ERM Consulting Inc



Empirical Risk Management SAMPLE COMPLIANCE PLAN1. INTRODUCTIONA. BenefitsB. PurposeII. COMPLIANCE PROGRAM ELEMENTS 1 – 7Element 1. Written Policies and Procedures A. Standards of Conduct B. Risk Areas C. Claim Creation, Submission and Review Process D. Health Insurance Portability and Accountability Act of 1996 E. Credit Balances F. Integrity of Data Systems G. Retention of RecordsElement 2. Designation of a Compliance Officer and a Compliance Committee A. Compliance OfficerElement 3. Conducting Effective Training and Education A. Initial Compliance Training B. Annual Compliance TrainingElement 4. Developing Effective Lines of Communication A. Access to the Compliance OfficerElement 5. Enforcing Standards through Disciplinary Guidelines A. New Employee Policy B. Disciplinary Action PolicyElement 6. Auditing and Monitoring A. Post-submission Reviews B. Quarterly Compliance AuditsC. Compliance Plan EffectivenessElement 7. Responding to Detected Offenses and Developing Corrective Action Initiatives A. Violations B. Investigations / Reporting Procedure C. Corrective ActionsIII. COMPLIANCE PROGRAM EFFECTIVENESS 1. Code of Conduct 2. Review of Compliance Program EffectivenessI. INTRODUCTION1. Benefits of a Compliance Program. Empirical Risk Management has always been, and remains, committed to the very highest standards of ethics and integrity. The environment in which we deliver healthcare, conduct business and provide education to patients and staff continues to evolve. As such, we have developed this Compliance Plan to ensure that our practice is adequately and responsibly carrying out our various ethical, legal and fiduciary responsibilities and obligations2. Purpose. The purpose of this Compliance Plan is to provide a uniform practice policy for all employees responsible for performing, documenting, billing, supervising, monitoring, maintaining, recommending or improving procedures or processes in any format, written or electronic This plan outlines specific internal controls to more efficiently monitor and ensure adherence to all applicable Federal and State Statutes, Regulations and Requirements.II. COMPLIANCE PROGRAM ELEMENTS 1- 7Element 1: Written Policies and ProcedureA. Standards of Conduct for Empirical Risk ManagementI) Employees will maintain the highest level of professional and ethical standards at all times.2) Employees will conduct business and personal activities with the highest level ofintegrity. 3) Employees will be trained and oriented in all applicable Federal and State Laws and Regulations that apply to both Empirical Risk Management and their individual positions. Adherence to these guidelines is imperative.4) No employee shall falsify, conceal, or cover up a material fact in the performance of their duties.5) Each employee will be responsible for reporting any violations of this plan to the Compliance Officer.6) Employees will consistently exhibit proficiency in all areas relating to the accuracy, integrity and quality of confidentiality, patient data, documentation, and coding practices.B. Potential Risk Areas1) Billing for procedures, items or services that were not provided;2) Billing for procedures, items or services that are not documented;3) Submitting duplicate claims:i. More than one claim for the same service;ii. Claim is submitted to more than one primary payor at the same time;4) Up-coding:i. Using a billing code that provides a higher payment rate than the billing code that accurately reflects the service furnished to the patient5) Unbundling: the practice of submitting claims in fragmented fashion for the sole purpose of increasing reimbursement6) Inappropriate billing of contracted adjustments to patients;7) Failure to identify and refund overpayments in a timely manner;8) Incorrectly or improperly recording receivables;9) Failure to maintain the confidentiality of information/records;10) Lack of integrity in computer systems;11) Alteration of documentation;12) Destroying records/documentation without proper authority;13) Overlooking, disregarding, defending, or affirmatively concealing illegal and/or unethical billing practices.C. Claim Creation, Submission and Review Process1) Claims will be submitted only when appropriate documentation supports the claim and only when such documentation is maintained, appropriately organized in legible form, and available for audit and review. All documentation in the medical record will be signed in accordance with CMS guidelines.2) Diagnoses and procedures reported on claims will be based on the medical record and other authorized documentation;3) An internal review of claims will ensure claims submitted for reimbursement accurately represent services provided, are supported by sufficient documentation and are in conformity with any applicable coverage criteria for reimbursement;4) All claims and encounters to government and private insurance payers will reflect true and accurate information and conform to all pertinent Federal and State Laws and Regulations.D. Heath Insurance Portability and Accountability Act of 1996 (HIPAA)Empirical Risk Management and all employees will comply with requirements as mandated by HIPAA and will complete annual HIPAA training. There are three main areas of HIPAA Compliance concern:1) Privacyi. Empirical Risk Management and staff may not use or disclose protected health information unless the patient has authorized or consented, or unless HIPAA specifically permits or requires.ii. HIPAA permits employees to use or disclose PHI without patient consent only for the purpose of claims payment.2) Securityi. Empirical Risk Management and staff will ensure that they do not disclose information that compromises that security, confidentiality, or integrity of personally identifiable information (PII).ii. All employees will adhere to the established policies and procedures of Empirical Risk Management to ensure protection of PII.3) Standard Electronic Transactions.i. Coding staff will adhere to the HIPPA requirement that providers doing business electronically will use the same standardized health care transactions, code sets, and identifiers.ii. Standard transactions for Electronic Data Interchange (EDI) to transmit health care data include: claims and encounter information, payment and remittance advice, and claims status and inquiry. E. Credit Balances.Credit Balances occur when payments, allowances, or charge reversals posted to an account exceed the charges to the account. The office manager will diligently review the claims / account reports for credit balances and determine the reason for the occurrence and required action.F. Integrity of Data Systems Procedures.To ensure and maintain the accuracy and integrity of electronic data systems used for claims submission, collections, credit balances and other relevant reports, our offices will:1) Ensure data is back up on a regular basis.2) Ensure regularly scheduled virus checks are performed.3) Ensure electronic data is protected against unauthorized access or disclosure by limiting access to data systems to only authorized personnel (password protected). G. Retention of Records1) Each employee is responsible for the integrity and accuracy of Empirical Risk Management documents and records, not only to comply with, regulatory and legal requirements but also to ensure that records are available to defend business actions and practices. 