Compliance continues to be an area of extreme focus for the healthcare industry, including the care continuum. Where healthcare compliance professionals spend their time is changing as accrediting bodies and regulators find new areas that merit investigation. Healthcare’s low operating margins and tenuous financial health make it easy to say that compliance leaders need to split their attention between traditional activities and the where the future is headed.
In our efforts to identify new compliance directions, content experts from HCCS, A HealthStream Company, recently attended the Health Care Compliance Association’s 2018 Enforcement Conference. We’ve already blogged here about the first round of things they learned. Here is an excerpt from Round 2:
Session Title: Handling a Criminal Health Care Fraud Case
This session was important for compliance professionals, not only because of the DOJ focus areas discussed, but because of the emphasis placed upon how they can prevent healthcare fraud cases. Why is this important? In 2017, the DOJ opened 967 new healthcare fraud investigations—439 of them were cases filed involving 720 defendants, of which 639 were convicted. The focus on healthcare fraud has never been keener. The DOJ continues its work with the opioid crisis, prescription drug fraud, and home health, as well as taking down corrupt medical professionals.
The first line of defense in preventing a criminal case is the compliance program. The use of standard compliance best practices, which includes the seven elements of an effective compliance program, is a good start. The speakers recommended an annual program evaluation using the DOJ’s guidance, “The Evaluation of Corporate Compliance Programs.” There should be:
- Sufficient analysis and remediation of underlying misconduct
- Consideration of the role of senior and middle management
- Autonomy and resources for the compliance function
- Policies and procedures that are easily accessible and operationally integrated
Compliance Training and Communication
The guidance includes a section on compliance training and communication, which provides probing questions to assist in the evaluation of the program. In part, they are:
- Risk-based training—What training have employees in control functions received? Has there been training provided for high-risk and control employees in the area where misconduct occurred?
- Form/Content/Effectiveness of training—Has training been offered in the form and language appropriate for the intended audience?
- Communications about misconduct—What communications have there been, generally, when an employee is terminated for failure to comply with the organization’s policies, procedures and controls?
- Availability of guidance—How has the organization assessed whether its employees know when to seek advice and whether they are willing to do so?
Compliance officers must also understand that they, too, may have exposure to liability should there be misconduct in their organization. Taking a proactive stance to detect and prevent it can lessen potential damages. In addition to criminal health care fraud, state privacy enforcement actions were an important topic of discussion.
Download the article that summarizes learning from this HCCA Conference.