Emphasizing a Documented Comprehensive Approach to Compliance Auditing



Similar documents
Compliance Education/Awareness Tools and Techniques. Author: Kathy Thomas, Associate Compliance Officer, Duke University Health System

Using Computer Assisted Audit Techniques For More Effective Compliance Auditing and Monitoring In Healthcare Organizations

HCCA COMPLIANCE INSTITUTE. HCCA - AHIA Auditing & Monitoring Focus Group Progress Report

Performing a Compliance Risk Assessment for Compliance Auditing & Monitoring in Healthcare Organizations

Roles and Responsibilities Corporate Compliance and Internal Audit

HEALTH CARE AUDITING & MONITORING TOOLS

Seven Component Framework For Compliance Auditing & Monitoring Physician Contracting In Healthcare Organizations

AHIA Auditing and Monitoring Framework Seven Key Components

Regulatory Compliance Policy No. COMP-RCC 4.46 Title:

Final. National Health Care Billing Audit Guidelines. as amended by. The American Association of Medical Audit Specialists (AAMAS)

Inpatient or Outpatient Only: Why Observation Has Lost Its Status

CORACLE MEDICAL BILLING & CODING, LLC

EMS Example Example EMS Audit Procedure

Assessing the Adequacy and Effectiveness of a Fund s Compliance Policies and Procedures. December 2005

4 Testing General and Automated Controls

U.S. Department of Justice Office of the Inspector General. Improving the Grant Management Process

PHI Air Medical, L.L.C. Compliance Plan

MDaudit Compliance made easy. MDaudit software automates and streamlines the auditing process to improve productivity and reduce compliance risk.

POLICY SUBJECT: EFFECTIVE DATE: 5/31/2013. To be reviewed at least annually by the Ethics & Compliance Committee COMPLIANCE PLAN OVERVIEW

POSITION DESCRIPTION/ COLUMBUS REGIONAL HEALTHCARE SYSTEM HEALTH INFORMATION MANAGEMENT

MEDICARE COMPLIANCE FOLLOWUP REVIEW OF BOSTON MEDICAL CENTER

John Keel, CPA State Auditor. An Audit Report on Inspections of Compounding Pharmacies at the Board of Pharmacy. August 2015 Report No.

State and District Monitoring of School Improvement Grant Contractors in California FINAL AUDIT REPORT

West Penn Allegheny Health System

Guide to EHR s Concurrent Commercial. Frequently Asked Questions: 2014 CMS IPPS FINAL RULE

B o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing

How To Be A Successful University

Master Document Audit Program. Version 1.5, dated September 2015 B-01 Planning Considerations

IT Vendor Due Diligence. Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014

Enterprise Risk Management

Blue Cross and Blue Shield of North Carolina Corporate Governance Guidelines

Compliance. TODAY June Meet Lanny A. Breuer. Assistant Attorney General, Criminal Division, U.S. Department of Justice.

THE VALUE OF A COMPLETE CODING QUALITY AUDIT PROGRAM. By Lisa Marks, RHIT, CCS, Coding Audit Director, Precyse

AUDIT REPORT Audit of Controls over GPO s Fleet Credit Card Program. September 28, 2012

United HealthCare: Certain Claim Payments for Evaluation and Management Services

Preparing for Medicare s Recovery Audit Contractor (RAC) Permanent Program: Are you ready?

MORE INCURRED-COST AUDITS OF DOT PROCUREMENT CONTRACTS SHOULD BE OBTAINED

CORPORATE COMPLIANCE PROGRAM

BAPTIST HEALTH CORPORATE COMPLIANCE PLAN

The New Role of Hospital Boards in the Face of Increased Compliance Risks NCHA Trustee Institute

3 Terms and definitions 3.5 client organization whose management system is being audited for certification purposes

William D. Tamburrino, Director, Baltimore Public Housing Program Hub, 3BPH

VCU HEALTH SYSTEM Compliance Program. Updated August 2015

Puerto Rican Family Institute, Inc.

