compliance and your board: equipping them for...

Compliance and Your Board: Equipping Them for Effectiveness

Melaney Scott, MBA, CIA, CHC

Today’s Topics

• Background and Update

• Board of Directors’ Responsibilities

• Questions Board Should Ask

• Effective Compliance Program

Background and Update

OIG Resources for Boards

The OIG has several resources with information on board effectiveness, including:

• Practical Guidance for Health Care Governing Boards on Compliance Oversight

• A Toolkit for Health Care Boards

• Corporate Responsibility and Health Care Quality – A Resource for Health Care Boards of Directors- https://oig.hhs.gov/compliance/compliance-guidance/compliance-resource-material.asp

https://oig.hhs.gov/compliance/compliance-guidance/compliance-resource-material.asp

Fraud Prevention System Used to Identify Fraud

2017 GAO report found:

• 22% of Medicare fraud investigations were

based on leads from FPS

• FPS speeds up investigative processes such

as identifying and triaging suspect providers

• FPS uses prepayment edits to deny claims

that violate Medicare rules or polices

HHS/DOJ Health Care Fraud Prevention and Enforcement Action Team's ("HEAT")

Measuring Effectiveness

• Develop compliance program with benchmarks and measurable goals.

• Set up a system to measure how well you are meeting those goals.

• Involve the Board in creating the program .

• Regularly update the Board regarding compliance risks, audits, and investigations.

• If one or more goals are not met, investigate why and how to improve in the future.

• Assess whether the compliance program has sufficient funding and support.

https://oig.hhs.gov/compliance/provider-compliance-training/

https://oig.hhs.gov/compliance/provider-compliance-training/

• Individual Accountability for Corporate Wrongdoing Memorandum – 2015

• DOJ released a document titled “Evaluation of Corporate Compliance Program” - 2016

Purpose:

Questions they would ask in making an individualized determination in a criminal investigation

https://www.justice.gov/criminal-fraud/page/file/937501/download

Department of Justice


Components of an Effective Compliance Program

Patient Safety

Oversight

Education

Communi-cation

StandardsMonitoring

and Auditing

Enforce Standards

Prompt Response

and Corrective

Action

Internal Controls

Goal of Compliance Program

Prevent

Detect

Correct

OIG has suggested that an “effective” compliance plan is put in place to

detect, prevent and correct violations

• Definition and standards for “effective”

• Reference to effectiveness—but not guidance

• Initiation of plan, unable to sustain = no compliance plan

• Consistent and open communication

• Establishes expectation to operate ethically and consistently with fiduciary

and legal obligations

• Focuses on behavior, attitudes, and culture

• Action oriented

• Builds on and reinforces existing compliance-related activities and

procedures

“Effective” Compliance Plan

10

Board of Directors’ Responsibilities

Expectations for Board Oversight

“A Board must act in good faith in the exercise of its oversight responsibility for its organization, including making inquiries to ensure:

(1) a corporate information and reporting system exists and

(2) the reporting system is adequate to assure the Board that appropriate information relating to compliance with applicable laws will come to its attention timely and as a matter of course.”

https://oig.hhs.gov/compliance/compliance-guidance/docs/Practical-

Guidance-for-Health-Care-Boards-on-Compliance-Oversight.pdf

https://oig.hhs.gov/compliance/compliance-guidance/docs/Practical-Guidance-for-Health-Care-Boards-on-Compliance-Oversight.pdf

Key Roles

Per Office of the Inspector General (OIG)

• Compliance oversight

• Structuring your compliance program

• Evaluating effectiveness of standards and processes

https://oig.hhs.gov/newsroom/video/2011/heat_modules.asp#hcb-guidance


OIG Guidance

OIG Guidance to Boards - Video

Compliance and Your Board Equipping them For Effectiveness MAS 09.13.18.pptx

Key Elements to Board Oversight

• Asking management the right questions.

• Asking questions regarding the performance of those who develop and execute the compliance program.

• Making compliance a responsibility for all levels of management.

Board Role

• Engage in oversight responsibilities

• Diversify areas of expertise

• Stay informed on risk areas and compliance issues

• Attend compliance training and speak to staff

• Adapt to changing health care delivery and reimbursement risks

Key Questions

• Does your compliance officer report directly to the Board?

• Does the compliance officer have sufficient authority to implement the compliance program?

• How is the compliance program structured?

• Who are the key employees responsible for its implementation and operation?

• How do you know if your compliance plan is effective?



Questions –Compliance Infrastructure

• How is the Board structured to oversee compliance issues?

• What are the inherent limitations in the compliance program?

• How does your organization encourage communication between compliance and rest of staff?

• Does the Compliance Officer have the autonomy and sufficient resources necessary to perform assessments and respond appropriately to misconduct?



Questions –Compliance Infrastructure

• How does the Board encourage compliance in daily decision-making?

