While the life-and-death business of health care has always been inherently fraught with peril, new challenges loom on the horizon that will test the skills of risk managers in this field as never before.
Of these impending changes, legal reform is of greatest concern among health-care providers (see chart).
For example, the Medical Loss Ratio provision of the Patient Protection and Affordable Care Act (PPACA) limits administrative costs to 15 percent of premiums for large insurance groups and 20 percent for small groups. And under PPACA, Medicare reimbursement for physicians will move from fee-based to metrics based on treatment outcomes. Furthermore, the allowance of new physician-led Accountable Care Organizations (ACOs) to utilize Medicare will allow medical-service providers to offer insurance options to patients.
In addition, the health-care industry is looking at a shortage of 24,000 doctors and one million nurses by the next decade, due to many retirees from the workforce. With the loss of so much institutional knowledge, it opens the door to an increase in malpractice claims as newer and possibly fewer medical professionals try to cope with what is expected to be a rising tide of patients as the country ages.
Other top risks in health care include capital availability and credit risk; damage to brand reputation; widespread health crises; and lack of technology infrastructure to support business needs.
Of the aforementioned challenges, Aon Risk Solutions asserts in its “2012 U.S. Industry Report: Health Care” that health-care providers are well-prepared to deal with pandemics and that most have a plan to access emergency capital. Yet many providers are ill-prepared to deal with the coming changes in legislation and the effect these will have on the industry at large.
With such a full plate of looming perils, it’s fortunate, then, Aon says, that three-quarters of health-care-provider organizations report having a formal risk-management division. National Underwriter talks with some of the risk professionals who take care of the companies taking care of us.
Director of Business Risk Solutions
Blue Cross/Blue Shield of Florida
Vice President & Member of the Board of RIMS
What are the most common risks faced by health-care providers today?
Some of the risks are Managed Care Liability, Cyber Liability and D&O. Also, the profit picture has changed pretty significantly, and costs have increased due to health-care reforms, not the least of which is the Cadillac tax [which charges an excise tax on insurance companies offering more expensive products, unintentionally causing companies to hike their rates across the board]. Many health-insurance companies are moving to other types of products and services to capture profit.
What are some of those products?
Some [providers] are selling health-related products, wellness services and expanding to other lines of health-care insurance, like Workers’ Comp. They are buying provider practices—and in the case of one large health insurer in the Pittsburgh area, purchasing a hospital.
What are the emerging risks in the health-care field in 2012?
The unaffordability issue continues to be the 800-pound gorilla for the health-care industry. Reforms have done little to address the overall cost. With the medical-cost trend moving faster than wage increases, that’s a dangerous situation.
Another emerging [concern] is reputational risk associated with the real-time immediate impact of social media.
How does Blue Cross/Blue Shield of Florida approach the task of risk management across the organization?
We have a heavy emphasis on enterprise risk management (ERM) in our company whereby we seek to understand the operational risks associated with our decisions in a proactive way.
As uncertainty increases in our industry, we add value to the organization by helping it to take on risk, and we can take on risk more comfortably because we can better understand it using ERM. It reduces uncertainty and generates better decisions.
I report directly to our chief audit executive, who reports directly to the general counsel. I lead the Enterprise Risk Council (ERC), which is made up of the chief audit executive, officers and some directors from all over the company. The purpose of the ERC is to assess operational-level risks within the company. Strategic risks are overseen by a high-level management committee.
How are the challenges of being a Florida-based health-care provider different from those faced by peer companies in the rest of the U.S.?
At a high level, the work is extremely similar, but the demographics of the market that we serve can drive different solutions. For example, we have one of the most ethnically diverse populations of any state in the nation, and creating products and services to address those groups is very important. We are also one of about three states with an extremely high number of retirees, which creates a huge market opportunity for us.
What has been the effect of health-care reform on your organization and its risk profile?
The concern and pressure around the effect of health-care reform on providers and payers has resulted in a greater tendency toward affiliation. For example, there are ACOs where providers, payers and ancillary providers are responsible for the care and quality for a group of members.
It’s more of a consolidated approach toward medical delivery and payment-funding for those services, because we don’t provide those services directly; we pay for them. It causes everyone in the horizontal chain, both payers and providers, to look for opportunities to band together and find business opportunities. Everyone is looking for that right now, whereas in the past, these conversations were unlikely to take place.
We don’t really know what reform will ultimately be, which causes uncertainty in our company. We need to be ready no matter which way it goes.
