Editor's Note: Perhaps this is a "spoiler," but knowing how many friends she has in the compliance fraternity, we felt we should say that Lucy's little trip to the hospital turned out OK. (Of course, if it hadn't she couldn't have written this column.)
* * *
I used to have some interesting discussions with my father about the challenges of compliance in hospitals and in banks. He had a special dual perspective as both a doctor and a bank director. We usually concluded that it was a draw--compliance was tough in both types of organizations. Regulatory burden on both industries was heavy.
Recently, I had the opportunity to compare hospital compliance with bank compliance firsthand. When a bank compliance specialist suddenly finds herself a patient in the hospital, what is there to do besides let the doctors and nurses do their thing--and study hospital compliance. This was an opportunity to put my debates with Dad to the test.
Compliance on arrival
When you enter the hospital, the first questions are "Who are you?" and "Why are you here?"
The "who are you" question is very much like CIP, when you think about it. The patient has to be identified. The hospital follows procedures to identify the patient, including an ID check, and to determine and verify other relevant information, such as the all-important question of whether the patient has insurance coverage. Then the patient gets "hospital jewelry"--that plastic bracelet with name, birth date, and bar code. This is the identity control that follows the patient throughout the hospital stay.
The next question, "why are you here," is, in reality, the initial risk assessment of the patient.
Diagnosis of incoming patients is basically a risk assessment. What risks or conditions does this patient bring to the hospital? How easy or difficult will treatment be? What will be required to monitor this patient and manage their care?
As with a CIP risk assessment of new customers, this diagnosis process lays the foundation for what the hospital and its staff can expect of the patient during the hospital stay. While doctors and nurses would consider this process to be medical, we know better --it is the basic compliance risk assessment. Miss something and there will be problems down the road.
Assembling the team
Then come the staff assignments--sort of like sending the customer to the loan officer, customers service representative, or branch manager. Which doctor and team is best for handling this patient's issue? Which part of the organization is best suited to the needs presented?
One of the significant similarities--and differences--is the nature of the team work.
In a bank, specific responsibilities are assigned to different staff based on training and/or expertise. The application being processed gets handed off at a specific point and picked up by the next responsible person. Underwriters and appraisers must be independent from the loan officers or anyone making the decision.
In a hospital, while similar hand-offs occur, they are more typically hand-offs between shifts. Independence is not desirable. Every team works together, with interlocking tasks and responsibilities and every team gives complete hand-off information to the next shift.
Papers here, papers there, we both have paper everywhere
Then there is documentation--the commercial lenders' favorite word.
n a hospital, how information is recorded and handed to the next shift is one of the most complex compliance procedures of all. It is tightly designed with controls and instant monitoring. Information must be recorded in the right place, in the right way, and at the right time. Otherwise, there will be mistakes.
Another similarity is that hospitals hand out lots of information. As with banking, an informed patient is (supposed to be) an empowered patient. Anyone checking in is likely to get a folder full of stuff--ranging from information about the procedure to recommendations on vaccines, all wrapped up with the HIPPA information.
None of these disclosures tend to be as detailed as the ARM and HELOC booklets that banks hand out, but there is still a lot of paper.
Differences--and similarities--between two worlds
One difference here between hospitals and banking is that the hospital's decisions and assignments are not usually challenged. And they aren't required to offer the patient choices.
Hospital authorities explain the risks and the patient can agree or refuse the treatment. There is very little product choice and no cross-selling. There may be occasions when a patient has a choice between different procedures--try one more time to stitch that knee back together or go for the knee replacement--but more often treatment is a take-it-or-leave-it proposition. There aren't choices such as a 15-year or a 30-year mortgage.
One of the most significant differences between hospital compliance and bank compliance is that hospital compliance is a life-and-health control while bank compliance is product and liability control.
But let's face it. Giving a consumer a product that turns out not to have been in the consumer's best interest has quite a different consequence than giving life-saving (or life-threatening) medication to the wrong patient.
That is why every step of patient care is double-checked. The patient may get tired of stating their name and birth date while having their wrist tag scanned, but the control is critical. It is a bit like monitoring and controls in a combined step. Every staff member who interacts with a patient does so under strict controls and constant monitoring.
There is another similarity. Hospital compliance is at its most relaxed in the discharge process.
This makes some sense because the risk for the patient is significantly lower. But what is really interesting is the parallel to the servicing and foreclosure crisis. Ask any patient and they will tell you that, while admission to the hospital was rapid, they sat for several hours waiting to be discharged. Does this sound like the complaints of borrowers who couldn't get the attention of or answers from servicing?
The problem at hospital discharge is the number of people who have to sign the patient out. At this point, admitting doctors and hospital staff have differing priorities. Everyone's attention is focused on new admissions where the risk is high. Getting an admitting doctor's attention to discharge a patient takes a back seat to whatever is going on in the emergency room. This is all too much like the frustration borrowers faced when dealing with servicers and foreclosers.
Medicine versus banking
So what is the bottom line? The similarities are striking but so are the differences. In the final analysis, which compliance world is more demanding probably depends on where you are working.
But in the banking world we deal with a very different set of consequences.
Thank goodness for that.
- M&T Bank, Bank of America, and Keycorp Bank Double Down on Criticism of LIBRA
- Applying Security Across Heterogeneous IT Systems
- Beyond Wells Fargo: Can High Performance and High Standards Co-exist?
- Credit Suisse Group AG Board Set to Make Decisions Surrounding Spying Scandal
- Lessons Learned from Capital One’s Breach: What Banks Need to Know About Data Security in the Cloud