1 / 36

How to Design and Implement A Corporate Compliance Program

How to Design and Implement A Corporate Compliance Program. Auditing and Monitoring Operations and Business Processes. Our House Analogy. The physical structure (walls, ceiling) Like the mechanical aspects of a compliance program The “furniture/appliances” The substantive laws/policies

shaman
Télécharger la présentation

How to Design and Implement A Corporate Compliance Program

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to Design and Implement A Corporate Compliance Program Auditing and Monitoring Operations and Business Processes

  2. Our House Analogy • The physical structure (walls, ceiling) • Like the mechanical aspects of a compliance program • The “furniture/appliances” • The substantive laws/policies • What we must “comply” with versus the “how we get there”

  3. Prior Sessions: “Process” Aspects (The House) • Some of the process pieces we’ve explored: • Compliance officer/committee • Employee education/training • Checking exclusion status of employees & contractors • Creating/retaining compliance records

  4. Today: More Process • Auditing and Monitoring Systems • OIG: Integral to an “effective” compliance program • Monitoring operations (business processes, quality, resident safety) • And your compliance program’s effectiveness

  5. Auditing & Monitoring Is Just: • Reliable, periodic systems to audit or check on identified “risk areas” in corporate/facility operations • Not overly complex • But comprehensive & reliable • That specifies how it works and who’s responsible for auditing • With reviews of systems for reliability

  6. RISK … “exposure to the chance of injury or loss” • Business Risk • Healthcare Company Risk • Quality Risk

  7. RISK Lawsuit Whistleblower InvestigationDenials Audit False claims Abuse Conflict of Interest Theft Survey Five Star Background Check PROBE Medical Necessity Kickback Referral Disclosure Falsification Supplementation Class action Labor ExclusionControls Staffing Consolidated Billing Resident Trust Triple Check Reimbursement Coding HIPAA RUGSHR RAC MDSMAC PAC POC EEOC SOD SEC CMP OIG CMSDOJ AR PPD EIEIO

  8. LONG TERM CARE RISKS

  9. Business Risks

  10. Healthcare Company Risks

  11. Quality Risks

  12. One Risk Management Approach(aka “the Silo approach”)

  13. Components of Risk Management “Silos”

  14. Another Risk Management Approach(aka “an Integrated Approach” CMS- Quality Improvement - survey - quality measures - staffing

  15. “DASHBOARD”forIntegrating Risk Data • Data Metrics • Quality • Business • Healthcare Company Compliance

  16. Dashboard Formats

  17. Dashboard Development • Get constituent buy-in and allocate funds; • Select project team; • In-house • Consultant /vendor • Combination • Determine data to be “rolled-up”; • Don’t create new data • Select dashboard format based on ease of data import (manually or through IT); • Wide-distribution to constituents • Act on indicators

  18. Making Auditing and Monitoring Practical A Step-By-Step Approach to Taking the Pulse of Your Operations and Compliance Program

  19. 1. Specifically target and identify what you are auditing • Possible audit “targets” come from: • OIG “risk areas” (later webinars) • Your own operations experience • Internal/external finance or business audits • Survey results, QI scores, QA meetings, complaints, hotline calls, satisfaction surveys

  20. Poor “Targeting” = Poor Results • With multiple targets, failure to clearly define, and give team clear direction = disorganization, missed issues & ineffective auditing • Am I targeting med error rates, contract compliance with illegal kickbacks, improper MDS coding and resulting improper payment claims?

  21. 2. Design the Specific Auditing Steps You’ll Employ • What source information/processes am I examining? • Unlocked med carts in hall, sample of payment claims, facility contracts, hotline responses? • Where is the information I’m testing located in terms of operations?

  22. 2. Design the Specific Auditing Steps You’ll Employ • How will we audit those sources? • Pulling/reviewing resident charts? • Interviewing nursing staff, families, residents? • Observing staff with residents? • Observing compliance officer interactions with Board members?

  23. 2. Design the Specific Auditing Steps You’ll Employ • How will we gather and report our findings? • Preparing written reports, charts, or making oral reports? • To whom? • Maybe internal reporting and/or external to consultants/counsel

  24. 2. Design the Specific Auditing Steps You’ll Employ • How frequently are we accessing our information sources? • Annual audit of financial records? • Quarterly review (med. regimen) ? • Time-limited review of med error rates (spike in rates)? • Followed by periodic check on the “fixes” • The findings dictate frequency

  25. 2. Design the Specific Auditing Steps You’ll Employ • Who’s responsible for the audit to make sure it’s targeted, examines the sources we’ve identified, on the schedule we’ve established? • For internal/external audits, put one person in charge • Even with audit “teams” • Including for reporting function

  26. 3. Decide How We’ll Use the Audit Results Obtained • Depends on the issue and company • External CPA audit goes to CFO • Care plan audit to DON, administrator, consultant, Quality Assurance Committee • Purpose: spot an issue, analyze it, repair it, communicate repair, consider legal reporting requirements

  27. If You Want to Write a Specific Audit Flowchart • These questions will direct how to do that • Really, for any issue you can think of: quality, finance, business ops • And, if you’re looking for an “audit & monitoring” policy for your compliance program, these questions will take you there

  28. An Example Compliance with Facility Obligations Under Medicare Part D [From OIG 2008 Supplemental Guidance for Nursing Facilities]

  29. 1. Target / Identify What We’re Monitoring • Audit/monitor following aspects of Medicare Part D compliance: • Explaining Part D Plans to residents accurately/completely? • Are our pharmacy contracts sufficient to ensure resident choice in Part D Plans?

  30. 1. Target / Identify What We’re Monitoring • Have mechanism to contract with additional pharmacies or with one (exclusive) with broader Plans? • Avoid coaching, steering, requiring a resident to select a specific Part D Plan or specific pharmacy? • Do employees/contractors accept items of value from Part D Plan or pharmacy to refer patients?

  31. 2. Designate Specific Audit Steps • Review any policy/procedure and “scripts” used to explain Part D Plans to residents • Observe 15 instances of staff explaining Plans to residents. • Supplement with 15 interviews of staff, residents and families re how we explained Plans

  32. 2. Designate Specific Audit Steps • Identify failures to describe Plan fully or accurately or respond to resident requests for Plans we don’t offer • Observe 15 instances of pharmacy rep or contractor discussing Plans with residents • Any instances of coaching, steering, requiring a specific Plan or pharmacy? • Supplement with resident/family/staff interviews re those interactions. • Counsel employees / consider discipline for violations & any corrective action required?

  33. 2. Designate Specific Audit Steps • Observe 15 interactions between resident and contract pharmcy(ies) to ensure no steering, coaching, etc. • Report violations to compliance officer/committee • Corrective action required? • Examine how pharmacy contracts are negotiated / executed to ensure no items of value to induce contracts or referrals

  34. 2. Designate Specific Audit Steps • Identify any items of value provided to facility staff, resident or family by facility staff, Part D Plan rep, or pharmacy rep • Via interviews with staff, resident, family, contractors (I.D. #) • Determine if permissible under applicable law (counsel / compliance officer) • Identify who will perform these steps by title and frequency (if not above)

  35. 3. Designate How We Will Use the Audit Results • Share audit results and any noncompliance instances with compliance officer or designee as soon as practicable after audit • And with QA Committee as directed by compliance officer • Compliance officer will share results with Board and decide if additional steps required (corrections, external reporting)

  36. Summary • Our Q and A approach is one format • Many ways to design audit system • Keys are: • Is it manageable? • Does it work (finding problems)? • Is it thorough? • Are we actually using it and the results? • Are we auditing the audit system to ensure it’s working also?

More Related