The road to compliance is long and bumpy, but a trip we must all take in 2018.
In January 2017, compliance professionals from the Department of Health and Human Services (HHS), Office of Inspector General (OIG) held an assembly in which they discussed how to measure the efficacy of Compliance Programs. From this roundtable came a robust Resource Guide for organizations to use while crafting their own Compliance Programs. As the year comes to an end, we believe it is important to approach 2018 with a proactive mindset. It is time to leave passive, reactive approaches to compliance in 2017 to make way for strong policies, and even stronger Compliance Programs in the new year.
The OIG’s Resource Guide explains the seven key components to an effective Compliance Program as:
1. Explicit and well-defined Standards, Policies, and Procedures
The creation of a Code of Conduct document is the first step in implementing a quality Compliance Program. This document should discuss your organization’s commitment to legal standards, ethical conduct, operations, and industry regulations. Typically, Code of Conduct documents include the mission, values, and expectations that an organization has for their staff. Of course, it is not complete without explicit instructions on the safe, secure reporting of compliance and ethical violations
2. Compliance Program Administration
A Compliance Officer, or a Compliance Committee must be appointed/elected. The duties of both compliance officers and committee members must be well-defined and include an outline of daily expectations including but not limited to:
- Regularly assessing/reviewing the Compliance Program
- Reporting on compliance enforcement activities and violations
- Remaining informed on outcomes of audits, and possible remediation
3. Thorough Screening and Evaluation of Employees, Physicians, Vendors, and other Agents
Organizations must do their due diligence from top to bottom. This includes thorough screening during and after the hiring process in order to ensure that all staff members are likely to remain compliant. Due diligence includes official background checks, OIG exclusions checks, and more.
4. Communication, Education, and Training on Compliance Issues
Training and communication are essential for any effective Compliance Program. Without proper training, education, or communication, employees may not be fully aware of any standing policies and regulations. This can lead to not only non-compliance, but to a lack of reporting, which could snowball into a more serious violation. One way to safeguard your Compliance Program is to make training mandatory for all employees. These types of trainings should occur at least once a year and include a post-assessment to gauge staff’s understanding of compliance, policies, the company Code of Conduct.
Communication must be encouraged across the organization. In order to effectively communicate on a daily basis, or when a compliance violation is suspected, employees must feel comfortable and safe in their exchanges. This can be done by creating formal and protected processes for employees to report on, or ask about potential compliance issues.
5. Monitoring, Auditing, and Internal Reporting
This element allows an organization to remain compliant with any CMS requirements while identifying possible vulnerabilities. The revision of risk assessments, work plans, and guidelines is imperative to keeping your compliance plan effective and relevant. A schedule may be instituted and occur on a weekly, monthly, or yearly basis.
6. Discipline for Compliance Violations
Referring back to the Code of Conduct document, you may want to consider expanding upon and formal language discussing disciplinary guidelines for compliance/ethical violations. Disciplinary guidelines come into plan after an investigation confirms any suspicions, and should include sanctions on failure to comply with Code of Conduct documentation, failure to detect non-compliance, and failure to report. These guidelines should be revisited by all employees on a yearly basis to both deter and inform.
7. Investigations and Remedial Measures
As difficult as it may be to exercise punitive action, it is something that must be done without exception. As the final component of a strong compliance plan – extra care must be taken in delivering corrective action. In the event of non-compliance, your organization must be ready to deliver education, perform financial corrections, or escalate to an authoritative body, depending on the severity of the offense.
Compliance is healthcare is a subject that one could expound upon indefinitely, and while this list is not exhaustive, it’s a great place to start. Take a look at your organization’s Compliance Plan. Does it follow this model? If not – perhaps it’s time to revisit your company policy.