President, SCALE Compliance & Risk Management
Lisa is a solutions-driven executive and Board Member with 18 years of experience providing operational and corporate regulatory management to multi-unit physician practices, Ambulatory Surgery Centers and senior housing, while establishing strategies to promote revenue/EBITDA, national footprint growth, brand recognition, and organizational risk mitigation.
At SCALE, Lisa leads the Compliance and Risk Management division, having secured key relationships at the C-Suite and Board level across the nation. On multiple occasions clients have commended Lisa and her team for their individualized approach and outcome achieved on the following: Foundational Compliance Assessments, Compliance Program Development, On-going Compliance Oversight, Disputes and Medical and Coding Documentation, ultimately minimizing risk exposure. She is also a regular, seasoned speaker on risk mitigation and regulatory compliance topics.Prior to SCALE, Lisa was the CEO, President, and Member of the Board of Directors at Vision Group Holdings, a $220M nationally recognized dual-brand multi-unit refractive surgery management company with 91 physician practices in 37 states and Canada. Prior to becoming CEO, Lisa was the Chief Legal Officer (CLO) and in this role, Lisa led risk management processes and clinical improvement resulting in a reduction of enterprise PL litigation. She also saw an enterprise-wide revenue growth of 10% following a successful organizational closure and reopening due to COVID-19.
Previously, Lisa was the VP Corporate Compliance, Compliance Officer & VP Legal Affairs, and General Counsel at Laser Spine Institute where she developed and implemented a compliance program in accordance with federal and state laws and insurance/Medicare requirements in addition to managing all enterprise patient safety practices, legal affairs and enterprise acquisitions. She has also held the positions of VP Legal and Compliance at Horizon Bay Senior Communities, and Associate Attorney at Cole, Scott & Kissane, as well as Of Counsel at Bell & Melamed, LLC.
Lisa received her BA in Women’s Studies at the University of Miami, her Master’s Certificate in Healthcare Corporate Compliance from George Washington, and her JD from the University of Florida Levin College of Law. She was also a Licensed Healthcare Risk Manager, and is Member of the Florida Bar
Vice President
Gayathri R. Waring is a recognized healthcare trailblazer and serial solutionist with nearly 20 years of experience as a seasoned, trusted healthcare advisor. Her expert and clear way of analyzing data to discover actionable insights to create meaningful, persuasive narratives, mastery of multi-tasking, resourcefulness, endearing work ethic, and her straightforward and upbeat collaborative style indubitably earns her a seat at any table. Since joining SCALE, Gayathri has increased MSO clients’ value-based care performance by over 55%, developed a strategic service line plan and framework for a major NYC hospital client (over $10m) and has led advisory projects and engagements with private equity, lenders, hospital and healthcare
system clients. She also spearheads business development for compliance and risk management.
Prior to joining SCALE, Gayathri holds relevant experience in the following areas: across medical practice & hospital operations (Nuvance Health, EHE Health, Stamford Health, GNYHA), growing strategic service & business lines, project & program management, quality & business analytics, surgery operations and productivity, lean practices and process improvement, cost containment, healthcare consulting & pharmacy benefits management (PBM), forecasting & financial valuations, medical underwriting (Aetna), pharmaceutical eMarketing (AstraZeneca) customer relationship management and held prominent positions at top consulting firms (Towers Perrin, Mercer).
Most recently and notably, Gayathri has provided steadfast leadership, support and unwavering resolve through the pandemic – being nimble and quick on her feet to support the hospital’s and its patients’ ever-changing needs including through various organizational transitions.
Gayathri has an MBA from UCONN with concentration in Finance and Marketing, is a trained & certified Lean Six Sigma Black Belt and holds a BS degree in Mathematics with minor in Economics from Haverford College in PA.Gayathri R. Waring:
Good morning, Lisa. Hope you’re doing well today. This is Gayathri Waring and I am the VP of Consulting with SCALE Healthcare. I’m here today with Lisa Melamed, who heads our Compliance and Risk Management division at SCALE Healthcare.
