Marita Janiga (firstname.lastname@example.org) is Executive Director of Investigations at Kaiser Permanente in Oakland, CA.
Hear ye! Hear ye! The auditors are coming, the auditors are coming! Your organization’s leadership just received an audit engagement letter from the Centers for Medicare & Medicaid Services (CMS), which is going to perform an effectiveness audit of your company’s compliance program.
Your first reaction
How do you react? Are you calm, cool, and collected? Do you freak out and run for the hills? It’s probably somewhere in between. You know that you’re going to be super busy over the next several months managing both your day job and the audit. If you have a vacation planned to start in the next few weeks, you might be wondering if you should reschedule it—and you probably should.
Although none of us relish the thought of an audit, you might also be thinking that this will be an excellent opportunity for you to showcase your program and all the good work you do day in and day out. I’ve been through several of these audits and have felt all of those emotions. What has played a significant role in my approach to regulatory audits of all kinds is the confidence I have in the compliance investigations team we’ve assembled at Kaiser Permanente, and in the procedures and processes we’ve embedded in the work that we do to safeguard our organization from fraud, waste, and abuse (FWA).
Building a high-performing team isn’t as intimidating as it sounds, if you understand your objective and the work streams involved in fulfilling it, and if you have a set of guiding principles to help you organize and coordinate your team’s work.
Your guiding principles
Implementing written policies and procedures
Designating a compliance officer and compliance committee
Conducting effective training and education
Developing effective lines of communication
Conducting internal monitoring and auditing
Enforcing standards through well-publicized disciplinary guidelines
Responding promptly to detected problems and undertaking corrective action
You’ll want to build a team able to prevent, detect, investigate, correct, and monitor the organization and its employees, all in support of these elements of an effective compliance program. You will want to have written policies and procedures that support your work. You’ll need to conduct effective training and education as it relates to your team’s objective. You’ll want to standardize systems as much as possible (e.g., use one case management system to track all reported instances of noncompliance across the entire organization).
Focusing more specifically on the respond, correct, and monitor elements, we developed the structure of the compliance investigations team at Kaiser Permanente. The team is composed of four units: the case management and reporting unit, the national special investigations unit, the national fraud control unit, and the strategy and program management unit. To facilitate consistency and align the work that we do across the program, we developed an overarching document called the investigations working agreement (IWA), and more detailed procedure manuals for the national special investigations unit and the national fraud control unit.
The IWA is a high-level document that outlines Kaiser Permanente’s approach to coordinating investigative activities within the organization, from timely entry of issues into our case management system to investigating and taking corrective action. The procedures manuals are more detailed documents for internal use by investigators. We also have national policies for FWA control and for reporting compliance and ethics concerns. We maintain an up-to-date reference library with all our policies, procedures, and related documents, and we store all audits and associated responses in a secure location for ready reference. These documents and materials are foundational to the work that we do and to ensuring our responses to regulators are consistent and aligned.
Your crucial partnerships
You will need strong partnerships to be a highly effective investigations team. Your company’s organizational structure will naturally lead you in this area, but you will most certainly need close partnerships with other compliance teams, business operations teams such as claims administration and provider contracting, pharmacy benefit managers, finance, risk, internal audit, and your legal department, to name a few.
Your audit experience
With your compliance investigations team properly staffed and configured, when you receive an audit letter, it won’t be quite so daunting! You’ve done your homework. You’ve got your processes documented and your data and case information all in one system for quick, reliable access. You have skilled data analysts monitoring your systems for indications of FWA. You have top-notch fraud investigators and analysts conducting thorough and well-documented investigations. You’ve established close internal partnerships to ensure a smooth flow of information within the organization. You’re as prepared as you can be, and your audit results will reflect your team’s hard work. As the saying goes, break a leg! Good luck with your audit!
Your audit experience and results will surely provide you with some process improvement opportunities to make your team even more effective and efficient. Having a “change mind-set” as you perform your post-audit plus-delta analysis will help you become even better prepared to respond to future audits.