UIC College of Medicine Compliance Plan/Program

Payments for Inmate Health Care Services. Department of Corrections and Community Supervision

August 2008 Report No

How To Audit A Health Insurance Program

Audit of Accounts Receivable

Imperial County. Office of the Auditor-Controller. Internal Audit Standard Practice Manual

How To Manage Risk At Atb Financial

Documentation, coding, charging, and billing for medications Identifying risks and internal audit focus areas

CORPORATE GOVERNANCE GUIDELINES OF PERFORMANCE FOOD GROUP COMPANY

2010 Medicare Part B Consultation Coding Changes 1/26/2010 & 1/27/2010

WEATHERFORD INTERNATIONAL plc AUDIT COMMITTEE CHARTER Approved: September 25, 2015

UMDNJ COMPLIANCE PLAN

A Patient s Guide to Observation Care

CHAPTER 1 COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT)

Board of Directors and Management Oversight

Evaluation of Medical Care Cost Recovery Program VA Medical Center Brockton/West Roxbury, MA

MEDICAL AUDITS: TOP TEN TIPS FOR PHYSICIANS TO ANTICIPATE, RESPOND AND PROTECT THEIR PRACTICES

Charge Capturing. Presented By: Edvernor Burney Chart Audit Manager Encino-Tarzana Regional Medical Center

REIMBURSEMENT CODING SERIES

MEDICARE INAPPROPRIATELY PAID HOSPITALS INPATIENT CLAIMS SUBJECT TO THE POSTACUTE CARE TRANSFER POLICY

The RN-Coder Network 1142 S. Diamond Bar Blvd. Suite 796 Diamond Bar, CA

SUSTAINING REVENUE INTEGRITY WITH EMR IMPLEMENTATION

Internal Audit Department NeighborWorks America. Audit Review of the Business Continuity Plan (BCP) Management and Documentation

A CPA recounts exponential growth in Compliance. Mary Ellen McLaughlin

U.S. SMALL BUSINESS ADMINISTRATION OFFICE OF INSPECTOR GENERAL WASHINGTON, D.C

INTERNAL CONTROL POLICIES

MINNESOTA MUTUAL COMPANIES, INC. Guidelines of the Audit Committee of the Board of Directors

Audit of the Test of Design of Entity-Level Controls

Physician Extenders: Know the Compliance Risks Surrounding Midlevel Practitioners. January 24, 2014

UNITED STATES DEPARTMENT OF EDUCATION OFFICE OF INSPECTOR GENERAL. July 13, 2015

Informational Notice

Using Six Sigma Concepts to Improve Revenue Cycle

AUDIT REPORT THE ADMINISTRATION OF CONTRACTS AND AGREEMENTS FOR LINGUISTIC SERVICES BY THE DRUG ENFORCEMENT ADMINISTRATION AUGUST

Riverside Physician Network Utilization Management

June 13, Report Number: A

Transcription:

Emphasizing a Documented Comprehensive Approach to Compliance Auditing Author: Debi Weatherford, Vice President Compliance & Audit Services, Revenue Cycle Solutions, Marietta, GA Introduction A focus group of Health Care Compliance Association (HCCA) and Association of Healthcare Internal Auditors (AHIA) members has been meeting the past nine months to explore opportunities to better define and explain auditing and monitoring, clarify the roles of compliance and internal audit functions as they address issues within their healthcare organizations, and develop guidance and reference materials on key aspects of health care auditing and monitoring processes. The Seven Component Framework developed by the HCCA/AHIA focus group for compliance auditing and monitoring is comprised of the following activities: Perform a risk assessment and determine the level of risk Understand laws and regulations Obtain and/or establish policies for specific issues and areas Educate on the policies and procedures and communicate awareness Monitor compliance with laws, regulations, and policies Audit the highest risk areas Re-educate staff on regulations and issues identified in the audit This article focuses on emphasizing a documented comprehensive approach to compliance auditing. This is the fifth in a series of articles prepared by the HCCA/AHIA auditing and monitoring focus group. Emphasizing a Documented Comprehensive Approach to Compliance Auditing The compliance and internal audit functions serve as an integral check and balance system to help the Board of Directors ensure integrity, accuracy, accountability and consistency within the hospital system that it oversees. A documented comprehensive approach to compliance auditing is an essential component of the compliance function. The following sections will address: Planning the focus of the compliance audit Conducting an opening conference Selecting the sample Writing the report Documenting the audit and follow-up activities - 1 -

