Writing specific policies for the Seven Elements, Part 2: Elements III through VII

By Scott Robinson, CFE, CHC, CPA

Scott Robinson (srobinson2@superiorvision.com) is the Director of Compliance at Davis Vision-Superior Vision in Linthicum, MD.

Part 1 of this article, which covers Elements I and II, appeared in in the February 2018 issue of Compliance Today.

Chapter 21, Section 50 of the Medicare Managed Care Manual[1] outlines the compliance program requirements that a Medicare Advantage Organization (MAO) must follow to ensure the organization has an effective compliance program. Section 50 is organized into sub-sections, each of which outlines general guidelines MAOs must follow to remain compliant with regulatory guidelines.

In Part 1 of this article, I made an important distinction that bears repeating: When writing and implementing your policies and procedures based upon the regulatory guidance in Chapter 21, it is important to remember that there is no difference between what an MAO ‘‘must” do and what it “should” do. On the bottom of page 2 of the chapter, it explicitly states, “[T]he word “must” is used to reflect requirements created by statute or regulation. The word “should” is used to indicate expectations created by this guidance.”

Chapter 21 was written to support Chapter 8 of the Federal Sentencing Guidelines,[2] which encourage organizations to implement an effective compliance program that can be cited to offset penalties associated with wrongdoing. An effective compliance program, if implemented correctly, can serve as a mitigating factor in the event wrongdoing is detected in your organization. Those of us who serve our organizations understand that there is not really a need for the Sentencing Guidelines to provide motivation for doing the right thing. Doing the right thing is something that should be engrained in our organization’s culture.

The seven elements as captured in Chapter 21, Section 50 are:

  1. Written Policies, Procedures and Standards of Conduct

  2. Compliance Officer, Compliance Committee and High-Level Oversight

  3. Effective Training and Education

  4. Effective Lines of Communication

  5. Well-Publicized Disciplinary Standards

  6. Effective System for Routine Monitoring, Auditing and Identification of Compliance Risks

  7. Procedures and System for Prompt Response to Compliance Issues

Organizations must create policies and procedures that support the seven elements of an effective compliance program. The Centers for Medicare & Medicaid Services (CMS) intentionally does not prescribe what policies and procedures an MAO should create or how many, because CMS believes that there is no one-size-fits-all compliance program that all MAOs should use. An MAO’s compliance program must be created based on the size of the organization and the resources available to the program. What works well in a small organization with 20,000 beneficiaries may not work for a large organization serving millions. Larger organizations are often able to devote more resources to compliance. There is nothing inherently wrong with that. The important thing is, each organization must decide how many resources are enough and what kinds of policies and procedures will help it achieve its goals of remaining compliant with the seven elements.

Part 1 covered the policies and procedures I updated for my organization related to elements 1 and 2. In this article, I will cover policies and procedures I updated for elements 3-7. As a reminder, there are several decisions to consider when you create policies and procedures. The first decision is determining how many policies and procedures you are going to create to support each of the seven elements. You could create one all-encompassing policy for each element. However, when you drill down into Section 50, you begin to notice all of the sub-sections and all of the requirements each element contains. Creating that one all-encompassing policy could become very long and unwieldly. On the other hand, you could create different policies related to each sub-section or each different requirement within the element. Doing so will result in creating shorter, more concise policies that will be easier for your employees to read and understand. Policies do not serve their purpose unless your employees are able to read them and interpret them properly.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings