8 Components of an Effective Compliance Program

The eight steps you need to take to put together a program for yourself!

compliance programMany people have asked what the process for establishing an effective compliance program is.  At one point, having a compliance program was optional.  As a result of the Patient Protection and Affordable Care Act, health care providers who participate in federal health programs must have an effective compliance program as a condition of participation. Even HMOs are beginning to require compliance programs for plan providers.  So the question remains: what is the process for establishing a compliance program.

Step 1: Develop And Maintain Written Policies And Procedures

Having policies and procedures are key to an effective compliance program.  Minimally, these policies and procedures and written documents should address the following topics:

  • Code of Conduct
  • Compliance Plan
  • Policies and procedures on how practice workforce members and vendors deal with potential compliance issues
  • Non-retaliation
  • Qui Tam and Whistleblower
  • Communicating and resolving compliance issues
  • Overpayment refunds
  • False Claims Act
  • Anti-Kickback Statue
  • Stark self-referral law
  • HIPAA
  • State privacy laws such as the Texas Medical Privacy Act aka HB 300
  • Handling agency investigations and audits
  • Self-assessments, evaluations and resolution of compliance issues
  • Compliance training and awareness

Step 2: Designate A Compliance Officer

The Bonadio Group, a Rochester, NY based accounting, consulting and financial services firm identified the top five weaknesses in compliance plans based on the company’s experience.  The firm identified compliance officer performance as the number one weakness of compliance programs.  This weakness is more acute in smaller practices where the designated compliance officer has other job responsibilities that take precedent other the compliance role and activities.  For those individuals, the compliance duties, responsibilities and training take a back seat to the person’s other job responsibilities.  The compliance officer should be responsible for the day to day compliance activities and periodically report compliance activities to practice leadership.

Step 3: Develop An Effective Compliance Training, Education And Awareness Program

As part of the compliance program, the practice should provide training and education to its workforce members, contractors and vendors where appropriate.  This training should be part of the new hire orientation as well as annual compliance training for practice workforce members.  Additionally, the practice should provide ongoing and periodic awareness activities such as webinars, newsletters and screensaver messages that inform workforce members that compliance is everyone’s responsibility.  This component of the compliance program establishes the practice’s expectations for reporting suspected and actual compliance problems, the number two weakness the Bonadio Group identified in compliance programs.

Step 4: Establish Open Lines Of Communication

The practice must establish and maintain open lines of communication to the compliance officer for all practice workforce members that includes anonymous as well as confidential reporting of potential compliance issues.  Additionally, develop appropriate compensation incentives to promote compliance. In fact, the 2004 revisions to the Federal Sentencing Guidelines standards require organizations to promote and enforce consistently its compliance program through appropriate incentives.  Rewards and recognition are powerful incentives for promoting compliance.

Step 5: Establish And Maintain Disciplinary Policies

The practice’s disciplinary policies must encourage participation and outline expectations on reporting and resolving compliance issues.  Additionally, the practice should have sanctions policies that outline penalties for failing to report suspected problems, as well as encouraging and participating in non-compliant behavior.  Sanctions should range from a verbal warning to termination and notifying law enforcement.

Step 6:  Establish and Maintain a Process for Routinely Evaluating and Identifying Potential and Actual Non-Compliance

The Bonadio Group identified having an ongoing process for identifying compliance risk areas as the number five weakness in a compliance program. The compliance officer should:

  • Conduct periodic reviews of post-submission claims to ensure accuracy and conformance with applicable coverage criteria
  • Conduct quarterly compliance audits whose results should be reported to leadership for review and remediation if necessary
  • Review the practice’s compliance program in order to assess its effectiveness, evaluate the program’s success and identify weaknesses
  • Conduct exit interviews with departing workforce members to determine whether the individual has knowledge about any potential unprofessional, unethical or illegal activities within the practice

Some organizations engage outside resources to address this area.

Step 7:  Establish and Maintain a System For Responding To Compliance Issues

The compliance program should include a system for responding to and investigating compliance issues, compliance issues identified through self-evaluation, external assessments and investigations or internal reporting.  Some responses may require developing or revising policies, procedures or systems to minimize the re-occurrence of the non-compliant activity.  Other responses include notifying the appropriate federal and state agencies as well as overpayment refunds.

Step 8:  Timeline for Compliance Program Activities

Below is a partial timeline for the compliance officer activities on an annual basis.

First Quarter Second Quarter Third Quarter Fourth Quarter
Annual compliance trainingInvestigations as neededPost-submission reviewTraining for new employeesUpdate meetings with practice leadershipAttend compliance officer seminars

Run workforce member names against List of Excluded Individuals/Entities

Conduct employee exit interviews as necessary

Compliance awareness activitiesTraining for new employeesPost-submission reviewReview rules, regulations and industry standards to determine whether program should be revisedPost-submission reviewUpdate meetings with practice leadership

Participate in continuing compliance education activities

Training for new employeesCompliance program review and revisionPolicy and procedure review and revisionEngage 3rd party for auditReview and revise compliance training as neededCompliance awareness activities

Update meetings with practice leadership

Review next year’s OIG work plan

Run workforce member names against List of Excluded Individuals/Entities

Participate in continuing compliance education activities

Training for new employeesLeadership approval of all compliance program and policy and procedure revisionsPost-submission reviewCompliance awareness activitiesUpdate meetings with practice leadershipParticipate in continuing compliance education activities

 

In closing, having a compliance program is mandatory.

Non-compliance could result in the public disclosure of violations and increased regulatory scrutiny.  Developing and maintaining a compliance program, along with the associated policies, procedures and training, tailored to your organization’s unique business model is the first step toward having a meaningful and effective program.

I hope this roadmap helps you and your practice along its journey toward a durable and effective compliance program.

 

One Response

  • Hey Greg, you did a great job creating a roadmap to an effective compliance program. I really appreciate your step-by-step approach, breaking it down from development to deployment and beyond. The partial timeline you included for annual compliance officer activities is particularly useful, in my opinion. I also love the list of topics that need to be addressed in policies and procedures. This is the content that business owners need right now, especially with the state of things in 2020 and beyond. It’s interesting to think about the new challenges in compliance training with the dramatic increase in remote work, but these eight steps still hold up! For example, in Step 3, the main change for today’s environment is the higher demand for compliance training software. This works perfectly with your recommendations for incorporating training in new hire orientation and including ongoing education. The software just streamlines the process and makes it easier to keep everyone on the same page, you know? Definitely a bookmark-worthy post here.

Leave a Reply

Your email address will not be published. Required fields are marked *