I know that regulatory compliance requirements in healthcare are here to stay. What are your thoughts on the top three trends for the remainder of 2023 and into 2024?
I would say the first being a strong confirmation via a recent Delaware opinion that came out at the beginning of the year which highlighted a court’s view that folks that own a discipline within a healthcare organization, hold a C-suite position and/or a board position/investor are personally liable for compliance or regulatory mishaps. I think the Court’s confirmation is a bit of shift in thinking because historically we looked to the Board for bad act accountability. I believe the court was signaling a recognition that accountability for regulatory mishaps should be shared with the employees/leaders of the organization that are running those functions on the day-to-day that have control over compliance and that it’s really a joint effort to ensure that your organization is compliant. I think the court really spelling out the potential liability from an employee perspective is going to move the needle from a compliance or regulatory adherence perspective.
The second focus this year is the Office of Inspector General revising a provider’s HIPAA requirements. The biggest impact will likely be the revisions that necessitate a provider to change many of their current patient facing documentation, as well as records fulfillment processes. By way of example, providers are likely going to need to revise their patient consent forms and privacy notifications forms, as well as processes on their record fulfillment to ensure they meet OIG’s revisions from 30 day to 15 days.
The third focus is not specific to 2023 but rather a building of understanding by different federal enforcement agencies and state enforcement agencies that collaboration between states and federal on their enforcement efforts can be very lucrative.We know that the federal government has demonstrated that the return of investment on enforcement of regulatory issues is significant. Now that states have recognized how lucrative enforcement can be, they have locked arms by sharing information and resources to make enforcement more efficient and even more lucrative. To demonstrate their effectiveness, the OIG dedicated $329M for oversight of the Medicare and Medicaid programs in 2021, and their ROI for their efforts was $3B. In 2022, OIG’s investigative work led to approximately $2.73 billion in investigative recoveries and 710 criminal actions.
Thank you – that was very enlightening and interesting. I think this is something that many folks should be tuned onto if they aren’t already. So thanks. Lisa, how about the importance of a compliance program that’s more than just sit on the shelf? Can you comment on that?
I think that throughout my career I’ve noticed that healthcare organizations tap a law firm or an outside consultant to build a compliance program for them that checks the regulatory boxes. Unfortunately, a lot of times outside consultants/law firms don’t know enough about the healthcare organization’s processes, resources, etc. and what they end up paying a lot of money for a robust program that doesn’t match what the organization is capable of maintaining. Hence, you end up with a robust program that doesn’t match process, resources or strategic objectives, and therefore sits on a shelf collecting dust.
It isn’t until a regulatory body will comes in and asks for their compliance program, and they hand them this robust written compliance program that hasn’t been updated or doesn’t match the healthcare organization’s actual processes. It’s almost worse to promise that you’re going to implement policies/processes and then not do them. Our goal at SCALE is that when we assist an organization in building their compliance program, we make sure that we understand the organizational needs reference their strategy, available resources, capabilities and compliance culture, do we match the compliance program to what they’re actually able to accomplish.
So you really need to tailor and customize the program to the respective client.
Absolutely. This is the classic don’t over promise and underdeliver when it comes to a compliance program that you may need to hand over to a regulatory body for scrutiny. You need to be methodical and strategic on what your organization can realistically accomplish with the resources that they have, as well as the overarching organizational strategy and culture of compliance. A organization’s compliance program is a holistic commitment to creating a culture of compliance that must be in alignment with business’ future goals and objective.
Sure. Absolutely. I guess along those lines, what are your thoughts on the importance of a compliance program by way of self-monitoring processes, external auditing, especially in light of this increased C-suite and investor/board of director liability? Most companies we understand do have some level of compliance, but I’m curious about your thoughts on whether they’re truly robust enough. Are they really up for the onslaught of some of the regulations you mentioned that are forthcoming?
