Maintaining and updating your compliance program is an important part of any healthcare organization. Making sure your organization is current on regulatory changes and updating policies and procedures to remain in compliance is critical in minimizing risk and will support and safeguard your efforts in delivering high-quality care.

BlueStone Medical Business Advisors, your partners in compliance, highly recommends and considers it best practice for healthcare organizations to perform a yearly compliance audit. We suggest the following key areas be targeted during your annual audit process. Read on to learn more on how to ensure your organization is covered!

1. Assessment of all office locations. Make sure all office locations are in compliance with the Americans with Disabilities Act (ADA). This includes making sure there is accessible parking, grab bars, ramps and more. Ensure all equipment is up to date and in good working condition. Assess offices for pests and any potential hazards exacerbated by heat or cold, such as increased risk of electrical fires or deterioration of building materials. Post audit, remember to schedule and address any necessary maintenance or repairs as a result of your findings.

2. Review Health Insurance Portability and Accountability Act (HIPPA). Conducting an annual review of your organization’s HIPAA policies and practices is essential for safeguarding client privacy and preventing potential breaches. Healthcare entities must adhere to HIPAA guidelines, which can extend beyond privacy rules. To ensure compliance, review and update any deficiencies in electronic records, and privacy policies, as well as employee guidelines related to electronic devices and social media.

3. Review Occupational Safety and Health Administration (OSHA) standards. Having policies and procedures that are current and in compliance with OSHA standards will help go a long way in creating a safe working environment and reducing the risk of work-related injuries. Reviewing and updating your protocols for handling hazardous materials and exposure to infectious diseases and training records will help ensure staff are well-versed and confident in safety policies and procedures. Investing the time and effort to review and update these policies is time well spent. According to OSHA, “Training in the safe way for workers to do their jobs well is an investment that will pay back over and over again in fewer injuries and illnesses, better morale, lower insurance premiums, and more.” 1

4. Review the Stark Law and Anti-Kickback Statute. Reviewing the current Stark Law and Anti-Kickback Statute will help ensure that financial relationships between healthcare providers and referral sources do not influence the client decision-making process. Protecting your organization’s relationship with Medicare and Medicaid is critical to avoiding penalties or even exclusion from participation.

5. Food and Drug Administration (FDA) Regulations. Review vendor and FDA guidelines on the proper use, storage conditions, and documentation of medications, medical devices, and other regulated products. Maintaining robust policies and procedures related to expired, compromised, and recalled products is crucial for minimizing the potential adverse effects on patients.

6. Update coding and billing policies. Each year, CMS makes several coding changes that can affect healthcare organizations. Missing out on these updates could have a significant financial impact on your healthcare organization. Ensuring providers and your billing team are well-versed in any CPT or ICD-10 changes will help prevent potential lost revenue. Following best practices with a yearly coding review and chart audit will help ensure your organization is compliant with federal and state guidelines for billing, coding, and reimbursement and prevent fraud and abuse.

7. Review of Employee Handbook Policies. Performing an annual review and updating Employee Handbook policies is considered best practice to ensure compliance with Local, State, and Federal regulations. Having strong and up-to-date policies will help prevent EEOC claims, lawsuits, and legal financial claims.

8. Disaster Preparedness and Recovery Plan Review. Disasters can take many forms, and the financial burden of rebuilding after a disaster can be debilitating. If you’re prepared for emergencies, you’ll be in a better position to recover and continue operations should a disaster strike.

9. Council for Affordable Quality Healthcare (CAQH) Audit. Keeping your medical staff’s training and certification up to date in CAQH is essential to prevent a lapse with major payors. Staying on top of provider credentialing can also avoid costly claims denials and resubmissions.

10. Review Performance and Compensation Models. Regularly review and update performance evaluation processes and compensation models to ensure they align with industry standards and organizational goals. Ensure that compensation structures are fair, competitive, and compliant with relevant laws and regulations.

How BlueStone Services Can Help
BlueStone Service’s Medical Business Advisory division is here to help you tackle any of your compliance needs. From one-on-one support to interim management, we can help you remain in compliance all year round. Contact us today to get started.

Citation
1 Occupational Safety and Health Administration. (2015). Training Requirements in OSHA Standards. https://www.osha.gov/sites/default/files/publications/osha2254.pdf