Pharmacy Compliance Guide

The NEW Segment part of the 'Pharmacy Compliance Guide' is hosted by Jenny Schell, CDME Sr. Compliance Strategist with R. J. Hedges & Associates. 
Podcast on Medicare Applications by the Numbers
 
A lot of people ask me about Medicare. There is a lot of confusion on who needs what number.
 
Immunizations
Really easy process to get a number. The pharmacy would complete the 855 B application.
Applications have a fast turnaround-usually a month
YOU DO NOT NEED ACCREDIATED
 
Medicare Number –This division (NSC) takes about 3 months to issue a number. This application requires you to carry a surety bond and have a certificate of liability with NSC as the certificate holder as well as your AO (if you have one).
New applications as well as re-validations will require owners and authorized officials to be fingerprinted.
 
Two ways to complete
For non-accredited drugs only
o   Benefits
For DMEPOS accredited items
o   Benefits
o   Accreditation
o   Exemption
o   Revalidation
Revalidation happens every 3 – 5 years 
What that means
You  “update” your Medicare application and pay Medicare $$. Every year they change the Medicare application fee. For 2018 it is $569 per application.
Contact Jenny: Website:  www.rjhedges.com 
See omnystudio.com/listener for privacy information.
Learn more about your ad choices. Visit megaphone.fm/adchoices

