Software

Compliance 360, providers of a governance, compliance, accreditation, and audit software solution, have just added a new module to the already impressive array of features.  The new module helps healthcare organizations navigate the increasingly important world of claims audits.  As many of our readers will know, CMS rolled out a pilot program to attempt to get back a portion of the billions lost to overstated Medicare Claims through a program known as "Recovery Audit Contractor" ("RAC").  As the company's Web page on the module notes, the new module "has been designed for managing a wide variety of claims audits including the Medicare Recovery Audit Contractor (RAC) program, Medicare Program Safeguard Contractor (PSC) audits, Medicare Comprehensive Error Rate Testing (CERT) audits, Medicaid Integrity Contractor (MIC) audits, Medicaid Fraud Control Unit (MFCU) audits and other forms of claims audits."  Click here to see the full description of the audit.

In the 5-minute video, below, I talk a bit about how I came to know Compliance 360's compliance and accreditation software in some of its earliest iterations, and why I continue to recommend the product and the people to my clients who need a comprehensive compliance software solution.  

As an accreditation consultant and regulatory compliance consultant, I am often called upon by my clients to help them evaluate investments in compliance. Sometimes the question is, "what is the best software for managing our documents?" Sometimes I'm asked "how much should we think about expanding our compliance staff?"

In most cases, though, the question of "return on investment", or ROI, comes in. I thought I'd take this opportunity to write down some of my thoughts the initial considerations in this analysis, inspired in part by a project I'm working on and in part by a conversation I had last night with my long-time friend and colleague Guy D'Andrea, CEO of Discern Consulting. Guy is one of the most thoughtful people I know on this subject, and our back-and-forth got me cranked up about this topic.

As a backdrop to this topic, it's important to remember that compliance activities are all about mitigating the risk of infrequently-occurring events. Despite the daily exposure to the risk, a company can go months or even years without incurring a regulatory fine, suffering a penalty in an accreditation process, or being hammered by an unfavorable jury verdict. The typical state insurance regulatory market conduct exam occurs once every four years; accreditation cycles can be as long as three years; adverse jury verdicts can be years apart, or not occur at all. This can make the assessment of the value of compliance activities not only difficult, but difficult to bring to the attention of decision-makers.

Another issue to address at the outset is definitional -- what, precisely, do we mean by "compliance investment"? While a comprehensive list would be too long to be useful, there are some broad categories:

• Staffing costs, both in terms of size of the compliance staff and in terms of time spent by non-compliance staff spending time on compliance activities;
• Consultant costs, including lawyers, accountants, accreditation consultants, compliance consultants, and software consultants;
• Information systems, including the cost of hardware and software, not only for software dedicated to managing compliance activities (such as Compliance 360's products) but also for sometimes-needed enhancements to operational software in order to meet regulatory and accreditation requirements.

What are the risks against which companies are protecting themselves by compliance activities? Again, the detailed list too long to be bloggable, but here are some categories:

• Regulatory (state vs. federal; industry-specific vs. general requirements)
• Accreditation
• Litigation
• Business (bad regulatory, accreditation, or litigation news can have profound business impact, both in terms of the stochastic shock in the short run that can result from such news and more long-lasting, reputational impact).

The possible benefits of new, increased, or redesigned investment in compliance activities is another issue that needs to be raised at the outset. Again, broad categories only:

• Reduced frequency of bad events
• Reduced severity of bad events
• Greater efficiency -- "more bang for the buck", perhaps even compliance cost reductions
• Intangibles, such as improved performance and performance monitoring.

OK, that's a good start. I'll do some more writing about this in the next few days, I suspect, but this at least sets forth some initial considerations. Stay tuned, and please let me know what I've left out by commenting on this blog, if you're feeling so inspired!