CBI Aggregate Spend West Conference Highlights: Painful Adjustments to New Regulatory Realities
CBI’s 5th Annual Sunshine and Aggregate Spend West conference held in San Diego shed light on the many pain points life sciences organizations have faced, and continue to face in modifying corporate processes and procedures to accommodate for data collection and reporting activities as required by the Federal Sunshine Act.
Lingering Aggregate Spend Challenges
In the first workshop of the conference, we did a deep dive into industry issues with payment reporting. As you could imagine, the list was long, but two common themes emerged among all of the feedback received in the breakout groups. The first major theme coming out of workshop discussions was the lack of guidance and support from senior management on the aggregate spend process. This led to a disorganized and decentralized approach to interpreting and operationalizing the regulations. What was missing in most of these cases was a leader in the organization that was working with legal and compliance to identify the spend areas and interpret the law. That leader was also needed to work with the aggregate spend team to design the organizational spend capture and aggregation architecture. Finally, this leader was also needed to work with each department to train the appropriate personnel on how to identify and report the spend for aggregation. The stories told by workshop participants about this lack of leadership resulted in different interpretations of the same piece of legislation among different departments. This leadership vacuum also led to Standard Operating Procedures (SOPs) being incongruent with the functionality of the systems being implemented, and an incomplete system design and build (i.e. missing spend types / data fields for each spend type / interfaces, incomplete audit trail and/or process automation, and business rules not aligned with company policies).
These issues were further exacerbated by the changing regulations coming from CMS FAQs, clarifying questions, and CMS facilitated Q&A sessions. An additional issue that indirectly resulted was lack of training and understanding of policies by employees that are not directly responsible for capturing spend, but that have interactions with HCPs and HCOs nevertheless. If policies were documented, but regular training was not required, the organization was most likely not complying with the policy. It was recommended that a training schedule be kept and training logs be regularly updated for audit purposes.
The second key theme that emerged was around general operational procedures regarding the capture and aggregation of data. Workshop participants cited as significant issues third-party data itemization and collection, accurate identification of an HCP or teaching hospital, and how to deal with HCPs that are exploring ways of receiving TOVs/payments without having to report them. An example of a process for reporting payments that occurred in the past where an employee was recently made aware of meeting attendees was also a workshop highlight. Every workshop participant handled these topics in different ways based on corporate policies but it was unanimously agreed that in order to mitigate risk, whatever approach taken should be approved by legal/compliance, be properly disseminated to employees with a training log maintained, and be consistently implemented across all reported spend.
Sales Reps Managing HCP Disputes?
In a number of other conference sessions, dispute resolution came up as a topic with varying approaches to communication and implementation discussed. Common among all organizations were the general procedures incorporated to communicate the steps in the process and handle disputes, the initial process roll-out, notification of payments/values, and dispute processing. Proactively, some organizations reached out to all or a certain percentage of their top value/funding recipients alerting them to the process for review, dispute, and reconciliation of the amounts attributed to their person or organization. They reported that this initial communication was met with few responses and even fewer concerns from HCOs/HCPs. When notifying HCPs/HCOs of the payment/value being attributed, some organizations said they will send the transactions directly via email, others will direct them to a portal while still others will send a summary with more detailed breakout as a follow-up if the recipient questioned the results. Finally, when it came to processing individual disputes, a varied range of procedures for doing so was shared by participants.
At a high-level, all organizations said they set up a process by which disputes would be initiated and communicated by the HCP/HCO (e.g. a help line, email address, web application etc.), created an escalation path and regular review meetings (steering committee, transparency team, etc…), and pathways for the dispute to be channeled to depending on the resolution agreed to internally. Another interesting topic shared was the involvement of sales representatives in the dispute process. There was a division between those that believed sales reps should be involved in the dispute process and those that did not. Proponents argued that sales reps have the relationship with the HCP and are likely to best know what that HCP did and how they were compensated. They added that this activity will indirectly increase face time and interactions, as they will often be the first person the HCP goes to anyway. Opponents argued that sales reps should be focused on sales only and should set expectations with the HCP/HCO, calm the situation, and ensure they know the dispute process well.
Phase 1 Reporting Experiences
Our presentation, Auditing Aggregate Spend – Lessons Learned from Initial CMS Submissions shed some fresh light on how the industry fared through Phase 1 reporting. One enlightening fact right at the onset of the presentation was that most participants spent the majority of their time validating transactional data and HCP demographics. Although this seems like a lot of work, it was mitigated by the fact that everyone had anticipated that level of involvement and therefore planned enough time and resources to execute the necessary tasks. It was surprising that despite the systems, solutions, and automation in place, this was still the primary use of everyone’s time. Participants also responded that most were only somewhat or not at all satisfied with their covered recipient demographic data, which they purchase from various master data suppliers. The time they spent on data validation replaced the planned time on training and notifying HCPs, which seemed to take second priority to ensuring the data was correct.
We also learned that many organizations have not spent time on conducting an end to end audit of their aggregate spend process. Alexis Tuchman explained that an audit, according to Polaris’ methodology, evaluates how risk management competencies have been integrated within a company’s culture. These risk management competencies include policies, processes, people & organization, systems & data, and management reporting. A measurement used to evaluate each competency is the “maturity model “, which adds a layer of risk management as you get closer to an “optimized” state. Alexis pointed out that it may not be necessary to reach an “optimized” level for every risk management competency as this is a decision that needs to be made as an organization considers all environmental factors.
Latest Global Developments
Ben Carmel closed the conference with a panel on international compliance for medical device organizations. He noted that EFPIA adoption has been faster than initially anticipated and member nations are considering whether it should be enacted as code or as law. Additionally, he stated that as AdvaMed principles have been adopted in Brazil, Taiwan, Japan, and South Africa, he believes this will lead to a “domino effect” of similar PhRMA and AdvaMed guidance implementations, beginning with adoption by Germany. Closing the panel, he cautioned about potential conflicts between EFPIA and Bertrand and other laws/guidance with data privacy legislation in Europe, which is currently a difficult path to navigate.