1. Unable to validate the completeness of incident reporting.
Based on review of several Quantros incident files for FY 2011, we were unable to validate the completeness of the hospital level vs. the corporate level reports for incidents during 10/1/10 to 8/31/11 because incidents were missing from the corporate level report. This may affect the accuracy of claims and incident information provide to the Actuary and AHCA respectively.
We recommend that Risk Management work with Quantros to resolve any/all discrepancies in the periodic reports at all levels (i.e. hospital, corporate, etc....) to ensure completeness and accuracy of reporting.
Management Response:
Completeness of SRM reporting module: Although this finding reflects an analysis of one data set, I do not believe it is a continuing issue. Since receiving the IA report, I have investigated this matter. In two independent reviews, the number of events was determined to be the same and therefore complete. One review was performed by Quantros IT who ran several reports between Main and Corporate applications and found no discrepancies. I also ran two different types of reports that confirmed accuracy. I am unable to determine why the initial report provided to IA indicated otherwise but it appears as though this is not problematic. The SRM module applications have complete data. In the unlikely event there was a problem between them; reports to AHCA would not be compromised. AHCA reports are generated from each individual facility’s SRM application and not through the corporate site.
Action Plan Owner: Implementation Date:
Sandra Gorski, Risk Management Director Completed
2. Reconciliations are not prepared for Claims payment.
A periodic reconcilement between Quantros, bank statements, and the General Ledger is not being performed. We recommend that claims reconciliation between Quantros, General Ledger, and bank statements be performed on a monthly basis.
Management Response:
Reconciliation between Quantros, bank statements and the General Ledger: We agree with the finding. Our departments will perform monthly reconciliations of the Trust account bank statements and Quantros claims module. David Alexander will also arrange to send risk management a monthly copy of the Trust account bank statements
Action Plan Owner: Implementation Date:
Sandra Gorski, Risk Management Director January 31, 2011 David Alexander, Corporate Controller
3
3. Quantros claims module inappropriate user access exists.
IA identified 5 of 18 individuals with inappropriate Quantros claims module access and user profiles. We recommend that management identify and de-activate all individuals who have inappropriate access immediately. In addition, a formal process needs to be established to activate and de-activate users in a timely manner and quarterly reviews should be performed.
Observation corrected during audit. It was verified subsequent to the above observation that management removed the inappropriate individuals.
Management Response:
None required.
Action Plan Owner: Implementation Date:
Sandra Gorski, Risk Management Director Completed
4. Lack of standardization for claims processing, documented policies and procedures.
IA identified incorrect claims status, claims documentation not centralized, and subjectivity judgment on establishing reserves. It was noted that formalized departmental policies and procedures for processing claims and incidents do not exist. In the event there are new hires, turnovers or absent in management, formalize documentation should be developed for seamless transfer of knowledge, standardization, and key operational functions. Formalized standard policies and procedures should include but not limited to the following:
Explanation for each incident/claims "event type"
Methodology for establishing claims initial reserve amount based on "event type" using historical analysis of latest reserves (i.e. less subjectivity)
Required claims documentation
Criteria defining what constitute for an open or closed claim (i.e. signed claims released form, denial letter, etc...)
We recommend Risk Management develop and draft policies/procedures to support the consistency of departmental internal processing and standardization of claims.
Management Response:
Claims status, documentation not centralized, and setting reserves: I agree with the finding. Claim status is different between professional and general liability cases. IA’s findings relate to some situations where PL cases have been designated claim as opposed to NOI. Communication with staff regarding case designations has been completed. All open PL cases will be reviewed and changed to NOI status as necessary. Documentation: it has been the goal of this department to file all case related documents electronically. This might have resulted in instances where paper copies were not added to a file. We will make certain the process also includes placing a paper copy into the file. Reserves: There is always a certain degree of subjectivity in establishing reserves but general reserving guidelines will be suggested as formalized written procedures are developed. The risk management department has been without a professional liability claims manager for some time. This fact has resulted in the need to assign claims
4
responsibilities to risk managers. Being able to hire a claims adjuster/manager will be instrumental in facilitating much of these efforts.
Formalized procedures: I agree with the finding. Although there are agreed on procedures that all department staff are aware of, there has never been formalized documentation of claims procedures. Now that the PL claims adjuster/manager position is approved (it has been on hold for two years) and once it is filled, I will have staff to work with in developing them.
Action Plan Owner: Implementation Date:
Sandra Gorski, Risk Management Director May 1, 2012
5. Lack of timely reporting of incidents.
Exceptions were noted in 2 of 34 (6%) incidents selected for attribute testing created during FY 2011. IA identified 2 incidents with lack of timely reporting (incident date vs. report date) in Quantros that were outside the 3 business day requirement established by Florida Statute 395.0197 for healthcare facilities. In addition, incidents are not being reported in a timely manner for Jackson North Hospital ("JNH"). JNH had 2.4K incidents created during FY2011 with an average lag time of 4.74 days. See illustrations 3 for overview. We recommend that Risk Management start preparing trend analysis and KPI's to identify areas of improvement to ensure that everyone complies with the three business day requirement, disseminate the information throughout the organization, and provide training where necessary.
Management Response:
I agree with the finding. Illustration 3 indicates that Jackson North and Jackson South have some events that exceed the 3 day event to report date. Florida statute 395.0197 requires a patient safety event be reported within 3 business days. It is not clear from IA’s report if this was considered and might have impacted the analysis. We have determined that some factors contributing to delays have been: some departments bundle events and enter them at one time and some staff prefers to call and report events on an anonymous tip line. The person receiving these calls then has to enter them into Quantros. Event bundling has been addressed with the appropriate departments and they will now be entered as close to occurrence as possible. Removing the anonymous tip line might help to improve timeliness of reporting. This line will be deactivated. Training will be scheduled for those who have been in the habit of calling in an event rather than entering it directly into Quantros.
With regard to the incidents selected for attribute testing, both of the events were from Jackson North. One delayed event involved a weekend and so the statutory reporting requirement was met. Another involved a delay in obtaining a rehab appointment due to lack of availability of appointment times.
Action Plan Owner: Implementation Date:
5
Process Improvement Opportunities (“PIO”):
Process improvement opportunities are enhancement to existing operational and financial processes for more efficiency and effectiveness in delivery quality/quantitative controls and key performance indicators (KPI’s). See area(s) for improvement below:
6. Establish KPI's to monitor/track incidents and claims reporting progress.
Based on IA’s trend analyses developed, we recommend KPI's should be established to highlight incident and claims historical trends, recurring incidents by facility / service area (Main), and lag analysis as to how long it takes to report an incident. This would be one aspect of a pro-active mechanism to prevent potential incidents from occurring, manage incidents and claims more effectively, and developing root cause analysis for risk reduction. This information should be disseminated throughout the organization and provide on-going training where necessary. See Appendix for sample graph illustrations created by Internal Audit.
6