Corporate compliance Fall Learning Session September 18, 2014
Why: to ensure corporate integrity, compliance with law and regulation and prevention of fraud and waste through effective internal compliance practices.
History Started with understanding the requirement that we needed to have a corporate compliance plan about 6 years ago. We didn’t quite know what a corporate compliance plan looked like. Googled health care compliance plans and found one. Our approach has always been to make it understandable and simple. We can have a great plan but if we don’t know what it means, we won’t be effective. Needs to live and breathe even if it’s not perfect – because the perfect plan sitting on the shelf doesn’t move an organization anywhere. Compliance activities were initially reported in the finance committee. Several years’ discussion and one Board member attending Board member boot camp led us to create a separate audit/compliance committee about three years ago.
Now compliance activities are funneled through that committee although there are some things spaced between committees
Compliance Officer Compliance officer is our Operations Director who is also our QI point person and so staffs the staff Performance Improvement committee and the Board QI committee. Reports directly to the CEO
Baseline risk assessment ECRI Institute tool – go back to it annually Initial review ended up with a work plan of about 9 months – made the changes over that first year and now go back and review with the same tool
Written standards and policies Corporate compliance plan Breach notification policy Medical records policy Patient safety and risk management policy Emergency preparedness plan Quality improvement plan
Culturally and linguistically appropriate training Annual staff review in a brown bag lunch Mandatory Employee sign off Commitment to compliance resolution from the board https://oig.hhs.gov/newsroom/video/2011/heat_modules.asp Effective, clear and open lines of communication between compliance and CHC personnel Because it is the Operations Director, there is routine communication established. We do it with presence – she staffs the all provider meeting, the Process Improvement committee, attends supervisor meetings, has regular contact, does weekly email to all staff.
Procedures for investigating detected problems and development of corrective action
Publicize and enforce disciplinary standards
Challenges 1. Lack of clear guidance on what should be in a compliance plan initially. 2. Event reporting was seen at “tattle tale” - fear of reprisal for report 3. Communication is challenging – even in a small shop 4. Outside chart audits – every three years. Doesn’t happen effectively. 5. OIg exclusions list for vendors. We check staff monthly, but just last year instituted OIG exclusions list for vendors – 525 outside vendors. None were excluded and will be checking annually – expect we need to be doing that more often 6. How do Affirmative action plan and civil right compliance plans fit into the plan – it’s always a question. 7. Business Associate agreement – educational training institutions 8. Records retention clean up. We have retained information for 20 years. We are in the process of cleaning up 9. Credentialing processes – documenting how we do it internally better 10. Need clearer corrective action documentation. 11. Put in more clarity around disciplinary actions – right now we say, “subject to discipline up to and including termination”
Success factors/promising practices 1. Event reporting understanding has morphed from tattle tale to issue identification and remedy 2. Staff less apt to fear reprisals 3. Clear processes for reporting with the audit/compliance committee 4. Much more clarity around what needs to be included.
Over the years, we have modified to fit our circumstances. Our biggest addition since creation of the audit/compliance committee was the corporate compliance plan checklist.
Resources: ECRI Institute WHITEC Google
Carie – discuss specific pharmacy training Patient safety and risk management policy