In a recent blog post, Veda Collmer (Chief Compliance Officer at WebPT) summarized seven elements of an effective compliance program. In this post, we will add detail around the origins, elements, and mechanisms of ethics and compliance programs.
What is a Compliance and Ethics Program?
A compliance program is a set of policies and procedures that a company puts in place to avoid violating laws and/or government regulations, thus protecting the company or brand. These policies and procedures help ensure the company and its employees follow the direction of the CEO and the board of directors. It’s why the corporate-jargon term “tone at the top” has become so popular.
The framework used to develop an effective compliance and ethics program contains seven high-level elements, first promulgated on May 1, 1991, by the United States Sentencing Commission (USSC). The framework, titled, “Federal Sentencing Guidelines for Organizations” (FSGO), serves as a key roadmap for all businesses. Any company—private or public, for-profit or not-for-profit—that implements the seven elements laid out in the FSGO will benefit from not only lighter penalties (should they break US federal law), but also a better-run company with less risk.
The following are the seven elements of an Effective Compliance and Ethics Program:
- Implement written policies, procedures, and standards of conduct.
- Designate a compliance officer and compliance committee.
- Conduct effective training and education.
- Develop effective lines of communication.
- Conduct internal monitoring and auditing.
- Enforce standards through well-publicized disciplinary guidelines.
- Respond promptly to detected offenses and take corrective action.
The seven elements of an effective ethics and compliance program (ECP) are not sentinel tasks—they work in tandem to create a strong culture of ethics and compliance. So, to realize the full material benefits of such a program, an organization must implement all seven elements, as there is an inherent multiplying effect that the seven elements have on each other.
In this post, we will address all seven elements and discuss how rehabilitation providers can implement them with little cost.
What is the Process for Developing a Compliance and Ethics Program?
A “one-size-fits-all” approach to developing a compliance program is generally not effective. Each entity should take a risk-based approach to designing and continually improving its compliance and ethics program. Depending on the complexity of the organization, it must account for the number of resources needed.
The designated Chief Compliance Officer is responsible for developing and implementing policies, procedures, and practices to ensure compliance with federal healthcare program requirements at the organizational level. Policies and procedures are the glue that holds the program together. Policies set direction for an organization, whereas procedures provide a series of steps to be followed in a consistent manner in order to accomplish an end result. Each serves to guide the workforce by telling them what the organization expects. One of the most important written standards found at most organizations is the Code of Conduct, which serves as the organization's commitment to “do the right thing.” The Code must be written in understandable language and outline the consequences of failure to comply with the organization’s own policies and procedures—as well as the consequences of failure to report observed or demonstrated non-compliance. Through policy, every individual should receive:
- protection against retaliation for reporting suspected fraud or abuse of the federal healthcare program, and
- the right to have such reports handled in a confidential and anonymous manner.
Medicare conditions of payment for outpatient physical therapy (PT), occupational therapy (OT), and speech-language pathology (SLP) services include supervision requirements and complete and accurate documentation of the delivery of such services.
Rehabilitation providers accepting Medicare/Medicaid reimbursement agree to comply with public policy Title XVIII of the Social Security Act. Provisions in the conditions for Medicare payment include an agreement to supply information necessary to determine whether billings submitted meet the required documentation standards. Government audits of rehabilitation documentation records have uncovered:
- “upcoded” billings (i.e., billing at a higher level than the service provided),
- physician consults billed without an order requesting rehabilitation services, and
- billings that did not meet the time requirements and/or supervision level of the code submitted.
Please see a list of recent HHS-OIG audits at SunHawk Consulting. Policies and procedures for repayment of any federal overpayments are a necessity, because repayments to the government are mandated federally within a specified timeframe.Additionally, each state may have its own specific provisions for repayments.
Policies and procedures should also include screening for staff, vendors, and independent contractors that are currently excluded, debarred, suspended, or ineligible to participate in the federal healthcare program or are convicted of particular criminal offenses. These individuals must be excluded (i.e., not hired) from the workforce if the organization intends to bill Medicare/Medicaid (and other payers) for services rendered.
The elements call for the appointment of a Compliance Committee consisting of senior executives from relevant departments, such as billing, clinical, human resources, information management, audit, and operations. The role of the Committee is to help the Chief Compliance Officer fulfill his or her responsibilities through active participation in periodic meetings.
The Board of Directors is responsible for the review and oversight of matters related to compliance with federal healthcare program requirements and will require periodic training on these requirements. The Board of Directors must include independent, non-executive members to ensure program effectiveness.
What Are the Mechanisms Behind an Effective Compliance Program?
All seven elements of an effective compliance and ethics programshould be implemented in order to take advantage of the multiplying benefits each can have on the other. Clear policies and procedures inform the workforce of what is expected of them and what is not appropriate behavior. Policies and procedures do not serve their purpose unless they are read, understood, and relevant to the services being provided by the organization.
For example, element 3 (effective training and education) and element 6 (effective system for routine monitoring, auditing, and identification of compliance risks) go hand-in-hand. Regular training and education is required for the organization’s workforce. This includes senior-level executives, management, the board of directors, volunteers, vendors, and independent contractors. At a reasonable time after initial hire (usually within 90 days), whenever a policy change is made—and at least annually thereafter—the workforce must be educated/re-educated on compliance policies related to the seven elements. Regular training will ensure that staff members know:
- the mechanisms available to report potential misconduct (element 7), and
- who has full access to the information (element 4).
An effective compliance program is built on continuous improvement accomplished through the use of periodic testing, review, and monitoring. A clear plan (policy/procedure) for monitoring and auditing will include the rationale around the types of information collected, and how often internal audits are performed. A log for upward reporting—which identifies issues and relevant misconduct (element 6)—should be included in a policy along with a plan of correction (POC). The POC often leads to policy change, and the circle of workforce retraining continues.
Policies and procedures promote accountability and set the standards for monitoring and auditing within a program. Each policy needs a designated owner who can act as the subject-matter expert. Below is a list of the suggested policies and procedures shown to be effective in compliance programs for rehab therapists:
- code of conduct;
- conflict of interest policy;
- fraud, waste, and abuse prevention/whistleblower protection;
- non-retaliation policy;
- annual compliance training policy;
- compliance auditing and monitoring policy;
- performance management/disciplinary actions for compliance issues;
- business courtesies to potential referral sources;
- standards for accuracy of documentation, charging, and billing;
- policy for refund of overpayments; and
- exclusion list checking.
Jan Elezian is a Director at SunHawk Consulting, and James Rough is the President of SunHawk Consulting.