The CBI Compliance Congress offered insight into how industry has approached Sunshine Act reporting. The presentation "Strategies for Dispute Resolution and Dispute Processes," focused on how to comply with rigorous reporting obligations with limited company resources, transitioning the Sunshine Act from the compliance department to the overall business, internal certifications, and what companies are doing to prepare for physician inquiries and disputes.
Despite the fact the CMS still has not set a date for registering on Open Payments, the requirements are still very real. The Sunshine Act panel discussed how small and medium sized companies have faced the challenges of not only gathering tons of accurate spend data, but also how they plan to respond to inquiries and disputes once the data is public.
To frame the discussion, Suj Patel and Marci Juneau of Huron Life Sciences presented results of a survey designed to quantify the resources that companies expend on Sunshine Act compliance. The survey consisted of a mix of small, medium, and large, mostly branded, pharmaceutical companies.
As expected, as a company's revenue increases, so too does their number of covered recipient transactions. Aside from the very biggest pharmaceuticals, however, companies of all sizes tended to have the same number of staff working on their aggregate spend teams. This likely illustrates the fact that once companies have a system in place to gather their Sunshine data, the company may not need more people to report the data. The panel noted that while gathering data is a large aspect of compliance, companies must also have (1) policies in place to check their data for accuracy, (2) resources to deal with disputes and inquiries, and (3) hopefully an evolving system that can continue to manage data in the years to come.
How can companies manage aggregate spend across smaller teams?
Daina Selvig, director of compliance at Ironwood Pharmaceuticals, spoke from the standpoint of a startup firm with only three workers in the compliance department. Jon Smollen brought a different perspective as chief compliance officer ofEndo Health Solutions Inc., a $3 billion company with 17 people in the compliance department. Both are in charge of overseeing their company's Sunshine Act requirements.
Unsurprisingly, the majority of respondents (80%) stated that implementing the Sunshine Act reporting requirements has fallen on the compliance department's shoulders. Furthermore, most respondents at the presentation, including both speakers, believed that aspects of Sunshine reporting should transition from the compliance department to the business and sales departments. Selvig believes that the onus of the Sunshine Act, as a legal requirement, necessarily began in the compliance department. While she believes that it was appropriate for compliance to set out parameters, she notes that the business side should be responsible for determining whether that spend is worthwhile, appropriate, and accurate.
Selvig used the analogous example of lunch and learns: compliance originally sets out the rules, such as who can attend, how much you can spend, what documentation you need to support the event. It is then on the business to decide where and how often to host an event, to ensure against overspending, and that an event is actually a business necessity. Selvig argues Open Payments should eventually transition to the same arrangement.
Most spending is driven by the sales or medical side. Furthermore, compliance officers often do not know what company representatives are doing on a day-to-day basis in a physician's office in a different city. Selvig stated that she has trained her reps and has created policies for them to follow. She argues that Open Payments should be one more check on their list. "They are the ones spending," she states, now she wants them to be able to "accurately take the data and accurately put it in the systems."
Internal Certification: High-level attestation requirements
With respect to internal certification, the chief compliance officer has to attest to the validity of the statement. "Tiny Ironwood," Selvig said, will "have to report about 250,000 transactions" over the last four months of 2013. It is "impractical, unfair, and meaningless to put a spreadsheet in front of the chief compliance officer and say here is 250,000 transactions. Look good to you?"
In order to balance reporting accuracy with her company's resources, Selvig selectively checks for errors. Ironwood will first strip out travel and entertainment (T&E) expenses for several practical reasons: they represent up to 90% of the transactions in terms of numbers, they are small dollar amounts, and they have been checked twice already—both from the submitter's manager and Concur, the expense system that audits the transactions to healthcare providers under strict requirements. For the last, much more manageable data figures, Ironwood will examine the data for outliers, have their cost center look over the data a final time, and then hand over the documents for attestation.
Smollen stated Endo has a similar system, with two levels of certifications, but will use more of a manual approach. He also stressed categorizing different types of spend in a meaningful way so that a business leader could look at the spreadsheets to see it's accurate, and then potentially make business decisions based on the data.
In the survey, 80% of respondents stated they are doing manual review, outside of their system; and two-thirds stated that they only planned one level of review.
Only 30% of industry respondents indicated that they planned to "pre-disclose" aggregate spend data to physicians before the reporting deadline. Smollen stated that his company had decided to use pre-disclosure as a "pilot run," which would allow his company to understand the kinds of issues that arise and understand how physician-community reacts to the reports.
According to Smollen, his number one concern is "to make the data as accurate as possible" when they submit it to CMS. "Pre-disclosure is a mechanism to make the data more accurate," he stated. Endo is not pre-disclosing data to all of the physicians that received value. Instead, Smollen is taking a sample size of healthcare professionals he believes is manageable to test out his company's process. Endo will have a central portal that physicians can go to examine industry spending, twice times a year.
Smollen believes that pre-disclosure sets an early precedent to being transparent with physicians, and gives companies a glimpse into the day-to-day aspects of Sunshine Reporting. Must notably, he spoke of another company's compliance officer spending 14 days dealing with a physician over a $20 dispute.
Ironwood, on the other hand, has decided not to pre-disclose. Selvig stated that her lack of resources made the decision fairly easy, though she believes pre-disclosure is the best practice. Selvig noted that pre-disclosing takes a lot of forethought and planning. For example, her company has 8,000 physicians about whom they are disclosing, and wouldn't be able to pre-disclose to all. She wondered about how she would choose which physicians to give information to, and, more time consuming, how to get the information to and from them.
Very few respondents implemented a solution for managing physician inquiries, and less than half have a process in place for managing the inquiries.
After companies submit their Open Payments information to CMS, physicians will have time to inquire about their data, apart from pre-disclosure. No one is entirely sure how the physician inquiry process will play out.
Selvig believes it is not helpful to look at Corporate Integrity Agreement, which currently would have disclosure requirements build in. For one, she says, disclosure information is often buried in company websites, and two, the number of physician inquiries have been tremendously low. That may not be the same reality after Sunshine data is public.
Selvig noted that companies should plan not to handle inquiries from physicians, but from the media as well. "Companies must have a truthful, consistent story so that we can answer transparently about what Open Payments is and what we are reporting," she states, and provide resources "on where to get more information."
In terms of practical advice, Selvig notes that Ironwood has reserved a 1-800 number for inquiries. They have also revamped their website to create a single page that will contain information about how to dispute data. To access the page, inquirers have to type their name and describe what they are disputing. Currently, Ironwood is also discussing rules about agents to deal with healthcare professionals who may have lawyers acting on their behalf.
Between April and August, Selvig is also planning on "a lot of dry runs," meaning she will look at transactions—speaker programs, lunch and learns, advisory boards—and determine procedures for a situation where "Doctor x would say, 'I didn't receive a $15 lunch.'" She wants to make sure her company is able to find the data to support the transaction in a way that engages the business, and answer in a consistent manner. For example, the physician signed the sign-in sheet, and this is how we calculated that cost. Ideally, her company would transmit that information in a way that leaves "everyone happy…but certainly that the company could stand behind."
In discussing physician disputes, Selvig stated: "It's not one of those things that keeps me up at night…but it's one of those things that wouldn't take a lot to jam the system. If Ironwood reports 250,000 transactions, which is very little, it's not even that 1% would cause tremendous consternation. 1% of 1% would cause a big problem. If it potentially takes someone ten days to resolve a $20 dispute, that involves a lot of human resources…250 disputes, which is nothing, out of 250,000 reported transactions is going to be really problematic."
It is important for industry to share best practices because, she states, "we're all in the same boat on this one."