Navigant_PCC Lunch_CARE and Emerging Risks April 26 2016

/ ©2016 NAVIGANT CONSULTING, INC. ALL RIGHTS RESERVED1
PCC COMPLIANCE OFFICER LUNCH
APRIL 26TH 2016
CARE & CONCERN

CARE

/ ©2016 NAVIGANT CONSULTING, INC. ALL RIGHTS RESERVED3 / ©2016 NAVIGANT CONSULTING, INC. ALL RIGHTS RESERVED3
WHY COMPLIANCE RISK MANAGEMENT MATTERS

MARKET NEED
…….. to Plead Guilty and
Pay $3B to Resolve Fraud
Allegations and Failure to
Report Safety Data
Physicians, Insurers Clash
Over Medical Necessity
Medicare Billing Records
Give FCA Whistleblowers
New Ammo
A Wake-Up Call for Companies
with Corporate Integrity
Agreements and Deferred
Prosecution Agreements
DOJ Recovers Nearly $6B
from False Claims Act
Cases in FY 2014

Limited tool kit
Unclear lines of communication
Weak feedback mechanisms
Lack of engagement of the business/management
Ad hoc nature
Lack of effective network of “risk sensors”
Lack of dedicated resources
Lack of coordination between assurance groups
Lack of inclusion of emerging/current, specific risks
Inadequate risk mitigation
In other words a lack of systems thinking!
OBSTACLES TO EFFECTIVE COMPLIANCE
RISK MANAGEMENT

THE ORGANIZATION – THE SYSTEM
6
Environment
Corporate
Business Activity Results
Business
Strategy
• Global/Local
• Laws
• Regulations
• Guidances
• Competition
• Customers
• Structure
• Culture
• Strategy
• Governance
R D MFG DIST M&SBD
Regulatory
Clinical
Compliance
Financial

THE ORGANIZATION – THE ASSURANCE
ENVIRONMENT
7
Environment
Corporate
Business Activity Results
Business
Strategy
• Global/Local
• Laws
• Regulations
• Guidances
• Competition
• Customers
• Structure
• Culture
• Strategy
• Governance
R D MFG DIST M&SBD
Regulatory
Clinical
Compliance
Financial

THE ASSURANCE ENVIRONMENT
Internal Audit
[financial]
Healthcare
Compliance
[people]
Quality
Assurance
[product]

MANAGING RISK?

DEVELOP AND IMPLEMENT WITH THE END IN MIND

Quantification of compliance risks?
Risk Register?
Root Cause Analysis?
Risk Mitigation through
- Corrective Action?
• Governance, written standards, training, communication
- Auditing?
- Monitoring?
In the context of an Effective Compliance Program
WHAT IS THE END?

THE COMPLIANCE RISK ASSESSMENT
PROCESS
Environment
Corporate
Compliance
Risk Register
Activities
Products
Content:
Risk Activities
Definitions
Quantification
• Global/Local
• Laws
• Regulations
• Guidances
• Competition
• Customers
R D MFG DIST M&SBD
• Structure
• Culture
• Strategy
• Governance
Process:
Consistency
Linkages
Technology
Business
Monitoring
Compliance Auditing
and Monitoring Plan
Compliance
Auditing and
Monitoring
Management
Corrective Action
Follow-up
Mitigation
Governance
Written Standards
Training
Communication

• Legal
• Regulatory
• Compliance
• Finance
• Outside Counsel
• Consulting Firms
• Secondary sources
(e.g., websites,
research, etc.)
• Brand Teams
• Clinical Ops
• Commercial Ops
• Medical Affairs
• R&D
• Sales
External Data Sources Internal Data Sources
External Events
• Market level events
• Competition
• Payer mix
• Healthcare Reform
• Governance
• Government Regulations
• OIG Workplan
• Corporate Integrity
Agreements
• PhRMA Code and others
as applicable
Company Level Events
• Historical Results (e.g., previous
audits and risk assessment scores,
corrective action milestones and
mitigation actions)
• Organization structure shifts, e.g.,
merging teams, reductions in force,
etc.
• Acquisitions
• Risk tolerance changes
SURVEYING CONSTITUENTS
Product level events
• Medical strategies
• New products or indications
• Clinical research results
• Safety data
• Marketing strategies
• Market access strategies
• Innovative programs
• Sales force strategies

Developing the quality and consistency of compliance risk management
information:
- Redesigning and consolidating risk assessments, creating a single corporate
view
• Risk Activities
• Risk Junctures
• Definitions
- Integrating information from all assurance groups
- Making disclosure of risk management information transparent and meaningful
• Quantification
• Variables, e.g.:
◦ Likelihood
◦ Impact
◦ Mitigation
◦ Control
DEVELOPING CONTENT

Adverse Events
Advisory Boards
Call Plans/ Developing Target Lists
Charitable Contributions
Clinical Trial Payments
Contractual Arrangements
Conventions
Corporate Spend - T&E
Data Integrity - Clinical Data
Data Integrity - Transparency
Detailing - Managed Markets
Detailing - Sales Rep .
RISK ACTIVITIES – EXAMPLES

Advisory Boards:
- Advisor selection
- Fair Market Value
- Contracting
- Justification of Advisory Board
- Location and Meals
- Company attendees
- Consideration of advice
RISK ACTIVITIES AND RISK JUNCTURES – EXAMPLES

Implementing processes to achieve a sustainable improvement in risk
management
- Implementing processes for achieving consistency
• Data collection
• Feedback loops
• Reporting
- Linking assurance activities to business risks
- Using technology to streamline management effort
• Surveys
• Data analysis
DEVELOPING PROCESS

