7 Essential Elements of an Airtight Compliance Plan

1
7 Essential Elements of an Airtight Compliance
Plan In Louisiana, the Cajuns like to say
Laissez les bons temps roulerLet the good
times roll. But you cant let the good times
roll unless you take steps to prevent the bad
times from stopping you in your tracks. Is your
compliance plan strong and up to date for 2018
and beyond? If you plan ahead and do some work up
front to update it for your practices current
realities, you can relax and roll right into the
good times ahead. Back to Basics To assess
whether you have a quality, up-to-date plan, its
helpful to take it old school. Remember back in
2000 when the HHS Office of Inspector General
published its guidelines for physician practices?
Around this time, the watchdog agency developed
The Seven Elements of an Effective Compliance
Program, which applies not only to medical
offices but also to most health care
sectors. Seventeen years later, those elements
are still good guidelines for evaluating and
maintaining your practices compliance program.
If your practice does these seven things, you
probably have a culture of compliance. If you
dont, the seven elements can help you create
policies and procedures that reduce your
risk. 1 Have you implemented written policies
and procedures? Your practice should have a
written compliance plan that you review annually
and revise if necessary. Dont let them sit in a
dusty binder or on a seldom-visited corner of
your server, experts warn. Give them a hard look
to make sure they address the realities of your
practice today. Your eye care practices
compliance plan doesnt need to be fancy. It just
needs to be simply written and specific to your
practices particular risk areas.Tricia Packer,
CPC, OCS, COPC For example, if you have a
doctor in your practice whos not so great at
documenting, thats a particular risk area, says
Tricia Packer, CPC, OCS, COPC, client account
manager for Eye Care Leaders Revenue Cycle
group. says. Put that in your plan as a risk area
and document any efforts to review audit charts
and train. Its crucial that you record progress.
Keep records of steps youve taken to execute
your written plan as addenda to the plan itself.
2
Say what youre going to do, say what you mean,
and document what you do to execute the plan,
Packer stresses. Dont put stuff in there that
youre not going to do. Empty promises in your
compliance plan could increase your risk because,
in the event of an audit or investigation, a lack
of follow-through could signal that your practice
doesnt take compliance seriously. If your
compliance plan is so old and irrelevant that it
needs a complete overhaul, you should resist the
temptation to buy an off-the-shelf, cookie
cutter plan, Packer warns. To be meaningful and
effective, the plan must be custom-tailored to
your practice. 2. Have you designated a
compliance officer and compliance committee? In
many cases, a physician is named as the formal
compliance officer, and designates an employee
(or employees) to perform the day-to-day
compliance responsibilities. Make sure that
doctors, board members and the practice
administrator sign off on the plan, Packer
advises. 3. Have you conducted effective
training and education? In my experience, most
eye care practices are wonderful at training
employees when they first start, Packer says.
Where practices typically fall short is ongoing
training. While she doesnt recommend that you
outsource writing the plan itself, she does
recommend that you outsource training. The
regulations change too often for practices to
keep up with them, and the trainers who work for
many compliance training companies are pros at
keeping employees engaged, she says. Some
trainers even incorporate comedy or magic into
their lessons. Three compliance areas where many
practices are falling short these days are HIPAA
privacy, cybersecurity, and OSHA. Even if you
plan formal training for all employees, dont
miss opportunities for everyday teachable
moments. Ive gone into practices and seen
material from patient charts in the trash can,
she notes. Thats an opportunity to pull the
employee aside for a little one-on-one
conversation about HIPAA. Another idea for
informal training? Packer knows of practices that
do OSHA bingo or OSHA Jeopardy to give
compliance training a fresh, competitive edge.
They do 30 minutes of a compliance-themed game
and then have
some time for eating and socializing afterwards.
3
Make sure you document all training efforts,
whether youve conducted training one-on-one or
in groups. Dont forget to note outside
conferences, webinars, publications, and other
continuing education activities that you make
available to individual staff. Many practices
keep an appendix alongside their compliance plan
that documents training and education
activities. 4. Have you developed effective
lines of communication? Everyone in the practice
should know they can voice their compliance
concerns without fear of retribution. Ideally,
they should be able to report these concerns
directly to their supervisor and get feedback on
the problems resolution. However, the world is
not perfect and neither is your practice.
Sometimes bad supervisors threaten employees in
order to mask their own poor performance. To
prevent this kind of problem from causing larger
compliance problems at your practice, you need to
make sure that all employees know they can report
their concerns to your practices compliance
committee if their supervisor does not appear to
be responding to their concerns or seems to be
threatening them with retaliation. If a
compliance problem is reported, make sure you
follow up and document what steps you took to
correct the problem and prevent it from happening
again. 5. Do you conduct internal monitoring
and auditing? Make sure that the audit routine
you describe in your compliance plan matches what
you actually do. For example, if you say in your
plan youll review 30 charts per physician and
you never get to more than ten, amend your plan.
Small snapshot audits are more manageable,
especially when you factor in the necessity to do
provider education and monitoring to resolve any
problems that the audit uncovers. Before you dig
into an audit, its imperative that you
rigorously define the scope, Rhonda Buckholtz
reminded attendees at a recent auditing webinar
sponsored by Eye Care Leaders. If you ask a lot
of questions up front and articulate how youre
going to handle what you learn, you make your
auditing job easier, said webinar co-presenter
Jaci Johnson, CPC, CPMA, CPC-H, CPC-I, CEO of
Practice Integrity. Doing this work on the front
end means you have less work on the back end
writing up the report and
training providers to correct any problems youve
found.
4
Even if you do internal audits, you should have
an external auditor come in every three years to
audit coding and billing at your practice,
attorney Alan Reider of Arnold Porter Kaye
Scholer told attendees at the 2017 Millennial Eye
Live conference in Nashville. 6. Do you enforce
standards through well-publicized disciplinary
guidelines? If there arent clear consequences
for staff behaviors that thwart compliance, your
risk is higher. Therefore, the OIG advises that
practices clearly articulate the consequences of
non-compliant behavior to all providers and staff
during orientations, in written employee
manuals, and in staff trainings. You should keep
a copy of your disciplinary policies in your
compliance plan. 7. Do you respond promptly to
detected problems and undertake corrective
action? Its become a cliché among compliance
professionals but its a cliché rooted in
truth You cant run a good compliance program if
you stick your head in the sand like an ostrich.
Investigating a potential problem may be the very
last thing you want to do in your busy eye care
practice, but you must do it anyway to protect
your practice. As with all other activities
related to compliance, dont forget to document
the steps you took to resolve the problem.