Healthcare Compliance & Risk Management

In the broadly regulated high-risk industry of healthcare, compliance is essential. Under the Affordable Care Act, facility-based healthcare entities and medical practices are required to establish compliance programs as a condition of enrollment in the Medicare program. Not having one or having one that is ineffective increases the risk of costs that are economic, reputational, and even criminal.

Healthcare compliance is the ongoing process of meeting or exceeding the legal, ethical, and professional standards applicable to a healthcare organization or provider. It requires healthcare organizations and providers to develop effective processes, policies, and procedures, to define appropriate staff conduct, train staff, and then monitor their adherence to those policies, and procedures.

Compliance in healthcare can cover a wide variety of practice areas including patient care, billing, reimbursement, managed care contracting, OSHA, Joint Commission on Accreditation of Healthcare Organizations, and HIPAA privacy and security among others. But most healthcare compliance issues related to patient safety, the privacy of patient information, and billing practices.

Every healthcare organization and provider should identify all the laws and regulations that apply to their specific organization. Many commercial health carriers are now requiring providers to have a compliance plan as a condition of participation. The federal laws applicable to healthcare are extensive and are implemented by multiple federal agencies. HHS alone is responsible for the Medicare, Medicaid, S-CHIP, as well as, the HIPAA privacy and security rules. Most healthcare organizations and providers are also subject to the rules of the FDA, the DEA, and several other state and federal agencies. Each of whom issues rules and regulations. Due to the sheer volume and complexity of this regulatory framework, TD&Ps clients rely on our compliance experts to develop, implement and update their compliance programs.

An effective healthcare compliance program is essential to ensuring that healthcare organizations and providers avoid costly penalties, fines or more. Moreover, it can help improve staff communication, patient care and the overall bottom-line of their business. TD&P’s experts use their knowledge of federal laws and regulations to help clients face their unique regulatory challenges, comply with existing guidelines and identify potential gaps in their policy.

The Department of Health and Human Services (HHS) Office of the Inspector General (OIG) has established the following seven core elements of a compliance program for facility-based entities:

  1. Establishment and adoption of written policies and procedures to promote the organization’s commitment to compliance.
  2. Identification and appointment within the organization of an individual to serve as a compliance officer, who will be responsible for monitoring compliance efforts and enforcing practice standards.
  3. Establishment of reporting systems to encourage individuals to make complaints regarding compliance items without fear of retaliation.
  4. Commitment to conducting formal education and training programs for all levels of employees.
  5. Ongoing auditing and monitoring of systems to assess the effectiveness of the compliance program and identify issues.
  6. Development of policies to enforce standards of conduct with disciplinary measures for employees who fail to comply with requirements.
  7. Conduct corrective action in response to the potential violations when vulnerabilities are identified.

By comparison, the seven recommended components applicable to physician and small group practices include:

  1. Conducting internal monitoring and auditing;
  2. Implementing compliance and practice standards;
  3. Designating a compliance officer or contact;
  4. Conducting appropriate training and education;
  5. Responding appropriately to detected offenses and developing corrective action;
  6. Developing open lines of communication; and
  7. Enforcing disciplinary standards through well-publicized guidelines.

The OIG urges that firms of all sizes maintain compliance programs based on the seven core elements. However, achieving compliance cannot be realized by simply listing out the OIG’s seven core elements. Managing compliance risk requires aggressive action and the assistance of experienced professionals.

TD&P’s team of healthcare compliance professionals work with clients to assist them with articulating a compliance program that establishes an organizational culture that promotes prevention, detection, and the resolution of conduct, which does not conform to the law or the organization’s ethical and business policies.

To learn more about Healthcare Compliance & Risk Management and get help developing new best practices to deal with any changes contact TD&P Consulitng, Inc. today