This article was written by Heather Brownson, Senior Consultant at FoxPointe Solutions, and originally appeared on Medical Economics on April 29, 2024
As physicians, it is important to ensure your organization is meeting all applicable federal and state regulations. To do so, organizations must implement an effective compliance program. The work doesn’t end there, however. Below is a summary of what physicians need to know to get started with a compliance program and assess its effectiveness.
What is a compliance program?
Let’s begin by first clarifying what a compliance program is. A compliance program is generally defined as a set of internal policies and procedures put in place to uphold an organization’s reputation and ensure compliance with applicable laws, rules and regulations. Compliance programs can also help drive operational efficiency and lower costs.
According to HHS’s Office of Inspector General, the seven elements of an effective compliance program include the following:
Policies, procedures and standards of conduct – An organization’s policies, procedures and standards of conduct should be established, documented, and made available to all employees.
Program oversight – An organization must designate a compliance officer to oversee the day-to-day operations of the program. Additionally, a compliance committee must be appointed to assist the compliance officer in managing the program.
Education and training– Periodic training should be administered across an organization to foster a culture of compliance. This training should be conducted upon hire and at least annually thereafter.
Effective communication– A direct and confidential hotline should be established, allowing employees to confidentially report any noncompliance issues.
Enforcement of compliance standards– Disciplinary actions must be taken to address offenses to an organization’s policies, procedures and standards of conduct.
Internal auditing and monitoring– Organizations should employ a process that routinely monitors and identifies compliance risks.
Detection, resolution and response – Organizations must investigate and respond to identified and reported issues.
How to assess your compliance program
Once a compliance program has been developed, it is important to regularly assess the program. This assessment should consider the following:
Structure– Are all the required program elements in place?
Effectiveness– Can you demonstrate that the compliance program is effective?
Risk areas– Do you regularly conduct risk assessments to determine what areas within the compliance program should be tested more rigorously?
Findings– What has your compliance program found?
Root cause analysis– When a negative finding is identified, do you conduct a root cause analysis to determine why it is occurring?
Root cause correction– When a root cause is identified, do you develop and implement a plan of correction? Do you go back and test the plan of correction to ensure it is correcting the root cause of the problem? Are plans of correction periodically revised to confirm that they are still correcting the root cause?
Who should assess the compliance program?
Now that you have an idea of how to assess your compliance, it is important to note who is responsible for compliance program assessments. The answer to this is simple. Compliance is not limited to just one department. Instead, compliance must be an organization-wide initiative where everyone has a stake in the program. Although a compliance officer should be appointed to spearhead the program and ensure the organization has the appropriate tools in place, it is ultimately the governing body, executives and various organizational departments that help ensure the organization is in compliance.
When to assess your compliance program
A common question that often arises surrounding compliance programs is around how often you should be assessing them. Although it is best practice to keep your compliance program under constant review, formal assessments should be conducted at least annually. However, these annual assessments should not be an overwhelming once-a-year project. Instead, the assessments should be conducted incrementally throughout the year.
In addition to an annual assessment, there are several events that may prompt an additional assessment. These include after compliance issues have been identified, when regulatory changes occur and when there is a change in management staff.
To maintain an effective compliance program in accordance with federal and state guidelines, organizations must diligently familiarize themselves with the entirety of expectations and standards. For further assurance, organizations may consider aligning with a trusted advisor who can provide specific guidance and ensure their compliance program satisfies the necessary requirements.
Heather Brownson is a senior consultant with The Bonadio Group’s Compliance Solutions Division with more than 15 years of experience in not-for-profit settings.
