Effective Written Policies and Procedures

Having an effective compliance program is critical for healthcare providers given today’s complex regulatory environment and increased scrutiny of by federal and state regulators.  One core element of an effective compliance program is written policies and procedures.  Written policies and procedures describe the compliance program’s expectations, provide guidance to employees on how to deal with potential compliance issues, identify how to communicate compliance issues to appropriate personnel, and outline how potential compliance problems are investigated and resolved.

Effective policies and procedures should be:

  • Written clearly/easy to read and comprehend.
  • Describe in detail the compliance program and expectations. Policies and procedures should operationalize the compliance plan and provide guidance on how employees can perform their job duties in a manner that ensures compliance with federal and state laws and guidance, and supports the mission and objective of the organization. Examples of policies and procedures that describe the compliance program include:
    • Compliance reporting structure
    • Training requirements, including how and when training is conducted
    • Monitoring and auditing
    • How to conduct investigations
    • Disciplinary action for non-compliance
    • Non-retaliation
  • Relevant to the organization based on the organization’s risk assessment, audits and investigations, results from previous training and education programs and hotline calls (trends).
  • Drafted to include guidance on billing certain high dollar services audited by Medicare and Medicaid.
  • Composed with guidance from the Compliance Officer and Compliance Committee.
  • Distributed to all employees, whether by hard copy, electronically or intranet; they must be accessible to all.
  • Reviewed periodically, at minimum, annually and whenever there is a change in regulation or policy by Medicare or Medicaid.
  • Dated so employees know which is the most up to date policy.

In addition to the best practices outlined above, we recommend developing a central source that monitors the compliance policies and procedures to ensure consistency, collaboration, monitoring and dissemination. Lastly, healthcare organizations should have a process for educating its employees on compliance policies and procedures, at minimum, annually, and whenever a new or revised compliance policy/procedure is drafted/implemented.

Written policies and procedures help establish the healthcare organization’s commitment to prevent and detect fraud, waste and abuse, and assist in demonstrating the healthcare organization’s commitment to comply with federal and state laws and guidance.




Recent Insights

Newsletter Sign-Up