Employee Compliance Training
Training Outline
- Compliance Program, ethics and compliance Principles at Program Development Services Inc.
- Some of the applicable laws that determine how we do what we do.
- Consequences of noncompliance.
- Reporting compliance concerns.
Compliance at Program Development Services is our:
Compliance at Program development Services Inc. means
Adhering to the rules, this is how we have been able to improve
the lives of individuals for
the past 30+ years
- We try to avoid making a mistake by double checking documentation and following procedures.
- We own up to mistakes, speak with the right person and follow steps to mitigate consequences.
- We teach others what we have learned.
ACCOUNTABILITY
- Follow agency & government regulations
- Report suspected fraud waste & abuse of government funding
- Maintain your high standards
- Take responsibility in the prevention of fraud, waste and abuse.
- Admit an error they happen.
PROGRAM DEVELOPMENT SERVICE’S CORPORATE COMPLIANCE PROGRAM
As a human services agency who receives Medicaid/Medicare dollars, PDS is required to have a robust Corporate Compliance Program which adheres to the seven essential compliance elements as defined by the Department of Health and Human Services Office of the Inspector General.
PDS’s Corporate Compliance Program Policy and Procedures may be accessed here.
SEVEN ESSENTIAL COMPLIANCE ELEMENTS
The seven essential elements which govern PDS’s Corporate Compliance Program are:
Element One: Written standards, policies and procedures to prevent and detect fraud, waste, abuse and criminal conduct
Element Two: The Corporate Compliance officer, Leandre Constantine serves as the compliance officer and be responsible for the day-to-day operation of the Corporate Compliance Program and for fostering an environment of compliance. Program Development Services also has an agency-wide Corporate Compliance Committee whose membership includes key personnel from each department and agency leadership. The committee meets quarterly to discuss, review, and assess compliance subject matters, reporting to the agency CEO on a regular basis.
Element Three: Training and education of all affected parties, including all staff, board members, interns, contractors, on compliance issues, expectations and the compliance program.
Element Four: Communication lines to the chief compliance officer are in place. These allow people supported, family members, staff, the general public etc. to anonymously report compliance concerns or have compliance questions addressed. These are the Compliance hotline, (718-307-7846), and our Compliance Violation Report form.
Element Five: Disciplinary procedures and incentives to encourage good faith participation in Program Development Service’s Inc. Compliance Program by all affected parties are in place. Disciplinary standards are applied in a fair and consistent manner.
Element Six: A system for routine identification of compliance risk areas, including monitoring and auditing to detect criminal conduct is in place.
Element Seven: A system to responding to compliance issues when raised, which includes reporting, investigating and correcting problems.
FALSE CLAIMS ACT
False Claims Act prohibits knowingly or negligently submitting false claims.
Doing so = huge financial penalties (ranging between $13,507 to $27,018 for each claim) plus three times the amount of the original false claim
If it was your job to know, the government holds you responsible.
Everyday ethical practices
=
Less daily compliance risk
The Federal Government says filling a False Claim is when you:
Consequences of noncompliance:
A false claim
=huge financial penalties (ranging between $13,507 to $27,018 for each claim) plus three times the amount of the original false claim
= lost opportunities for the people we support for our colleagues, for ourselves (State Exclusion List; civil and criminal liabilities), loss of reputation and Program Development Services Inc. exclusion from the Medicaid program
Disciplinary Actions for non-compliant or non-ethical Behavior:
All agents of PDS (Board members, staff, interns, volunteers, and contractors) are expected to model behavior and practices consistent with all applicable regulatory and legal requirements and adhere to all PDS Compliance program policies and procedures including prompt notifications of non-compliant behavior.
Failure to adhere to PDS’s Compliance program and demonstrate compliant and ethical behavior may lead to disciplinary action ranging from a verbal or written warning to immediate termination.
PDS will ensure that its disciplinary standards are applied fairly and consistently across the agency.
The Federal Governments wants you to:
Avoid conflicts of interest
Family and Friends vs. PDS
Outside Business Interests and Job Duties vs. PDS
External Boards, Committees, and/or Politics vs. PDS Accepting and giving gifts to the detriment of PDS
Personal financial gains at the expense of PDS
Avoid the appearance of crossing the line
You didn’t have to intend to commit fraud to be found guilty of committing fraud.
