One Strategy for Rapidly Developing an Effective Compliance Program

For years, there has been a legal and regulatory mandate for managed care organizations (MCOs) to have an effective compliance program — but now the government is moving aggressively to enforce those provisions. This has caused many to realize that their programs are not able to stand up to close review, and failure to evidence an effective compliance program can lead to serious consequences. As a result, many plans are playing “catch up” on their compliance programs and seeking ways to quickly bring them in line with current regulatory standards.

During 2010, the Centers for Medicare & Medicaid Services (CMS) undertook aggressive actions to conduct audits of 33 plans that included the core compliance areas identified by the agency. The deficiencies were so great that it led to the termination of one plan and sanction actions against several plans across the country. An ineffective compliance program can lead to serious sanctions, including termination from Medicare and Medicaid.

For many organizations, the quickest way to bring their compliance program up to mandated government standards may be through the utilization of outside experts, either as consultants or to act as their interim compliance officer (ICO). The latter option is becoming increasingly common and frequently occurs when an organization realizes its compliance program is troubled. From experience, the decision to employ an ICO is usually triggered by the realization that the existing compliance program is defective or ineffective, requiring expert assistance to get it on the right track.

The use of ICOs is recognized by the Department of Health and Human Services (HHS) Office of Inspector General (OIG), which has stated in its compliance program guidance, “For those companies that have limited resources, the compliance function could be outsourced to an expert in compliance.” ICOs, as is implied in the name, are temporary compliance officers serving for a period of time until the organization is convinced that the compliance program is ready to engage a permanent replacement. The ICO then can assist in defining the qualifications and attributes needed for the permanent compliance officer.

Inasmuch as the ICO will not be competing for the permanent position, he or she can bring a level of independence and objectivity. Furthermore, he or she does not have any investment in prior decisions and actions. Taking this step also may add evidence that demonstrates to any government investigator or auditor that the plan is serious about implementing an effective compliance program. This approach has the added advantage of having, in effect, an independent evaluation of the program’s effectiveness while it is undergoing active management. These experts are in a position to operate or manage an organization’s existing compliance program while at the same time taking steps to ensure the program makes improvements to meet those standards.

Other advantages arise from having a broader perspective of having worked in a variety of program settings and having experience with proven methods. These compliance experts can speak with authority in building confidence in enhancing the compliance program and culture. A critical factor that can be brought to bear with an ICO is experience and detailed knowledge of applicable federal and state laws and regulations. Furthermore, they provide “fresh eyes” reviewing and improving the development of the compliance program. This may include a desire to build a sounder foundation for the compliance program or to demonstrate to government agencies a serious commitment to the compliance culture and process.

The following are tips for those interested in this strategy:

1. Find a properly qualified ICO who should have multiple levels of experience upon which you can draw, especially in the managed care sector. This may not be met by selecting someone who had served as a compliance officer in another organization that may or may not have been a model program.
2. Require references to establish experience and expertise in compliance and managed care. Compliance programs for provider organizations are similar in concept but quite different in practical operation.
3. The ICO should be a transitional function of six months to a year, not someone who is looking for the position permanently. The difference is critical to ensuring objectivity in carrying out the duties of the position.
4. Include in the retention agreement that the ICO shall assist in defining the qualifications, participating in the interview process, and selecting a permanent compliance officer.