Articles on Compliance Strategies

Featured Health Business Daily Story February 6, 2008

Easy Fixes Can Help Shore Up Ineffective Compliance Programs

Reprinted from REPORT ON MEDICARE COMPLIANCE, the nation's leading source of news and strategic information on false claims, overpayments, compliance programs, billing errors and other Medicare compliance issues.

By Nina Youngstrom, Managing Editor, (nyoungstrom@aispub.com)

Organizations that have had compliance programs in place for years are trying to strengthen them as they recognize shortcomings and worry that the government may not be impressed if those programs come under scrutiny during an investigation.

There is still plenty of room for improvement, even at organizations that have a true commitment to compliance, says Jenny O'Brien, former compliance officer at Allina Hospitals & Clinics. "Organizations that have built compliance programs using different guidances and focusing heavily on ensuring they can check the box on each of the components now are ready to actually evaluate what is in place and see what can be done to take the program to the next level," maintains O'Brien, an attorney who is now with the law firm Halleland Lewis Nilan & Johnson, P.A. in Minneapolis. Also, she says, "Some compliance officers feel stuck and feel the program could be more effective."

O'Brien has evaluated a number of compliance programs and has found commonalities in terms of opportunities for improvement. For example, companies may need to make improvements in the following areas:

Compliance officer authority: Some compliance officers have a lot of responsibility, but not a lot of authority, she says. The obstacle to getting more authority may come from a CEO who may not want more direct reports or an executive team and board chair who don't fully understand the role of the compliance officer. The problem, of course, is that compliance won't integrate well into an organization where the compliance officer doesn't have a seat at the power table.

Set Compliance Tone at the Top

O'Brien has a solution for this: The compliance officer reports to the CEO on only compliance functions, while letting other executives or senior managers handle non-compliance administrative matters (e.g., budget, performance evaluations). The organization will now be able to demonstrate to employees and the government that the tone is set at the top, while balancing the needs of the executive team to allocate time and resources effectively And when compliance officers are wearing other hats (e.g., director of quality management), they can report to other senior managers (vice president of nursing) for that function.

The bottom line is that if compliance officers don't get the authority they need to carry out the responsibilities they have been tasked with, they will start to feel stifled, and the program won't accomplish its goals, she contends.

Education: Organizations have set up mandatory compliance training for employees but sometimes give lip service to the idea of consequences for failure to attend and absorb compliance education (e.g., making this a factor in performance evaluations). "The link between performance and consequences needs to be improved," O'Brien says. "Work with your human resources person to include it as a measure in the performance evaluations, which will help send a message that all employees are accountable for compliance" — not just the compliance officer. And this is a good thing to show the government.

Also, she says, align training with ongoing organizational initiatives. If one initiative is implementing electronic medical records, then compliance training could focus more heavily on privacy, security and access, allowing the compliance program to showcase its value. "Look at your organizational initiatives, and determine how your compliance program can provide additional value to the organization," O'Brien advises. Sometimes people need to be reminded that compliance is not just about billing.

Policies and procedures: Sometimes they are missing, she says. It's not uncommon, says O'Brien, for a policy on credit balance — which must exist to support the procedure of returning money hospitals owe payers — to be AWOL. "They are doing credit balances correctly, but if someone asks to see policies, they may only have it verbally," she says. That's not good, considering credit balances are a high-risk area and continue to be a government focus. Other policies that are sometimes overlooked include processes around monitoring for excluded providers and vendors, as well as enhanced policies around privacy and security that are necessary due to the transition from a paper record to an electronic record (e.g., employee access to their own medical record).

Educate Boards on Quality, Compliance

Reporting and oversight: OIG is very focused on board awareness of compliance, which is another reason that the compliance officer needs a seat at the table, she says. But she also sees gaps in educating boards on quality and compliance. "We recommend they report regularly to the board about what the OIG is doing," O'Brien says. "Board members should be engaged and informed," which means asking "substantive questions about compliance risks." To gauge how attuned a board is, you might want to ask basic questions, such as: Do you know who your compliance officer is? Do you know some of the key focus areas that the government is looking at this year? What about your own organization's risk areas, and what is being done to address them? "The board may realize it needs to know more and recognize the value in seeing the compliance officer more," she says. Also, it's useful to give board members the OIG/American Health Lawyers Assn. "white paper" on governance, which describes OIG's expectations with respect to board members' compliance oversight.

Response and prevention: There is often a failure to collaborate internally on audits, and organizations should strive to correct this when it comes to preparing for recovery audit contractors (RACs). Different departments are often looking at the same things (e.g., one-day stays), a duplication that wastes time. "If they do it collaboratively, they will get better information and only have to pull the medical records once," she asserts. The implementation of RACs is forcing this to happen to some extent. But the obstacle to a cross-functional team is with everyone so busy, relevant department heads may be reluctant to take charge. One solution: Rotate the chairs of the RAC team so one manager is in charge for a short time (e.g., six months at a time) rather than indefinitely, which may seem daunting with everything that people have on their plates. For example, the health information manager can run the RAC team for six months, then the compliance officer can take over, then the quality manager, etc. "This also helps the project gain recognition that it is an organizational initiative, not just a compliance or coding initiative," she says.

Tools to evaluate effectiveness: O'Brien recommends using concrete measurement tools to evaluate effectiveness. In her compliance-officer role at Allina, she used compliance scorecards to measure billing errors' reduction rates and other measures of compliance in all units of its large, multifaceted organization. The scorecard allowed the organization to rate every business unit on its structure, process and outcomes, which collectively cover the seven fundamental elements of a compliance program. "Structure" addresses the ability of the compliance program to promote compliance with regulatory requirements as reflected in the program's infrastructure, she says. "Process" refers to how the compliance program's paper policies and procedures come to life to address risk areas. And "outcomes" deal with measuring performance in concrete terms (e.g., billing errors). So, for example, structure and process include compliance essentials like employee training, compliance awareness, compliance-policy review and communication. Outcomes involve compliance auditing. The scorecards also contain compliance risk areas customized for each business unit (e.g., the Emergency Medical Treatment and Labor Act for hospitals).

O'Brien's advice when using tools to measure effectiveness is to start small. As you learn how to use the scorecard, and it becomes ingrained in the organization, challenge yourself more. "If you set the bar too high, you may be setting yourself up for failure," she says. "Every year, as you learn more, you can push yourself and your organization more."

Advertise With AIS

Privacy

Site Map