You’ve worked hard to implement and manage a strategy that mitigates compliance risk across your organization. Then, just when you start to think you’ve got it all figured out, new layers of regulations are added causing you to scramble to figure out how you are going to keep your organization in compliance.  

oig exclusions
 Russ Cornwall, ProviderTrust Associate

“Why should I care?” your purchasing manager might be asking you right about now. Just like using Medicare or Medicaid funds to pay an excluded provider, using Federal or State funds to directly or indirectly pay a company who is on the OIG Exclusion List for goods or services furnished to your healthcare organization will result in fines – $10,000 per good/service furnished plus up to three times the amount claimed.

In the May 8, 2013 OIG Special Advisory Bulletin, the OIG laid out guidelines for monitoring vendors – whether companies (entities) or individuals – recommending monthly checks for any possible exclusions.

Additionally, starting in 2014 the Patient Protection and Affordable Care Act, or ‘Obamacare’ as it is commonly called, laid out new rules. Not only do you have to monitor the entity, but starting in 2014 you will also have to monitor any owner of a vendor entity with more than 5% ownership stake in a company.

Let’s say your company purchases 10 boxes of scalpels for $20/box from your scalpel supplier, and it is found out that the company appears on the OIG exclusion list. Your fine could look something like this:

$10,000 per item                      x10      =         $100,000

$200 (total purchase price)         x3       =          $600            

Grand Total                                                    $100,600

A $200 purchase has now cost your organization $106,000 for one simple reason. Your purchasing department bought them from a vendor on the OIG exclusion list. At the end of the day the CFO and CEO don’t really care about finger pointing – they see fault in both departments. It is everyone’s responsibility to ensure best practices are followed, regardless of what department you are in.

While compliance officers are well aware of the need for this type of monitoring, introducing a new step to your procurement or A/P process means getting buy-in from departments who likely have a well-established workflow and may not understand the inherent risk of not monitoring vendors.

Managing change is a difficult task, especially when you are stepping on to another department head’s turf. As a compliance officer, you fully understand the risk and want to do anything you can to mitigate it.

But it is often hard to convince other departments to change how they are doing things, no matter the risk involved. Adding a new step in the process will probably be met with resistance – “I’m already stretched too thin” or “You’re compliance, it’s your problem” are phrases you are probably going to be met with.

But a collaborative approach to compliance risk management is essential for the overall heath of your organization.

Without buy-in from all employees, the risk of being out of compliance is high when employees doing the day-to-day management of purchasing do not understand or take seriously the risk associated with non-compliance.

Audrey Andrews, Chief Compliance Officer for Tenent Healthcare, suggests that compliance programs of the future will have to be not only cost-effective and credible, but will require collaboration across the organization.

Everyone (HR, Procurement, Finance, Sales, etc.) is responsible for helping the organization remain in compliance. It is impossible for organizations to ignore the strong need for a collaborative approach to compliance if it expects to remain compliant.

Getting buy-in is never an easy task, and it is likely going to take multiple conversations to get decision-makers in all areas of the company to understand and take seriously the risk of non-compliance. And after you get buy-in from decision-makers, you will need to strategize on how to get buy-in from the employees who are going to be managing the day-to-day.

Lindsay Broder lays out a five-step strategy to getting buy-in from employees across the organization. In my experience, while all five of these steps are essential to getting buy-in, the hardest thing to do is effectively manage dissenting opinions.

Even the most eager employees may privately say something negative about a big change to a trusted co-worker. While most employees, despite any initial resistance, will inevitably be on board, be especially aware of who is planting bad seeds among your team.

It may not be an easy task to get your purchasing manager to buy-in to a new process, but it is vital to your organization to help them understand the importance of monitoring your vendors against the OIG exclusion list.

Once you get that buy-in, you can rest easy at night knowing your entire organization is in compliance.