Regulatory scrutiny of healthcare providers has never been greater. With endless guidance issued by the government and private payers, it is important that healthcare providers not only comply with these requirements, but also prepare for and be ahead of any future changes. As civil and monetary penalties have shown, it is not enough for a compliance function to merely exist. It must effectively demonstrate a commitment to day-to-day operations, culture and doing the right thing. Protiviti’s deep industry knowledge and skills assist organisations in maturing their compliance departments to stay ahead of compliance risks and build a solid foundation for future success.
Key areas where Protiviti can be of assistance in maturing your compliance function
Compliance Programme Effectiveness Assessments
Protiviti can assist you in evaluating the maturity of your compliance programme function and identifying areas of continuing opportunity to ensure you stay ahead of the curve by using our proprietary tools. Assessments can range from a high-level self-assessment or a detailed dive into all elements and measures of the compliance programme.
Compliance Risk Assessments
Protiviti’s proven four-step process identifies your organisation’s current compliance risks, as well as your capabilities and vulnerabilities, and then creates a risk-based, highly focused and prioritised compliance work plan. Protiviti can also help determine how your compliance function compares to other similar compliance functions.
Protiviti can assist your organisation with staff augmentation to provide seasoned interim compliance leadership (chief compliance officer) and supplemental staffing of experienced professionals to assist with the day-to-day operations of a compliance programme, complete an assessment, conduct training, provide subject-matter expertise, aid project execution, or perform specific audits where specialised skill sets are needed. Whether by utilising our Protiviti healthcare specialists or the network of candidates available through Protiviti’s parent company, Robert Half, we can quickly supply highly skilled professionals on a temporary, full-time or project-by project basis. We partner with clients to provide scalable assistance from interim management of the compliance department to tactical project-based resources.
Audits and Investigations
Protiviti partners with organisations in fully outsourced, co-sourced and project-specific arrangements to conduct audits and investigations. We will outline areas of concern, identify ways to reduce exposure, and effectively address shortcomings or challenges the organisation may be facing. We can provide assistance with audits across all Office of Inspector General areas of focus and other hot topics, including:
- Credit balances and overpayments
- Physician contracting and compensation
- Physician and nurse credentialing and licensing
- Medicare reimbursement
- Drug diversion and pharmacy operations
- Two-Midnight Rule and observation status
- False Claims Act
- HIPAA compliance gap evaluation
- HIPAA risk analyses
Work Plan Development and Oversight
At different times during the compliance programme lifecycle, compliance officers may find they need additional assistance to ensure all risks are continuing to be addressed. We partner with organisations in a variety of relationships, from developing a compliance function’s work plan to managing execution of the work plan for designated periods of time.
Using our deep industry experience, Protiviti can conduct compliance trainings for employees at all levels of your organisation, from staff, physicians, executive management and boards, to ensure the organisation is equipped with the latest compliance information. We can also evaluate the effectiveness of training materials and assess training comprehension of staff.
Protiviti can assess your organisation’s compliance committee. Opportunities for improvement often include drafting or revising the compliance committee charter, enhancing committee agendas, and benchmarking committee membership.
Policies and Procedures & Code of Conduct
Protiviti has dedicated seasoned professionals and a Healthcare Center of Excellence organised to gather insights for knowledge sharing and to develop compliance best practise policies and procedures. Protiviti can help you draft policies and procedures ranging from general or specific compliance topics to your overall code of conduct.
Protiviti assists our clients in developing reporting mechanisms, including dashboards, and packages on a variety of topics, including: hotlines, investigations, trainings, policies, audits, monitoring and enforcements. Reporting can be geared towards compliance staff, management or the board/compliance committee.
Enterprise Risk Management
Protiviti combines our deep enterprise risk management expertise with our compliance solution to ensure your organisation’s regulatory risk is appropriately considered and addressed in the development of or an assessment of your enterprise risk management function.
Corporate Integrity Agreement Assistance
Protiviti works with organisations to satisfy required corporate integrity agreement remediation activities. We assist in completing implementation and annual reports to the Office of Inspector General on the status of your compliance programme’s activities. With the Office of Inspector General’s approval, Protiviti can serve as a formal internal review organisation (IRO), as well as act as a mock IRO to confidently prepare you for your formal IRO review.
Protiviti has deep experience across a variety of coding and documentation risk areas, covering OIG-, RAC-and MACRA/ MIPS-focused issues. Protiviti works with specialised coding auditors to provide detailed audit reports to management or the board showing trends of areas at risk, including specific error rates, in a report card format. Protiviti can then assist organisations in creating corrective action plans for resolution to prevent errors from reoccurring. Additionally, Protiviti can provide education and training to improve compliance and promote accuracy of coding and billing as part of a healthy revenue cycle.
Health Insurance Portability and Accountability Act (HIPAA)
Protiviti utilises our subject-matter experts to partner with your organisation’s security and privacy officers. We conduct extensive gap analyses to identify areas of deviation from the HIPAA requirements and overall intent of the rule. Additionally, Protiviti can help perform your organisation’s security risk analysis to identify opportunities for further risk mitigation across the organisation. Further, Protiviti can help to provide recommendations on compliance remediation and risk management strategies that similar healthcare organisations have found to be effective and efficient.
Conflicts of Interest
Protiviti partners with organisations to establish conflict of interest protocols. We have completed assessments of the conflict of interest process to identify and mitigate any risks to minimise the likelihood of a possible conflict of interest. We also have extensive experience in assessing conflicts of interest disclosures for appropriateness.
Business Associates Agreements
Business Associate Agreements (BAAs) are not only required under HIPAA but also are critical to ensure your data is protected when accessible by external individuals and/or vendors. Protiviti works with organisations to review all aspects of the BAA process and performs reviews of third-party relationships to identify those that require a BAA. We also help organisations determine if all of the necessary HIPAA requirements are in place for existing BAAs.