Outsourcing Compliance – What to Expect

What to Expect When Outsourcing your Corporate Compliance Program to The Fox Group

The Fox Group provides ongoing support for our client’s Corporate Compliance Program and, if requested, support for the organization’s Privacy program as well. Here is a sample of what you can expect from us.

Initial Focus:

• Review documentation of the current Compliance Program and Compliance Activities;
• Formulate a plan to revitalize the Compliance Program and Compliance Activities, in accordance with the Office of Inspector General’s (OIG) “Seven Elements of an Effective Compliance Program.”
  1. Written Policies and Procedures;
  2. Compliance Leadership and Oversight;
  3. Training and Education;
  4. Effective Lines of Communication;
  5. Enforcing Standards: Consequences and Incentives;
  6. Risk Assessment, Auditing, and Monitoring; and
  7. Responding to Detected Offenses and Developing Corrective Action Initiatives.
• Review documentation of the current Privacy Program and Privacy Activities;
• Revise the Privacy Program in accordance with the HIPAA Privacy Rule and any other applicable regulatory requirements.

Ongoing Maintenance and Sustainability:

• Assume overall responsibility for the Compliance Program.
• Prepare and administer the annual Compliance Workplan.
• Assume responsibility as the Compliance Officer and/or assess the need for recruiting a Compliance Officer;
• Chair the Compliance Committee meetings;
• Prepare and present to the Board of Directors or Executive Management written reports on compliance activities;
• Recommend changes and updates to compliance and other policies and procedures as required, ensuring that the Client is up to date and has knowledge of regulatory changes involving compliance risks and issues;
• Prepare and deliver compliance-related education to stakeholders such as senior management, medical staff members and the Board of Directors.
• Oversee compliance investigations;
• Collaborate with the on-site Compliance Coordinator whose duties would include:
  1. Draft Compliance Committee agendas, minutes, and governing body reports;
  2. Monitor the Compliance Hotline and maintain the Compliance issues log;
  3. Assist as directed with compliance investigations;
  4. Be available for urgent Compliance issues or requests for support;
  5. Make documents and files available to Consultant as requested;
• Assume responsibility as the Privacy Officer and/or assess the need for recruiting a Privacy Officer;
• Recommend changes and updates to privacy policies and procedures, and staff training;
• Oversee and investigate Privacy complaints and/or breaches; maintain privacy investigation logs and file;
• Coordinate response to documented Privacy breaches;
• Respond to and review requests for information, from outside counsel, if applicable and as directed by the client.
• HIPAA Risk Analysis: The Fox Group will also conduct a HIPAA Risk Analysis to identify gaps in compliance with HIPAA Privacy and Security Rule requirements and recommend steps to improve compliance.

Given the diversity of the health care industry, there is no single ‘‘best’’ health care compliance program. The OIG recognizes the complexities of the health care industry and the differences among various health care entities. Some entities are small and may have limited resources to devote to compliance measures; others are affiliated with well-established, large, multi-facility organizations with a widely dispersed workforce and significant resources to devote to compliance. Accordingly, the compliance program guidance issued in 1998 is not intended to be one-size-fits-all guidance.

Next Steps

The Fox Group is well versed in addressing the details needed to help your organization comply with current OIG regulations. Our team of experts has many years of hands-on experience and can develop the use of internal controls to monitor adherence to applicable statutes, regulations, and program requirements that will benefit you and your organization for years to come!

We take on the burden of worrying about your corporate compliance program, so you don’t have to!

Learn more about outsourcing compliance: 

• Case Study:  Corporate Compliance Program at a Rural Hospital
• Get Your FREE Guide to Measuring Corporate Compliance
• Outsourced Chief Compliance Officer for Hospitals