Compliance means to comply with the law, the ethical standards and professional standards of care. Compliance with these standards is or should be the focus of each practice, from the physician to the secretarial staff. As healthcare moves toward greater oversight, compliance will be an integral part of all interactions, within and outside of the company.
Organizations will need to empower employees to raise the red flag immediately if they see anything outside of compliance, such as any quality of care being compromised, a patient not being taken care of with compassion, or processes of excellence not being followed. This will have to be the “company way.”
Why should one have a strong compliance program in place?
The reasons are manifold:
- It is the right thing to do. It gives peace of mind to everyone in the company, and it is a cultural shift toward quality patient care.
- It keeps everyone safe. Healthcare providers should be getting paid every penny that they deserve. When this attitude is instilled in every provider and employee, it creates a balance between greed and fear and brings in a safety check to aggressive coding and billing at the workplace. Compliance is the first line of defense against audits and/or lawsuits.
- It can make everyone more profitable. Compliance makes certain that a provider’s goal toward more profit is correctly and ethically achieved.
- It is (or should be) the standard that everyone will run their businesses by.
- It is the best way to take care of patients. When patients know that they are coming to a facility that places a premium on quality and compliance, they will learn to respect the provider and practice even more andcooperate with the processes. Which in turn produces more money!
- It is an opportunity and a challenge. The practices that make compliance the standard of care shall be at the forefront of the new shift in healthcare and shall reap the most benefit. Compliance is business strategy.
- It fulfills something deep within us, a need to be good, to be right, to be charitable and conscientious (somewhat akin to Maslow's fifth level of self-actualization).
- It improves communication among the employees and with the patients.
How can a provider be compliant?
- By educating every employee about it. Compliance starts at the top. If the CEO or the person at the top does not believe in it or only wishes to pay lip-service, an organization will be unable to start the ball rolling. It is perhaps better to have no compliance than to have compliance mechanisms in place that are not followed.
- By empowering every employee to immediately inform their superiors anytime someone or something is out of compliance so that it can be fixed immediately. With constant re-enforcement this will eventually become a habit.
- By meaning what one says and saying what one means. Communication encouraging compliance should not just be sending e-mails and circulars around, but it should be real and effective communication in which superiors enforce compliance impartially and objectively.
- By auditing and re-auditing oneself. Do not be afraid to audit yourself. Just think, it is way better that it is you rather than someone from outside coming in when you have no choice in the matter. Being totally open to outside audits from business affiliates (e.g., from HMOs) has its perks, for an organization can use their help, knowledge, and resources as a learning process. By questioning, researching, networking, an organization can assure that it is on the cutting edge of newest changes in healthcare. Transparency of the system is key.
- By honing company processes to perfection. There are two components to compliance: the process and the people. The process should be accountable and accessible. And it should go to the very source of diagnostic criteria, such as ICD-9s, CPT coding, etc.
- By creating a system that is intelligent, responsive, and oriented toward patient safety and care. This can be established by being obsessively focused on patient results and care. Integrity is everything.
- By making compliance real-time and hands on. In my practice, each chart completed by the provider is reviewed by a coder who makes sure that the “I”s are dotted and the “t”s are crossed before billing goes out. If there are any discrepancies, they are immediately brought to the attention of the provider who either has to justify it or fix it. Any change to the chart should be made within 24 to 48 hours and documented as such.
- By showing the people who made an error what the error was and fixing it, one reduces the chances of it recurring. Never let anyone lie, fudge or change documents. It is better to be open about an error than to try to conceal it within or without the company.
- By fixing things again and again until it becomes ingrained as a habit in each employee and in each process.
- By making compliance the cornerstone of the company. Compliance is not just about rules or arcane laws; it is a culture, a way of thinking, and feeling. It is not just about billing and coding but about every rule in the book, including HIPAA laws, OSHA rules, anti-kickback, and Stark laws.
- By making compliance a department in itself, one that is not involved in daily management or human resources, or billing or any other activity. However, it still requires monitoring to ensure that every activity and make sure everyone fully conforms to the law. Compliance needs to report directly to the CEO and is answerable to the CEO ultimately. Compliance cannot report to human resources or administration, for the fox cannot mind the coop.
- The overall policy should be to take compliance very seriously as the market gets tougher. Compliance is really about quality control. The emphasis should be toward being the very best. The compliance officer should behave in a manner that is above reproach, be as fair as humanly possible, and try to create objective criteria with which to evaluate a physician or office. The rules should be for everyone, including compliance officers and personnel.
- Employees should be comfortable coming to compliance officers and voicing their concerns. Confidentiality has to be maintained. The employees should be listened to with respect, and their concerns should not be made light of or ignored. Listening to employees, vendors, and patients is key. Many disasters could have been averted if someone at the top had listened and acted on the concerns of the employees.
- A sign indicating the practice's commitment to compliance should ideally be posted in each room and on each notice board. Do it right from the first step, and keep it simple. Providers should create a basic compliance manual which can be used to train and as a reference. Furthermore, they should use the help of experts who have experience in the business when in doubt. As many of your attorneys will inform you, ignorance of law is no excuse.
- Insist on better record keeping, proper documentation, appropriate billing, and the right coding. Let compliance begin before the patient walks into the door and continue after the patient walks out.
These are only broad guidelines. Details may differ according to the size, scope, and structure of the practice. In the final analysis, compliance should inspire, enable, and promote a higher standard. It should challenge everyone to stretch beyond the status quo. Compliance is a great facilitator if patients always come first.