A regulatory compliance plan within a health care practice or facility is not something you set and forget. It is a living, breathing program that requires regular maintenance and tune-up.
The Department of Health and Human Services Office of Inspector General (OIG) recommends reviews should be conducted at least annually, and should evaluate each of your plan’s basic elements individually, as well as its overall efficacy. These reviews can help identify weaknesses in compliance programs and direct appropriate changes.
Health Care Compliance Quiz
Whether you are looking to create a sound compliance plan for a new practice or medical startup, or need to evaluate your current plan to ensure it meets requirements and effectively aids your practice in staying out of regulators’ crosshairs, use this quiz to assess your practice’s commitment to compliance.
1. Do your written policies, procedures, and standards of conduct include training, enforcement, and evaluation?
An effective compliance program must include a formal set of written policies, procedures, and standards of conduct that articulate your organization’s commitment to compliance. Beyond outlining the rules, however, compliance plans should also detail how the program is implemented, enforced, and refined.
Do your written compliance guidelines include these elements?
- How and when employees will be trained
- The reporting structure and reporting mechanisms for suspected violations
- How investigations will be conducted and resolved
- Duties and responsibilities of individual departments or operational areas
- Key metrics to be measured, monitored, and evaluated
While this list is far from inclusive, it does remind you to ensure that your compliance program goes beyond the page. A dusty binder sitting on a shelf will not keep your practice or facility out of trouble with regulators. Create mechanisms that ensure programs are brought to life and reviewed regularly so that red flags don’t get ignored.
2. Do you have an appointed compliance officer or compliance committee?
Your facility – no matter the size – should have a compliance officer or committee formally assigned responsibility for overseeing the program. Align their individual performance objectives with the objectives of the organization to ensure compliance does not fall to the end of the “to-do” list.
Compliance officers should be members of senior management or have direct access to the CEO or other senior officer. Alternatively, a compliance committee can be sponsored by a senior executive and empowered to implement, enforce, and assess the program.
Compliance officers or committees should also:
- Have sufficient resources (i.e. budget and staff)
- Be granted sufficient authority and autonomy
- Have access to the organization’s governing body, legal counsel, and owners
- Collect and review data
- Conduct audits of various operational areas to identify risk and potential fraud, waste, and abuse
- Provide regular reports to directors and management regarding compliance
By appointing a designated compliance officer or committee, practices can avoid over-reliance on general outcome indicators such as billing and coding error rates, identified overpayments, and audit results – a problem the OIG has identified as a common cause of organizations missing critical weaknesses.
Because officers or committees are tasked specifically with program implementation and regular assessment, they will have the available bandwidth and expertise to evaluate compliance on a day-to-day basis as well as gain a big-picture view of how each of the program’s underlying elements work together.
3. Do you train and educate your employees?
Training, education, and communication programs are critical to creating a culture of compliance within your organization. Are you doing enough?
- Do you train new employees at or near the date of hire?
- Does your practice provide annual refresher training?
- Is training relevant to employees’ specific duties in each operational area?
- Do training and education programs incorporate issues found in audits or investigations, previous training, internal reports, or federal guidelines and advisories?
- Are training and education programs evaluated on an annual basis to ensure they are effective and up-to-date?
4. Are there open lines of communication?
Your front-line employees, contractors and even patients are some of the most qualified individuals to identify and report potential fraud. Do employees feel empowered to speak up without fear of retaliation? Is there an anonymous reporting channel, such as a toll-free hotline or drop box? Does your culture reward and incentivize team members who proactively report issues?
Keep in mind that communication is a two-way street: Are your supervisors communicating compliance issues and the results of investigations to staff members? Is there an open-door policy, particularly for the compliance officer or members of the compliance committee? Are compliance questions routinely addressed at staff meetings and through other channels of employee communication?
5. Does your organization systemically monitor and audit compliance programs?
Monitoring compliance programs should occur during normal operations and be performed daily or weekly by staff members. Monitoring programs should include procedures for reviewing compliance with coding, billing, and documentation requirements, on a concurrent (prior to submission) and/or retrospective (after-submission) basis.
Auditing, on the other hands, is handled from outside the department, generally by the compliance officer or committee, or by an outside expert.
Your audit guidelines should:
- Prioritize federal programs, and stay up to date with any changes in claims submission, OIG updates, and compliance guidelines
- Compare audit results against benchmark data
- Advise a collaboration between at least one medically trained individual (i.e. nurse or physician) and administrative personnel
- Mandate audits at least once per year, and review at least five or more medical records per federal payer, and 5 to 10 medical records per physician
- Outline how and when to refer a violation to the OIG, Centers for Medicare & Medicaid Services (CMS), or other law enforcement agency
6. Are offences consistently disciplined?
Consistent discipline is a core element of an effective compliance program. Does your program prescribe sanctions for failure to comply? Disciplinary polices should not only address proven fraud; they should also impose sanctions for:
- Non-compliance with written standards of conduct
- Failure to detect non-compliance when due diligence and routine monitoring should have revealed it
- Failure to report suspected violations
7. Do you have a corrective action plan?
Identifying compliance issues is only half the battle. Your program should include clear plans for how detected deficiencies will be handled. Known as corrective action plans, these plans should:
- Appoint key personnel to dedicated response teams to ensure an adequate and swift response.
- Prioritize prompt and thorough investigations.
- Take into account the underlying cause of any potential violation.
- Outline a system for periodic reviews to follow up on corrective actions taken.
- Address procedures for reporting and disclosing any overpayments or probable violations
Finally, be sure to adjust your staff training and communications curricula to reflect any procedural changes resulting from the investigation.
Health Care Compliance Counsel You Can Count On
Regulatory compliance is a moving target that requires physicians, group practices, hospitals, and other organizations that bill Medicare and other federal health programs to exercise constant vigilance and continually refine policies and procedures so as to avoid disenrollment or enforcement actions over alleged fraud and abuse.
If this sounds overwhelming, and it most certainly is, consider calling in expert advisors. At Hendershot Cowart P.C., our award-winning legal team draws from decades of experience counseling health care clients on both a proactive and responsive defense basis to create, implement, audit, and refine comprehensive regulatory compliance programs. Lear how our team can be of assistance to you by calling or contacting us online.