you will select the answer with the smallest possible number of tries, then get back to doing the actual work they want you to do. It doesn’t matter that this isn’t actually making anyone safer; the law can’t make that happen. A real culture of safety isn’t that easy to establish or prove. The government can only require that you go through safety kabuki—whether you’re running your own employees through it or writing thousands of pages of kabuki play for visiting inspectors.
I don’t have a neat answer to this. Probably there are equivalent departments in every industry that does anything of real importance. Probably the guys at Tyson get regular inspections from stern people who demand they develop a specific policy for disposing of chicken in the event it somehow gets contaminated with smallpox or bubonic plague, and employees at the Honda plant have to click through videos telling them they shouldn’t pour oil on the floor as a practical joke. But the people who write the laws have constituents, and those constituents want to know that the government is keeping them safe. Ultimately, it does so with powerpoints.
Pardon this lengthy aside: a surprising amount of the Feds’ leverage over healthcare comes not in the form of direct control by laws written in Congress, but by the threat of losing reimbursement rights from the Center for Medicare and Medicaid Services. Hospitals must take all comers, by law, but old and poor people consume a disproportionate share of healthcare, and CMS controls whether and how much the hospital will get paid for handling them. They make this decision based on the facility’s adherence to regulations decided by appointed bean-counters who, so far as I know, have never worked a day in healthcare themselves, but who have plentiful experience working their way up the federal bureaucracy.
Actual inspection and enforcement are farmed out to bodies like J CO and DNV, who regularly visit the hospital to make sure they have absolutely no errors in their paperwork (the inspectors aren’t allowed to go in rooms to see the healthcare itself, and wouldn’t understand it if they did, so on days they announce a visit with “Code Purple” we all log out of our computers and run into patient rooms to hide whenever we see people in suits; if they ask us questions about irrelevant procedural crap, and we don’t know the answers, the hospital could get in trouble and we could get fired). In effect these private entities have a license from the government to shake us down with fines for having inadequately defined protocols (there is more footnote, click down/see below if you’re mousing over).
At one visit, for example, the respiratory department got dinged for not having a sufficiently explicit written procedure for choosing our medical director. We’d had the same medical director for many years at the time, I’m unsure if we even paid him significantly for being our medical director, and in practice he was just one of the pulmonologists on staff who had a purely nominal title and never interacted with us because our established procedures never changed. We have to be reminded of which pulmonologist it is before every inspection. You could replace our medical director with a Cabbage Patch Kids doll and not really change anything. But the regulatory goblins didn’t like that we didn’t have the right kind of paper trail for him, so we had to shape up on pain of putting the hospital in the red with every old man who came in with a heart attack.
We do at least get a choice as to who does the inspecting; J-CO are bigger bastards than DNV, but getting accredited by J-CO gets you better reimbursements. That’s something. But, if you’re curious, this is about all that active government safety oversight really amounts to in practice: subcontracted procedure Nazis.
Per a quick googling, the government’s best estimate—which it freely admits is probably very low—is that sixty to a hundred billion dollars of Medicare and Medicaid spending is FWA, every year. Their overall budget is about 1.5 trillion, so basically they admit one out of every fifteen dollars they spend is getting stolen. And yes, it’s probably much more than that. The recent scandal with nonexistent Somalian daycares in Minnesota, for example, was ultimately about Medicaid abuse, because the money they were stealing came from Medicaid. Since the Feds generously provide the majority of funding for Medicaid, but it’s administered by states, states have essentially no incentive to look out for abuse, ever. They get paid either way, and most of the money is from Uncle Sam.
The government’s response to this epidemic of larceny is to make sure we all watch slides reminding us that stealing from Medicare is Very Bad and leads to Serious Repercussions. Also you can in theory get paid a percentage bounty for reporting instances of FWA, which effectively nobody does because they fear retaliation and informal blacklisting out of their whole career way more than they trust the Feds to conclude a lengthy investigation, keep their involvement secret, and pay them a one-time cash bonus (however huge) for snitching.