Patton Healthcare Consulting

Patton Post – October 2023

Home » Resources » Patton Post Newsletter » Patton Post – October 2023

October 2023

Inside This Issue

PERSPECTIVES

Group of people help female patient falling on the ground in hospital. Attractive African American women having an accident after doing physical therapy then rescued by doctor in corridor of clinic.Sentinel Event Data:

While there is some useful information in this month’s issue of Perspectives, there is nothing that should make you drop what you are doing to jump on a new issue. TJC has posted its sentinel event data for the first half of 2023 and patient falls remains the most frequently reported sentinel event, representing 47% of all sentinel events reported in the first half year.

This is followed by unintended retention of a foreign object 9%, assault, rape, sexual assault, and homicide 8%, wrong surgery 8%, suicide 5%, and delays in treatment 5%. They also reported that 18% of these sentinel events resulted in patient death and 63% in severe temporary harm. As you consider candidates for your own proactive risk assessments, these frequent sentinel events are excellent choices for analysis to help prevent these from resulting in sentinel events at your own organization.

New Decision Rule:

TJC added a new decision rule for organizations that fail to participate in the required ORYX performance measurement program that will lead to denial of accreditation if the organization fails to meet the requirement for two consecutive years, in the absence of an approved extenuating circumstance from the Joint Commission. It is unlikely that this is pertinent to any of our readers, but if you have some unique situation that prevents your participation in ORYX, the decision rule suggests that you work with TJC to seek approval of your extenuating circumstance.

doctor-shocked-computer-hacked-cyber-attackSE Alert on Cyberattack:

Perspectives briefly discusses the newest Sentinel Event Alert #67 published on Patient Safety after a Cyberattack but be sure to use the link to the full SE Alert. The Alert contains seven (7) pages of detailed information along with seven (7) specific recommendations, as well as a section of resources and references. As with any Sentinel Event Alert, you don’t have to implement all recommendations, but you do want to carefully analyze and document your evaluation of the Alert and its recommendations.

The conclusion and warning published on the last page of the Alert is that “a cyberattack that adversely affects operations is not an if, but a when question.”  HHS reports that in 2022, 707 data breaches occurred accounting for over 51 million medical records. The Alert discusses not just how IT staff need to react, but how hospital staff in general need to prepare and react.

Two standards come to mind for this issue, the first of which is from an infrequently scored chapter, IM.01.01.03 requiring continuity of information management processes. The Alert emphasizes the need to have downtime procedures as well as paper forms and processes should the IT systems, we have become reliant on not be available. When electronic medical records were new, all staff were already very familiar with the paper process and many staff comfortably moved back to the paper process during drills or actual downtime. Today we have a whole new generation of staff who may have only practiced in the electronic environment, thus making preparation for downtime even more important.

The second standard to focus on is EM.11.01.01 which requires a hazard vulnerability analysis for emergency management planning. In the past many organizations focused on weather-related potential disasters but if you look carefully at the introduction to this standard it now says: “The risk assessment includes an evaluation of the natural hazards, human-caused hazards, technological hazards, hazardous materials, and emerging infectious diseases that could impose a significant risk to a health care organization.” EP 2 specifically bullets out these additional potential hazards that must be considered.

This most recent Sentinel Event Alert is well worth careful analysis by a diverse team of IT, clinical, facilities, and emergency management planners to evaluate the recommendations and strengthen your own preparedness for such an event.

Managing Utility System Risks:

This month’s Consistent Interpretation column discusses EC.02.05.01 which requires managing risks associated with utility systems. On the surface this sounds boring as in the 21st century we expect our utility systems to always work perfectly. However, the scoring frequency for just EP 9 of this standard is huge with 56% of the hospitals surveyed in 2022 failing to comply with this requirement.

EP 9 requires the hospital to label utility system controls to facilitate partial or complete emergency shutdowns. The surveyor observations noted in the column describe six (6) different score-able situations where someone failed to label gas, water, or electrical panels appropriately. The electrical panel requires that the fire alarm circuit breakers be clearly labeled in red. A very common finding is that some circuit breaker is unlabeled and in the on position, or labeled as a spare and in the on position which means it may actually be powering some section or device and no one knows exactly what it is powering.

