Grading Your Facility Compliance Plan
BY LAWRENCE A. FOGEL AND JOSEPH M. WATT Grading your facility compliance plan Your corporate compliance plan takes time and effort. Is it worthwhile? Is it really protective? Here’s a checkup list |
Just as an annual checkup enables an individual to receive an evaluation of his/her physical condition, a compliance program assessment (CPA), preferably by an independent consultant, enables healthcare organizations to evaluate the effectiveness of their compliance programs. In these days of regulatory and legal exposure, this is no small matter. In an article published last year (“Symptoms of an Ailing Compliance Plan,” November 2003), we discussed how to structure a workable plan. In this article we offer a checklist that, when administered periodically, will show how effective the plan continues to be. The CPA consists of three major phases:
Phase 2: Private interviews with key persons within the healthcare organization Phase 3: Review of pertinent documentation supporting the compliance program After each phase, the organization will be given a report card. This requires that a grading system be agreed upon by the organization and consultant-for example, setting the maximum number of points attainable for each phase of the program and the percentage of those points actually achieved, with a grading scale of 95 to 100% being excellent; 90 to 94%, good; 80 to 89%, above average; 70 to 79%, average; and below 70%, needs improvement. Compliance Committee Retreat |
Other areas can be added as necessary. The scores are tabulated for each area and a composite score is calculated. The retreat also offers an opportunity to perform a risk assessment, if the compliance committee hasn’t recently conducted one. Once again, using a scale of 1 to 10, the committee members have the opportunity to evaluate the degree of risk the facility has in areas such as:
Once again, other areas can be added to the risk assessment. The purposes of the assessment are to enable the committee members to evaluate the specific risks that they perceive might affect their organization, to develop a work plan to audit these areas of risk, and to take corrective action. Finally, a brainstorming session can be conducted, as a constructive way to identify opportunities for improvement. Committee members are asked to nominate areas needing improvement and offer remedies. This so-called SWOT analysis (Strengths, Weaknesses, Opportunities, and Threats) can be a good team-building exercise. Private Interviews
In addition to the compliance committee members, key persons in the organization are also interviewed, including executives, managers, physicians, and board members. Although the questions would be by and large similar to those asked of the compliance committee members, some would be different, such as:
At the end of each of these interviews, each positive response receives one point and each negative response receives no points. The score is calculated by dividing the total points earned by the total maximum points. For example, 297 positives of a possible 300 would be a score of 99%, or excellent. Final Grade Card 1. General. The consultants review compliance committee minutes, job descriptions, organizational charts, the compliance plan, and other relevant documentation. One point is awarded for each positive response the organization has earned. For example, if the committee met as required by the compliance plan, the organization receives one point. If minutes were maintained for each meeting, the organization also receives one point. If the compliance officer and committee members were evaluated, the organization receives one point. If the compliance plan was reviewed and revised as necessary, the organization receives one point. This process is followed for each item to be graded. In our report card process, a score is calculated on a maximum of 15 points. Twelve positives on this scale would compute as a score of 80%, or above average. Similar scoring is done for the remaining major elements. 2. Auditing and monitoring. The organization is evaluated for its process of monitoring and auditing the risk areas identified in its work plan. Again, the organization receives one point for each positive response it has earned. The consultant determines if a risk assessment was prepared, if a work plan was prepared, and if the work plan was followed. The consultant also determines if the Department of Health and Human Services’ Office of Inspector General’s (OIG) guidance, along with other regulatory guidance, was considered in the development of the work plan. (The OIG guidance is available at www.oig.hhs.gov). Internal and external audits are reviewed, along with supporting documentation and accompanying audit reports. The documentation includes both the workpapers and a narrative report that describes the scope of the audit, findings, corrective actions, etc. 3. Complaint report process. The hotline and other mechanisms available to report complaints are reviewed. The documentation supporting hotline call utilization and the process used to publicize the hotline and other reporting mechanisms also are reviewed. Complaints received are reviewed to determine if they were processed in a timely manner and according to the compliance plan, and whether the complaints were resolved. If exit interviews were conducted, the pertinent documentation is reviewed to determine if it shows the reason for the employee’s departure, if any compliance problems existed in connection with it, etc. 4. Policies and procedures. It is a fairly common weakness for organizations to not have all policies and procedures in writing. Sometimes the written policies and procedures are not current or difficult for employees to understand. Employees might contend that they didn’t understand their job responsibilities or the policies of their department. They might contend that they operated as they did because they thought they were told to do so by their supervisor or they had misinterpreted the policies. Some organizational policies are inconsistent. For example, a policy on gifts and gratuities in the compliance plan might not be consistent with the policy presented in the employee handbook. After the consultant reviews the policies and procedures in terms of relevance, clarity, and consistency, a score is calculated. 