The classic saying is, if you’re not changing, you’re not growing. And so every organization, as they expand their footprint, their revenue, their offerings, heir strategic goals, are always changing. And that necessitates an annual look at what their efforts are from a compliance adherence perspective. Meaning, you have to dust off your compliance program on an annual basis, get your C-suite and your board together to ask: is our written commitment to creating a culture of compliance a realistic representation of what we’re doing? It is imperative for the organization’s leaders to self-monitor, meaning look at their own disciplines and stress test if their practices match their policies and commitments made to a culture of compliance. They need to ask the right questions, allowing for a pivot if needed. By way of example, do you have employees in the right positions who will drive compliance efforts? Are you reporting any compliance concerns appropriately to the governing body and/or compliance committee? Do your policies accurately capture what you are currently doing, as well as future aspirations? Once the organization has completed their self-assessments on their compliance program, we recommend tapping a 3rd party to then audit the organization’s compliance efforts, processes, policies, etc. to ensure that the annual self-monitoring exercise was done appropriately, and nothing was missed.
Thank you. Going back to the proposed changes to HIPAA by the OIG, what are your thoughts on how folks should make sure they’re aware of any changes, and is there anything they should be doing additionally, to avoid any penalties on the backend?
Adherence to OIG’s revisions is going to require practitioners do a big push to get the required documentation and records fulfillment processes in place. Organizations are going to need to understand what is required of them to change patient facing documentation and record fulfillment obligations now so that when HIPAA’s revisions are announced, they won’t scramble to meet the 180 day implementation time period.
In Florida, by way of example, a senate bill effective July 1st, mandates any AHCA (FL DOH) licensed provider that leverages any type of electronic records to attest at renewal or their initial application that they have housed or have control of medical records in the U.S., U.S. territory or Canada. Essentially, FL healthcare companies, organizations, providers that are licensed in Florida can no longer leverage offshore vendors to manage their patient’s PHI. This revision could present a big shift in an organization’s business who has been contracting out their medical records management. Florida’s revision to their legislation is an example of how an MSO that has a national footprint must have a process in place to monitor not only changes by CMS, but also state requirements in those states they do business.
That’s really interesting, Lisa. What do you think in our final question here, are the most important tenets for board advisory, C-Suite and, and what truly, are the five areas you think SCALE can help with?
That’s a great question. I think Board Members and investors in healthcare, and C-suite members must ask the right questions to not only confirm and stress test what the organization is doing, but also demonstrate that they are focused on creating a culture of compliance. Often time we get into these meetings and these folks focus on only the revenue, footprint growth, initiative growth, which, don’t get me wrong are absolutely vital to running a business. But they also need to add in their mix of concerns or oversight how is the organization meeting, if not exceeding regulatory requirements from a state and a federal perspective. How is the organization ensuring that if state law or federal law changes, they understand those changes and they implement process/policy changes timely? How are regulatory concerns reported, investigated and addressed? What is the organization doing from a self-monitoring or external auditing perspective to catch any regulatory issues or concerns? It is vital that folks who hold positions within a healthcare organization start asking culture of compliance questions, dig deeper, and understand the initiatives and processes that are taking place internally that ensure regulatory compliance.
Thanks Lisa. I think that concludes our conversation for today.
Thank you Gayathri – this was fun! The SCALE team is “here” to help healthcare organizations with all things related to running a business in the healthcare space, and invite an opportunity to discuss how we can assist in not only organizational growth in revenue and footprint, but doing so in a compliant way.
SCALE prides itself in developing customized solutions for its clients and helping physician groups grow and thrive in a challenging marketplace. Now, we are ready to help you. We look forward to sharing examples of how we have helped our clients and invite you to schedule a 1-on-1 complimentary consultation with us.
Contact Gayathri Waring at gwaring@scale-healthcare.com to continue the conversation.
Be a leading voice in the healthcare services industry.
Please fill out the form below to sign up for the SCALE newsletter.
Please fill out the details below and a team member will reach out to you.
