Is there anything particularly special about a Critical Access Hospital Compliance Plan? Not really; the same Office of Inspector General Guidance for Hospital Compliance Plans applies to critical access hospitals as well as other acute care hospitals.
Critical access hospitals (CAH) sometimes come to the realization they need a new or restructured compliance plan.
In this Article …
- Reasons for the Governing Body to be Concerned About Hospital Compliance
- Two Examples of Critical Access Hospitals Needing a New Compliance Plan
- Reasons to have a Compliance Plan
- The Seven Elements of a Critical Access Hospital Compliance Plan
- Should You Consider Outsourcing Your Critical Access Hospital Compliance Program?
Reasons for the Governing Body to be Concerned About Hospital Compliance
The Board of Directors of a Critical Access Hospital faces some unique circumstances. It not only has ultimate accountability for the proper management and operation of the hospital. In many critical access hospital settings, the hospital operates under laws governing special districts. This means the Board may also be accountable to local voters for its actions.
An outside consultant can be a valuable advisor to the Board when it has to grapple with the performance that has exposed the hospital to risks of penalties from outside regulators.
Boards of Directors can and should rely on management and the organized Medical Staff for expertise in managing the operations – both clinical and non-clinical. But the Board also has a Fiduciary responsibility and a duty of care to the institution. In short, a Board of Directors can shore up its accountability by insisting on an effective compliance program at the hospital.
Two Examples of Critical Access Hospitals Needing a New Compliance Plan
- A small rural critical access hospital was facing a meltdown in its compliance program. The hospital had received a report from its legal counsel about technical violations of the Stark Law. Arrangements with medical staff had not been executed timely, e.g., before the physician began receiving compensation for professional services. In some cases, the parties had not signed the contract for weeks or months after the services started and payments were being made. The Compliance Officer, who was also responsible for accreditation survey preparations, was not handling the effort necessary to assist legal counsel with analysis and response to the situation. The Hospital terminated the Compliance Officer.
- Small hospitals often have difficulty attracting or affording highly qualified compliance professionals. Even when they do, the results can be mixed. The Hospital in this case had hired a gentleman who seemed to be an experienced compliance professional. It was somewhat of a surprise when he presented a 100-page draft of a compliance program. It was an even bigger shock when the Compliance Officer told the Board the Hospital was committing billing fraud every time it submitted a claim to the Medicare program. The Hospital contacted The Fox Group about outsourcing its compliance program.
The common theme here is a failed or failing program, and a lack of expertise to develop a critical access hospital compliance program.
Reasons to have a Compliance Plan
There are several reasons to have a critical access hospital compliance plan.
- One of the chief factors is the US Sentencing Guidelines. In Chapter 8 of the Guidelines, courts are to consider “whether the organization failed to have, at the time of the instant offense, an effective compliance, and ethics program…..”
- Having a compliance program demonstrates an organizational commitment to doing the right thing. This is often an important reason for employees.
- A properly constructed and implemented compliance program gives staff members a place to go if they suspect someone may be making mistakes in business activities – or even engaging in misconduct.
- A compliance program is also a risk management strategy. Successful risk management programs help organizations avoid occurrences like injuries to patients or property. In a similar fashion, an effective compliance program can help an organization minimize business risks. These can include submitting claims to government payers or entering into compensation arrangements with physicians who are also making referrals to the institution.
- Finding and addressing mistakes and misconduct can also benefit the government. The government payers only want to pay for services that are medically necessary, properly documented, and billed in accordance with government rules.
The Seven Elements of a Critical Access Hospital Compliance Plan
- Written Policies and Procedures. These should address things like risk areas for the hospital. Include a written Code of Conduct to set the expectations for employees to always act in accordance with laws and regulations – of all kinds. Have a policy on how to conduct investigations. Consider how employees who engage in misconduct related to risk areas should be disciplined.
- Designation of a Compliance Officer and a Compliance Committee. These are sometimes two of the more challenging issues for CAHs. “The role of the compliance officer is to “ensure the firm is in compliance with its outside regulatory and legal requirements as well as internal policies and bylaws.” But finding that expertise at an affordable price is the challenge. Similarly, CAHs often do not have a deep management bench. This can complicate staffing the Compliance Committee. The offset is that often the business of the Committee can be handled in quarterly meetings.
- Conducting effective training and education. A compliance program is unlikely to be very effective if employees do not know anything about it. The OIG Guidance reminds us that training in subjects like fraud and abuse, coding, and claims submission are necessary elements of a compliance program. And training should be ongoing, with updates for new information and periodic review of existing policies.
- Developing effective lines of communication. Many hospitals use hotlines to enable employees to report issues to the Compliance Officer anonymously. Of course, the anonymity of employees reporting their own misconduct cannot be guaranteed.
- Enforcing standards through well-publicized disciplinary policies. Hospitals usually do not discipline employees for first-time mistakes. But when mistakes continue or even seem to be willful, hospitals must have disciplinary policies in place. And like most policies addressing disciplinary action, they should include the phrase “up to and including termination” as part of the potential discipline.
- Auditing and monitoring. Audits are reviews of a practice or activity by an outside entity. The Compliance Officer or Compliance Department staff may be the ones performing the audit. For instance, the Compliance Officer may conduct an audit of vendors to ensure no vendor the hospital is using has been excluded from providing services to government program patients. Outside auditors such as medical coding experts may be brought in to audit physician medical record documentation.
- Responding to detected offenses and developing corrective action initiatives. Compliance Officers must call for formal investigations if there are indications or accusations of fraud or misconduct. Fraud is different than mistakes. Fraud involves a specific intent to deceive and gain a benefit. Investigations may start with a review of paid claims that are not supported by medical record documentation. If no misconduct or fraud is detected, paid claims can be refunded to the government payer.
Remove the employees under investigation from their work activity until the investigation is completed when misconduct or fraud is detected during an investigation. Compliance Officers should also report all types of investigations to the Board of Directors, and ultimately to the appropriate governmental authority.
Should You Consider Outsourcing Your Critical Access Hospital Compliance Program?
Critical access hospitals often outsource management activities that do not represent full-time jobs at a small hospital. The role of the Compliance Officer certainly fits in that category. There is one benefit of an outsourced compliance program that does not get too much attention. The OIG Compliance Guidance recommends the Compliance Officer have direct access to the Board of Directors when necessary.
If the time has come to consider outsourcing your critical access hospital compliance program, contact The Fox Group. We have the experience and expertise to jump-start your program!