1.

Compliance Oversight Management

1. Review and update policies related to the duties and responsibilities of the
Board and Executive/Management committee.

2. Examine Executive/Management and Board committee minutes relating to

the Compliance Program to follow up on the implementation, operation, and
management of the Compliance Program.

3. Develop and deliver the annual briefing and training for the Board on
changes in the regulatory and legal environment, along with their duties and
responsibilities in oversight of the Compliance Program.

4. Develop Compliance program budget to ensure sufficient staff and other

resources to fully meet obligations and responsibilities.

5. Examine and report on the compliance document management system for

the creation, retention, storage, retrieval and destruction of compliance-
related documents including those required by law and necessary to protect
the integrity of the compliance process. Reaffirm that this is being done
properly.

6. Conduct a gap analysis of compliance-related policies for both the

management and operation of the compliance program

7. Conduct an annual review of the Code of Conduct to ensure that it currently

meets the needs of the organization and is consistent with current policies.

8. Verify that the Code of Conduct has been disseminated to all new employees,
supervisors, executives, medical staff, board members, contractors, vendors,
and other affected parties.
 2. Compliance Communication
13. Review the hotline intake log and prepare a summary report for the
compliance oversight committees on the types of issues reported and their
resolution.

14. Develop a report that evidences prompt documenting, processing, and

resolution of complaints and allegations received by the Compliance Office.
15. Conduct a review of the hotline vendor, including test calling to ensure they are
performing according to their terms and conditions.

16. Physically verify hotline posters appear prominently on employee boards in all
work areas and review all other methods used that promote hotline use.

17. As part of ongoing monitoring, determine that all calls received by the hotline
function are properly documented and logged, and all records (electronic and paper)
are maintained in a secure manner with adequate access controls.

3. Ongoing Compliance Monitoring and Auditing

20. Develop a compliance audit plan that addresses high-risk areas

21. Review program managers to verify that they have engaged in ongoing
monitoring of their areas of responsibility. These responsibilities include ensuring all
regulatory changes have been translated into written guidance, all staff have been
trained on these policies, and that these policies are being followed properly.
Develop a report on the results of the review for the compliance oversight
committees.

22. Ensure there is a database for all arrangements with physicians and others in a
position to influence the flow of business to the organization. These arrangements
should be supported by policies and procedures that (a) determine the need for
services; (b) govern the selection of individuals to fulfill those needs; (c) determine
the fair market value for services; (d) enforce written terms for arrangements that
meet both the Stark and Anti-Kickback statutory requirements; and (e) verify
performance on the agreements.

23. Review and develop metrics to evidence the effectiveness and progress of the
compliance program.

24. Have an independent review of the compliance program conducted by experts to

verify the effectiveness of the compliance program,
 4. Response to Detected Problems and Corrective Action
25. Verify that all identified issues related to potential fraud are promptly
investigated and documented.

26. Review all corrective action measures taken related to compliance to verify that
they have been completed and validated as being effective. Prepare a summary
report for the compliance oversight committees.

27. Ensure staff is properly trained on how to promptly investigate and resolve
reasonable allegations or indications of non-compliance.

28. Conduct a review and prepare a report which evidences that all corrective action
measures taken to prevent the recurrence of identified problems were not only
verified as complete but also validated as being effective.

29. Conduct a review that ensures all identified overpayments are promptly reported
and repaid. This is done best in connection with an audit of whether the program
manager for claims processing has been carrying out their ongoing monitoring duties
properly.

5. Education and Training

9. Verify that all covered persons have received compliance training and that
documentation exists to support the results.

10. Ensure all claims processing staff receive specialized training programs on
proper documentation and coding. The specialized training should also
explain applicable laws and regulations relating to federal health care
reimbursement.

11. Conduct a validated knowledge survey that evidences employee awareness

and understanding of key elements of the compliance program and other key
information provided in compliance training.

12. Ensure that the compliance training programs for the year address fraud and
abuse laws, coding requirements, claim development and submission
processes, general prohibitions on paying or receiving remuneration to
induce referrals and other current legal and program standards.