Evaluating and Improving a Compliance Program: A Resource ...

1 Evaluating and Improving a Compliance Program: A Resourcefor Health care Board Members, Health care Executives andCompliance Officers 52,015 Overviewprogram. In most instances however, what the or-ganization is advised to do depends on its size,The goal of the Health care Compliance Associ-resources, business activities, and past (HCCA) Compliance Performance Measure-The HCCA recognizes and emphasizes that, onement Initiative is to improve the quality andsize does NOT fit all. Compliance activities are besteffectiveness of Compliance programs by identifyingtailored to the unique needs and risks of the organi-and sharing information regarding the operationzation.

2 The common indicators identified in thisand evaluation of Compliance will not be applicable or appropriate forDue to the complexity and volume of healthevery organization, and even those common indica- care regulations and of Compliance programs intors that are relevant may need to be adjusted orhealth care organizations, management and gov-modified by the organization to achieve the objectiveerning bodies frequently have questions about com-of programs. Are we focused on the rightNevertheless, investigative and enforcement en-issues? Is the program addressing our principaltities have consistently stated that a Compliance pro-risks?

3 How much should we spend? Are we deriv-gram should be judged, at least in part, by how iting maximum value from our efforts? How do wecompares to programs of similarly situated organi-evaluate the quality and effectiveness of our pro-zations. The HCCA believes that this document willgram? While this document does not provide defini-help governing bodies, management teams, andtive answers to these questions, it is intended tocompliance professionals effectively evaluate com-assist governing bodies, management teams, andpliance programs and serve as a useful tool in thecompliance officers in health care organizations ineffort to improve the quality and efficiency of com- Evaluating and Improving Compliance activities.

4 Inpliance , this document is provided by the HCCA as aWhile the HCCA initiative is conducted princi-tool to help an organization determine whether thepally as a benefit and service to HCCA members, theresources it devotes to Compliance are effectively,work of this initiative will be shared with otherefficiently, and appropriately public and private parties in a sincereSimply stated, the objective of a Compliance pro-effort to promote greater understanding and pro-gram is to create a process for identifying and reduc-gress in the field of health care Compliance .**ing risk and Improving internal controls.

5 Statedanother way, from a legal enforcement standpoint,Introductionan effective Compliance program reduces the likeli- 52,020 Introductionhood that an organization will be found to haverecklessly disregarded or deliberately violated theWe live and operate in an era of risk. Nowherelaw. The aim of this document is to be a fluid guideis this truer than in the health care industry. Whileto common indicators and recommended best prac-we have decades of experience in the developmenttices for Compliance programs, not a collection ofof programs to address risks associated with patientrigid standards.

6 In rare instances the HCCA hascare, infectious diseases, workplace injuries, and nat-taken the position that a particular action or practiceural disasters, most health care organizations haveis an essential component of an effective complianceonly recently recognized the seriousness of the risk*Source: 2003 Health care Compliance Association.*This chapter was updated in May 2007 by John Falcetano,MA, CHC, CIA, Chief Audit and Compliance officer for Uni-versity Health Systems of by noncompliance with the complex laws that The structural component includes the basicframework necessary to build and operate angovern business practices in health care , like theeffective Compliance program.

7 The structuralFalse Claims Act (FCA), fraud and abuse, tax andcomponent includes those elements articulatedantitrust laws. In addition, reimbursement has nowby the Office of the Inspector General (OIG) asbeen tied to the quality of patient care elements of a Compliance agencies are citing governing bodies for notThese elements would typically be included inensuring the organization is providing patient careany Compliance program, regardless of the sub-in a safe environment. Many organizations have im-stantive legal or regulatory issues the organiza-plemented Compliance programs to address thesetion is trying to address.

8 Generally, a programrisks and to answer new challenges like those posedwould include standards (policies and proce-by the Health Insurance Portability and Accountabil-dures), high-level oversight, reporting, em-ity Act (HIPAA). Highly publicized failures of cor-ployee screening, education, auditing/porate governance have raised questions regardingmonitoring, enforcement, and role of governing bodies and increased the em-phasis on promoting and enhancing board The substantive component relates to the body of substantive law (Medicare, Medi-caid, antikickback, Stark, insurance, ERISA, tax, Compliance programs play an important role inantitrust, environmental, privacy, etc.)

9 Withhelping health care organizations fulfill their obliga-which the organization is attempting to to public and private payers, shareholders orOrganizations frequently develop policies andbondholders, and the community at large. Healtheducation programs that explain to affected em- care organizations have recognized that such pro-ployees the obligations that the law imposesgrams are important because the regulatory environ-upon them in the performance of their particu-ment in which we operate is exceedingly complex,lar job function. For example, if the Medicareand we have a fundamental obligation to our pa-program requires patient care providers to doc-tients and the public to ensure that our participationument patient care and treatment, an organiza-in government and private reimbursement systemstion would seek to ensure that its patient careand the operation of our health care organization isstaff understands the documentation require-consistent with applicable laws and Similarly, where services must be pro-vided by properly licensed and approved 52,030 What is a Compliance Program?

10 Providers, care would be taken to ensure thatIn its simplest terms, a Compliance program is aproviders are properly qualified and process aimed at ensuring that the organ-Also, health plans comply with laws governingization and its employees (and perhaps businessmandated benefits, appeals and grievance pro-partners) comply with applicable laws, regulations,cedures, and timely claims standards. In the context of health care , it usu-A Compliance program is much more than aally includes a comprehensive strategy to ensure thepolicy communicating the organization s intent tosubmission of consistently accurate claims to federal,comply with the applicable laws.