Preparing for a Compliance Program Audit
By: Louise LindseyEditor & Betty Frandsen, MHA, RN, NHA, CDONA, FACDONA, C-NE, IP-BC Director of Education
Receiving an official notification that you are going to be audited tends to stir up feelings of concern, fear and anxiety whether the audit is personal or one involving your employer or business. Questions abound regarding what the audit will reveal that may result in a serious financial penalty and adverse consequences. When an external auditor knocks on the door of your facility and you are facing a Compliance Program Audit, the best position to be in is a pro-active one.
A pro-active compliance position is not one of scurrying around and hoping for the best. Implementing an effective Compliance Program is not a one-time event and requires commitment from the bottom of an organization to the top and is an ongoing effort. A pro-active compliance position means that an organization continually works on and addresses compliance issues on a daily basis. Often the complexity of compliance requirements can be mitigated and greatly improved by involving outside compliance experts to help navigate these complicated waters.
The purpose of a Compliance Program is to provide guidance for an organization’s daily operations and the application of its internal policies, procedures and controls that are designed to prevent and detect violations of law, regulations and ethical standards, like fraud, waste and abuse. Anyone who works and contributes to a facility’s ability to bill for services under Medicare and Medicaid is subject to the dictates of the Compliance Program.
Just as an athlete, whether amateur or professional, constantly returns to the basics involved in the sport they are playing in order to improve and excel, facilities governed by strict compliance laws need to constantly be reviewing the aspects of their Compliance Program. In doing so, they can ensure and improve their compliance position and be better prepared for a program audit.
A good place for a facility to begin is to make sure that its Compliance Program has these eight required elements in place:
A designated Compliance Officer and Compliance Committee that oversees compliance interests;
Policies and Procedures that describe compliance expectations;
Training and Education that includes general information and progresses to specific, targeted areas for all affected individuals;
Auditing and Monitoring activities for identifying potential fraud, waste and abuse;
A system for reporting or disclosing concerns;
Response Protocols for responding to reports of concerns and identified issues;
A consistently applied Disciplinary Action for Non-Compliance at all organizational levels and
Ongoing reassessment of the effectiveness of the Compliance Program and the provided Education and Training.
After making sure that your Compliance Program has the required elements in place, here are some tips to review that can help assure your facility’s pro-active stance regarding compliance should an external auditor arrive at your front door:
Be aware that the Compliance Program encompasses everyone in your facility who contributes to the care you provide and the reimbursement for which you bill Medicare and Medicaid programs. This applies to the education and training you provide and must include “all affected individuals.”
Fraud policies and procedures describing compliance expectations must be accessible, without having to ask, for all affected individuals.
The Compliance Officer must be notified by supervisors or department managers of any reports of potential violations even if the issue is resolved by the supervisor or the department manager.
The Compliance Officer is responsible for coordinating formal audits even when the audits are performed by others, and the Compliance Officer should analyze the audit results to determine the root cause.
Data should be collected and analyzed regularly to assess compliance with standards of practice and address these topics: quality, documentation, billing and reimbursement.
The Compliance Officer and Compliance Committee should receive written audit reports at least quarterly from anyone who participates in auditing and monitoring activities.
At least one confidential method for notifying the Compliance Officer of concerns and violations must be available, and staff should be educated about this method of notification. A secure drop box or mailbox accessible only by the Compliance Officer meets this requirement.
The Compliance Officer must conduct an initial assessment after receiving a report of a concern and complete a Compliance Investigation Form (Policy #10110 in the Med Net Fraud Policy Manual or a similar form).
If noncompliance is found during an investigation, review of a report, during internal monitoring or from audit results, the Compliance Officer must develop a Corrective Action Plan (Sample form is Policy #10120 in the Med Net Fraud Manual).
The Compliance Committee must be involved in the development of all Corrective Action Plans that result from significant compliance violations, affect multiple departments or service lines and involve revisions or additions to the Compliance Program or system-wide policies and procedures.
Corrective Action Plans must be followed-up and audited by the Compliance Officer to determine whether they are being followed and are effective.
The Compliance Officer must submit an annual written report to Senior Administration, the Administrator, the Governing Body, and/or the Board of Directors/Owners describing the compliance efforts for the year such as investigations, audits and substantiated concerns shared by others along with any recommendations for Compliance Program changes.
One important last thing to remember is that a Compliance Program’s effectiveness depends on every team member’s knowing their role in assuring your facility’s compliance.
For more information regarding this article, call 609-454-5020 or email info@mednetconcepts.com.