The necessity for medical practices to develop and implement an effective compliance program is transitioning from voluntary to mandatory, based on the requirements in the Patient Protection and Affordable Care Act (PPACA). In 2010, the PPACA requirement specified that healthcare providers applying to enroll as a participating Medicare provider should have a compliance program in their practice and a compliance point of contact.
The term compliance has been a buzzword in the medical arena for more than a decade, but now, more than ever, it’s becoming a set guideline. There is a growing demand to control fraud, waste and abuse, as well as the national healthcare expenditure, which topped $2.7 trillion in 2012.1 The Office of Inspector General (OIG) has indicated that a compliance plan lays the groundwork for helping physician practices avoid confusion when handling coding, billing and other legal and compliance issues for patient services.
Compliance is one of the biggest risk areas for physician practices, and it’s important to understand that this is an expanding area of the law that, if ignored, has the potential to expose your practice to more risk. The key to making a compliance plan a part of your practice culture is to make it truly effective: It must be more than a document that is reviewed once a year. The OIG’s guidance to physician practices emphasizes that a compliance plan must be an active program—not just a written set of standards and procedures that sits on a shelf. A compliance program or plan should be an integral part of your daily practice operations.
The OIG recommends seven specific components for a healthcare compliance program:
- Conduct internal monitoring and auditing;
- Develop and implement a compliance program and practice standards;
- Designate a compliance officer or contact person;
- Conduct appropriate training and education for staff;
- Respond appropriately to detected offenses, and develop corrective action;
- Develop open lines of communication; and
- Enforce disciplinary standards in the practice through well-publicized guidelines.
Conduct Internal Monitoring & Auditing
A successful compliance review begins with an ongoing evaluation process. It’s vital to have a certified coder or biller to perform internal audits and monitor the accuracy of claims prior to submitting. Having a certified coder/biller is important, because the individual will need to be familiar with all the billing and coding guidelines so if errors are found they will know how to correct and resubmit the claim. Additionally, internal monitoring and auditing should not be performed only one time, but recurring and regular audits will give the provider an ongoing opportunity to assess what is being billed and minimize any risks. Each year, the compliance officer or staff should review the OIG’s Work Plan to see where they should concentrate their efforts when performing audits.
Implement Compliance & Practice Standards
Verify that your compliance plan addresses how the practice will review and handle any risk areas. There should be a periodic review of the policies and procedures of the organization, because this will provide the opportunity to revise and update them if necessary. To develop a comprehensive and significant set of policies and procedures, the provider, along with the practice manager and other key staff, should consider potential areas that are weak or have regulatory exposure and make adjustments to the policy to respond to these areas.
The practice compliance and standards should be part of an employee’s training and orientation. They should be educated on the policies and procedures and have a signed sheet in their employee file, stating they understand the practice policies and commit to following the rules.
Designate a Compliance Officer or Contact Person
Prior to completing any audits or identifying risk areas, physician practices will need to assign a staff member as the compliance contact person or hire a compliance officer. The compliance officer or contact person is responsible for all compliance-related activities, including developing a compliance program/plan, creating a corrective action plan and enforcing adherence if needed. In medium to large practices or organizations, there is a full-time compliance officer who is responsible for overseeing the implementation, establishment and enforcement of the compliance program/plan. However, in smaller practices due to limited resources, the contact person designated to oversee the compliance plan can be the office manager or a certified coder or biller.
Conduct Appropriate Training & Education
Education and training are essential parts of a practice’s compliance program and should be tailored to the size and need of your practices. Employees are required to understand how and why it is important they comply with guidelines of the practice’s compliance plan. Training can be done through various methods, such as in-office training, compliance meetings and other training seminars.
In-office training, which should include such topics as fraud, abuse, coding and documentation, can be the most inexpensive and valuable training. The training should involve providers, nurses, medical assistants, coders, billers and front office staff. Some insurance companies have been known to ask if providers and their staff attended compliance training, so each staff member should have a record of any type of compliance training in their employee file.
Respond Appropriately to Detected Offenses & Developing Corrected Action
Violations of federal and state regulations for coding and billing can place a practice in jeopardy. Every practice should establish a policy and procedure on how to respond when a coding or billing error is detected. Your compliance plan must include clear steps on how it will work to resolve any violations that occur and take action as necessary. The compliance plan should have individual steps to address the scenarios of overcoding, undercoding, coding for services not rendered, returning overpayments, and fraud and abuse.
Develop Open Lines of Communication
Of all the components, communication is the most vital. Providers will need to have an open line of communication for all employees. Because everyone in the office plays a role in the ongoing achievement of the office compliance plan, regular meetings should be held, and goals, requirements and expectations of the office compliance program/plan should be communicated. Communication routes include e-mail messages, bulletin board postings, daily or weekly staff meetings and educational sessions.
Also, your compliance officer or contact person should have an open-door policy for all employees. They need to know they can report any compliance issues they detect. This is important: If an employee believes they cannot discuss any concerns they have in the office, then they may prematurely report an issue to the OIG, which can threaten a provider’s reputation and expose the practice to potential audits.
Enforce Disciplinary Standards through Well-publicized Guidelines
Lastly, an effective compliance program/plan includes procedures for enforcing and disciplining employees who violate the office policies. Adding provisions for enforcement and discipline in your compliance plan will add validity and credibility to the office compliance program/plan. The compliance plan should be easy to read and accessible to all staff. The compliance officer, along with the provider(s) and key staff, should review, revise and approve the compliance plan each year. Also, it may be judicious to have your employees review and sign the revised plan each year, because this will signify that they understand the policies and updates set forth in the plan.
The OIG acknowledges that patient care is, and should be, the first priority of a physician practice. The incorporation of a compliance plan is not designed to take that away. It is intended to help your practice maintain quality patient care through increased accuracy of documentation; this will minimize coding and billing errors and optimize proper payments of claims. Implementing a well-designed compliance plan can reduce the risk of an audit by the OIG, Medicare or other private payers, as well as avoid any conflicts with the self-referral and antikickback statutes.
A compliance program will send an important message to employees that although the practice recognizes that mistakes will occur, employees have an ethical duty to report any errors so they may be corrected and the practice can work to avoid other errors.
Keep in mind that no formal date has been set by the OIG to apply consequences if a practice does not have a compliance plan; however, now is the time for physicians and their staff to design a personalized plan. It is imperative to be proactive rather than reactive to stay in line with the OIG’s fundamental elements of a compliance program.
If you are seeking to revise your current compliance plan or need assistance in developing a plan for your practice, the ACR practice management department is here to help. Contact Antanya Chung at [email protected] or 404-633-3777 x818 with any questions.