The scoring frequency for this EP is so large that this would be an ideal issue to include in your own EC rounding process to open and inspect electrical panels to verify you don’t have unlabeled or spare breakers in the on position.

electrical-panel-breakerDesignated Person:

Last month we reported on the new EPs TJC published for MM.05.01.07 where we theorized that the changes came in preparation for the new USP Chapter 797. EP 1 states, “A pharmacist supervises all compounding, packaging and dispensing” read like it was pertinent to the new USP requirement for a “designated person” with oversight of sterile compounding. One of our careful readers, Amy, questioned this potential link because USP has indicated that a pharmacy technician can be identified as the designated person. TJC has confirmed that they did not intend this EP to limit who can be identified as the designated person, but rather that this EP more serve as an anchor point for more traditional CMS supervision of compounding activities. Thanks, Amy!

EC News

doctor-using-virtual-touchscreen-electrical-utilitiesPotential Utility Failures:

This month’s issue of EC News also has its lead article on preparing for cybersecurity issues that is one more source for consideration when you evaluate the Sentinel Event Alert we discussed earlier. This is followed by a second article focusing on potential utility failures which might be caused by natural disasters or cyber-attacks against the utility company itself.

The authors suggest a “utility vulnerability analysis” or UVA as part of your hazard vulnerability analysis. In addition, the authors identify the responsibility of the organization to manage risks associated with its utility systems per EC.02.05.01. NFPA 99 (2012) recommends facilities categorize their utility systems in four (4) groups:

  1. Likely to cause major injury or death of patients or caregivers
  2. Likely to cause minor injury to patients or caregivers
  3. Not likely to cause injury to patients or care givers but can cause discomfort
  4. Would have no impact on patient care

The authors advise that organizations consider primary, higher risk utilities such as electricity, water, natural gas, steam, and network connectivity. They also advise that secondary utilities could be high risk including heat and AC, refrigeration, vertical transportation, medical gas, and medical refrigeration. They also suggest seeking your utility system providers contingency plans and obtaining the names and phone numbers for key utility personnel in the event that disaster strikes.

The Sentinel Event Alert on cybersecurity and emergency planning and these two articles in the October EC News help to identify the scope and breadth of the risk beyond just the usual clinical EMR risks we might consider. As you evaluate the Sentinel Event Alert you likely will want your facilities representatives to include their analysis of these utilities risks and plans to lesson or manage potential disruptions.

Most Frequently Scored BHC Environmental Standards:

EC News has a nice summary article on the most frequently scored environmental issues in behavioral healthcare organizations that is also useful to hospital readers who serve many behavioral health patients but are evaluated under the hospital manual. The article identifies the EPs scored most often in the higher SAFER® Matrix risk categories as well as the environmental EPs most often scored based on frequency alone, regardless of the placement within the SAFER® Matrix.

Professional,Psychiatrist,Talking,And,Counsel,To,Woman,Patient,suicide,Prevention,medical,Conditions,mentalThe higher risk and frequently scored standards lead off with NPSG.15.01.01 and the top five (5) include EPs 1-5 of the safety goal. These include a failure to perform an environmental risk assessment, failure to screen patients, failure to assess patients using an evidence-based process, failure to document an overall risk, and failure to follow written policies and procedures including those for staff training, competency assessment, and monitoring of patients.

The most frequently scored EP regardless of placement on the SAFER® Matrix is again NPSG.15.01.01, EP 1, the failure to conduct an environmental risk assessment. We see multiple issues with this issue on consultations also. Sometimes there is no environmental risk assessment and at other times there is one, but it has not been undated in years and fails to reflect the current environment. Another frequently noted problem is that there is a belief that they did an environmental risk assessment, but it is unknown who has a copy.

The second most frequently scored EP is EC.02.05.01, EP 9 which requires labeling of utility system controls as we discussed earlier under “Consistent Interpretation.” The real value of publishing these most frequently scored standards or elements of performance articles is to help others prevent making the same mistakes. We suggest taking the list of frequently scored high safer matrix EPs and the list of most frequently scored EPs in general and conducting a self-assessment to determine if you have the same either perfected this issue or have the same vulnerability.

