My first experience working in Healthcare was in college while I was studying Spanish. As part of a capstone course, I volunteered at a local Hospital translating for Spanish speaking patients. It wasn’t an easy job for me, as the sight of blood and needles makes my stomach queasy. The experience did however; start me down the path of a career in healthcare. Working in compliance has been a much better fit for me... and my stomach.
For the better part of my career, I’ve been working almost exclusively in healthcare compliance and government regulations. Working in the private sector, I’ve taken thousands of calls from healthcare professionals with different compliance related questions. The calls come from every state and from nearly every specialty. Some of my favorites questions include: “Do we need to burn used needles in the back parking lot?” “Can HIPAA give a fine to my employee for smoking?” “Is it OK for me to draw my own blood?” Some of the questions were shocking and others just made me laugh, however, the most common question I receive is:
“How do I know when I am compliant? “ I’ve learned that what providers and their staff are really asking is “How do I know when I‘ve done enough to avoid an audit or survive one it when it happens?”
Years of observation have taught me that a majority of those working in healthcare today view compliance as something to check off your list, or finish. If you view compliance this way, you’ve set your self up for frustration. This frustration usually leads to ignoring or disregarding compliance, then mistakes, followed by audits and fines. Ignoring compliance will cost you. Some providers disregard compliance thinking that because some training took place years ago they are still protected. Even if you took a couple of minutes to train a new hire, DO NOT make the mistake of thinking past training equals protection today.
Three major events usually trigger an audit. They are: injuries, state specific crackdowns, and complaints. Complaints are by far the audit-triggering leader, with the majority of complaints coming from your own employees. Training must remain current, and occur at least every year, especially if you have high turnover. A disgruntled employee is the best candidate to file a complaint against you.
The reality is you’re never done when it comes to compliance, BUT you can reach a point where you can be confident you’ve done enough to avoid most audits and survive one if it came to your way. Those who pay no attention to compliance because they have never been audited are typically the ones who receive the largest fines. To feel confident, you must establish a “foundation for protection.”
Whenever I get a call about a very detailed or complex compliance issue, I first try to determine what kind of foundation is in place. I do this because if the foundation isn’t in place, you have bigger problems than getting the answer to a complex question. This doesn’t mean you should ignore complex details that surround compliance- they can get you into trouble, but rather pay attention to them AFTER your foundation is in place. You wouldn’t install a stained glass window onto a home before the foundation was secure. Here are three steps to help you determine if you have a secure foundation.
1. Have you established a current, written training program?
2. Have you trained EVERYONE in your office at least every year?
3. Have you documented training AND verified your staff understood it?
I’m not saying that if you do these you’ll never be audited. You can’t always control what your staff or patients do. I am saying that if you’ve set up a secure foundation using the steps above, you can feel confident that you’ll avoid most audits, AND if you’re unlucky enough to be audited you should do well.
Having helped providers get through audits, and after interviewing several compliance auditors, I’ve learned a lot. I know what auditors look for and the common mistakes that will bring them to your practice. Some auditors have even given me the checklists that they take with them during an audit. If you want to see what the checklists looks like, email me and I’ll send you a copy help@CompliancePhD.com.
Finally, I’ve attended many national health information conventions and group compliance trainings. Most attendees usually leave with mounds of paper and no clue about what to do to protect their practice, or how to avoid audit-triggering mistakes. Perhaps you’ve attended a similar training and had this experience. Maybe you have tried to train your staff yourself and felt overwhelmed by the process. If you’re unsure about your foundation, or if you need help with some of the complex details of compliance, Compliance PhD can help. You don’t need to spend a lot of time or money to become compliant. Visit our website at www.CompliancePhD.com
Thanks for reading and look for future blog posts where I will go into further detail about each of the steps to secure your foundation.
M. E. Ensign