This post is one in a multi-part series on Compliance Program Success Factors. Start at the beginning: Compliance and Policy Procedures with OIG
We have covered the first five elements of developing a compliance program (Policy & Procedures Requirements; Developing Policies & Procedures; Training & Education; Enforcement & Discipline, and Exclusion Checks).
We finally got to my favorite part of Compliance- monitoring and internal audit systems.
Monitoring performance and running internal audits are truly the heart of any effective compliance program. We have covered the first five elements including, Corporate Compliance Officer/Designee, Compliance Policy and Procedures, Effective Lines of Communication, Training and Education, Enforcement and Discipline. Indeed, all elements of a compliance program are essential, but monitoring and internal audit systems are the elements that tell us where to improve and how. They are the “meat” of any effective compliance program. Simply put- does your organization have a system of checks and balances, and are you able to quickly and accurately identify your areas of risk? Let’s explore what this means.
How do we monitor our facilities effectively?
There is a well-known statistician credo – In God, we trust- all others must use data. As an organization, there must be an objective way to establish performance baselines. You certainly want to compare yourself to the average or the norms, but you also want to compare you to yourself. Are there methods in your facility to collect the data, monitor for a deviation, and analyze the root cause? Certainly, reviewing the Casper report is one way, but that data might be too late. You want to have data integrations that can catch deviations before they become REAL problems.
Is the data “real” and meaningful?
Garbage in and garbage out is a truth hidden in a colloquialism. Does your organization have a standardized method to reliably collect and accurately analyze data? As an operator, one of the greatest struggles I had was determining if the data was reliable from month to month. With each change of staff, there seemed to be a different interpretation of how to collect the information! Also, without a system, the process of collecting and analyzing all of our data was very time consuming for the staff. As a result, it was the first thing that didn’t happen.
We have all this data- now what?
In a recent article in the Wall Street Journal, Steve Bennet, former CEO of Intuit, stated, “A big challenge… is that organizations tend to focus on the metric as the objective instead of gaining insight to improve.” Having the data is interesting, but it’s not meaningful if it cannot be easily acted upon. Data needs to be translated and examined to see trends. This is true in all areas of operations- clinical, staffing, financials, etc. From a compliance perspective, a system that identifies and examines outliers that can be potential risk factors can help you ask and answer the tough questions.
Are we asking the questions?
We have the data, we know its reliable, we examined trends- now comes the real work. Conducting root cause analysis is the key to your program- knowing the WHY. How often do we try to fix a problem by throwing more staff at it or quickly putting a plan of correction into place? This is only a band-aid- I think we have all learned this the hard way. A key piece in compliance training should be teaching your staff how to conduct root cause analysis- dig deep and find the cause of the problem. It’s often a shift in mindset, but I encourage you to start training your staff from the bottom up to think beyond the obvious and get to the root of the problem.
Monitoring and internal audits may be the sixth step on our seven-step compliance journey, but it is a critical one. In the next installment, we will address the final step- Response and Corrective Actions!