What you can do to demonstrate compliance effectiveness
Three perspectives on how to build a system of measurement into a compliance program
One of the major uncertainties facing compliance officers is that it is unclear who is going to measure their effectiveness and by what criteria, says David Orbuch, compliance officer at Allina Health Systems in Minneapolis. "Even if we understand some of the criteria that certain stakeholders will judge us by, we are not sure what the metrics will be," he asserts.
In 1993, following state and federal investigations into its transportation billing practices, Allina initiated a compliance program, Orbuch told a Health Care Compliance Association audioconference Aug. 29. Its efforts were centralized in 1999, when every Allina facility became responsible not only for the financial aspect of that business unit but also for compliance accountability.
"The laws are not perfect, and people are not perfect, and with 22,000 employees, you are going to have some imperfections," says Orbuch. "We needed to define effectiveness outside the concept of perfection," he explains.
To help accomplish that, over the past year Allina developed a compliance scorecard with input from operations to use as a tool to determine whether its business units have effective compliance programs. Then the scorecard was distributed to the top executives of the system and the board.
Orbuch reports that Allina developed a simple tool that used a color system of red, yellow, and green. "We wanted [something] that business leaders throughout the organization could look at and understand specifically what criteria they need to meet to get a green light’ on compliance."
Developing a framework for that evaluation was no easy task, however. That’s because each stakeholder, such as law enforcement, regulating authorities, provider management, rating agencies, and banks, look at a compliance program for a different reason.
"I could not guarantee the board that the criteria we were going to select would be the same criteria or the same ingredients the government would look at," says Orbuch. "The purpose for doing this evaluation was to evaluate the utility of a compliance program as a risk management tool and basically determine whether money was well spent on compliance."
Catholic Health East (CHE), based in Newtown Square, PA, took a slightly different approach, according to Michael Hemsley, the system’s vice president of corporate compliance and legal services. CHE adopted a corporate compliance program in 1998 that was disseminated to each of its regional health corporations (RHCs). Within that framework, each RHC had the flexibility to develop and implement its own compliance plan. CHE then hired Deloitte & Touche to assess RHC efforts against the Office of Inspector General’s (OIG’s) model compliance guidance and other relevant measures.
According to Hemsley, the primary purpose of the project was to help CHE demonstrate continued due diligence, including verification that each RHC was performing significant compliance program activities and documentation of RHC program development and operationalization throughout the system. It also was designed to identify best practices, develop compliance benchmarking, and facilitate the measurement of process improvement.
"It is not rocket science by any means," says Hemsley. He points out that one approach to measuring effectiveness focuses on measuring effort and is mainly process-related, while an emerging view looks at outcomes and relationships. But many organizations do not yet capture even basic information, he adds.
Based on this "effort project," Hemsley says CHE learned that inadequate emphasis had been placed on compliance as an operational responsibility of managers beyond senior management and the compliance department.
The second lesson concerned the misapplication of resources, both in terms of hard dollars and manpower devoted to compliance program development. Hemsley maintains that, aside from the policies and procedures derived from the compliance program itself, few resources are invested in the real heart of compliance, which he says is monitoring and auditing. In short, while organizations are able to identify problems and take remedial action, proactive activity was lacking.
"If we were to do it over again in terms of making our programs more effective earlier, it would be focused on those two areas," says Hemsley.
Going forward, he says CHE plans to focus on monitoring and auditing. Beginning with the essential processes the government wants to see, Hemsley says CHE now is positioned to develop a realistic baseline and standards such as an acceptable error rate and percentage of repayments.
Donald Koenig, compliance officer with Catholic Healthcare Partners (CHP) in Cincinnati, says the major difference his system has with CHE is that it was a target of the government’s Operation Bad Bundle, which meant that its development process was dictated largely by settlement agreements and corporate integrity agreements (CIAs).
In 1998, CHP decided to use three simultaneous parallel tracks that included a systemwide education and orientation program to educate its 40,000-plus employees and ensure effective oversight of its CIAs.
Last year, CHP began internal discussions about how to measure the effectiveness of these efforts.
The plan that was developed included indicators to the Federal Sentencing Guidelines and OIG criteria, criteria related to the system’s CIAs, and measures that already were being collected by the system for other purposes.
After developing 20 possible standards, the system settled on 10 that are measured by regional corporate responsibility officers (CROs) and their committees and reported at the system level semiannually.
The following 10 measures then are weighed against the system benchmark that was established after reviewing industry standards, peer performance, guidance from fiscal intermediaries, and peer review organizations:
- Outpatient coding accuracy;
- Lab disease panel billing accuracy;
- Percent of bills denied;
- Percent of credit balances repaid in 30 days;
- Percent of name checks completed;
- Percent of associates trained in corporate responsibility program (CRP);
- Percent of associates identifying CRP resources;
- Percent of department associates;
- Percent of repayments within 30 days of quantification;
- Percent of integrity agreement due dates met.
Koenig reports that a much more detailed breakout is completed for each region for regional committees to review and comment on.
He adds that the system-level board also looks at average scores tracked and trended over time to determine trends and help focus resources and attention.