The healthcare industry is in a state of near constant change in regard to regulations, payor requirements, and patient expectations. Mistakes carry reputational risks as well as the risk of substantial fines and even criminal prosecution in the most extreme cases. Compliance issues can be especially problematic if you are looking for investors or considering selling your firm, and are an integral part of any due diligence process. Frankly, taking any shortcuts, for example, to boost near-term revenue, or having a history of audits, complaints or negative press (whether legitimate or not) is unacceptable to any investor or buyer. It’s just not worth it.
Ensuring that regulatory and legal billing practices are consistently followed is paramount. This means removing policies that are hard-coded into your systems and may no longer be compliant, as well as identifying and eliminating any errors in mandatory reporting. It is also imperative for you, and your systems, to be continually updated on the most current rules. And don’t forget reviewing your requisitions and customer relationships to make sure they are in line with the most up to date policies.
Commitment to Compliance
It all starts with a commitment to compliance. This means developing and maintaining a compliance program that is designed to meet or exceed all legal requirements and demonstrate the highest level of ethics and compliance. A commitment to compliance touches the entire workforce in all activities, and it led from the very top of an organization in both words and actions.
It is a best practice to maintain a compliance program based on an annual assessment of the relevant compliance risks to your laboratory based on its business activities and environment. For example, at XIFIN, given our role as a leading provider of revenue cycle management software and services, and information and collaboration systems, our compliance program prioritizes fraud, waste, and abuse, as well as data privacy and security compliance, while recognizing our other compliance obligations throughout our organization.
Having the right technology solutions to support compliance is undoubtedly important. Equally important is the compliance program that supports your entire organization.
As an example, at XIFIN, our compliance program is based on an annual assessment of the relevant compliance risks to our company based on its business activities and environment. Our compliance program begins with the seven factors required for an effective compliance and ethics program as described by the OIG and the Federal Sentencing Guidelines:
1. Standards and Procedures:
We have developed our Standards of Conduct to guide the performance of our workforce and establish our expectations for the highest level of ethical and lawful conduct. We maintain written policies and procedures appropriate for our business and the compliance risks we have identified.
We have established a Compliance Committee that oversees our compliance activities and that guides the activities of our Compliance Officer and their team. Our Compliance Committee’s charter includes a review of our business annually to identify the material enterprise compliance risks in our business, and the responsibility to maintain appropriate compliance program features regarding such risks.
3. Due Diligence:
We have implemented procedures to review the backgrounds of our workforce before we hire them, and while they are part of our workforce.
4. Communication, Training, and Education:
We identify our training and education needs through a matrix approach that considers our workforce roles and responsibilities and the compliance issues relating to their specific positions. We communicate to our workforce the importance of compliance and our Standards of Conduct, and our policies and procedures as they evolve.
5. Auditing and Monitoring:
We audit and monitor our activities considering the compliance risks we have identified. We maintain a hotline provided by a third-party service for reporting of compliance concerns, and reports can be submitted anonymously.
6. Enforcing Standards:
We are sensitive to our ‘tone at the top,’ and our executives consistently message the importance of compliance throughout our organization. Compliance is considered in performance evaluations, and appropriate disciplinary measures are taken for violations of our compliance program, and our policies and procedures.
7. Responding to Issues:
After any compliance issue has been raised, we conduct a thorough investigation and address the issue to respond appropriately to the issue and to prevent similar further issues from arising.
The burden is on you to prove your innocence if questioned by a payor or a government agency. Rather than getting caught up in a case that could literally take years to resolve and drain your lab’s vital resources, earn and maintain a proven track record on compliance.
Need more information on compliance and privacy regulations? Check out this recent blog that explains what regulations your business is required to comply with depending on your location.