PDS can be audited by:
The Federal Government (ex. Office of Medicaid Inspector General, OMIG, who sets and enforces compliance requirements)
New York State (ex. Office for People With Developmental Disabilities, OPWDD)
New York City (ex. New York City Department of Health and Mental Hygiene, NYC DOHMH)
PDS Corporate Compliance Department Reviewing your own work makes you your own auditor
You are doing your job if:

Non-Retaliation and Non- Intimidation:
Good Faith participation or reporting includes, but is not limited to:
Intimidation
Including but not limited to any act to manipulate a person or intentionally cause feelings of fear or inadequacy subsequently deterring that person from reporting breach of the law.
Retaliation
Any adverse action against the individual because of the individual’s good faith report of a compliance concern or participation in a compliance investigation.
Making corrections
To correct a mistake on a document:
- Draw a single line through the error
ex.Peter Paul Jones - Make the correction
ex. Paul Jones - Initial the correction
ex. Paul JonesPJ - Add the full date you made and initialed the correction
ex.Paul JonesPaul Jones PJo 9/21/2011
Write-overs and white out are NEVER acceptable
If your full signature does not appear somewhere on the document, you must also sign the document.
Reporting on Non-Compliant Behavior, Compliance Concerns, or Issues
All agents of PDS (Board of Directors, staff, contractors, volunteers, and interns) have an obligation to report any instances of non-compliant behavior, issues or concerns.
All compliance reports are treated as confidential as permissible by law and are transmitted directly to the Chief Compliance Officer or designee for review and follow up. All confidential reports are handled with the utmost care to ensure that necessary corrective action is achieved.
You may submit your report anonymously. Compliance reports can be made either through the:.
Compliance Contact
Leandre Constantine
Director of Quality Improvement and Corporate Compliance
Compliance Officer
Health Insurance Portability and Accountability Act (HIPAA)
Keeping your Protected Health Information (PHI) safe.
HIPAA protects PHI with the Privacy Rule2003 and the Security Rule2005
PHI, are identifiers, including but not limited to names, dates of birth, physical and email addresses, social security numbers, photos, diagnoses, program enrollments, evaluations, program documentation, and payment methods. Minimum necessary PHI is the least amount of information needed and seen by only those who need.
Adults Electronic Protected Health Information (EPHI) is protected under the Security Rule2005
Adults PHI Kept on paper is Protected Under the Privacy Rule2005
Releasing PHI
A specific HIPAA Release form must be completed and authorized before PHI can be released except when information is needed to carry out treatment, payment, or operations.
Students are protected under FERPA
Electronic PHI
Electronic Family and Educational Rights Privacy Act
Student Educational Records & Protected Health Information are kept secure
HIPAA Summary
Privacy Rule
PHI disclosed only as permitted by law (treatment, payment or operations) or person supported/personal representative.
Security Practices
PH I disclosed as only as Permitted by law (treatment, Payment or operations) or Per son supported/personal Representative.
Privacy officer
Leandre Constantine
PHI mishandled
Privacy Breach
EPHI mishandled
Security Breach
Protected Health Information (PHI) Best Practices
EHIPAA/EFERPA Best Practices
More EHIPM/EFERPA Best Practices
HIPAA’s newest piece
Systems such as Cx360 and Evolv store PHI and fall under the Health Information Technology for Economic and Clinical Health Act2009.
HIPAA and PDS will continue to evolve.
Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”)
While HIPM protects the PHI of those receiving services from PDS, the SHIELD Act (which became effective 03/21/2020) broadens the definition of what is considered PHI (as defined below) and its protections are extended, but not limited to, PDS employees, contractors, interns, and business associates.
Broadening the Definition of “Private Information.”
Include biometric information and username/email address in combination with a password or security questions and answers. It also includes an account number or credit/debit card number, even without a security code, access code, or password if the account could be accessed without such information.
Expanding the Definition of “Breach.”
Unauthorized “access” of computerized data that compromises the security, confidentiality, or integrity of private information, and it provides sample indicators of access. Previously, a breach was defined only as unauthorized acquisition of computerized data.
Expanding the Territorial Scope.
Now any person or business that owns or licenses private information of a New York resident. Previously, the law was limited to those that conduct business in New York.
Imposing Data Security Requirements.
Requires companies to adopt reasonable safeguards to protect the security, confidentiality, and integrity of private information. A company should implement a data security program containing specific measures, including risk assessments, employee training, vendor contracts, and timely data disposal.
Program Development Services Inc. Best Practices
If you think there may be a Compliance issue, have a Conversation with your supervisor Or Leandre Constantine, Corporate Compliance.
*Guidance
*Support
*Advice
*A listening ear
Compliance Training Presentation Acknowledgment
I have read the compliance training presentation and Fully understand the rules and regulations of the compliance training guidelines.
I understand that I must comply with all Policies And Regulations Pertaining to Compliance.