Activity based and Product based
Coordinated assurance approach
Scheduled assurance activities
Living document
COMPLIANCE RISK REGISTER
Baseline Activity
Risk Score
Survey
Product Spend
Survey
Audit History
Survey
By Product
x x
Product
Life Cycle
Risk Survey
Adjusted
Activity Risk
Score /
Product
x
=
Annual
Auditing
and
Monitoring
Plan
Event Driven
Audits
CIA
Required
Monitoring
Areas not
Audited in
Last 3 Years+ + + =

Rank Risk Activity
Baseline
Risk
Score
Avg.
Product
Adj. Risk
Score
Max
Product
Adj. Risk
Score
No. of
Products
with Max
Score
Products
1 Data integrity - HCP 13.0 19.5 23.6 6
2
Health Outcomes (i.e., data
purchases, use of data, data
sources)
12.6 19.2 23.0 3
3 Data integrity - HCI 12.7 19.0 23.1 6
4
Incentive compensation -
Field Sales
10.9 17.5 20.2 3
5 Samples - buy & bill 13.2 17.5 17.5 1
6
Investigator Fees - for
investigator sponsored trials
[R&D, Medical Affairs]
10.7 17.3 19.5 4
7
Service Arrangements with
HCIs (e.g., Academic Medical
Centers)
11.8 16.8 18.2 1
8 Coupons and switching 10.2 16.8 18.8 2
9
New Business Roles ( e.g.,
Patient Coordinator etc.)
12.9 16.6 20.1 6
10
Advisory Boards -
Administration
(R&D, Medical Affairs,
Commercial)
10.6 16.3 19.2 6
EXAMPLE:
TOP 10 OVERALL ACTIVITIES: HIGH RISK PRODUCTS

EXAMPLE HEAT MAP
Major
Significant
Moderate
Minor
Low
Remote Unlikely Possible Likely
Almost
Certain
ImpactAssessment
Likelihood of Risk Consequence
Heat Map
B F
G
A
HE
I
D
J
C

RISK MITIGATION THROUGH AUDITING & MONITORING
R
I
S
K
Independent Auditing
Independent Monitoring
Business Based Monitoring
Independent Monitoring

Compliance Assessment and Risk Evaluation provides a focus on risks
associated with activities in the organization that implicate certain laws and
guidances associated with:
• Interactions with healthcare professionals and institutions
◦ Value
◦ Data
• Pricing for products
CARE now published:
- Sanofi CIA signed 08/17/15
BETTER PRACTICE: COMPLIANCE ASSESSMENT &
RISK EVALUATION (CARE)

Risk Assessment driven
Coordinated with Compliance
Focused on risk junctures
Leverages technology in process
Structured for reporting purposes
Aligns with Compliance monitoring/Auditing process
BETTER PRACTICE: BUSINESS MONITORING

Increased reliance on independent third-party experts
- to monitor compliance
• Federal Sentencing Guidelines:
• §8B2.1.b.5: “The organization shall take reasonable steps
• (A) to ensure that the organization's compliance and ethics program is followed,
including monitoring and auditing to detect criminal conduct;
• (B) to evaluate periodically the effectiveness of the organization's compliance and
ethics program “
• PhRMA Code requirements
• Third party auditors needed to monitor speaker programs, speaker training meetings,
informational presentations
BETTER PRACTICE: THIRD-PARTY MONITORING

» Tools include:
› Electronic Discovery
Reference Model
› Information Management
Reference Model
› HCP Navigator:
Arrangements database
and disclosure tracking,
monitoring and reporting
platform
› RAYS: Aggregate Spend
Reporting
› ComplianceCheck®
BETTER PRACTICE: USE OF IT TOOLS

CONCERN

Yates Memo
- To qualify for any cooperation credit, corporations must provide to the DOJ all
relevant facts relating to the individuals responsible for the misconduct.
- Criminal and civil corporate investigations should focus on individuals from the
inception of the investigation.
- Criminal and civil attorneys handling corporate investigations should be in routine
communication with one another.
- Absent extraordinary circumstances or approved departmental policy, the
Department will not release culpable individuals from civil or criminal liability when
resolving a matter with a corporation.
- DOJ attorneys should not resolve matters with a corporation without a clear plan
to resolve related individual cases, and should memorialize any declinations as to
individuals in such cases.
- Civil attorneys should consistently focus on individuals as well as the company
and evaluate whether to bring suit against an individual based on considerations
beyond that individual’s ability to pay.
INDIVIDUAL ACCOUNTABILITY

Have governance in place: be reviewed by legal counsel with experience
in the applicable federal and state regulations
Have a policy and procedure in place
Alignment of specialty pharmacy with company Code and written standards
Provide training for any personnel involved
Arrangements database for monitoring and tracking
Arrangements with specialty pharmacies are for legitimate and lawful
purposes in accordance with the federal Anti-kickback Statute and other
applicable federal and state healthcare program requirements
Business rationale for the specific services provided
Arrangements under contract at fair market value
Services do not undermine or otherwise interfere with the clinical judgment
of the patients’ prescribing healthcare professional
SPECIALTY PHARMACY

Patient Advisory Boards
Patient Speaker Programs
Social Media
Adherence Programs
Reimbursement Support
PAPs
Copays, Discounts
Implications:
- Privacy/HIPAA
- Off-label
- Government Pricing
PATIENT INTERACTIONS

SAUL B. HELMAN MD
Managing Director
317.228.8726
saul.helman@navigant.com
THANK YOU

Navigant_PCC Lunch_CARE and Emerging Risks April 26 2016

Recommended

Recommended

More Related Content

Similar to Navigant_PCC Lunch_CARE and Emerging Risks April 26 2016

Similar to Navigant_PCC Lunch_CARE and Emerging Risks April 26 2016 (20)

Navigant_PCC Lunch_CARE and Emerging Risks April 26 2016