Effective compliance planning is demonstrated and driven by outcome.
The most important step in creating an effective compliance plan for your organization is to be proactive in actually implementing its terms. Leaving a compliance plan on a shelf collecting dust, as if an afterthought, sends the wrong message to prosecutors especially if an audit of your organization should find any excluded individuals or entities, or other non compliance.
The first steps towards compliance are having a plan in place. In some respects, that is the easy part. Not only is it required to have a compliance plan in some fields of healthcare, but it is also a building block for an organization’s compliance success.
This just goes to show it’s not just words on paper, but it is a document outlining how you will be held responsible for adhering to its terms. Not adhering to its terms can lead to a forced Corporate Integrity Agreement (CIA) with the OIG along with hefty fines.Here are risks you can avoid and ways to avoid such risk with a successful compliance program.
The compliance risk spectrum
- Just recently, at the 2016 HCCA conference, HHS Inspector General, Daniel Levinson, released an update of compliance guidance on OIG exclusion authority. The OIG introduced a new compliance risk spectrum which will be taken into consideration at the time of exclusion. This means if the excluded individual/entity was proactive in correcting the problem, i.e. self-disclosing, then it will indicate a lower risk on the compliance risk spectrum and the OIG will less likely implement the exclusion. On the other hand, the absence of a healthcare compliance program will indicate a higher risk on the compliance risk spectrum and will be viewed negatively. You can read the new guidance more thoroughly in our previous blog post.
Corporate Integrity Agreements
- CIAs are forced compliance within an organization and enforced by the OIG. A CIA is a commitment by your organization to very specific and defined compliance obligations that are imposed in exchange for the OIG not to seek your exclusion from government programs.
- When you want to avoid a CIA, decide whether you want to have compliance in your organization now or have it later. A CIA is exactly that – a compliance plan – but with a sharper bite.
- It is a far less costly practice for an organization to self-disclose all exclusions to the OIG. You must find the exclusion, self-disclose and then remedy the situation. If these steps are taken and a self-disclosure is made to the OIG, then the OIG can reduce their hefty fine from three times the total amount to one and half times.
- Organizations that self-disclose to the OIG presumptively indicate an effective compliance plan removing the need for a CIA to get involved.
- With the finding of any error should come a root cause analysis and positive fixes, and that should be solace for your Board and regulators that you are trying to get it right.
- OIG enforcement fraud cases enforcement fraud cases
- Taking the time to review and study the past and recent OIG enforcement cases can actually boost the progress of your own compliance program. Sometimes learning what not to do is the best way to learn.
A compliance plan sets the tone for a compliant culture as well as providing legal advantages – like possible reductions in federal sentencing penalties. Healthcare organizations are held liable for meeting and complying with their compliance programs. But at the end of the day, every compliance program, when implemented, will help healthcare organizations remain compliant with OIG regulations reducing costs, saving time and avoiding fines.
Written by Michael Rosen, ESQ
ProviderTrust Co-Founder, firstname.lastname@example.org
Michael brings over 20 years of experience founding and leading risk mitigation businesses, receiving numerous accolades such as: Inc Magazine’s Inc 500 Award and Nashville Chamber of Commerce Small Business of the Year
Connect with Michael on Linkedin