Director of Risk Management
Treasurer of RIMS
The health-care industry is preparing for a doctor and nursing shortage, partly owing to a wave of retirees leaving the workforce. With the loss of so much institutional knowledge—and the fact that fewer health-care professionals will be working to care for patients—does that open the door to a possible increase in malpractice claims? If so, what can you do to proactively combat that possibility?
Any time demand exceeds supply, there are always concerns around quality of care—and the projected shortage of health-care providers certainly has the potential to contribute to higher malpractice claims. From a risk-management perspective, some of the answers are efficiencies of process, evidence-based practices and adherence to protocols.
It is important to understand that as consumers we can help ourselves by taking control of our own health as much as possible. We should have a primary-care physician or practice, one that really gets to know us. We need to be more willing to see physician assistants for minor issues and to be compliant in taking prescribed medications. Education is really key, and there are a lot of wellness activities offered by employers or health plans, whether it is smoking cessation, exercise plans and/or good nutrition programs, that we should take advantage of.
One of the major concerns of any health-care company is patient privacy. How are you confronting the increasing challenge of cyber fraud?
Protecting member information is our top priority. It’s really important to not only have all the rules and procedures in place but to also have a culture of security and concern for your members’ and patients’ privacy.
Another priority that goes hand-in-hand with privacy is compliance, and although they are similar, compliance is broader than meeting minimum standards. It’s having an attitude and building a culture of not only doing the right thing but being alert and caring about doing the right thing for your members.
What are some of the risk-management challenges and solutions that are unique to Humana?
We have an innovation center that does a lot of research and brings it to us and the other business units. We have a great relationship with them that we’ve built over time. They ask us about our concerns and how to manage any potential risks.
Everyone in risk management will tell you that you don’t want to be the person who only says “no.” You don’t want to be an impediment to doing business. You want to help the business develop new products and work hard at developing new relationships. You want to be open minded.
One of our advantages is having a captive insurance company for General Liability and Professional [Liability], which allows us to be more flexible and creative in our coverage.
How does the risk-management department help advance Humana’s overall strategic goals?
As a risk manager, you have to investigate and understand your company—and I’d say one of the top priorities at Humana is innovation. We are a health-care company in that we sell insurance and have clinical [products], but we also have Humana Vitality, a wellness program with material rewards for healthy behavior.
We also sponsor a Wellness Tour, a big semi-trailer that offers fun healthy-living tips at golf outings and other events. We developed Humana Games 4 Health, which works with Xbox and promotes healthy-living habits.
Before joining Humana, you had roles as an underwriter/business-development manager at Fireman’s Fund and as vice president of marketing at Aon Risk Services. How does this background inform the risk-management work you do at Humana?
Underwriting is great training for risk management. When underwriting, you are always investigating the facts, figuring out what the exposures are and what you have to look out for.
What do you enjoy most about being a risk manager? What are some of the characteristics of a successful risk manager?
Risk management has got to be the most interesting job in the world; I would so recommend it to anyone getting involved in starting a business career. Risk management touches every aspect of a company and gives you an opportunity to work with senior executives. Being curious is a great risk-management trait.
Sarah E. Pacini
Vice President, Risk Management and Insurance
Advocate Health Care
Member of NU’s Risk Managers Advisory Board
You have a very interesting background. You were a registered nurse, and then you earned a law degree and became an assistant district attorney. What caused you to pursue a career in risk management?
My training was as a registered nurse. I graduated and knew I wanted to work in an emergency department as a trauma nurse. I was fortunate to find a position in East Chicago. While working, I became aware of the tremendous regulatory environment in health care and aspired to be in a position to influence that regulation. Law school seemed a natural choice—and risk management a natural opportunity to blend my nursing background and legal experience.
My background also serves me well within the organizational structure at Advocate. I have a matrix reporting relationship with the chief medical officer and the chief legal officer. Risk management is respected as a successful partner in reaching the goals of the organization.
Do you feel that your hands-on medical background helps you better understand the unique needs of the health-insurance industry?
Absolutely. Being a nurse and a lawyer is especially helpful in the Professional Liability arena, which is a big focus for us because we are first and foremost a clinical enterprise.
I find my background to be particularly helpful when analyzing claims and coverage issues and also helpful in dealing with patients, clinicians and physicians. It offers me a unique perspective with which to resolve concerns and offer solutions.
What are the emerging risks in the health-care field in 2012?
I believe the particular risks of 2012 come from the frequency of mergers and acquisitions that are increasing in health care. Enterprise risk management continues to also be a major focus area, given the health-care regulatory environment.