Did you know you need to be monitoring your vendors for exclusions?
Tag: Vendor Owners
Sally Yates & The Yates Memo
Do you remember the major Target breach in 2013? The repercussions of the breach raged on for quite some time after the initial security issue, costing Target a myriad of fines and penalties. A supplier in their supply chain caused the breach and before Target could even react, it was too late, they already lost the data. This is a modern day example that shows the importance of knowing your supplier and their operational practices. Vendor risk management is an increasingly important area of business mitigation just as it is for the healthcare industry. This blog will address why vendors are your responsibility to both check before contracting as well as monitor for exclusions each month (it will not address data breach related requirements of a business associate/vendor).
Do you know what you don't know about your vendors? In today's healthcare environment, the term “Know your Client” gets thrown around in compliance circles. What does it mean? How do you get to “know” your vendor and why should you even try or care? Vendors are an extension and sometimes a face of your organization as far as the client, patient or regulators are concerned. So getting to “know” them is vital. For more details on who your vendors are, check out these previous blog posts:3 Reasons why Vendor Credentialing just Makes SenseVendor Credentialing Service - are you doing enough? Vendor procurement and vendor selection is both an art and a science in today’shealthcare industry. You might not know it, but vendor procurement has long been part ofhealthcare. But, traditionally, it has not utilized the cutting edge technology and has always coordinated with compliance departments. Healthcare systems in this area are archaic and departments were in silos when it came to employees vs. vendor risk management.
The term “know your vendor” gets thrown around in compliance and procurement circles. By the time your organization selects a potential third party for its expertise and reputation you have likely expended money, time and man-hours to vet your third parties. You should also allot time to collect key information about the company. But that is not all. You have one last set of steps to conduct before initiating the relationship with your vendor - examining the financial health of a vendor. Why is the financial health of your vendors important? One imperative component of effective vendor screening is to examine the financial health of the company. After all, it could put your company’s reputation, and even ability to service your client, in peril if the vendors you rely on are not able to deliver and/or have a history of defrauding or defaulting on their commitments.
Vendor risk management is a process of ensuring your providers do not create the potential to negatively impact your business performance. Industries like financial services and healthcare are especially prone to regulatory healthcare compliance risk, due to the growing number and complexity of federal and state regulations.
The OIG provides the following guidance on ownership of an entity by en excluded individual: Special Advisory Bulletin. Excluded persons are prohibited from furnishing administrative and management services that are payable by the Federal health care programs. This prohibition applies even if the administrative and management services are not separately billable.