Quality of the estimate. December, p. 47 - Health Care Compliance ...

More documents

Recommendations

Info

How internal controls support compliant business practices: Part 1 ...continued from page 61 “management” is responsible for internal control. Managers are responsible for establishing policies and processes and providing management oversight (monitoring) to ensure the procedures (controls) are being executed as management intended. 1 What about the chief compliance officer (CCO) Well, the guidance suggests the CCO is responsible for overseeing (monitoring) and managing compliance issues within an organization, ensuring the Table 1 COSO Internal Control Framework Component (1992) Control Environment Risk Assessment Control Activities Information & Communication Monitoring OIG Compliance Program Guidance – exact language from model guidance (1998 – 2008) Designation of a chief compliance officer and other appropriate bodies, (e.g., a Corporate Compliance Committee, charged with the responsibility of operating and monitoring the compliance program, and who report directly to the CEO and the governing body) Additional risk areas should be assessed as well and incorporated into the written policies and procedures and training elements developed as part of their compliance programs. Development and distribution of written standards of conduct, as well as written policies and procedures that promote commitment to compliance. Development and implementation of regular, effective education and training programs for all affected employees. Maintenance of a process, such as a hotline, to receive complaints, and the adoption of procedures to protect the anonymity of complainants and to protect whistleblowers from retaliation. Use of audits and/or other evaluation techniques to monitor compliance and assist in the reduction of identified problem area. Although many monitoring techniques are available, one effective tool to promote and ensure compliance is the performance of regular, periodic compliance audits by internal or external auditors who have expertise in federal and state health care statutes, regulations, and federal health care program requirements. Federal Sentencing Guidelines Chapter 8 (2004) §8B2.1.(a)(2) Promote organizational culture §8B2.1.(b)(2)(A) Governing authority’s knowledge of program §8B2.1.(b)(1) Standards and procedures §8B2.1.(c) Periodic assessment of risk §8B2.1.(b)(1) Standards and procedures §8B2.1.(b)(4)(A) Compliance training §8B2.1.(b)(5)(A) Monitoring and auditing activities §8B2.1.(b)(5)(B) Evaluate effectiveness of compliance and ethics program Corporate Integrity Agreement, typically Section III Compliance Officer & Committee Board of Director’s compliance obligations Code of Conduct Language can be present but not standard Policies and procedures Board reporting Training & Education Notifications to government Implementation and annual reporting (Section V, typically) Review procedures December 2011 62 Health Care Compliance Association • 888-580-8373 • www.hcca-info.org
organization is complying with regulatory requirements, and that the organization and its employees are complying with internal policies and procedures (controls). 2 What about the Internal Audit department Again the Institute of Internal Auditors professional practice standards indicate internal auditors perform audits to evaluate whether the policies and processes are designed and operating effectively and providing recommendations for improvement. 3 Internal controls can be preventive or detective and manual or automated. Ideally, there would be higher reliance on preventive controls, activities, and processes that support “doing it right the first time” rather than detective controls that identify errors after the fact. The reason is that detective controls can be a lower priority and overlooked, with so many competing priorities in a manager’s busy day. In the age of technology, it is also ideal to have automated controls rather than manual controls. Automated controls can serve as prompts to help employees follow established processes or help ensure accurate information is entered that others can rely on later in the process, to name a few. With the rapid implementation of electronic medical records, we often don’t maximize the functionality during the design processes, which is a significant lost opportunity to address ongoing compliance issues that could be improved with the help of technology. Conclusion In the end, an effective internal control structure is the foundation of good business, which includes compliance. As the voice of the seasoned compliance professionals, we challenge you, as a compliance officer, to learn more about internal controls. When something is not going right, look at the internal control structure to help determine what could be implemented to mitigate the risk going forward. I have seen many corrective action plans that state policies and procedures will be developed and/or training will be provided. Granted these elements are part of the internal control framework but they are not the most reliable controls. Dig further and see what can be done to implement checks and balances in the process, as the process is occurring. That is often the key to mitigating many compliance risks. n 1. COSO Internal Control-Integrated Framework, 1994 2. Scott Cohen, editor and publisher of Compliance Week, dates the proliferation of CCOs to a 2002 speech by SEC commissioner Cynthia Glassman. (See http:// en.wikipedia.org/wiki/Chief_compliance_ officer) 3. Institute of Internal Auditors: International Professional Practices Framework (IPPF). Published by The IIA Research Foundation, 2009. Health Care Compliance Association • 888-580-8373 • www.hcca-info.org False Claims Act Training Doesn’t Have to Be Hard A Supplement to Your Deficit Reduction Act Compliance Training Program offers a clear, concise review of the False Claims Act and its impact on federal health care programs. Bulk pricing available for HCCA members. To order, visit www.hcca-info.org, or call 888-580-8373. December 2011 63
Page 1 and 2:
Volume Thirteen Number Twelve Decem
Page 3 and 4:
INSIDE 5 The rising tide: Recognizi
Page 5 and 6:
The rising tide: Recognizing your c
Page 7 and 8:
Legal function of any consulting ar
Page 9 and 10:
side and show that proper actions w
Page 11 and 12: If you disagree with the requested
Page 13 and 14: n Starting from Scratch o I just re
Page 15 and 16: CFO was particularly timely in ligh
Page 17 and 18: territory in the early years. The m
Page 19 and 20: Social Networking John Falcetano Ed
Page 21 and 22: y the federal and state agencies th
Page 23 and 24: People on the Move Former Medicaid
Page 25 and 26: may find themselves in a netherworl
Page 27 and 28: Losing sleep over health care marke
Page 29 and 30: Editor’s note: Jeffrey N. Joyce i
Page 31 and 32: The first domain for establishing r
Page 33 and 34: for research services provided by p
Page 35 and 36: Community Relations. A process to r
Page 37 and 38: With the implementation of the EMR
Page 39 and 40: showed that the company viewed its
Page 41 and 42: Healthcare facilities that are seri
Page 43 and 44: CCB The Compliance Professional’s
Page 45 and 46: Legislators viewed the Medicare RAC
Page 47 and 48: Confidence and precision in claims
Page 49 and 50: universe is no less than $9,650. No
Page 51 and 52: Accountability is the key to compli
Page 53 and 54: Accountability is the key to compli
Page 55 and 56: Regulatory compliance for research
Page 57 and 58: Occupational Fraud and Abuse, it is
Page 59 and 60: offenses, including modification of
Page 61: n Control environment The control e
Page 65 and 66: Publisher: Health Care Compliance A
Page 67 and 68: esearch Compliance Conference June
Page 69 and 70: eimbursement and the growing separa
Page 71 and 72: even a decrease in physician paymen
Page 73 and 74: New HCCA Members Alabama n Patricia
Page 75 and 76: What could you do with The Power of
show all

Quality of the estimate. December, p. 47 - Health Care Compliance ...

Create successful ePaper yourself

Delete template?

Save as template?