DEA Documentation Requirements 
Special Guest: Carlos Aquino from PharmaDiversion LLC™
In early 2017, we saw DEA changing their focus on pharmacy compliance. DEA increased their enforcement from the verification of the Combat Methamphetamine Certificate to a more formal on-site inspection. Now with the emphasis on the opioid epidemic, DEA is under increase pressure to look for abusers of the system. Naturally, the first place any inspector will start is the pharmacy. We have been spending more time updating our clients on this trend and providing as much information as we can find. Then I attended a conference last September and one of the presentations was on “Maintaining Your Pharmacy in DEA Compliance”.
Carlos Aquino is the President of PharmaDiversion and he is based out of Philadelphia. Carlos is a retired DEA diversion investigator and a great supporter of independent pharmacies. If you ever have an issue with the DEA, Carlos is the first person you should call. 
CSOS user names and passwords
Power of Attorneys for DEA forms 222 and Electronic Orders
Receiving C-II orders from the wholesaler and completing the DEA documentation
First, every person who uses the CSOS system must have their own user name and password. No person may share another person’s user name. Having a single user name for a pharmacy only works if the user never takes a day off, ever; and we know that won’t happen occur so you are opening yourself for criticism with the DEA as soon as they start asking questions.
Setting up additional user names is not hard, you work with your wholesaler software system to establish a new user name. Each system has their own variation and perimeters, so if you have questions, go to their IT department.
When the drug order is received: a. CSOS is accessed by an authorized individual with a Power of Attorney for DEA Forms 222 and Electronic Orders with an individual user name and password that is not shared with another person b. The order of Controlled Substances is checked against the packing slip/invoice c. DEA 222 is completed through CSOS d. Print the DEA 222.
Most systems will state on the document, “This is not a DEA issued Form 222. This form is available for convenience.”  If this document does not print, check your Pop-up Blocker  The Pop-up Blocker may also prevent a completed DEA 222 from being printed (Carlos picks up)
• This document acts as the DEA 222 for DEA on-site inspection purposes
• In most cases, this document prints with the fields empty. Manually complete this document by entering the following information:
o Packages Received
o Date Received
o DEA requires the persons initials:  Remember this person must have a Power of Attorney  Recommend a signature over an initial e. Attach the packing slip/invoice to the acting DEA 222 f. Keep on file for two (2) years:
• DEA requires the pharmacy to produce the completed DEA 222 and invoice upon demand o DEA regulations require you to have this record to be “readily retrievable” and separate from other records o Reference: DEA Pharmacist’s Manual, Section VI – Record Keeping o You cannot print and complete the document when a DEA inspector is on-site.
Carlos, I have been working with other organizations on the opioid crisis, this process is straight forward, but as Jeff stated at the beginning, DEA is enforcing the documentation requirements. Can you give us specific examples of pharmacy who have recently received DEA fines or you are aware of the DEA fines.
Example 1: CSOS user names and passwords
Example 2: Power of Attorneys for DEA forms 222 and Electronic Orders
Example 3: Receiving C-II orders from the wholesaler and completing the DEA documentation If time permits, one more example
Jeffrey Hedges, CDME
President & CEO
P.O. Box H, New Florence, PA 15944
Direct:  724-357-8380    Fax:  814-446-6336    Website:  www.rjhedges.com
See omnystudio.com/listener for privacy information.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The Fit Pharmacist partner & Pharmacy Podcast Network co-host Dr. Christina Tarantola joins Jeff Hedges president of RJ Hedges & Associates & Pharmacy Compliance Guide podcast host with Tara Modisett, Executive Director of Alliance for Patient Medication Safety - recorded live at the NCPA Annual Conference 2017 in Orlando FL. 
To help improve Patient Safety and reduce mistakes, everyone in the pharmacy must be involved in quality control; helping to identify mis-steps and errors, being aware of sound-alike/look-a-like drug fills are ways to ensure you are taking proactive measures. Errors found behind the counter are quality control, errors going out the door are medication errors.
Errors do happen and it is important to understand what you need to protect yourself, as well as your patients. The Patient Safety and Quality Improvement Act1 requires a Continuous Quality Improvement (CQI) Program be implemented.
A CQI program is designed for detecting, documenting, analyzing and preventing quality-related events (QREs) with the intent of preventing medication errors and improving patient safety. A Continuous Quality Improvement (CQI) program creates an environment that makes quality the top priority and allows pharmacy staff to learn from past mistakes, while focusing on improving patient safety by decreasing errors and increasing quality.
Pharmacy staff must be willing and open when discussing all failures of quality. Reporting errors should not lead to blame or punishment but instead needs to be seen as an opportunity to learn and improve. When an error occurs your first question should be “what in our system allowed this error to occur?”
A PSO will most likely assist you in designing your Patient Safety Evaluation System (PSES), which is a system of procedures and policies for collecting, managing, and analyzing information for reporting to the PSO. A PSO provides the framework for safety data to be protected as Patient Safety Work Product (PSWP). PSWP is defined as any quality data and analysis and/or oral statement, assembled or developed by a provider, for reporting to a PSO which constitutes the deliberation or analysis of a Patient Safety Evaluation System (PSES).
PSWP is not subject to subpoena, discovery or admission into evidence. According to the Patient Safety and Quality Improvement Act1 , federal privilege preempts state tort law, but not state reporting laws. However, federal privilege does not preempt state laws that are more stringent. The collected and reported quality and patient safety data that you report to a PSO are shielded by federal confidentiality and privilege protections. The protected information can include event reports, Root Cause/Systems Analyses, minutes of quality/safety meetings, related graphs, spreadsheets, reports, communications to/from the PSO, and related information listed in the Act.
In order to maximize the legal protections afforded by the Act, pharmacies must enter into an agreement to join a PSO, develop and maintain a PSES, conduct all quality and safety activities within the PSES, maintain PSWP as confidential and protect PSWP from disclosure outside the PSES.
In turn, the PSO must remain in good standing with the Agency for Health Research and Quality and must meet operational and security requirements set forth by the Patient Safety Act Regulations.
Special Guest: 
Tara Modisett
Executive Director
Alliance for Patient Medication Safety™ PSO
2530 Professional Road  Richmond VA 23235
Phone (866) 365-7472  
www.medicationsafety.org    
See omnystudio.com/listener for privacy information.
Learn more about your ad choices. Visit megaphone.fm/adchoices