2) No one may tamper with, alter, or falsify information on any record or document.3) Medical and Business documents and records are retained in accordance with the law and service specific records retention policy.i. Medical and Business document include paper documents, such as letters and memos, based information such as email or computer files on disk or tape and any other medium that contains information about Empirical Risk Management or its business activities. ii. This also includes:1. All records and documentation required by either, federal or state law, and the program requirements of federal, state, and private health plans.2. Records listing the person responsible for implementing each part of the Compliance Plan.3. All records necessary to protect the integrity of the billing office, compliance program and confirm the effectiveness of the program. iii. No one may remove or destroy the documents prior to the specified destruction date. Element 2: Designation of a Compliance Officer. To ensure an effective compliance program, Empirical Risk Management will designate a compliance officer. A. Compliance Officer: (Name, Title, Accreditations, Phone Number)1) The Compliance Officer is responsible for the implementation, administration, and oversight of the Compliance Plan.2) The Compliance Officer will ensure the components of the Compliance Program are implemented to reduce fraud, waste and abuse and mismanaged within the practice. 3) The Compliance Officer will investigate issues related to compliance and report any and all findings directly to Empirical Risk Management4) The Compliance Officer will notify employees of applicable regulations, procedures, and guidelines.Element 3: Conducting Effective Training and Education.A. Initial Compliance Training. All new employees involved with Empirical Risk Management will receive an initial training session that will cover the topics and guidance set forth in this plan before they begin their assigned duties. Statement acknowledging employee’s commitment to and receipt of the compliance plan and code of conduct will be signed and dated, and retained in the employee’s personnel file. B. Annual Compliance Training. All personnel will attend training on an annual basis, including appropriate training in Federal and State statutes, regulations and guidelines, and ethics. Element 4: Developing Effective Lines of Communication:A. The Compliance Officer will make every attempt to be available for any employee that needs assistance in determining compliance issues and conduct. Element 5: Enforcing Standards through Well Published Disciplinary Guidelines.Disciplinary standards will be implanted through procedures which encourage good faith participation in the compliance program by all affected individuals. A. New Employee Policy. New employees will be trained to ensure that their work is consistent with standards to prevent fraud, waste and abuse, or mismanagement. B. Empirical Risk Management has published a disciplinary policy outlining disciplinary actions to be taken in the event that employees do not follow the policies and procedures outlined in the within the Compliance Plan. Element 6: Auditing and Monitoring.A. Claims / Encounters: A review of claims and encounters will be performed to ensure claims submitted for reimbursement accurately represent services provided and are supported by sufficient documentation. B. Quarterly Compliance Audits: Internal monitoring and auditing will include preventative measures and procedures in compliance with Medicare regulations, contractual agreements, and all applicable State and Federal laws. C. Risks: Will be identified through various sources including, but not limited to: the OIG work plan, external and internal audits, and internal monitoring.Element 7: Responding to Detected Offenses and Developing Corrective Action Initiatives. A. Common compliance violations that can result in disciplinary action. 1) Involvement in non-compliant conduct and / or activity.2) Failure to report known non-compliant conduct and / or activity. B. Investigations and Reporting Procedures: All violations will be assessed by the Compliance Officer and forwarded to Empirical Risk Management if it is determined that an employee has engaged in conduct that deviated from federal legal standards, corrective action will be initiated. C. Corrective Actions: Appropriate corrective action measures shall be determined on a case-by- case basis.III. COMPLIANCE PROGRAM EFFECTIVENESS. 1. Code of Conduct. The following general principles apply to every employee. Where a situation is not covered by the standards set forth, employees shall apply the principles set forth in this plan in determining whether their conduct is proper. A. Employees are required to understand and abide by those laws, regulations, policies and procedures that are applicable to them in the performance of their job duties. B. Confidential information, included in private health information as that term is defined in the Health Information Information Portability and Accountability Act of 1996, obtained either during or by accident should not be released or discussed with anyone unless that individual is authorized to receive this information. C. Demonstrate the highest standards of personal integrity in all actions related to or affecting the the business of Empirical Risk ManagementD. Not disclose or use or allow others to use confidential information obtained as the result of your relationship with the practice for private purposes. E. Not use office time, property, equipment, supplies or support services for private gain or private purposes, except such limited use as authorized by policies of the practice. 2.Regular Review of Compliance Program Effectiveness. This Compliance Plan is intended to be flexible and readily adaptable to changes as requirements change in the healthcare system as a whole. This plan shall be reviewed annually and modified, as necessary. ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download