Planning the Focus of the Compliance Audit Compliance audits focus on areas deemed to involve the greatest compliance risks. As you plan the focus of the compliance audit for a particular issue, the following areas of the Seven Component Framework should have already been addressed: Perform a risk assessment and determine the level of risk Understand the laws and regulations Obtain and/or establish policies for specific issues and areas In addition, a review of compliance planning resources should have been completed, as discussed in the third article published by the HCCA/AHIA focus group titled Developing a Compliance Work Plan for Compliance Auditing and Monitoring in Health Care Organizations. In your audit planning and research, identifying settled cases by the Office of Inspector General (OIG) related to the specific audit issue assists you in determining how the laws and regulations were applied. These cases are referenced by the OIG s Common Identification Number. The value of case review can be demonstrated by summarizing an example of an OIG report: Audit of Observation Service Billing by Presbyterian Hospital of Dallas, Common Identification Number A-06-01-00087. The issues identified by the OIG as illustrated in this report included: Medical records contained standing orders for observation following outpatient surgery. Physicians orders for observation level of care were not documented in the medical record. Services were ordered as inpatient services by the admitting physician, but billed as outpatient observation services. Medical records did not document complications following an outpatient procedure to warrant observation services. Specific language in the medical record, such as no complications or patient tolerated the procedure well, was used to identify an uncomplicated treatment or procedure before determining that the observation services were unallowable. Time was charged to observation prior to a scheduled procedure, which is not allowable for reimbursement as observation service. Note also that time spent in surgery and recovery cannot be simultaneously billed as observation. A detailed focus for your audit is recommended over a broad focus. By narrowing your focus, you can isolate issues, determine your exposure, develop action plans that are better tailored to address the issue and thereby facilitate change. In addition, you can more quickly educate the appropriate personnel in the area regarding the issue, your audit approach and what was discovered. Using the above example of observation, consideration should be given to separating the focus on the compliance audit of observation services into the following audits: 1. Audit observation cases that came in through the Emergency Department. 2. Audit post-surgical observation cases. - 2 -

3. Audit pre-surgical observation cases. 4. Audit observation cases that converted to inpatient during a portion of the stay. 5. Audit a statistical valid sample of observation cases to determine if other issues exist. In defining scope, consideration should also be given to the nature of audit steps performed, including but not limited to analytical reviews, interviews, shadowing, process verification and internal controls evaluation. Conducting an Opening Conference An opening conference serves as the foundation for orienting and involving a core cross-functional team that is knowledgeable and concerned with the compliance issue at hand. It is very important to choose your team members carefully. In addition to the appropriate compliance audit team members, you should include key people involved in the process and individuals who have accountability for the function and the ability to facilitate change. In your opening conference, it is recommended that the following topics be addressed: Specify the compliance issue to be audited. Clarify why it is a compliance issue. Review relevant information such as laws, regulations, settled cases, etc. Discuss your planned audit approach. Define what will constitute a testing error or exception. Designate a contact person for information validation and discussion. Determine a routine face-to-face schedule with the contact person to discuss concerns, questions and validate findings. Define the communication channel for escalation of any major issues. Discuss the timeframe for conducting the audit. Determine constraints such as planned time-off, busy times, schedule conflicts. Validate that you have current policies, procedures, flow charts, guidelines, protocols, etc. related to the issue. Emphasize that a detailed corrective action plan will be required to address any problems identified. Determine if an exit conference will be held at conclusion of the audit. Communicate who will be receiving copies of the final report. The goal of this important communication process is to not only conduct a compliance audit but also improve the knowledge of the process owner(s) and responsible management regarding the issue, its risks and mitigating strategies. The opening conference should be documented and a meeting summary distributed to all attendees highlighting important information learned, pending information to be received, and agreed upon communication channels. - 3 -