HIPAA Breaches & Desk Audits
What is a breach?
In simple words, the loss of patient protected health information, either printed or electronic.
How common are breaches within pharmacies?
There are two types of pharmacies and pharmacy owners,
The first are the ones who know they have had a breach
The later are the ones who have had a breach and don’t know about it
How can I have a breach and not know about it?
Simple, has your pharmacy clerk ever given a patient another patient’s medication?
That is a breach
Can you give me examples of breaches?
Pharmacy is robbed and the will call bin is stolen
Pharmacy is robbed and the server is stolen
Staff pharmacist has a laptop stolen
Delivery driver has their vehicle stolen which is full of prescriptions to be delivered
Billing manager has a jump drive with patient files for billing to work at home and loses it on the bus
What do I do when a breach occurs?
First, don’t panic
Get the facts
Complete a Potential Breach Evaluation and a Risk Assessment
Determine whether the breach is reportable or non-reportable to HHS/OCR
Document everything 
What are OCR Desk Audits
Tested in 2016
Launched on January 1, 2017
Notification via U.S. Mail and Email
Also conducting no notice on-site inspections
What is the OCR asking for?
Notice of Privacy Practices (date must be after 07/01/2013)
Risk Analysis
Risk Management Plan
Disaster Recovery Plan/Contingency Plan
Annual Privacy and Security Assessments
Random Policies and Procedures
On-Site Inspections
Same as above, but in person
First question is to the person at your counter, normally your clerk
Can I have a copy of your Notice of Privacy Practice?
They have to know the answer and provide the NOPP
Penalties for Non-compliance
Fines up to 1.5 Million Dollars
 Is there help available to pharmacies?
Yes, but you get what you pay for
You can buy a set of policies and procedures, but if you have breach, especially a reportable breach:
Will the consultant stay with you when you need them the most?
Will they charge you extra?
Will they provide the correct advice?
How do you know how to pick a consultant?
Ask your peers
Ask hard questions about how they have handled client breaches and inspections
Do you get detailed answers from the consultant?
Do you referrals from multiple people?
CONTACT: Office:  724-357-8380 
Website:  www.rjhedges.com
See omnystudio.com/listener for privacy information.
Learn more about your ad choices. Visit megaphone.fm/adchoices

The newest segment to the Pharmacy Podcast Network is a partnership with RJ Hedges & Associates bringing our listeners the Pharmacy Compliance Guide. 
R.J. Hedges & Associates has a dedicated team, devoted to providing complete turnkey healthcare compliance programs for our clients. We offer easy-to-use Policy and Procedure Manuals and Programs that contain all requirements for the U.S. Department of Health and Human Services (HHS), Medicare Quality Standards; HIPAA Compliance with HITECH requirements; Compounding; Fraud, Waste & Abuse Prevention; OSHA Bloodborne Pathogen requirements; Human Resource Management, Immunization requirements, and business consulting services.
About the co-host: Jeffrey Hedges
Jeff Hedges -- President & CEO of R. J. Hedges & Associates of New Florence, PA.  After serving in the United States Air Force for 27 years, Jeff transitioned into the private sector, developing software to help independent pharmacies understand and become compliant with HIPAA.  Later, Jeff founded R. J. Hedges & Associates to support healthcare providers with compliance services and software solutions.  
Today his company offers comprehensive customized healthcare compliance and consulting services for independent pharmacies, home health care facilities, medical supply companies, physicians and other small practices throughout the United States.
 Jeff is a sought-after speaker at numerous seminars and national conferences, educating his audiences on healthcare compliance, especially relating to the pharmacy and Durable Medical Equipment (DME) communities.   Jeff is a board-certified DME Specialist (CDME) and serves on the Board of Directors for the Board of Certification/Accreditation (BOC); BOC is the only accreditation organization that was founded by an independent pharmacist.  
In 2014, the Better Business Bureau awarded R. J. Hedges & Associates a Torch Award for Marketplace Ethics.  In 2015, O&P News named Jeff one of the Top 175 Innovators in Orthotics and Prosthetics.
CONTACT 
R.J. Hedges & Associates
978 Pumphouse Road  
PO Box H  New Florence, PA 15944  
Phone: (724) 357-8380  
Email: sales@rjhedges.com
 
 
See omnystudio.com/listener for privacy information.
Learn more about your ad choices. Visit megaphone.fm/adchoices