• Have compliance-related responsibilities been assigned across the appropriate levels of the organizations?

• Are goals periodically adjusted?



As board members, how can they ensure the compliance plan is effective?

Compliance Accountability

Information Systems

• Assure the governing board appropriate

information regarding compliance with

applicable laws will come to attention within a

timely manner and as a matter of course

Compliance Program Size and Structure

• Each health care entity’s compliance program

must be tailored to the specific needs, size,

and complexity of the organization.


Audit, Compliance and Legal Functions• Clearly define the roles, structure, and

reporting relationships of the audit,

compliance, and legal functions within the

organization

Board Reports• Receive regular reports regarding the

organization’s risk mitigation and compliance

efforts


Auditing Process• Work with management to ensure the adequacy

of the organization’s auditing process

Compliance Culture• Exercise creativity in implementing programs to

ensure that compliance is a “way of life”

What is an effective compliance plan?

OIG Effective Compliance Questions

• What metrics are used to evaluate compliance?

• How does your organization identify gaps in quality?

• Is the organization conducting internal audits?

• Is the organization’s response to problems sufficient?

• Has your compliance officer identified hurdles to promoting compliance?

• Does the Board receive reports about compliance?



4. Policies and Procedures

a. Design and Accessibility

Designing Compliance Policies and Procedures – What has been the company’s process for designing and implementing new policies and procedures? Who has been involved in the design of policies and procedures? Have business units/divisions been consulted prior to rolling them out?

Applicable Policies and Procedures – Has the company had policies and procedures that prohibited the misconduct? How has the company assessed whether these policies and procedures have been effectively implemented? How have the functions that had ownership of these policies and procedures been held accountable for supervisory oversight?

Example



January 17, 2017

• Measuring compliance program effectiveness is recommended by several authorities

• What and how to measure by each element

• Remember – “One size truly does not fit all”

Measuring Compliance Program Effectiveness

https://oig.hhs.gov/compliance/101/files/HCCA-OIG-Resource-Guide.pdf

https://oig.hhs.gov/compliance/101/files/HCCA-OIG-Resource-Guide.pdf

• Standards, Policies, and Procedures

• Compliance Program Administration

• Screening and Evaluation of Employees, Physicians, Vendors and other Agents

• Communication, Education, and Training on Compliance Issues

• Monitoring, Auditing, and Internal Reporting Systems

• Discipline for Non‐Compliance

• Investigations and Remedial Measures

Compliance Program Elements

• Periodically undertake reassessment of its compliance program to identify changes necessary to reflect changes within the organization and its facilities.

• Data mining

Two Additional Elements

• Take one element and compare to your program

• Update policies, procedures and work flows

What does the OIG Recommend?

Topic Example of Self-Assessment Questions

Analysis and Remediation

of Underlying Misconduct

Is the company prepared to explain whether there were

prior opportunities to detect the misconduct in question? If

such opportunities were missed, why?

Senior and Middle

Management

Is the compliance expertise available on the Board? Is the

Board and executive management receiving information to

exercise oversight of risk areas?

Policies and Procedures Are company policies and procedures accessible to those

who need to follow them? Is usefulness being evaluated?

How do those with approval authority know what to look for

to detect potential misconduct?

Example of Self Assessment

What to measure How to Measure

Accessibility • Review link to employee accessible website/intranet that

includes the Code of Conduct

• Survey ‐ Can you readily access or reference policies

and procedures? (Yes/No/Don't know)

• Survey ‐ How and where do employees actually access

policies and procedures?

• Test key word search (searchable)

• Audit and interview staff to show policies

Actual Access • Audit how many actual "hits" on policies and procedures

Accessible language for

code, standards & policies

• Flesch Kincaid measuring standard – no more than 10th

grade reading level

Compliance program

awareness and

communication

• Survey employees to determine the extent to which the

code of conduct and other compliance communications

are available to employees

• Review to ensure the standards, policies, and awareness

material is updated and distributed within organization’s

guidelines

Conclusion

• Provide education to your boards on their accountability

• Help boards with providing the information to support the questions

• Review the effectiveness of the compliance program

• Give your board information to help meet their responsibilities

Questions?

Melaney Scott, [email protected]

253-284-5228

The material appearing in this presentation is for informational purposes only and

should not be construed as advice of any kind, including, without limitation, legal,

accounting, or investment advice. This information is not intended to create, and

receipt does not constitute, a legal relationship, including, but not limited to, an

accountant-client relationship. Although this information may have been prepared by

professionals, it should not be used as a substitute for professional services. If legal,

accounting, investment, or other professional advice is required, the services of a

professional should be sought.

Assurance, tax, and consulting offered through Moss Adams LLP. Investment

advisory offered through Moss Adams Wealth Advisors LLC. Investment banking

offered through Moss Adams Capital LLC.

compliance and your board: equipping them for...

Documents