Selecting the Sample Sampling for compliance audits will vary depending upon the intent of the audit. If the primary objective of the audit is to determine, in a non-statistical manner, whether a possible compliance concern exists, a sample of 20 to 30 claims may be appropriate for a preliminary assessment. If the intent of the audit is to determine the error rate and define overall exposure, a statically valid sample methodology should be employed. The types of data/records and time period to be tested are determined based on the purpose of the audit projects and other key factors determined by the Chief Compliance Officer (CCO) and the Chief Audit Executive (CAE). Data/records may be concurrent (before a claim is submitted for payment) or retrospective (after a claim has been submitted for payment), and may be selected randomly, judgmentally, or statistically. The significance of a valid statistical sample is that the results may be extrapolated over the entire population of transactions. Because of this, it is important that the CCO, CAE, legal counsel, process owner, and auditor agree on the process upfront. When statistical samples are required, sampling software such as the OIG s RAT-STATS statistical software should be utilized. Legal counsel is important in decisions resulting in statistically valid results since such results may impact government reporting requirements and related disclosure issues. Writing the Report The report should provide a high-level picture of your compliance audit. The sections of your report can be customized for your organization or for the type of issue. Consideration should be given to including the following report categories: Introduction What precipitated the audit Objective Approach Findings and Key Observations Recommendations Management Response (Detailed action plan may be attached) Internal Controls and Ongoing Monitoring Techniques Follow-up Measures Each compliance audit should contain written documentation to support the audit. Documenting the Audit and Follow-up Activities In compliance auditing, it is important that detailed documentation exist to support the audit process, report and follow-up activities. The comprehensiveness of this documentation is critical to protect the organization and provide evidence of the audit. The documentation should be organized in a manner and contain sufficient information to allow a third-party reviewer to reach the same conclusions. Examples of documentation to support the audit and follow-up activities are: Planning documents and audit programs Research material related to the issue Questionnaires, flowcharts, checklists, narratives and meeting summaries - 4 -

Notes and memoranda from interviews Organizational data, such as organizational charts and job descriptions Information about operating and financial policies Analysis and tests of transactions, processes and account balances Sampling methodology Audit results communication Management response and action plan Results of post-engagement reviews Active monitoring of conditions until corrected In conclusion, following the above steps will enable a compliance audit with an appropriate level of planning, documentation, and communication, to achieve desired objectives as well as facilitate a constructive review process in partnership with the process owner(s) and responsible management. About the HCCA/AHIA Auditing and Monitoring Focus Group The HCCA/AHIA auditing and monitoring focus group will be developing a series of additional articles regarding the seven components to expand on the roles of compliance and internal audit functions, provide detailed how to steps, and discuss the essential coordination links between compliance, internal audit, legal, and management that are necessary for each component. Members of the HCCA/AHIA focus group are: Randall K. Brown, Baylor Health Care System, Dallas, TX, RandalBr@BaylorHealth.edu Al W. Josephs, Hillcrest Health System, Waco, TX, al.josephs@hillcrest.net Glen C. Mueller, Scripps Health, San Diego, CA, Mueller.glen@scrippshealth.org Kathy Thomas, Duke University Health System, Durham, NC, Thoma135@mc.duke.edu Debi J. Weatherford, Revenue Cycle Solutions, Marietta, GA, debi.weatherford@revenuecycle.net The next priority for the focus group will be to publish articles and guidance materials on (1) compliance related policies that should be in place and (2) compliance education/awareness tools and techniques. - 5 -

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information