A good compliance plan can offer protection

If you feel breath on the back of your neck, it could be coming from a federal agent. But don’t panic, experts say. Many of the compliance mistakes the Office of the Inspector General (OIG) sees are honest ones, says Eileen T. Boyd, JD, deputy inspector general of enforcement and compliance at the U.S. Department of Health and Human Services. When mistakes occur once or twice, it may be a legitimate error, she says. But when they happen continually, the inspector general becomes suspicious.

What has caused hospitals the greatest number of problems is a pattern of mistakes — even honest ones — that comprise what the feds consider willful neglect of Medicare regulations.

How do you avoid that? Develop a compliance plan and start evaluating your practices thoroughly, says Sue Prophet, RRA, CCS, director of classification and coding for the American Health Information Management Association in Chicago. Procedures and systems to protect your organization must be in place. A compliance plan is the best practice, Boyd says.

The OIG recently released a model compliance plan for clinical laboratories. No such plan exists yet for coding, but the laboratory plan offers some insights into elements you might want to include. (For details of the plan, see story, p. 90.)

But you also can devise your own compliance plan, says Charlotte Kohler, RN, CPA, vice president of diversified services at Helix Health in Baltimore. Boyd, Kohler, and Prophet offer these tips for developing compliance programs in any of the areas the government is investigating fraud and abuse:

1. Develop a plan you can live by.

It has to be realistic, Kohler says. If you include ridiculous expectations, the plan won’t be followed or useful. For example, if you say in your plan that you will conduct a quarterly compliance audit, make sure that every quarter you pull records, document problems, and address them.

2. Include a code of conduct.

That code should outline staff standards of behavior, Boyd says. Once developed, it should be disseminated and discussed. Don’t just put it on a shelf somewhere. The conduct code also should include what to do in difficult situations, Kohler says. For example, if there is disagreement on how to code something, it should answer such questions as, "What do you do, and who handles the problem?"

3. Designate a compliance officer.

Boyd says one person should be in charge of training, education, and dealing with problems related to the compliance program. Having a plan is useless if no one notes complaints when it’s violated.

4. Implement a training program.

Once you have someone in charge to handle education on the compliance plan, make sure staff are trained and that training is documented, Boyd adds. "If we go in and ask you if you have trained your staff on billing compliance, it isn’t enough for you to say yes," she says. "You have to prove it. Write down who you train, what you train them in, and when you train them."

Kohler agrees. "If you have a training program, make sure that all new hires [attend] it before they start," she says. "If you don’t, you can have new hires making errors that will cost you later."

5. Develop an audit program.

Conduct internal audits or reviews of assigned codes. Outside consultants can be helpful, but Boyd stresses that it’s important for each department to know its own operation well enough to catch errors.

"You can’t say, ‘Oh, the auditor didn’t tell us.’ That’s not an excuse. You have to know what’s going on on a day-to-day basis. You can do a trend analysis.

"If you know there is a certain procedure that the doctor is doing and its frequency has jumped 150%, take a look at why. Is it because people need it or because it is a money maker? If you are doing it for the latter, then someone will catch it."

6. Publicize consequences of violations.

If you have a method for staff to report concerns or violations internally, make sure it is known, Boyd says. People have to know where they can go with a concern, and they have to be sure that the concern will be dealt with seriously. Indeed, if you have a method of reporting, but nothing is done with a complaint, federal investigators may deal with you far more harshly, Boyd warns.

"If you never say anything about a complaint, that puts you in a worse place if we come in and detect it," she says. "You have to ensure that the use of discipline against those employees is made public. Make sure that consequences for illegal or unethical behavior or for violations of a standard of conduct are seen."

7. Make the plan understandable.

Boyd says many organizations create a compliance plan but write it in unintelligible terms. If you have employees with the reading skills of eighth graders, write the plan in appropriate language. Having a mission or vision statement on the wall isn’t any good if no one understands it.

8. Follow your plan.

"One scary thing is that people will develop a plan and stick it in a three-ring binder so they’ll have something to show the OIG if it comes around," Prophet says. "But the next step is to periodically audit your business and coding practices to make sure you’re following your own plan. You can really hang yourself, probably even worse than if you didn’t have a compliance plan, if you have one and aren’t following it." These audits should follow your practices from admission through bill generation, she says.