Compliance Programs for Small Healthcare Entities
Key Points:
- No Compliance Program increases enforcement encounters, liabilities, & penalties
- Challenge is how to afford an effective Compliance Program
- OIG suggests using a part-time expert as the Designated Compliance Officer
- Smaller entities can outsource compliance program development and management
- Outsourcing the Compliance Program is less costly than hiring someone to do it
- Major considerations are expertise, timeliness, and cost savings
- Tips on selecting an outsourced compliance expert
All healthcare organizations, large and small, are expected to have a compliance program that meets the seven standard elements. Large healthcare organizations can develop and implement their Compliance Programs with full-time employed Compliance Officers and supporting staff, something smaller organizations cannot afford. Not having an effective compliance program increases the likelihood of enforcement agency action and increases penalties for those found in violation of law. In fact, most government enforcement actions involve smaller organizations, such as physician practices, clinics, home health agencies, and hospices, that could not evidence a functioning Compliance Program. These types of organizations do not operate on a scale to afford even one full-time person as their Compliance Officer. Having someone perform the duties as a secondary responsibility is a formula for a bad result. The OIG has long acknowledged the challenge to smaller organizations.
Going back to their 2000 Compliance Program Guidance for Individual and Small Group Practices and again with the 2023 General Compliance Program Guidance, the OIG recognized that there are often financial and staffing constraints that limit small organizationsโ ability to develop and manage an effective Compliance Program. They noted that โ[f]or those companies that have limited resources, the compliance function could be outsourced to an expert in compliance who can be a part time alternative to a W-2 employee Compliance Officer.โ That party would need to be independent of responsibilities or supervision of operations or legal services and should report to the owner or CEO on the status of the entityโs compliance activities. This Designated Compliance Officer could be charged with the development and management of the program that includes: (a) development of a Code of Conduct and compliance-related policies on how employees and managers are to perform duties and activities in compliance with applicable laws, regulations, and requirements; (b) training of staff on the Compliance Program and written guidance; (c) creating compliance communication channels that protect against retaliation; (d) conducting compliance risk assessments; (d) ensuring enforcement and disciplinary processes are in place to address potential misconduct; (e) engaging in high-risk area compliance ongoing monitoring and auditing; (f) conducting annual audits of high-risk areas, such as claims submission and marketing programs; and (g) ensuring prompt remedial and corrective actions for identified compliance problems.
There are several benefits of engaging a compliance expert to act as the Compliance Officer:
- No delay, able to start immediately
- Can โjump startโ Compliance Program development, implementation, and management
- No recruitment or training costs as would be for a W-2 employee
- Work would be done on a part-time basis
- Pay is only for the hours worked
- No added overhead costs (e.g., FICA, leave, benefits, etc.)
- No learning curve in the current, ever-changing regulatory environment
- Have prior experience in adapting Compliance Programs to smaller organizations
- Can be terminated at any time by simple notice
- Should have their own multi-million dollar liability insurance coverage
The biggest benefit in engaging outside experts is saving the costs of hiring, training, and overhead for W-2 employees (e.g., FICA, health/retirement benefits, annual/sick/holiday leave, etc.). Outsourcing the Compliance Officer function enables an entity to obtain the level of expertise on a part-time basis and not carry the financial burden of a full-time resource. The complexities of building and managing the Compliance Program in an ever-changing regulatory environment make having someone do it as a secondary duty impractical and impossible, but the job cost of hiring someone to do the work can be prohibitive. The HCCA 2024 Chief Compliance Officer Survey reported the average total compensation for healthcare Compliance Officers ranged between $179,000 and $188,000 per year, and according to Salary.com, the average salary for a Corporate Compliance Officer in the healthcare sector typically falls between $96,324 and $145,739.
The following are tips for outsourcing Designated Compliance Officer services:
- Determine the rate and pay only for hours of services provided.
- Establish the estimated number of hours per month for the service.
- Ensure expertise and knowledge (credentials, publications, presentations).
- Choose a firm that focuses on healthcare compliance, not generalized across all industries.
- Include a provision in the agreement to be available at any time needed.
- Ask number of years of experience in compliance (consultant and/or compliance officer).
- Determine the depth of the consultant and the firmโs capabilities.
- Obtain references for providing similar types of services.
- Interview proposed consultants to assess whether they would fit into the entityโs culture.
- Look at the range of consulting firmโs credentials relevant to current needs (e.g., JD, PhD, CPA, CPC, CCEP, CHC, CHPC, CHPS, MBA, PMP, HIM, RN, COC, CCNA, CDIP, etc.).
- Require professional indemnity insurance (at least $3 million coverage).
- Include a clause in the agreement to enable termination with simple written notice.
For more information and advice on this subject contact [email protected]. You can also keep up-to-date with Strategic Management Services by following us on LinkedIn.
