Best Practices Process

Best Practices Selection Criteria:
Compliance Program Assessment
Summary
Achievement in the conduct and reporting of the periodic/annual assessment of the corporate compliance program that meets the requirements of element 7 of the “Elements of an Effective Corporate Compliance Program”.
Definition
The Program Assessment is a periodic review of the progress and/or achievement of the organization’s compliance program. This assessment should be conducted by or under the direction of the Compliance Officer, and focus on the organization’s implementation of the 7 elements of an effective corporate compliance program.
Achievement to Warrant Finding of Best Practice
In evaluating whether a program has achieved a “Best Practice” in this element, look at the following criteria for a compliance program assessment:
1. Corporate Governance and Oversight. The assessment should demonstrate review of:
  1. governing charters for the Compliance Officer and other related personnel;
  2. policies regarding reporting relationships between liaisons and CCO, Compliance Committee, Board of Directors and others with oversight of the program;
  3. written evidence of high level management support, including Board resolutions, corporate funding of program;
  4. adequacy of compliance office staff and resources;
  5. appropriateness of delegated compliance responsibilities.
2. Code of Conduct Review. The assessment should:
  1. adequately review content to assure it provides adequate guidance to employees concerning all major risk areas within the organization
  2. review the Code’s coverage of laws and regulations affecting the organization;
  3. include review of such important Code topics as documentation, billing and coding, conflicts of interest, workplace environment and safety, HR issues, provider relationships, gifts and gratuities;
  4. review how the Code has been disseminated, what employees have received it, how receipt is audited, etc.
3. Review of Policies and Procedures. The assessment should:
  1. review the existence and content of policies regarding all major risk areas identified in the Code;
  2. look for and review Compliance Program related policies and procedures, such as non-retaliation, reporting process, conflicts of interest, charters for the compliance program and compliance officer;
  3. review operational procedures for accuracy, implementation and employee knowledge of content, including background checks, investigation of incidents, EMTALA, anti-kickback issues, safety, billing and coding.
4. Internal Controls. The assessment should determine the adequacy of:
  1. internal audit reviews in the major compliance risk areas of the operation;
  2. targeted auditing of billing and coding issues, coverage issues, OIG identified “Fraud Alert” areas and other identified high profile enforcement issues;
  3. all audit protocols, investigation procedures, and reporting processes;
  4. compliance office coordination with Legal Department, HR, Internal Audit, Medical Records, etc concerning investigation, and ongoing audit/reviews.
5. Internal Reporting Process. The assessment should review and evaluate:
  1. operation of the confidential phone line (or other formal reporting mechanism);
  2. use of inhouse/outside resource to operate reporting program;
  3. training of staff which coordinates phone line and/or receives reports from outside hotline operation;
  4. procedures used to receive, record and protect information;
  5. process of investigation and follow up to reports, including providing feedback to callers;
  6. other reporting channels within organization, including decision tree steps;
  7. organization’s protection of reporters, response to allegations of retaliation.
6. Education and Training. The assessment should evaluate:
  1. content of all compliance training, corporate values focus, company commitment to ethical practices, participation of management in presentation;
  2. delivery and audit of training program, percentage of employees who received it, support of management/supervisors;
  3. how training is provided (e.g., face to face training vs electronically), feedback from participants, use of case studies
7. Corrective Actions. The assessment should review and evaluate:
  1. implementation of corrective action following investigation/determination of violations;
  2. consistency of all disciplinary decisions;
  3. timeliness, appropriateness and thoroughness of corrective action;
  4. record keeping of all disciplinary actions, corrective action plans;
  5. follow up to, and implementation of all corrective action plans;
  6. managers and supervisors support of all disciplinary decisions and corrective actions.
download the complete best practice criteria