by Neil B. Caesar
July 6, 2015

Let's continue our discussion of Secrets to Effective Training for your compliance program. A prior column identified two secrets: avoid leadership by memo and lead from the front. This month we will address two more secrets below.

Train for the Job Description

Compliance training does not require the same education for all personnel. Handing employees the anti-kickback or HIPAA regulations accompanied by a big memo warning them to read and heed or face reprimand is neither necessary nor desirable. Lazy managers who lead by memo might take this route, but leaders building an effective company will take the time to train—and retrain—staff about the internal policies and procedures that actually matter to their daily job responsibilities.

Your compliance team should possess dog-eared, tape-flagged, highlighted copies of useful HIPAA, reimbursement and anti-fraud resource materials, and should keep trusted consultant phone numbers handy. But the receptionist answering the phone or the records manager need only be familiar with a few policies that affect them, and they only need to know who to ask about more complex questions.

Because I Said So

The dangers of leadership by memo allow managers to hide behind memos crafted as orders or ultimatums. A related problem is the "do it because I said so" training method.

For example, a supplier in Illinois once told me about his new privacy officer who declared that patients could not have friends in the room during an equipment setup and training session because it would violate HIPAA. When asked by a staff member how that would be a violation, she was told, "HIPAA says so." A warning memo shortly followed.

A better answer would have been: "We have adopted this policy to protect patient privacy. We are evaluating whether this may be over-burdensome and may need to be changed in the future. In the meantime, if you have questions or suggestions to make the process more efficient, call me, and I'll try to work through it with you."

In a sense, training occurs during every contact between management and frontline personnel, or between compliance officers and staff. In the above Illinois example, the staff member is told to do something and does not understand why. The tone of the privacy officer discourages value-added solutions from the staff member. She senses an aura of superstition about compliance with HIPAA, and suspects that if something goes wrong, the organization will be looking for a scapegoat. She may do what she has to do to cover herself, will not trust the company and will not ask questions so as to avoid undue attention. That is the product of poor training, poor example, and poor leadership.

In contrast, the better answer allows the employee to perceive that the privacy officer has studied the rule. Even if it is unclear, the employee hears that a rational policy decision has been made. She also realizes that there is flexibility in the process, and that the organization both values patient privacy and values its personnel's input. She trusts the company, wants to work within the guidelines and is more apt to carry out the policy.

The same principles apply to formal training sessions. Good trainers are good leaders. They demonstrate their commitment to compliance through technical proficiency, but not by pretending to know all the rules by chapter and verse. It also helps to understand and teach the practical context within which the rules will be applied. The message is "It all fits together, and the system guides us to the answer when we aren't sure."

The trainer's true desire should be that your staff learn not just the text, but also the intent of policies and directives. "Here's what we do, and here's why we do it."