Checklist: Ensuring a Consistent, Thorough Response to Significant Audits
By Nina Youngstrom
This standard operating procedure was developed by the University of Michigan Health System’s compliance team, including Susanne Pryce, compliance director for revenue integrity, Michelle English, senior auditor, and Jeanne Strickland, chief compliance officer, with input from the audit team: Amy Armstrong, Nancy Foley and Cheryl Willcocks. Contact Pryce at spryce@med.umich.edu.
Standard Operating Procedure In Response to Receipt of Nonroutine External Audit
Oftentimes, the first notice you have of a significant government audit is a letter that lands on your desk (or in your inbox), after it has passed through several other offices, is signed by a government agent and is requesting a list of records that are due tomorrow! Now what?
Getting off to a thorough and efficient start to a significant external audit is step one in what may be a several-year journey—from the record submission through analysis of the claims, to adverse findings, to appeals, to look backs, etc. The entire process can last long enough that staff members and leadership may change during the process; therefore, having a trackable, reproducible and systems-based approach is key.
Even if your first instinct is to grab all the records and simply start sending them; given the length of time the process will last, the importance of accuracy, and the ability to retrace your steps, how you respond to that initial request will have lasting importance. Having and following a standard operating procedure (SOP) to guide your actions during those first several days or weeks of an audit is imperative.
DO NOW |
DO EARLY ON |
CONTINUE TO DO |
---|
-
Date stamp when the audit is received -
Thoroughly review audit request, note especially due date for response -
Make contact with auditor; determine if extension of due date is needed. -
Create a folder in a shared drive for purposes of tracking work -
Create an Excel spreadsheet to track acquisition of all data elements requested by the outside auditor -
Notify Office of General Counsel (OGC) -
Contact health information management (HIM) to request documentation compilation and creation of secure, shared file -
Notify and meet with department leadership and key staff for the area being audited -
Establish the contact person for all parties involved (corporate compliance, HIM, OGC, department leadership) -
Coordinate leadership escalation -
Establish schedule for regular updates and preferred format (i.e., in person or electronic) -
Conduct preliminary risk assessment
| -
Review all historical data sources for any past internal or external audits related to the same topic as the new audit request -
Review previous Office of Inspector General reports related to the same topic as the audit request -
Review all data sources for potential outlier information relevant to the audit request -
Add Audit to Vizient Risk Identification and Heat Map tool -
Check Vizient Risk Identification and Heat Map tool for any similar audits
| -
Review data files as they are posted by HIM to the shared folder -
Identify any missing documentation and work with department leadership and staff to locate the missing documentation that may be housed in other systems (i.e., outside of centralized electronic health record) -
Complete a final review of all data prior to formal submission to the outside auditor -
Document date and time of formal submission to the outside auditors; take screenshots if only submission is electronic and via website -
Save Excel checklist of all required data elements in shared drive -
Summarize and save any potential concerns based on the data reviewed -
Update department leadership on the status/progress of the audit, outlining possible concerns identified during the data review -
Track potential/anticipated date of response from auditor -
Periodically check on audit status and update appropriate parties
|
This document is only available to subscribers. Please log in or purchase access.