5. Education and training. Some organizations conduct inadequate training, others do not fully document the training received, and others do not coordinate or monitor the training of their employees. Because every organization approaches its training and education programs differently, it is necessary to first determine how the organization trains its employees and who the responsible persons are for conducting, coordinating, and documenting the training. Usually, training includes both competency and compliance instruction. It is important to determine if there are different persons responsible for each of these training aspects. Typically, new employees are oriented on the compliance program when they are hired and existing employees are trained at least annually on the compliance plan. Beyond that, though, the compliance training could either be the responsibility of the education department, the human resources department, or both. In any event, it is important to focus on orienting new employees to the compliance program and providing documentation showing that this was conducted properly. It is important to review the written acknowledgements employees have signed as evidence that they have read the compliance plan and code of conduct. If pre- and post-tests were given on compliance, or if employees were surveyed on their compliance education needs, that documentation also is reviewed. Since training not only frontline staff, but the board of directors, compliance committee members, and the medical staff is important, a review of the documentation regarding the training of all these individuals should be performed. 6. Background checks. Background checks should be conducted as part of the compliance program. Many organizations have different background check policies. For example, some organizations only conduct background checks of employees hired subsequent to the creation of the compliance program. Other organizations require every employee to undergo a background check, regardless of time of hire. Some organizations conduct background checks of their independent contractors, or at least selected ones. Organizations should check the OIG Web site of Medicare-excluded individuals and entities as part of the background check. In compiling this section of the grade card, a review of the documentation showing the level of background checks that was conducted for employees, independent contractors and physicians is performed. A review of the relevant documentation is conducted to determine if the background checks were conducted on all employees, selected contractors, agency employees and physicians who are subject to this policy, and if the employment application was screened for felony arrests, if reference checks were conducted, and if prior employment was checked. 7. Disciplinary actions. Last but not least, every organization needs to have a disciplinary policy that applies to compliance violations. Some organizations have a separate disciplinary policy for compliance violations, while others rely on their general disciplinary policy to cover all offenses. The primary concerns are if the punishment fits the crime and if disciplinary actions are applied consistently throughout the organization. Documentation should indicate how the policy was communicated to all employees, whether employees were disciplined when required by the policy, and the types of disciplinary actions that were taken. If physicians and contractors were subject to a disciplinary policy, a review of the relevant documentation also should be conducted. In addition, if human resources reported disciplinary actions to the compliance officer, the related documentation should be reviewed. In some cases, the compliance officer will participate in the disciplinary action along with human resources and key members of management. In other cases, the compliance officer is merely informed of the need for disciplinary action and the type of action that was taken. Summary |
Lawrence A. Fogel, principal, and Joseph M. Watt, partner, are members of BKD Health Care Group, LLP, in Kansas City, Missouri, one of the 10 largest CPA and advisory firms in the country. The firm has 27 offices in Arkansas, Colorado, Illinois, Indiana, Kansas, Kentucky, Missouri, Nebraska, Ohio, Oklahoma, and Texas. For further information, contact Fogel at lfogel@bkd.com or Watt at jwatt@bkd.com, or phone (816) 221-6300 or visit www.bkd.com. To comment on this article, please send e-mail to fogel0804@nursinghomesmagazine.com. For reprints in quantities of 100 or more, call (866) 377-6454. |
I Advance Senior Care is the industry-leading source for practical, in-depth, business-building, and resident care information for owners, executives, administrators, and directors of nursing at assisted living communities, skilled nursing facilities, post-acute facilities, and continuing care retirement communities. The I Advance Senior Care editorial team and industry experts provide market analysis, strategic direction, policy commentary, clinical best-practices, business management, and technology breakthroughs.
I Advance Senior Care is part of the Institute for the Advancement of Senior Care and published by Plain-English Health Care.
Related Articles
Topics: Articles , Facility management , Regulatory Compliance , Risk Management