Create a practice compliance protocol

Follow these steps to ensure your practice is protected.

By Nancy M. Enos, FACMPE, CPMA, CPC-I

The Affordable Care Act authorized the secretary of Human and Health Services to require that providers and suppliers adopt compliance programs as a condition of enrollment. Regulation compliance and properly handling compliance breaches through early detection and reporting minimizes your potential financial loss. Also, a compliance program ensures that your business operates efficiently, protecting the practice while creating a “culture of compliance” among employees.

The compliance program is essentially your “playbook” for following the rules. Here are six key elements that can comprise a formal, effective program.

1. DESIGNATE A COMPLIANCE OFFICER AND COMMITTEE

The compliance officer should be an employee with administrative-level responsibilities who has open lines of communication with the head of the practice. Also, this individual should possess a high level of confidential integrity.

If your practice is large enough, a compliance committee may be warranted. Members in this group typically represent the following areas: operations, human resources, clinical and billing/collections. Install the compliance officer to lead the group; a documentation manager should record minutes and retain compliance documents.

2. IMPLEMENT COMPLIANCE AND PRACTICE STANDARDS

The Office of the Inspector General (OIG) states that every compliance program should require the development and distribution of written compliance policies. These policies identify areas of risk to the organization. The compliance officer and committee must review and comment on policies prior to their final approval, and the policies must be reviewed annually. (See “Code of conduct tips,” page 60.)

3. CONDUCT INTERNAL MONITORING AND AUDITING

Ophthalmology focuses on the latest and greatest in technology. But some practices become so focused on medical advances that they fail to pay attention to changes on the billing side. Do you give your billing department enough attention? It’s common for smaller practices to employ the same bookkeeper for decades, which is fine as long as he or she keeps up with the latest advances.

Regardless of who keeps the books, use an outside auditor, who should have the credentials Certified Professional Medical Auditor (CPMA) or Certified in Healthcare Compliance (CHC). An annual compliance-documentation audit ensures correct documentation is being used and that the practice keeps pace with all regulatory changes. This outsider is more likely to detect larger problems, such as embezzlement.

4. TRAIN AND EDUCATE STAFF

Every employee needs general compliance training at least once per year — including physicians. Staff can unknowingly break rules and regulations. For example, staff may illegally write off Medicare co-pays or bill referral sources. Many mistakes could go unnoticed and put your practice at risk.

General compliance training brings everyone up to speed and covers any and all questionable areas. Also, follow up your external audit with an educational meeting. This should address the audit’s findings so your staff can use and learn from them.

With ICD-10 set to replace ICD-9 in October 2015, new coding training is vital. This transition will mean significant changes in your practice’s day-to-day coding and documentation procedures. If you’re not trained for these changes, it could mean a big stoppage in cash flow.

Physicians also need training on new coding procedures. Their documentation must reflect the new codes, which will help with a smooth transition and less interruption to workflow if everyone is on the same page.

A larger part of the overall general compliance training may cover HIPAA regulations. Considering the privacy law’s importance, a separate training session may be warranted. HIPAA is always evolving, and protecting a patient’s health information can be increasingly difficult in this mobile age. Practices typically educate new employees about confidentiality and data security but might fail to update existing employees on changes. Even refresher sessions help to remind employees about the importance of confidentiality.

5. DEVELOP PROTECTED LINES OF COMMUNICATION

Employees should feel comfortable and encouraged to discuss possible compliance breaches. Implementing a compliance hotline can facilitate this goal. A compliance hotline can be a designated internal phone line or one maintained by an outside company. For the hotline to successfully create a “culture of compliance,” provide anonymity for those reporting suspected fraud or abuse.

6. RESPOND APPROPRIATELY TO DETECTED OFFENSES

An effective program includes prompt responses to potential or actual misconduct that could violate the practice’s policies, federal or state regulations. Corrective action should follow responses and reporting (if indicated) as this demonstrates the practice’s commitment to compliance. In fact, the OIG could consider these steps mitigating factors should it initiate an investigation.

Even with less-serious compliance mistakes, swift action relays the “culture of compliance” to employees. Recording compliance errors and their disposition helps employees to learn from mistakes; these records could prove useful in the event of an audit.

A policy that clearly defines the levels of disciplinary actions imposed upon those who violate the code of conduct, policies or law must be readily available to staff. Therefore, display the policy in the lunchroom or break room, and distribute it to employees during annual general compliance training sessions. Obtain each employees signature to acknowledge receipt and understanding, and keep these documents on file.

MAKE IT YOUR OWN

Your compliance program’s goal should account for an appropriate level of risks for your practice. Your practice’s size and scope will ultimately impact your program — a larger practice should have a more robust program than a smaller practice.

Also, be aware that staff members in small practices wear many hats, so they could struggle to keep up with ever-changing rules and regulations. Larger practices might have their own legal department to help them. Internal staffs that struggle to stay current could become insulated and fail to keep up with changes, which could have detrimental effects. But operating an effective compliance program can help prevent some of these problems.

If your compliance program is lacking — or nonexistent — these steps will help to create an effective policy. OM

About the Author
	Nancy M. Enos, FACMPE, CPMA, CPC-I, is an independent consultant with the MGMA Health Care Consulting Group. In 2008, she established Nancy Enos Medical Coding, an independent consulting practice (www.enosmedicalcoding.com). Contact her at (401) 486-8222 or nancy@enosmedicalcoding.com.