Regulatory scrutiny of healthcare providers has never been greater. With endless guidance issued by the government and private payers, it is important that healthcare providers not only comply with these requirements, but also prepare for and be ahead of any future changes. As civil and monetary penalties have shown, it is not enough for a compliance function to merely exist. It must effectively demonstrate a commitment to day-to-day operations, culture and doing the right thing. Protiviti’s deep industry knowledge and skills assist organizations in maturing their compliance departments to stay ahead of compliance risks and build a solid foundation for future success.
Key areas where Protiviti can be of assistance in maturing your compliance function
Compliance Program Effectiveness Assessment and Financial Services Benchmarking
Protiviti can assist you in evaluating the maturity of your compliance program function and identifying areas of continuing opportunity to ensure you stay ahead of the curve by using our proprietary tools. Assessments can range from a high-level self-assessment or a detailed dive into all elements and measures of the compliance program.
Protiviti’s effectiveness assessment methodology incorporates leading practices from other highly regulated industries, such as financial services, to further provide our clients practical insights and strategic benchmarking capabilities. Our innovative, cross-industry perspective can help you tackle complex compliance risk management challenges and implement pioneering best practices.
Compliance Risk Assessments
Protiviti’s proven four-step process identifies your organization’s current compliance risks, as well as your capabilities and vulnerabilities, and then creates a risk-based, highly focused and prioritized compliance work plan. Protiviti can also help determine how your compliance function compares to other similar compliance functions.
Protiviti can assist your organization with staff augmentation to provide seasoned interim compliance leadership (chief compliance officer), and supplemental staffing of experienced professionals to assist with the day-to-day operations of a compliance program, complete an assessment, conduct training, provide subject-matter expertise, aid project execution, or perform specific audits where specialized skill sets are needed. Whether by utilizing our Protiviti healthcare specialists or the network of candidates available through Protiviti’s parent company, Robert Half, we can quickly supply highly skilled professionals on a temporary, full-time or project-by project basis. We partner with clients to provide scalable assistance from interim management of the compliance department to tactical project-based resources.
Audits and Investigations
Protiviti partners with organizations in fully outsourced, co-sourced and project-specific arrangements to conduct audits and investigations. We will outline areas of concern, identify ways to reduce exposure, and effectively address shortcomings or challenges the organization may be facing. We can provide assistance with audits across all Office of Inspector General areas of focus and other hot topics, including:
- Credit balances and overpayments
- Physician contracting and compensation
- Physician and nurse credentialing and licensing
- Medicare reimbursement
- Drug diversion and pharmacy operations
- Two-Midnight Rule and observation status
- False Claims Act
- HIPAA compliance gap evaluation
- HIPAA risk analyses
Work Plan Development and Oversight
At different times during the compliance program lifecycle, compliance officers may find they need additional assistance to ensure all risks are continuing to be addressed. We partner with organizations in a variety of relationships, from developing a compliance function’s work plan to managing execution of the work plan for designated periods of time.
Using our deep industry experience, Protiviti can conduct compliance trainings for employees at all levels of your organization, from staff, physicians, executive management and boards, to ensure the organization is equipped with the latest compliance information. We can also evaluate the effectiveness of training materials and assess training comprehension of staff.
Protiviti can assess your organization’s compliance committee. Opportunities for improvement often include drafting or revising the compliance committee charter, enhancing committee agendas, and benchmarking committee membership.
Policies and Procedures & Code of Conduct
Protiviti has dedicated seasoned professionals and a Healthcare Center of Excellence organized to gather insights for knowledge sharing and to develop compliance best practice policies and procedures. Protiviti can help you draft policies and procedures ranging from general or specific compliance topics to your overall code of conduct.
Protiviti assists our clients in developing reporting mechanisms, including dashboards, and packages on a variety of topics, including: hotlines, investigations, trainings, policies, audits, monitoring and enforcements. Reporting can be geared towards compliance staff, management or the board/compliance committee.
Enterprise Risk Management
Protiviti combines our deep enterprise risk management expertise with our compliance solution to ensure your organization’s regulatory risk is appropriately considered and addressed in the development of or an assessment of your enterprise risk management function.
Corporate Integrity Agreement Assistance
Protiviti works with organizations to satisfy required corporate integrity agreement remediation activities. We assist in completing implementation and annual reports to the Office of Inspector General on the status of your compliance program’s activities. With the Office of Inspector General’s approval, Protiviti can serve as a formal internal review organization (IRO), as well as act as a mock IRO to confidently prepare you for your formal IRO review.
Protiviti has deep experience across a variety of coding and documentation risk areas, covering OIG-, RAC- and MACRA/MIPS-focused issues. Protiviti works with specialized coding auditors to provide detailed audit reports to management or the board showing trends of areas at risk, including specific error rates, in a report card format. Protiviti can then assist organizations in creating corrective action plans for resolution to prevent errors from reoccurring. Additionally, Protiviti can provide education and training to improve compliance and promote accuracy of coding and billing as part of a healthy revenue cycle.
Health Insurance Portability and Accountability Act (HIPAA)
Protiviti utilizes our subject-matter experts to partner with your organization’s security and privacy officers. We conduct extensive gap analyses to identify areas of deviation from the HIPAA requirements and overall intent of the rule. Additionally, Protiviti can help perform your organization’s security risk analysis to identify opportunities for further risk mitigation across the organization. Further, Protiviti can help to provide recommendations on compliance remediation and risk management strategies that similar healthcare organizations have found to be effective and efficient.
Conflicts of Interest
Protiviti partners with organizations to establish conflict of interest protocols. We have completed assessments of the conflict of interest process to identify and mitigate any risks to minimize the likelihood of a possible conflict of interest. We also have extensive experience in assessing conflicts of interest disclosures for appropriateness.
Business Associates Agreements
Business Associate Agreements (BAAs) are not only required under HIPAA but also are critical to ensure your data is protected when accessible by external individuals and/or vendors. Protiviti works with organizations to review all aspects of the BAA process and performs reviews of third-party relationships to identify those that require a BAA. We also help organizations determine if all of the necessary HIPAA requirements are in place for existing BAAs.
Clinical research activities are fraught with regulatory compliance risk. Protiviti’s comprehensive clinical research compliance assessments include initiatives to determine the sufficiency of policies, procedures and other controls in place to mitigate the major areas of research-related risk, such as billing for trial-associated procedures, human subject protection and IRB operation, informed consent practices and documentation, study and patient folder completeness, conflict of interest identification and management, and animal research. Our assessments can also be tailored to review those specific areas that are of most concern to your organization.