Q&A: Applying compliance program elements

Q: What elements does the Office of Inspector General (OIG) expect to see in a hospital's compliance program and how can we meet them?

A: According to the OIG, comprehensive compliance programs should include the following seven elements:

1. Standards and procedures. Organizations should develop and distribute written standards of conduct as well as written policies and procedures that promote the entity’s commitment to compliance (e.g., by including adherence to compliance as an element in evaluating managers and employees) and that address specific areas of potential fraud, such as claims development
2. and submission processes, code gaming, and financial relationships with physicians and other healthcare professionals.
3. Designation of a compliance officer. Organizations should choose a person in a high-level position who has direct access to senior management and the board to serve as chief compliance officer. This person will receive support from a compliance committee. The compliance officer should be charged with the responsibility of operating and monitoring the compliance program and should report directly to the CEO and the governing body. The compliance officer must feel comfortable making potentially unpopular decisions and recommendations.
4. Appropriate training and education. Organizations should develop regular, effective education and training programs for all affected employees so that they are fully capable of executing their role in compliance with rules, regulations, and other standards. The education should include the elements of the provider’s compliance program and job-specific compliance requirements.
5. Open lines of communication. Organizations should set up an anonymous reporting mechanism (e.g., a hotline) to help receive complaints and respond to compliance problems. Organizations
6. also should adopt procedures to protect the anonymity of complainants and to protect whistleblowers from retaliation.
7. Response to detected problems. Organizations should develop a system to respond to allegations of improper/illegal activities and enforce appropriate disciplinary action against employees who
8. have violated internal compliance policies, applicable statutes, regulations, or federal healthcare program requirements.
9. Internal auditing and monitoring. Organizations should develop detailed annual audit plans to minimize the exposures associated with improper claims and billing practices. The use of audits or other evaluation techniques should help reduce identified problem areas.
10. Enforcement of disciplinary standards. Organizations should promote and enforce their compliance program consistently and through appropriate incentives. Those who engage in
11. misconduct or who fail to take reasonable steps to prevent, detect, or report misconduct should be subject to discipline.

For more information, see The Compliance Officer’s Handbook, Fourth Edition.