Swinging door at corridor in a nice, modern hospital.Delayed Egress Doors:

The last article in EC News is a life safety Q&A on delayed egress door locking mechanisms that is a keeper. This question arises often and

while everyone knows that yes, these can be used, this article points out the six (6) additional requirements that must also be in place if you are going to use a delayed egress door. There is also a 15-second and a 30-second delay option if your authority having jurisdiction provides approval in writing.

We suggest taking this article and the identified six (6) additional requirements and verifying that every delayed egress door you may presently have meets those additional requirements.

CMS

Professional,Hispanic,Midwife,In,A,Uniform,Scrub,Speaking,To,ANurse Midwives:

CMS published two (2) QSO memos of interest to our readers. The first is QSO-23-22, dated 9/21/22 providing reinforcement of interpretive guidance for nurse midwives. While this memo does not establish new policies it does help to clarify existing CMS policies and differentiates between Medicare rules and Medicaid rules as well as acute hospital requirements and CAH requirements.

Medicare rules in acute hospitals require that every hospital patient be under the care of a doctor of medicine, osteopathy, dental surgery, dental medicine, optometry, chiropractor or clinical psychologist. However, Medicaid rules for acute hospitals exempt the nurse midwife from the requirement to be under the supervision of a physician or other healthcare provider if permitted under state law and hospital policy.

Critical access hospitals have different COPs, and they require inpatient care provided by a physician assistant, nurse practitioner, or clinical nurse specialist be subject to oversight by a physician, who need not be present in the CAH. CAH outpatient regulations require a physician to review and sign a sample of outpatient records for nurse practitioners, physician assistants, nurse midwives and clinical nurse specialists if required by state law.

You will want to carefully review this memo, your state laws, and hospital policies in consultation with your hospital attorney.

Team,Of,Expert,Doctors,Examining,Medical,Reports,At,HospitalPatient Safety Work Products and QAPI Survey Documents:

The second QSO memo issued this past month is QSO-23-24 published September 29, 2023, addresses Patient Safety Work Products and QAPI Survey Documents. This is a somewhat confusing and complex document we also suggest that you review with your hospital’s attorney and in context with an earlier QSO-23-09 dated March 9, 2023.

The September QSO essentially states that CMS has to survey processes that are required for a meaningful QAPI program in hospitals, and they may need to review documentation to do so. At the same time CMS needs to comply with law and regulations regarding documents appropriately identified as patient safety work products.

In a brief amount of time spent using a search engine we learned; what is and what is not a patient safety work product is a controversial subject with many court cases and seminars available explaining expert opinions on the subject. The earlier QSO 23-09 provides the current interpretive guidance to CMS surveyors, identifies the regulations and A Tag numbers, and the description of what CMS is looking for on survey. Those tag numbers help to identify the types of information CMS surveyors may want to examine to determine if the organization has a functional QAPI program.

The regulations governing patient safety organizations were actually developed by AHRQ rather than CMS and AHRQ has posted many FAQs trying to explain what is and is not a PSWP and what is protected and how it is protected. Those FAQs can be accessed using this link:  https://pso.ahrq.gov/faq

Group,Of,Professional,Business,People,Walking,On,The,Way,InValidation Surveys Resuming:

CMS published a third memo, an Administrative Memo 23-14 basically informing the healthcare industry that validation surveys of accrediting bodies are going to resume. These validation surveys will use contractors on behalf of CMS who will observe accrediting body surveyors performing their survey and will evaluate the accreditors performance. The CMS contractors will not conduct a parallel survey, but rather only observe the accreditors as they survey.

This new process will replace the older “look back” surveys that CMS used to perform approximately 60 days after the accreditors survey. Scheduling of the new concurrent validation surveys will be coordinated by CMS when they receive their schedules from the accrediting body. The plan is to have a 1:1 relationship between the accreditor’s surveyor and the CMS contractor surveyors. While it sounds like a lot of people, only the accreditor will be surveying.

Consultant Corner

Dear Readers,

As we enter our last quarter of 2023, we want to take the time to remind those due for their triennial survey next year to reach out to get your mock survey scheduled – contact us today.  We hope you have a wonderful month!

Thank You,

Jennifer Cowel, RN MHSA
JenCowel@PattonHC.com

Julia Finken, RN, BSN, MBA, CPHQ
julia.finken@hbsinc.com

Kurt Patton, MS RPh
Kurt@PattonHC.com

John Rosing, MHA
JohnRosing@PattonHC.com