United States

Revenue integrity webcast series: Part 4 recap


Our final installment in our health care industry Revenue integrity webcast series focuses on corporate compliance effectiveness.

Key takeaways

To be effective, a health care organization’s corporate compliance and risk management strategy must be integrated into day-to-day business line activities and corporate decisions. Risk managers must be involved at the onset of strategy-setting processes, and risks associated with new products or services should be considered and communicated to the board and leadership. In addition, ongoing analysis of emerging risks and stress tests should influence business decisions, and this information must be shared across the organization to avoid the same risk challenge or event from recurring.

To mitigate risks, health care organizations should have a robust compliance program. Elements of this plan, based on the Office of the Medicaid Inspector General, New York State, include:

  • Written policies and procedures - Critical areas include code of conduct and governance of the compliance program
  • Designation of a compliance officer - Competency, seniority and independence in reporting structure
  • Training and education - Frequent risks include periodic assessments of training effectiveness, as well as vendor and business associate training
  • Open communication lines to compliance officer - Accessibility and avenues for anonymous reporting
  • Disciplinary procedures - Policy on sanctions, as well as fair and consistent enforcement
  • Identification of compliance risk areas and noncompliance - Periodic quality assessments and included as a key role of internal and external audit
  • Compliance issues response process - Prompt, fair, thorough and impartial investigations and a process to identify and refund overpayments
  • Policy of nonintimidation and nonretaliation - Appropriate preventive controls in place, such as training on retaliation, avenues to report or exit interview questioning

Another key takeaway from the webcast presentation—health care organizations that do not have an effective compliance program in place could be subject to an audit by the Centers for Medicare and Medicaid Services (CMS), an event that could prove disruptive and costly to the organization. In addition, health care organizations must be mindful of the potential of fraud claims. The False Claims Act (FCA) is in place to impose liability on persons and companies who defraud governmental programs, such as Medicare or Medicaid. It is the government’s primary tool in combatting fraud. As an example of the seriousness of FCA violations, fraud abuse recoveries for 2013 totaled $4.3 billion.

Finally, organizations should leverage the Office of Inspector General’s guidance on annual risk assessments. This work plan should include assessment strategies involving:

  • Medicare Parts A and B
  • Medicare Parts C and D
  • Medicaid program
  • CMS-related legal and investigative activities
  • Public health reviews
  • Human services reviews
  • Other Department of Health and Human Services-related reviews
  • Affordable Care Act reviews
  • The American Recovery and Reinvestment Act reviews

Questions? Contact us for more information.

How can we help you?

To discuss how our team can help your business, contact us by phone 800.274.3978 or

Subscribe to Health Care Leader Insights

Events / Webcasts


RSM Virtual Health Care Day

  • September 30, 2021


HHS Provider Relief Fund reporting and compliance update

  • July 20, 2021


Health care industry webcast series - spring 2021

  • June 10, 2021