Welcome to the CCP Builder. This section is designed to help you review your existing CCP or if you are in the process of building a new CCP from scratch. This can also be useful to act as a self-assessment tool. Government agencies believe that it is a best practice for healthcare providers to perform, at a very basic level, an annual review of the effectiveness of their compliance programs.
Please note that the following is generic in nature and can be used for any type of provider. We are here to help you to develop this compliance builder for your own organization and take into account your size, mission, issues, complexity and the overall sophistication of your corporate compliance plan.
a. Organization Culture
Are top management, board and other officials in receipt of your organization’s CCP? Is there a culture of compliance that understands and promotes the compliance office and the need for on-going annual education and training for all? Does the CCP have the full endorsement of the board? Are there issues of reporting and monitoring committees?
b. CCP Documentation
What compliance expectations are included in the written code of conduct and ethical standards of your CCP? Has the CCP been approved by the governing board/senior management? Is the CCP fully implemented throughout your organization? If not, why not? Is there guidance as to how to identify and communicate compliance issues or concerns? Is the CCP easily accessible to all employees, management, department heads, customers, vendors, etc.?
c. Compliance Officer
Is your compliance officer an employee to your organization and have the day-to-day responsibility for the CCP? What is the background and qualifications of the compliance person? Does this person have other responsibilities other than compliance and, if so, are there sufficient resources available to satisfactorily conduct the operation of the compliance plan? Who does the compliance person report to? Is it the CEO, the board, other senior management? If legal counsel or the CFO, this is not acceptable. Are there regular reports and meetings with the governing board to report on the CCP activities and how often does this occur?
How often does the compliance office conduct training and education of the CCP throughout the organization to employees, board, department heads, vendors, etc.? Is compliance training part of new employee training? Are these properly documented? Do these stakeholders know and understand how to contact the compliance office and how to identify circumstances of fraud, waste and abuse and other possible issues? Who conducts the training? Are training materials made available throughout the organization?
Are there proper and encouraged methods of being able to promote the compliance office throughout the organization? Is their any resistance from any governing body member or management? Are compliance concerns able to communicate to the compliance without interference? Is there a corporate compliance hotline or helpline for anonymous or confidential communication? Is this information well publicized and does the CCP maintain a system of tracking all calls in order to investigate and resolve issues, questions or concerns in a prompt manner?
f. Social Media
Are there written policies and procedures regarding the use of the internet, smart phones and social media such as LinkedIn, Twitter, Facebook, etc.? Are employees trained and educated about the proper use of these social media programs and cell phones? What are the disciplinary actions to be taken in the event of improper communication regarding your organization? Are the governing board and management team aware of the policies and procedures?
g. Encouraging Good Faith Participation
Having good faith participation is a key essential to the success of the CCP. Do policies exist and recognize those who do participate and whose efforts result in resolving situations sooner rather than later? Are there disciplinary policies that encourage good faith participation? Do disciplinary policies include consequences for failing to report suspected problems; participating in non-compliant ways or behavior or allowing non-compliant activity?
h. Non-Intimidation and Non-Retaliation
Is there a policy in your organization stating that there will not be any intimidation or retaliation permitted against anyone who, in good faith, reports to the compliance on potential issues? Are any allegations of retaliation or intimidation reported and fully investigated and are disciplinary action consistent regardless of one’s position or title?
i. Identifying Risk Areas and Proper Response
Does your CCP routinely self-evaluate risk areas through audits and self-examination to assure that your employees, contractors and other organizations that provide services or billings through government programs are not submitting false claims? Is there a committee to assist the compliance officer or office to identify risk areas and to evaluate or analyze potential or actual non-compliance? If so, are reports provided to the management and/or governing body and to minimize its risk exposure and correct violations or address weaknesses? Does the compliance receive and review the Work Plan of the federal Office of Inspector General or your state Office of Medicaid Inspector General or other legislation such as the Affordable Care Act requirements for overpayments? Do you have a system for responding to compliance issues as they are raised and to respond promptly? How many corrective actions have been taken during the past year and can you reduce the potential for recurrence?
j. Annual Certification
Is your organization required to certify each year that you have an effective compliance program to the Office of Medicaid Inspector General and under the Deficit Reduction Act of 2005?
Office of Inspector General: http://oig.hhs.gov
Centers for Medicare and Medicaid Services: http://www.cms.gov
Fraud Enforcement and Recovery Act: http://en.wikipedia.org/wiki/Fraud_Enforcement_and_Recovery_Act_of_2009
HealthEthicsTrust/Council of Ethical Organizations: www.healthethicstrust.com