In today’s environment of complex regulations, aggressive prosecution, exorbitant penalties, and hungry whistleblower attorneys, it is necessary for medical practices to maintain effective compliance programs.  Failure to do so puts the practice at a great deal of unnecessary risk.  Many or most practices will eventually make errors in their billing and collections or other regulatory areas.  Self-discovery of these issues is unpleasant but manageable.  Discovery by a government enforcement agency or a whistleblower can be personally and financially devastating.

A compliance program creates a systematic process that proactively operates to discover potential regulatory risks, to audit and monitor identified risk areas, and to take action to correct discovered deficiencies.  A compliance program contains seven core elements, without which a program will not be effective.  The seven core elements establish the operational foundation and are required in all programs.  A compliance program will also include policies and procedures that set forth the requirements for compliance in identified risk areas.  For example, a health care provider is exposed to potential risk in billing and coding and will need to have policies and procedures covering general billing practices supplemented with specific billing requirements pertaining to their specific practice area.

Risk area policies and procedures establish requirements and communicate them to staff.  They also establish a baseline against which auditing and monitoring activities can be measured.

Having an active compliance process in place will help identify and correct issues before they are the subject of enforcement or legal action.  Additionally, an effective compliance program will help mitigate damages of third party claims.  Federal Sentencing Guidelines provide reduction in sentencing if an effective compliance program is in place.  Additionally, civil penalties can be assessed absent actual knowledge if the government feels a provider should have known about a deficiency through the operation of an effective compliance program.

Every medical practice should operate a compliance program tailored to the risks present in their practice.  It is crucial the program be tailored to the risk involved in the specific practice.  Some of the core requirements are relatively standard but should still be adjusted to leverage the resources of the practice and accommodate the specific operational structure.  Risk area factors will always be unique to the practice.

Some risk area policies will be based on the nature of the service provided.  Others will be based on the individuals involved and the operational structure of the practice.

Adoption of policies is only the first step.  Compliance program effectiveness requires continual operation of the program as a “living and breathing” process to identify, assess, and address risk.  Without ongoing and systematic operations, a compliance program will not be effective and will provide little, if any, risk mitigation to the practice.

An effective compliance program must address, at a minimum, seven core elements in addition to practice-specific risk areas.

  1. Appointment of a high ranking member of management to act as compliance officer or compliance responsible individual.
  2. Compliance policies that describe the process to conduct ongoing compliance activities.
  3. Training of employees, contractors and others on basic compliance program elements and risk areas that are applicable to their job functions.
  4. A visible compliance reporting system and protection of those who make complaints from retaliation or retribution.
  5. Consistently enforced disciplinary standards that hold employees responsible for following compliance requirements.
  6. Continual operation of the program to identify areas of potential compliance risk within the practice.
  7. Maintaining a system of appropriately responding to identified compliance problems through creation of appropriate corrective action, self-disclosure or other appropriate action.

Putting these elements in place through adoption and operation of appropriate policies and standards establishes the central elements of the compliance process.  It is critical the activity does not stop at the establishment of policies.  A compliance program must be continually operated as a living and breathing process to identify and address risk.  The compliance officer or responsible individual is responsible for assuring the continued operation of the program.


Source: Blue Ink Blog